diff --git a/.bumpversion.cfg b/.bumpversion.cfg
index f78e67f49..d679517c7 100644
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2023.10.4
+current_version = 2023.10.5
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)
diff --git a/.dockerignore b/.dockerignore
index 352faf761..8d20d66d6 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -9,3 +9,4 @@ blueprints/local
 .git
 !gen-ts-api/node_modules
 !gen-ts-api/dist/**
+!gen-go-api/
diff --git a/.github/codespell-words.txt b/.github/codespell-words.txt
index 71f2f1c2c..29fb24832 100644
--- a/.github/codespell-words.txt
+++ b/.github/codespell-words.txt
@@ -2,3 +2,4 @@ keypair
 keypairs
 hass
 warmup
+ontext
diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index 26baa3556..71bfc0d7a 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -61,10 +61,6 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - name: Setup authentik env
-        uses: ./.github/actions/setup
-        with:
-          postgresql_version: ${{ matrix.psql }}
       - name: checkout stable
         run: |
           # Delete all poetry envs
@@ -76,7 +72,7 @@ jobs:
           git checkout version/$(python -c "from authentik import __version__; print(__version__)")
           rm -rf .github/ scripts/
           mv ../.github ../scripts .
-      - name: Setup authentik env (ensure stable deps are installed)
+      - name: Setup authentik env (stable)
         uses: ./.github/actions/setup
         with:
           postgresql_version: ${{ matrix.psql }}
@@ -90,14 +86,20 @@ jobs:
           git clean -d -fx .
           git checkout $GITHUB_SHA
           # Delete previous poetry env
-          rm -rf $(poetry env info --path)
-          poetry install
+          rm -rf /home/runner/.cache/pypoetry/virtualenvs/*
       - name: Setup authentik env (ensure latest deps are installed)
         uses: ./.github/actions/setup
         with:
           postgresql_version: ${{ matrix.psql }}
       - name: migrate to latest
-        run: poetry run python -m lifecycle.migrate
+        run: |
+          poetry run python -m lifecycle.migrate
+      - name: run tests
+        env:
+          # Test in the main database that we just migrated from the previous stable version
+          AUTHENTIK_POSTGRESQL__TEST__NAME: authentik
+        run: |
+          poetry run make test
   test-unittest:
     name: test-unittest - PostgreSQL ${{ matrix.psql }}
     runs-on: ubuntu-latest
@@ -247,12 +249,6 @@ jobs:
             VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
-      - name: Comment on PR
-        if: github.event_name == 'pull_request'
-        continue-on-error: true
-        uses: ./.github/actions/comment-pr-instructions
-        with:
-          tag: gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.shortHash }}
   build-arm64:
     needs: ci-core-mark
     runs-on: ubuntu-latest
@@ -301,3 +297,26 @@ jobs:
           platforms: linux/arm64
           cache-from: type=gha
           cache-to: type=gha,mode=max
+  pr-comment:
+    needs:
+      - build
+      - build-arm64
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'pull_request' }}
+    permissions:
+      # Needed to write comments on PRs
+      pull-requests: write
+    timeout-minutes: 120
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: prepare variables
+        uses: ./.github/actions/docker-push-variables
+        id: ev
+        env:
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      - name: Comment on PR
+        uses: ./.github/actions/comment-pr-instructions
+        with:
+          tag: gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.shortHash }}
diff --git a/.github/workflows/ci-outpost.yml b/.github/workflows/ci-outpost.yml
index 196fa0b3b..35c83ac86 100644
--- a/.github/workflows/ci-outpost.yml
+++ b/.github/workflows/ci-outpost.yml
@@ -65,6 +65,7 @@ jobs:
           - proxy
           - ldap
           - radius
+          - rac
     runs-on: ubuntu-latest
     permissions:
       # Needed to upload contianer images to ghcr.io
@@ -119,6 +120,7 @@ jobs:
           - proxy
           - ldap
           - radius
+          - rac
         goos: [linux]
         goarch: [amd64, arm64]
     steps:
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 5f1255f56..c8c0cc11f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -27,10 +27,10 @@ jobs:
       - name: Setup authentik env
         uses: ./.github/actions/setup
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml
index c3c6a0d48..c002ab8a5 100644
--- a/.github/workflows/release-publish.yml
+++ b/.github/workflows/release-publish.yml
@@ -65,6 +65,7 @@ jobs:
           - proxy
           - ldap
           - radius
+          - rac
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
diff --git a/Dockerfile b/Dockerfile
index 629d3258b..114be6253 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -71,7 +71,7 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \
 # Stage 4: MaxMind GeoIP
 FROM --platform=${BUILDPLATFORM} ghcr.io/maxmind/geoipupdate:v6.0 as geoip
 
-ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City"
+ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN"
 ENV GEOIPUPDATE_VERBOSE="true"
 ENV GEOIPUPDATE_ACCOUNT_ID_FILE="/run/secrets/GEOIPUPDATE_ACCOUNT_ID"
 ENV GEOIPUPDATE_LICENSE_KEY_FILE="/run/secrets/GEOIPUPDATE_LICENSE_KEY"
diff --git a/Makefile b/Makefile
index c649ff230..93092a779 100644
--- a/Makefile
+++ b/Makefile
@@ -58,7 +58,7 @@ test: ## Run the server tests and produce a coverage report (locally)
 lint-fix:  ## Lint and automatically fix errors in the python source code. Reports spelling errors.
 	isort $(PY_SOURCES)
 	black $(PY_SOURCES)
-	ruff $(PY_SOURCES)
+	ruff --fix $(PY_SOURCES)
 	codespell -w $(CODESPELL_ARGS)
 
 lint: ## Lint the python and golang sources
@@ -115,8 +115,9 @@ gen-diff:  ## (Release) generate the changelog diff between the current schema a
 	npx prettier --write diff.md
 
 gen-clean:
-	rm -rf web/api/src/
-	rm -rf api/
+	rm -rf gen-go-api/
+	rm -rf gen-ts-api/
+	rm -rf web/node_modules/@goauthentik/api/
 
 gen-client-ts:  ## Build and install the authentik API for Typescript into the authentik UI Application
 	docker run \
diff --git a/SECURITY.md b/SECURITY.md
index 0d9d6a673..9bb674f23 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,5 +1,9 @@
 authentik takes security very seriously. We follow the rules of [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure), and we urge our community to do so as well, instead of reporting vulnerabilities publicly. This allows us to patch the issue quickly, announce it's existence and release the fixed version.
 
+## Independent audits and pentests
+
+In May/June of 2023 [Cure53](https://cure53.de) conducted an audit and pentest. The [results](https://cure53.de/pentest-report_authentik.pdf) are published on the [Cure53 website](https://cure53.de/#publications-2023). For more details about authentik's response to the findings of the audit refer to [2023-06 Cure53 Code audit](https://goauthentik.io/docs/security/2023-06-cure53).
+
 ## What authentik classifies as a CVE
 
 CVE (Common Vulnerability and Exposure) is a system designed to aggregate all vulnerabilities. As such, a CVE will be issued when there is a either vulnerability or exposure. Per NIST, A vulnerability is:
diff --git a/authentik/__init__.py b/authentik/__init__.py
index fc368ceeb..0c651c834 100644
--- a/authentik/__init__.py
+++ b/authentik/__init__.py
@@ -2,7 +2,7 @@
 from os import environ
 from typing import Optional
 
-__version__ = "2023.10.4"
+__version__ = "2023.10.5"
 ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"
 
 
diff --git a/authentik/api/tests/test_auth.py b/authentik/api/tests/test_auth.py
index cd23a1835..c09bca5a3 100644
--- a/authentik/api/tests/test_auth.py
+++ b/authentik/api/tests/test_auth.py
@@ -12,6 +12,8 @@ from authentik.blueprints.tests import reconcile_app
 from authentik.core.models import Token, TokenIntents, User, UserTypes
 from authentik.core.tests.utils import create_test_admin_user, create_test_flow
 from authentik.lib.generators import generate_id
+from authentik.outposts.apps import MANAGED_OUTPOST
+from authentik.outposts.models import Outpost
 from authentik.providers.oauth2.constants import SCOPE_AUTHENTIK_API
 from authentik.providers.oauth2.models import AccessToken, OAuth2Provider
 
@@ -49,8 +51,12 @@ class TestAPIAuth(TestCase):
         with self.assertRaises(AuthenticationFailed):
             bearer_auth(f"Bearer {token.key}".encode())
 
-    def test_managed_outpost(self):
+    @reconcile_app("authentik_outposts")
+    def test_managed_outpost_fail(self):
         """Test managed outpost"""
+        outpost = Outpost.objects.filter(managed=MANAGED_OUTPOST).first()
+        outpost.user.delete()
+        outpost.delete()
         with self.assertRaises(AuthenticationFailed):
             bearer_auth(f"Bearer {settings.SECRET_KEY}".encode())
 
diff --git a/authentik/api/v3/config.py b/authentik/api/v3/config.py
index 0defd1a5b..93b783629 100644
--- a/authentik/api/v3/config.py
+++ b/authentik/api/v3/config.py
@@ -19,7 +19,7 @@ from rest_framework.response import Response
 from rest_framework.views import APIView
 
 from authentik.core.api.utils import PassiveSerializer
-from authentik.events.geo import GEOIP_READER
+from authentik.events.context_processors.base import get_context_processors
 from authentik.lib.config import CONFIG
 
 capabilities = Signal()
@@ -30,6 +30,7 @@ class Capabilities(models.TextChoices):
 
     CAN_SAVE_MEDIA = "can_save_media"
     CAN_GEO_IP = "can_geo_ip"
+    CAN_ASN = "can_asn"
     CAN_IMPERSONATE = "can_impersonate"
     CAN_DEBUG = "can_debug"
     IS_ENTERPRISE = "is_enterprise"
@@ -68,8 +69,9 @@ class ConfigView(APIView):
         deb_test = settings.DEBUG or settings.TEST
         if Path(settings.MEDIA_ROOT).is_mount() or deb_test:
             caps.append(Capabilities.CAN_SAVE_MEDIA)
-        if GEOIP_READER.enabled:
-            caps.append(Capabilities.CAN_GEO_IP)
+        for processor in get_context_processors():
+            if cap := processor.capability():
+                caps.append(cap)
         if CONFIG.get_bool("impersonation"):
             caps.append(Capabilities.CAN_IMPERSONATE)
         if settings.DEBUG:  # pragma: no cover
diff --git a/authentik/blueprints/api.py b/authentik/blueprints/api.py
index 721eb5dcb..7abf488da 100644
--- a/authentik/blueprints/api.py
+++ b/authentik/blueprints/api.py
@@ -3,7 +3,7 @@ from django.utils.translation import gettext_lazy as _
 from drf_spectacular.utils import extend_schema, inline_serializer
 from rest_framework.decorators import action
 from rest_framework.exceptions import ValidationError
-from rest_framework.fields import CharField, DateTimeField, JSONField
+from rest_framework.fields import CharField, DateTimeField
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.serializers import ListSerializer, ModelSerializer
@@ -15,7 +15,7 @@ from authentik.blueprints.v1.importer import Importer
 from authentik.blueprints.v1.oci import OCI_PREFIX
 from authentik.blueprints.v1.tasks import apply_blueprint, blueprints_find_dict
 from authentik.core.api.used_by import UsedByMixin
-from authentik.core.api.utils import PassiveSerializer
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 
 
 class ManagedSerializer:
@@ -28,7 +28,7 @@ class MetadataSerializer(PassiveSerializer):
     """Serializer for blueprint metadata"""
 
     name = CharField()
-    labels = JSONField()
+    labels = JSONDictField()
 
 
 class BlueprintInstanceSerializer(ModelSerializer):
diff --git a/authentik/blueprints/apps.py b/authentik/blueprints/apps.py
index 90df91c00..aba14d552 100644
--- a/authentik/blueprints/apps.py
+++ b/authentik/blueprints/apps.py
@@ -40,7 +40,7 @@ class ManagedAppConfig(AppConfig):
                 meth()
                 self._logger.debug("Successfully reconciled", name=name)
             except (DatabaseError, ProgrammingError, InternalError) as exc:
-                self._logger.debug("Failed to run reconcile", name=name, exc=exc)
+                self._logger.warning("Failed to run reconcile", name=name, exc=exc)
 
 
 class AuthentikBlueprintsConfig(ManagedAppConfig):
diff --git a/authentik/blueprints/v1/meta/apply_blueprint.py b/authentik/blueprints/v1/meta/apply_blueprint.py
index 5946342a3..0a8d84e66 100644
--- a/authentik/blueprints/v1/meta/apply_blueprint.py
+++ b/authentik/blueprints/v1/meta/apply_blueprint.py
@@ -2,11 +2,11 @@
 from typing import TYPE_CHECKING
 
 from rest_framework.exceptions import ValidationError
-from rest_framework.fields import BooleanField, JSONField
+from rest_framework.fields import BooleanField
 from structlog.stdlib import get_logger
 
 from authentik.blueprints.v1.meta.registry import BaseMetaModel, MetaResult, registry
-from authentik.core.api.utils import PassiveSerializer, is_dict
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 
 if TYPE_CHECKING:
     from authentik.blueprints.models import BlueprintInstance
@@ -17,7 +17,7 @@ LOGGER = get_logger()
 class ApplyBlueprintMetaSerializer(PassiveSerializer):
     """Serializer for meta apply blueprint model"""
 
-    identifiers = JSONField(validators=[is_dict])
+    identifiers = JSONDictField()
     required = BooleanField(default=True)
 
     # We cannot override `instance` as that will confuse rest_framework
diff --git a/authentik/core/api/authenticated_sessions.py b/authentik/core/api/authenticated_sessions.py
index 03c1aeaf3..2d77937be 100644
--- a/authentik/core/api/authenticated_sessions.py
+++ b/authentik/core/api/authenticated_sessions.py
@@ -14,7 +14,8 @@ from ua_parser import user_agent_parser
 from authentik.api.authorization import OwnerSuperuserPermissions
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.models import AuthenticatedSession
-from authentik.events.geo import GEOIP_READER, GeoIPDict
+from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR, ASNDict
+from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR, GeoIPDict
 
 
 class UserAgentDeviceDict(TypedDict):
@@ -59,6 +60,7 @@ class AuthenticatedSessionSerializer(ModelSerializer):
     current = SerializerMethodField()
     user_agent = SerializerMethodField()
     geo_ip = SerializerMethodField()
+    asn = SerializerMethodField()
 
     def get_current(self, instance: AuthenticatedSession) -> bool:
         """Check if session is currently active session"""
@@ -70,8 +72,12 @@ class AuthenticatedSessionSerializer(ModelSerializer):
         return user_agent_parser.Parse(instance.last_user_agent)
 
     def get_geo_ip(self, instance: AuthenticatedSession) -> Optional[GeoIPDict]:  # pragma: no cover
-        """Get parsed user agent"""
-        return GEOIP_READER.city_dict(instance.last_ip)
+        """Get GeoIP Data"""
+        return GEOIP_CONTEXT_PROCESSOR.city_dict(instance.last_ip)
+
+    def get_asn(self, instance: AuthenticatedSession) -> Optional[ASNDict]:  # pragma: no cover
+        """Get ASN Data"""
+        return ASN_CONTEXT_PROCESSOR.asn_dict(instance.last_ip)
 
     class Meta:
         model = AuthenticatedSession
@@ -80,6 +86,7 @@ class AuthenticatedSessionSerializer(ModelSerializer):
             "current",
             "user_agent",
             "geo_ip",
+            "asn",
             "user",
             "last_ip",
             "last_user_agent",
diff --git a/authentik/core/api/groups.py b/authentik/core/api/groups.py
index 21ba19974..04670844d 100644
--- a/authentik/core/api/groups.py
+++ b/authentik/core/api/groups.py
@@ -8,7 +8,7 @@ from django_filters.filterset import FilterSet
 from drf_spectacular.utils import OpenApiResponse, extend_schema
 from guardian.shortcuts import get_objects_for_user
 from rest_framework.decorators import action
-from rest_framework.fields import CharField, IntegerField, JSONField
+from rest_framework.fields import CharField, IntegerField
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.serializers import ListSerializer, ModelSerializer, ValidationError
@@ -16,7 +16,7 @@ from rest_framework.viewsets import ModelViewSet
 
 from authentik.api.decorators import permission_required
 from authentik.core.api.used_by import UsedByMixin
-from authentik.core.api.utils import PassiveSerializer, is_dict
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 from authentik.core.models import Group, User
 from authentik.rbac.api.roles import RoleSerializer
 
@@ -24,7 +24,7 @@ from authentik.rbac.api.roles import RoleSerializer
 class GroupMemberSerializer(ModelSerializer):
     """Stripped down user serializer to show relevant users for groups"""
 
-    attributes = JSONField(validators=[is_dict], required=False)
+    attributes = JSONDictField(required=False)
     uid = CharField(read_only=True)
 
     class Meta:
@@ -44,7 +44,7 @@ class GroupMemberSerializer(ModelSerializer):
 class GroupSerializer(ModelSerializer):
     """Group Serializer"""
 
-    attributes = JSONField(validators=[is_dict], required=False)
+    attributes = JSONDictField(required=False)
     users_obj = ListSerializer(
         child=GroupMemberSerializer(), read_only=True, source="users", required=False
     )
diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py
index 1e7436be9..d0fa7267b 100644
--- a/authentik/core/api/propertymappings.py
+++ b/authentik/core/api/propertymappings.py
@@ -19,6 +19,7 @@ from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import MetaNameSerializer, PassiveSerializer, TypeCreateSerializer
 from authentik.core.expression.evaluator import PropertyMappingEvaluator
 from authentik.core.models import PropertyMapping
+from authentik.enterprise.apps import EnterpriseConfig
 from authentik.events.utils import sanitize_item
 from authentik.lib.utils.reflection import all_subclasses
 from authentik.policies.api.exec import PolicyTestSerializer
@@ -95,6 +96,7 @@ class PropertyMappingViewSet(
                     "description": subclass.__doc__,
                     "component": subclass().component,
                     "model_name": subclass._meta.model_name,
+                    "requires_enterprise": isinstance(subclass._meta.app_config, EnterpriseConfig),
                 }
             )
         return Response(TypeCreateSerializer(data, many=True).data)
diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py
index a5095dcde..6c0f4db06 100644
--- a/authentik/core/api/providers.py
+++ b/authentik/core/api/providers.py
@@ -16,6 +16,7 @@ from rest_framework.viewsets import GenericViewSet
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
 from authentik.core.models import Provider
+from authentik.enterprise.apps import EnterpriseConfig
 from authentik.lib.utils.reflection import all_subclasses
 
 
@@ -113,6 +114,7 @@ class ProviderViewSet(
                     "description": subclass.__doc__,
                     "component": subclass().component,
                     "model_name": subclass._meta.model_name,
+                    "requires_enterprise": isinstance(subclass._meta.app_config, EnterpriseConfig),
                 }
             )
         data.append(
diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index 5ee249729..5b6a4a199 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -32,13 +32,7 @@ from drf_spectacular.utils import (
 )
 from guardian.shortcuts import get_anonymous_user, get_objects_for_user
 from rest_framework.decorators import action
-from rest_framework.fields import (
-    CharField,
-    IntegerField,
-    JSONField,
-    ListField,
-    SerializerMethodField,
-)
+from rest_framework.fields import CharField, IntegerField, ListField, SerializerMethodField
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.serializers import (
@@ -57,7 +51,7 @@ from authentik.admin.api.metrics import CoordinateSerializer
 from authentik.api.decorators import permission_required
 from authentik.blueprints.v1.importer import SERIALIZER_CONTEXT_BLUEPRINT
 from authentik.core.api.used_by import UsedByMixin
-from authentik.core.api.utils import LinkSerializer, PassiveSerializer, is_dict
+from authentik.core.api.utils import JSONDictField, LinkSerializer, PassiveSerializer
 from authentik.core.middleware import (
     SESSION_KEY_IMPERSONATE_ORIGINAL_USER,
     SESSION_KEY_IMPERSONATE_USER,
@@ -89,7 +83,7 @@ LOGGER = get_logger()
 class UserGroupSerializer(ModelSerializer):
     """Simplified Group Serializer for user's groups"""
 
-    attributes = JSONField(required=False)
+    attributes = JSONDictField(required=False)
     parent_name = CharField(source="parent.name", read_only=True)
 
     class Meta:
@@ -110,7 +104,7 @@ class UserSerializer(ModelSerializer):
 
     is_superuser = BooleanField(read_only=True)
     avatar = CharField(read_only=True)
-    attributes = JSONField(validators=[is_dict], required=False)
+    attributes = JSONDictField(required=False)
     groups = PrimaryKeyRelatedField(
         allow_empty=True, many=True, source="ak_groups", queryset=Group.objects.all(), default=list
     )
diff --git a/authentik/core/api/utils.py b/authentik/core/api/utils.py
index cf1870197..c79fec22e 100644
--- a/authentik/core/api/utils.py
+++ b/authentik/core/api/utils.py
@@ -2,7 +2,10 @@
 from typing import Any
 
 from django.db.models import Model
-from rest_framework.fields import CharField, IntegerField, JSONField
+from drf_spectacular.extensions import OpenApiSerializerFieldExtension
+from drf_spectacular.plumbing import build_basic_type
+from drf_spectacular.types import OpenApiTypes
+from rest_framework.fields import BooleanField, CharField, IntegerField, JSONField
 from rest_framework.serializers import Serializer, SerializerMethodField, ValidationError
 
 
@@ -13,6 +16,21 @@ def is_dict(value: Any):
     raise ValidationError("Value must be a dictionary, and not have any duplicate keys.")
 
 
+class JSONDictField(JSONField):
+    """JSON Field which only allows dictionaries"""
+
+    default_validators = [is_dict]
+
+
+class JSONExtension(OpenApiSerializerFieldExtension):
+    """Generate API Schema for JSON fields as"""
+
+    target_class = "authentik.core.api.utils.JSONDictField"
+
+    def map_serializer_field(self, auto_schema, direction):
+        return build_basic_type(OpenApiTypes.OBJECT)
+
+
 class PassiveSerializer(Serializer):
     """Base serializer class which doesn't implement create/update methods"""
 
@@ -26,7 +44,7 @@ class PassiveSerializer(Serializer):
 class PropertyMappingPreviewSerializer(PassiveSerializer):
     """Preview how the current user is mapped via the property mappings selected in a provider"""
 
-    preview = JSONField(read_only=True)
+    preview = JSONDictField(read_only=True)
 
 
 class MetaNameSerializer(PassiveSerializer):
@@ -56,6 +74,7 @@ class TypeCreateSerializer(PassiveSerializer):
     description = CharField(required=True)
     component = CharField(required=True)
     model_name = CharField(required=True)
+    requires_enterprise = BooleanField(default=False)
 
 
 class CacheSerializer(PassiveSerializer):
diff --git a/authentik/core/channels.py b/authentik/core/channels.py
index 00f213efc..722e9e03f 100644
--- a/authentik/core/channels.py
+++ b/authentik/core/channels.py
@@ -1,22 +1,29 @@
 """Channels base classes"""
+from channels.db import database_sync_to_async
 from channels.exceptions import DenyConnection
-from channels.generic.websocket import JsonWebsocketConsumer
 from rest_framework.exceptions import AuthenticationFailed
 from structlog.stdlib import get_logger
 
 from authentik.api.authentication import bearer_auth
-from authentik.core.models import User
 
 LOGGER = get_logger()
 
 
-class AuthJsonConsumer(JsonWebsocketConsumer):
+class TokenOutpostMiddleware:
     """Authorize a client with a token"""
 
-    user: User
+    def __init__(self, inner):
+        self.inner = inner
 
-    def connect(self):
-        headers = dict(self.scope["headers"])
+    async def __call__(self, scope, receive, send):
+        scope = dict(scope)
+        await self.auth(scope)
+        return await self.inner(scope, receive, send)
+
+    @database_sync_to_async
+    def auth(self, scope):
+        """Authenticate request from header"""
+        headers = dict(scope["headers"])
         if b"authorization" not in headers:
             LOGGER.warning("WS Request without authorization header")
             raise DenyConnection()
@@ -32,4 +39,4 @@ class AuthJsonConsumer(JsonWebsocketConsumer):
             LOGGER.warning("Failed to authenticate", exc=exc)
             raise DenyConnection()
 
-        self.user = user
+        scope["user"] = user
diff --git a/authentik/core/expression/evaluator.py b/authentik/core/expression/evaluator.py
index 85e6ccbc4..480caea21 100644
--- a/authentik/core/expression/evaluator.py
+++ b/authentik/core/expression/evaluator.py
@@ -44,6 +44,7 @@ class PropertyMappingEvaluator(BaseEvaluator):
         if request:
             req.http_request = request
         self._context["request"] = req
+        req.context.update(**kwargs)
         self._context.update(**kwargs)
         self.dry_run = dry_run
 
diff --git a/authentik/core/models.py b/authentik/core/models.py
index 7d11af3d6..125d5b0c8 100644
--- a/authentik/core/models.py
+++ b/authentik/core/models.py
@@ -30,7 +30,6 @@ from authentik.lib.models import (
     DomainlessFormattedURLValidator,
     SerializerModel,
 )
-from authentik.lib.utils.http import get_client_ip
 from authentik.policies.models import PolicyBindingModel
 from authentik.root.install_id import get_install_id
 
@@ -748,12 +747,14 @@ class AuthenticatedSession(ExpiringModel):
     @staticmethod
     def from_request(request: HttpRequest, user: User) -> Optional["AuthenticatedSession"]:
         """Create a new session from a http request"""
+        from authentik.root.middleware import ClientIPMiddleware
+
         if not hasattr(request, "session") or not request.session.session_key:
             return None
         return AuthenticatedSession(
             session_key=request.session.session_key,
             user=user,
-            last_ip=get_client_ip(request),
+            last_ip=ClientIPMiddleware.get_client_ip(request),
             last_user_agent=request.META.get("HTTP_USER_AGENT", ""),
             expires=request.session.get_expiry_date(),
         )
diff --git a/authentik/core/templates/base/skeleton.html b/authentik/core/templates/base/skeleton.html
index 50a40de66..85137cc42 100644
--- a/authentik/core/templates/base/skeleton.html
+++ b/authentik/core/templates/base/skeleton.html
@@ -13,7 +13,6 @@
         {% block head_before %}
         {% endblock %}
         <link rel="stylesheet" type="text/css" href="{% static 'dist/authentik.css' %}">
-        <link rel="stylesheet" type="text/css" href="{% static 'dist/theme-dark.css' %}" media="(prefers-color-scheme: dark)">
         <link rel="stylesheet" type="text/css" href="{% static 'dist/custom.css' %}" data-inject>
         <script src="{% static 'dist/poly.js' %}?version={{ version }}" type="module"></script>
         <script src="{% static 'dist/standalone/loading/index.js' %}?version={{ version }}" type="module"></script>
diff --git a/authentik/core/templates/login/base_full.html b/authentik/core/templates/login/base_full.html
index 4cbf5e8dc..be6e3a040 100644
--- a/authentik/core/templates/login/base_full.html
+++ b/authentik/core/templates/login/base_full.html
@@ -6,6 +6,7 @@
 {% block head_before %}
 <link rel="prefetch" href="/static/dist/assets/images/flow_background.jpg" />
 <link rel="stylesheet" type="text/css" href="{% static 'dist/patternfly.min.css' %}">
+<link rel="stylesheet" type="text/css" href="{% static 'dist/theme-dark.css' %}" media="(prefers-color-scheme: dark)">
 {% include "base/header_js.html" %}
 {% endblock %}
 
@@ -43,28 +44,14 @@
 
 {% block body %}
 <div class="pf-c-background-image">
-    <svg xmlns="http://www.w3.org/2000/svg" class="pf-c-background-image__filter" width="0" height="0">
-        <filter id="image_overlay">
-            <feColorMatrix in="SourceGraphic" type="matrix" values="1.3 0 0 0 0 0 1.3 0 0 0 0 0 1.3 0 0 0 0 0 1 0" />
-            <feComponentTransfer color-interpolation-filters="sRGB" result="duotone">
-                <feFuncR type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncR>
-                <feFuncG type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncG>
-                <feFuncB type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncB>
-                <feFuncA type="table" tableValues="0 1"></feFuncA>
-            </feComponentTransfer>
-        </filter>
-    </svg>
 </div>
 <ak-message-container></ak-message-container>
-<div class="pf-c-login">
+<div class="pf-c-login stacked">
     <div class="ak-login-container">
-        <header class="pf-c-login__header">
-            <div class="pf-c-brand ak-brand">
+        <main class="pf-c-login__main">
+            <div class="pf-c-login__main-header pf-c-brand ak-brand">
                 <img src="{{ tenant.branding_logo }}" alt="authentik Logo" />
             </div>
-        </header>
-        {% block main_container %}
-        <main class="pf-c-login__main">
             <header class="pf-c-login__main-header">
                 <h1 class="pf-c-title pf-m-3xl">
                     {% block card_title %}
@@ -76,7 +63,6 @@
                 {% endblock %}
             </div>
         </main>
-        {% endblock %}
         <footer class="pf-c-login__footer">
             <ul class="pf-c-list pf-m-inline">
                 {% for link in footer_links %}
diff --git a/authentik/core/views/interface.py b/authentik/core/views/interface.py
index 82f09752c..c71bddbaf 100644
--- a/authentik/core/views/interface.py
+++ b/authentik/core/views/interface.py
@@ -22,6 +22,7 @@ class InterfaceView(TemplateView):
         kwargs["version_family"] = f"{LOCAL_VERSION.major}.{LOCAL_VERSION.minor}"
         kwargs["version_subdomain"] = f"version-{LOCAL_VERSION.major}-{LOCAL_VERSION.minor}"
         kwargs["build"] = get_build_hash()
+        kwargs["url_kwargs"] = self.kwargs
         return super().get_context_data(**kwargs)
 
 
diff --git a/authentik/enterprise/api.py b/authentik/enterprise/api.py
index fdf0a11fc..c13e34b6d 100644
--- a/authentik/enterprise/api.py
+++ b/authentik/enterprise/api.py
@@ -2,9 +2,11 @@
 from datetime import datetime, timedelta
 
 from django.utils.timezone import now
+from django.utils.translation import gettext as _
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import extend_schema, inline_serializer
 from rest_framework.decorators import action
+from rest_framework.exceptions import ValidationError
 from rest_framework.fields import BooleanField, CharField, DateTimeField, IntegerField
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.request import Request
@@ -20,6 +22,18 @@ from authentik.enterprise.models import License, LicenseKey
 from authentik.root.install_id import get_install_id
 
 
+class EnterpriseRequiredMixin:
+    """Mixin to validate that a valid enterprise license
+    exists before allowing to safe the object"""
+
+    def validate(self, attrs: dict) -> dict:
+        """Check that a valid license exists"""
+        total = LicenseKey.get_total()
+        if not total.is_valid():
+            raise ValidationError(_("Enterprise is required to create/update this object."))
+        return super().validate(attrs)
+
+
 class LicenseSerializer(ModelSerializer):
     """License Serializer"""
 
diff --git a/authentik/enterprise/apps.py b/authentik/enterprise/apps.py
index 2d918da17..a0b9bed6d 100644
--- a/authentik/enterprise/apps.py
+++ b/authentik/enterprise/apps.py
@@ -2,7 +2,11 @@
 from authentik.blueprints.apps import ManagedAppConfig
 
 
-class AuthentikEnterpriseConfig(ManagedAppConfig):
+class EnterpriseConfig(ManagedAppConfig):
+    """Base app config for all enterprise apps"""
+
+
+class AuthentikEnterpriseConfig(EnterpriseConfig):
     """Enterprise app config"""
 
     name = "authentik.enterprise"
diff --git a/authentik/enterprise/policy.py b/authentik/enterprise/policy.py
index 0c714322a..20bf438a0 100644
--- a/authentik/enterprise/policy.py
+++ b/authentik/enterprise/policy.py
@@ -1,6 +1,8 @@
 """Enterprise license policies"""
 from typing import Optional
 
+from django.utils.translation import gettext_lazy as _
+
 from authentik.core.models import User, UserTypes
 from authentik.enterprise.models import LicenseKey
 from authentik.policies.types import PolicyRequest, PolicyResult
@@ -13,10 +15,10 @@ class EnterprisePolicyAccessView(PolicyAccessView):
     def check_license(self):
         """Check license"""
         if not LicenseKey.get_total().is_valid():
-            return False
+            return PolicyResult(False, _("Enterprise required to access this feature."))
         if self.request.user.type != UserTypes.INTERNAL:
-            return False
-        return True
+            return PolicyResult(False, _("Feature only accessible for internal users."))
+        return PolicyResult(True)
 
     def user_has_access(self, user: Optional[User] = None) -> PolicyResult:
         user = user or self.request.user
@@ -24,7 +26,7 @@ class EnterprisePolicyAccessView(PolicyAccessView):
         request.http_request = self.request
         result = super().user_has_access(user)
         enterprise_result = self.check_license()
-        if not enterprise_result:
+        if not enterprise_result.passing:
             return enterprise_result
         return result
 
diff --git a/authentik/enterprise/providers/__init__.py b/authentik/enterprise/providers/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/__init__.py b/authentik/enterprise/providers/rac/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/api/__init__.py b/authentik/enterprise/providers/rac/api/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/api/endpoints.py b/authentik/enterprise/providers/rac/api/endpoints.py
new file mode 100644
index 000000000..1af281ef8
--- /dev/null
+++ b/authentik/enterprise/providers/rac/api/endpoints.py
@@ -0,0 +1,135 @@
+"""RAC Provider API Views"""
+from typing import Optional
+
+from django.core.cache import cache
+from django.db.models import QuerySet
+from django.urls import reverse
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema
+from rest_framework.fields import SerializerMethodField
+from rest_framework.request import Request
+from rest_framework.response import Response
+from rest_framework.serializers import ModelSerializer
+from rest_framework.viewsets import ModelViewSet
+from structlog.stdlib import get_logger
+
+from authentik.core.api.used_by import UsedByMixin
+from authentik.core.models import Provider
+from authentik.enterprise.api import EnterpriseRequiredMixin
+from authentik.enterprise.providers.rac.api.providers import RACProviderSerializer
+from authentik.enterprise.providers.rac.models import Endpoint
+from authentik.policies.engine import PolicyEngine
+from authentik.rbac.filters import ObjectFilter
+
+LOGGER = get_logger()
+
+
+def user_endpoint_cache_key(user_pk: str) -> str:
+    """Cache key where endpoint list for user is saved"""
+    return f"goauthentik.io/providers/rac/endpoint_access/{user_pk}"
+
+
+class EndpointSerializer(EnterpriseRequiredMixin, ModelSerializer):
+    """Endpoint Serializer"""
+
+    provider_obj = RACProviderSerializer(source="provider", read_only=True)
+    launch_url = SerializerMethodField()
+
+    def get_launch_url(self, endpoint: Endpoint) -> Optional[str]:
+        """Build actual launch URL (the provider itself does not have one, just
+        individual endpoints)"""
+        try:
+            # pylint: disable=no-member
+            return reverse(
+                "authentik_providers_rac:start",
+                kwargs={"app": endpoint.provider.application.slug, "endpoint": endpoint.pk},
+            )
+        except Provider.application.RelatedObjectDoesNotExist:
+            return None
+
+    class Meta:
+        model = Endpoint
+        fields = [
+            "pk",
+            "name",
+            "provider",
+            "provider_obj",
+            "protocol",
+            "host",
+            "settings",
+            "property_mappings",
+            "auth_mode",
+            "launch_url",
+            "maximum_connections",
+        ]
+
+
+class EndpointViewSet(UsedByMixin, ModelViewSet):
+    """Endpoint Viewset"""
+
+    queryset = Endpoint.objects.all()
+    serializer_class = EndpointSerializer
+    filterset_fields = ["name", "provider"]
+    search_fields = ["name", "protocol"]
+    ordering = ["name", "protocol"]
+
+    def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
+        """Custom filter_queryset method which ignores guardian, but still supports sorting"""
+        for backend in list(self.filter_backends):
+            if backend == ObjectFilter:
+                continue
+            queryset = backend().filter_queryset(self.request, queryset, self)
+        return queryset
+
+    def _get_allowed_endpoints(self, queryset: QuerySet) -> list[Endpoint]:
+        endpoints = []
+        for endpoint in queryset:
+            engine = PolicyEngine(endpoint, self.request.user, self.request)
+            engine.build()
+            if engine.passing:
+                endpoints.append(endpoint)
+        return endpoints
+
+    @extend_schema(
+        parameters=[
+            OpenApiParameter(
+                "search",
+                OpenApiTypes.STR,
+            ),
+            OpenApiParameter(
+                name="superuser_full_list",
+                location=OpenApiParameter.QUERY,
+                type=OpenApiTypes.BOOL,
+            ),
+        ],
+        responses={
+            200: EndpointSerializer(many=True),
+            400: OpenApiResponse(description="Bad request"),
+        },
+    )
+    def list(self, request: Request, *args, **kwargs) -> Response:
+        """List accessible endpoints"""
+        should_cache = request.GET.get("search", "") == ""
+
+        superuser_full_list = str(request.GET.get("superuser_full_list", "false")).lower() == "true"
+        if superuser_full_list and request.user.is_superuser:
+            return super().list(request)
+
+        queryset = self._filter_queryset_for_list(self.get_queryset())
+        self.paginate_queryset(queryset)
+
+        allowed_endpoints = []
+        if not should_cache:
+            allowed_endpoints = self._get_allowed_endpoints(queryset)
+        if should_cache:
+            allowed_endpoints = cache.get(user_endpoint_cache_key(self.request.user.pk))
+            if not allowed_endpoints:
+                LOGGER.debug("Caching allowed endpoint list")
+                allowed_endpoints = self._get_allowed_endpoints(queryset)
+                cache.set(
+                    user_endpoint_cache_key(self.request.user.pk),
+                    allowed_endpoints,
+                    timeout=86400,
+                )
+        serializer = self.get_serializer(allowed_endpoints, many=True)
+        return self.get_paginated_response(serializer.data)
diff --git a/authentik/enterprise/providers/rac/api/property_mappings.py b/authentik/enterprise/providers/rac/api/property_mappings.py
new file mode 100644
index 000000000..4afef68bb
--- /dev/null
+++ b/authentik/enterprise/providers/rac/api/property_mappings.py
@@ -0,0 +1,36 @@
+"""RAC Provider API Views"""
+from rest_framework.fields import CharField
+from rest_framework.viewsets import ModelViewSet
+
+from authentik.core.api.propertymappings import PropertyMappingSerializer
+from authentik.core.api.used_by import UsedByMixin
+from authentik.core.api.utils import JSONDictField
+from authentik.enterprise.api import EnterpriseRequiredMixin
+from authentik.enterprise.providers.rac.models import RACPropertyMapping
+
+
+class RACPropertyMappingSerializer(EnterpriseRequiredMixin, PropertyMappingSerializer):
+    """RACPropertyMapping Serializer"""
+
+    static_settings = JSONDictField()
+    expression = CharField(allow_blank=True, required=False)
+
+    def validate_expression(self, expression: str) -> str:
+        """Test Syntax"""
+        if expression == "":
+            return expression
+        return super().validate_expression(expression)
+
+    class Meta:
+        model = RACPropertyMapping
+        fields = PropertyMappingSerializer.Meta.fields + ["static_settings"]
+
+
+class RACPropertyMappingViewSet(UsedByMixin, ModelViewSet):
+    """RACPropertyMapping Viewset"""
+
+    queryset = RACPropertyMapping.objects.all()
+    serializer_class = RACPropertyMappingSerializer
+    search_fields = ["name"]
+    ordering = ["name"]
+    filterset_fields = ["name", "managed"]
diff --git a/authentik/enterprise/providers/rac/api/providers.py b/authentik/enterprise/providers/rac/api/providers.py
new file mode 100644
index 000000000..cda6c2af3
--- /dev/null
+++ b/authentik/enterprise/providers/rac/api/providers.py
@@ -0,0 +1,32 @@
+"""RAC Provider API Views"""
+from rest_framework.fields import CharField, ListField
+from rest_framework.viewsets import ModelViewSet
+
+from authentik.core.api.providers import ProviderSerializer
+from authentik.core.api.used_by import UsedByMixin
+from authentik.enterprise.api import EnterpriseRequiredMixin
+from authentik.enterprise.providers.rac.models import RACProvider
+
+
+class RACProviderSerializer(EnterpriseRequiredMixin, ProviderSerializer):
+    """RACProvider Serializer"""
+
+    outpost_set = ListField(child=CharField(), read_only=True, source="outpost_set.all")
+
+    class Meta:
+        model = RACProvider
+        fields = ProviderSerializer.Meta.fields + ["settings", "outpost_set", "connection_expiry"]
+        extra_kwargs = ProviderSerializer.Meta.extra_kwargs
+
+
+class RACProviderViewSet(UsedByMixin, ModelViewSet):
+    """RACProvider Viewset"""
+
+    queryset = RACProvider.objects.all()
+    serializer_class = RACProviderSerializer
+    filterset_fields = {
+        "application": ["isnull"],
+        "name": ["iexact"],
+    }
+    search_fields = ["name"]
+    ordering = ["name"]
diff --git a/authentik/enterprise/providers/rac/apps.py b/authentik/enterprise/providers/rac/apps.py
new file mode 100644
index 000000000..13930faae
--- /dev/null
+++ b/authentik/enterprise/providers/rac/apps.py
@@ -0,0 +1,17 @@
+"""RAC app config"""
+from authentik.enterprise.apps import EnterpriseConfig
+
+
+class AuthentikEnterpriseProviderRAC(EnterpriseConfig):
+    """authentik enterprise rac app config"""
+
+    name = "authentik.enterprise.providers.rac"
+    label = "authentik_providers_rac"
+    verbose_name = "authentik Enterprise.Providers.RAC"
+    default = True
+    mountpoint = ""
+    ws_mountpoint = "authentik.enterprise.providers.rac.urls"
+
+    def reconcile_load_rac_signals(self):
+        """Load rac signals"""
+        self.import_module("authentik.enterprise.providers.rac.signals")
diff --git a/authentik/enterprise/providers/rac/consumer_client.py b/authentik/enterprise/providers/rac/consumer_client.py
new file mode 100644
index 000000000..57fef7d74
--- /dev/null
+++ b/authentik/enterprise/providers/rac/consumer_client.py
@@ -0,0 +1,163 @@
+"""RAC Client consumer"""
+from asgiref.sync import async_to_sync
+from channels.db import database_sync_to_async
+from channels.exceptions import ChannelFull, DenyConnection
+from channels.generic.websocket import AsyncWebsocketConsumer
+from django.http.request import QueryDict
+from structlog.stdlib import BoundLogger, get_logger
+
+from authentik.enterprise.providers.rac.models import ConnectionToken, RACProvider
+from authentik.outposts.consumer import OUTPOST_GROUP_INSTANCE
+from authentik.outposts.models import Outpost, OutpostState, OutpostType
+
+# Global broadcast group, which messages are sent to when the outpost connects back
+# to authentik for a specific connection
+# The `RACClientConsumer` consumer adds itself to this group on connection,
+# and removes itself once it has been assigned a specific outpost channel
+RAC_CLIENT_GROUP = "group_enterprise_rac_client"
+# A group for all connections in a given authentik session ID
+# A disconnect message is sent to this group when the session expires/is deleted
+RAC_CLIENT_GROUP_SESSION = "group_enterprise_rac_client_%(session)s"
+# A group for all connections with a specific token, which in almost all cases
+# is just one connection, however this is used to disconnect the connection
+# when the token is deleted
+RAC_CLIENT_GROUP_TOKEN = "group_enterprise_rac_token_%(token)s"  # nosec
+
+# Step 1: Client connects to this websocket endpoint
+# Step 2: We prepare all the connection args for Guac
+# Step 3: Send a websocket message to a single outpost that has this provider assigned
+#         (Currently sending to all of them)
+#         (Should probably do different load balancing algorithms)
+# Step 4: Outpost creates a websocket connection back to authentik
+#         with /ws/outpost_rac/<our_channel_id>/
+# Step 5: This consumer transfers data between the two channels
+
+
+class RACClientConsumer(AsyncWebsocketConsumer):
+    """RAC client consumer the browser connects to"""
+
+    dest_channel_id: str = ""
+    provider: RACProvider
+    token: ConnectionToken
+    logger: BoundLogger
+
+    async def connect(self):
+        await self.accept("guacamole")
+        await self.channel_layer.group_add(RAC_CLIENT_GROUP, self.channel_name)
+        await self.channel_layer.group_add(
+            RAC_CLIENT_GROUP_SESSION % {"session": self.scope["session"].session_key},
+            self.channel_name,
+        )
+        await self.init_outpost_connection()
+
+    async def disconnect(self, code):
+        self.logger.debug("Disconnecting")
+        # Tell the outpost we're disconnecting
+        await self.channel_layer.send(
+            self.dest_channel_id,
+            {
+                "type": "event.disconnect",
+            },
+        )
+
+    @database_sync_to_async
+    def init_outpost_connection(self):
+        """Initialize guac connection settings"""
+        self.token = ConnectionToken.filter_not_expired(
+            token=self.scope["url_route"]["kwargs"]["token"]
+        ).first()
+        if not self.token:
+            raise DenyConnection()
+        self.provider = self.token.provider
+        params = self.token.get_settings()
+        self.logger = get_logger().bind(
+            endpoint=self.token.endpoint.name, user=self.scope["user"].username
+        )
+        msg = {
+            "type": "event.provider.specific",
+            "sub_type": "init_connection",
+            "dest_channel_id": self.channel_name,
+            "params": params,
+            "protocol": self.token.endpoint.protocol,
+        }
+        query = QueryDict(self.scope["query_string"].decode())
+        for key in ["screen_width", "screen_height", "screen_dpi", "audio"]:
+            value = query.get(key, None)
+            if not value:
+                continue
+            msg[key] = str(value)
+        outposts = Outpost.objects.filter(
+            type=OutpostType.RAC,
+            providers__in=[self.provider],
+        )
+        if not outposts.exists():
+            self.logger.warning("Provider has no outpost")
+            raise DenyConnection()
+        for outpost in outposts:
+            # Sort all states for the outpost by connection count
+            states = sorted(
+                OutpostState.for_outpost(outpost),
+                key=lambda state: int(state.args.get("active_connections", 0)),
+            )
+            if len(states) < 1:
+                continue
+            self.logger.debug("Sending out connection broadcast")
+            async_to_sync(self.channel_layer.group_send)(
+                OUTPOST_GROUP_INSTANCE % {"outpost_pk": str(outpost.pk), "instance": states[0].uid},
+                msg,
+            )
+
+    async def receive(self, text_data=None, bytes_data=None):
+        """Mirror data received from client to the dest_channel_id
+        which is the channel talking to guacd"""
+        if self.dest_channel_id == "":
+            return
+        if self.token.is_expired:
+            await self.event_disconnect({"reason": "token_expiry"})
+            return
+        try:
+            await self.channel_layer.send(
+                self.dest_channel_id,
+                {
+                    "type": "event.send",
+                    "text_data": text_data,
+                    "bytes_data": bytes_data,
+                },
+            )
+        except ChannelFull:
+            pass
+
+    async def event_outpost_connected(self, event: dict):
+        """Handle event broadcasted from outpost consumer, and check if they
+        created a connection for us"""
+        outpost_channel = event.get("outpost_channel")
+        if event.get("client_channel") != self.channel_name:
+            return
+        if self.dest_channel_id != "":
+            # We've already selected an outpost channel, so tell the other channel to disconnect
+            # This should never happen since we remove ourselves from the broadcast group
+            await self.channel_layer.send(
+                outpost_channel,
+                {
+                    "type": "event.disconnect",
+                },
+            )
+            return
+        self.logger.debug("Connected to a single outpost instance")
+        self.dest_channel_id = outpost_channel
+        # Since we have a specific outpost channel now, we can remove
+        # ourselves from the global broadcast group
+        await self.channel_layer.group_discard(RAC_CLIENT_GROUP, self.channel_name)
+
+    async def event_send(self, event: dict):
+        """Handler called by outpost websocket that sends data to this specific
+        client connection"""
+        if self.token.is_expired:
+            await self.event_disconnect({"reason": "token_expiry"})
+            return
+        await self.send(text_data=event.get("text_data"), bytes_data=event.get("bytes_data"))
+
+    async def event_disconnect(self, event: dict):
+        """Disconnect when the session ends"""
+        self.logger.info("Disconnecting RAC connection", reason=event.get("reason"))
+        await self.close()
diff --git a/authentik/enterprise/providers/rac/consumer_outpost.py b/authentik/enterprise/providers/rac/consumer_outpost.py
new file mode 100644
index 000000000..8fa42d859
--- /dev/null
+++ b/authentik/enterprise/providers/rac/consumer_outpost.py
@@ -0,0 +1,48 @@
+"""RAC consumer"""
+from channels.exceptions import ChannelFull
+from channels.generic.websocket import AsyncWebsocketConsumer
+
+from authentik.enterprise.providers.rac.consumer_client import RAC_CLIENT_GROUP
+
+
+class RACOutpostConsumer(AsyncWebsocketConsumer):
+    """Consumer the outpost connects to, to send specific data back to a client connection"""
+
+    dest_channel_id: str
+
+    async def connect(self):
+        self.dest_channel_id = self.scope["url_route"]["kwargs"]["channel"]
+        await self.accept()
+        await self.channel_layer.group_send(
+            RAC_CLIENT_GROUP,
+            {
+                "type": "event.outpost.connected",
+                "outpost_channel": self.channel_name,
+                "client_channel": self.dest_channel_id,
+            },
+        )
+
+    async def receive(self, text_data=None, bytes_data=None):
+        """Mirror data received from guacd running in the outpost
+        to the dest_channel_id which is the channel talking to the browser"""
+        try:
+            await self.channel_layer.send(
+                self.dest_channel_id,
+                {
+                    "type": "event.send",
+                    "text_data": text_data,
+                    "bytes_data": bytes_data,
+                },
+            )
+        except ChannelFull:
+            pass
+
+    async def event_send(self, event: dict):
+        """Handler called by client websocket that sends data to this specific
+        outpost connection"""
+        await self.send(text_data=event.get("text_data"), bytes_data=event.get("bytes_data"))
+
+    async def event_disconnect(self, event: dict):
+        """Tell outpost we're about to disconnect"""
+        await self.send(text_data="0.authentik.disconnect")
+        await self.close()
diff --git a/authentik/enterprise/providers/rac/controllers/__init__.py b/authentik/enterprise/providers/rac/controllers/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/controllers/docker.py b/authentik/enterprise/providers/rac/controllers/docker.py
new file mode 100644
index 000000000..8dac04d06
--- /dev/null
+++ b/authentik/enterprise/providers/rac/controllers/docker.py
@@ -0,0 +1,11 @@
+"""RAC Provider Docker Controller"""
+from authentik.outposts.controllers.docker import DockerController
+from authentik.outposts.models import DockerServiceConnection, Outpost
+
+
+class RACDockerController(DockerController):
+    """RAC Provider Docker Controller"""
+
+    def __init__(self, outpost: Outpost, connection: DockerServiceConnection):
+        super().__init__(outpost, connection)
+        self.deployment_ports = []
diff --git a/authentik/enterprise/providers/rac/controllers/kubernetes.py b/authentik/enterprise/providers/rac/controllers/kubernetes.py
new file mode 100644
index 000000000..f7768735e
--- /dev/null
+++ b/authentik/enterprise/providers/rac/controllers/kubernetes.py
@@ -0,0 +1,13 @@
+"""RAC Provider Kubernetes Controller"""
+from authentik.outposts.controllers.k8s.service import ServiceReconciler
+from authentik.outposts.controllers.kubernetes import KubernetesController
+from authentik.outposts.models import KubernetesServiceConnection, Outpost
+
+
+class RACKubernetesController(KubernetesController):
+    """RAC Provider Kubernetes Controller"""
+
+    def __init__(self, outpost: Outpost, connection: KubernetesServiceConnection):
+        super().__init__(outpost, connection)
+        self.deployment_ports = []
+        del self.reconcilers[ServiceReconciler.reconciler_name()]
diff --git a/authentik/enterprise/providers/rac/migrations/0001_initial.py b/authentik/enterprise/providers/rac/migrations/0001_initial.py
new file mode 100644
index 000000000..ef8702886
--- /dev/null
+++ b/authentik/enterprise/providers/rac/migrations/0001_initial.py
@@ -0,0 +1,164 @@
+# Generated by Django 4.2.8 on 2023-12-29 15:58
+
+import uuid
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+import authentik.core.models
+import authentik.lib.utils.time
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = [
+        ("authentik_policies", "0011_policybinding_failure_result_and_more"),
+        ("authentik_core", "0032_group_roles"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="RACPropertyMapping",
+            fields=[
+                (
+                    "propertymapping_ptr",
+                    models.OneToOneField(
+                        auto_created=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        parent_link=True,
+                        primary_key=True,
+                        serialize=False,
+                        to="authentik_core.propertymapping",
+                    ),
+                ),
+                ("static_settings", models.JSONField(default=dict)),
+            ],
+            options={
+                "verbose_name": "RAC Property Mapping",
+                "verbose_name_plural": "RAC Property Mappings",
+            },
+            bases=("authentik_core.propertymapping",),
+        ),
+        migrations.CreateModel(
+            name="RACProvider",
+            fields=[
+                (
+                    "provider_ptr",
+                    models.OneToOneField(
+                        auto_created=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        parent_link=True,
+                        primary_key=True,
+                        serialize=False,
+                        to="authentik_core.provider",
+                    ),
+                ),
+                ("settings", models.JSONField(default=dict)),
+                (
+                    "auth_mode",
+                    models.TextField(
+                        choices=[("static", "Static"), ("prompt", "Prompt")], default="prompt"
+                    ),
+                ),
+                (
+                    "connection_expiry",
+                    models.TextField(
+                        default="hours=8",
+                        help_text="Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)",
+                        validators=[authentik.lib.utils.time.timedelta_string_validator],
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "RAC Provider",
+                "verbose_name_plural": "RAC Providers",
+            },
+            bases=("authentik_core.provider",),
+        ),
+        migrations.CreateModel(
+            name="Endpoint",
+            fields=[
+                (
+                    "policybindingmodel_ptr",
+                    models.OneToOneField(
+                        auto_created=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        parent_link=True,
+                        primary_key=True,
+                        serialize=False,
+                        to="authentik_policies.policybindingmodel",
+                    ),
+                ),
+                ("name", models.TextField()),
+                ("host", models.TextField()),
+                (
+                    "protocol",
+                    models.TextField(choices=[("rdp", "Rdp"), ("vnc", "Vnc"), ("ssh", "Ssh")]),
+                ),
+                ("settings", models.JSONField(default=dict)),
+                (
+                    "auth_mode",
+                    models.TextField(choices=[("static", "Static"), ("prompt", "Prompt")]),
+                ),
+                (
+                    "property_mappings",
+                    models.ManyToManyField(
+                        blank=True, default=None, to="authentik_core.propertymapping"
+                    ),
+                ),
+                (
+                    "provider",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="authentik_providers_rac.racprovider",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "RAC Endpoint",
+                "verbose_name_plural": "RAC Endpoints",
+            },
+            bases=("authentik_policies.policybindingmodel", models.Model),
+        ),
+        migrations.CreateModel(
+            name="ConnectionToken",
+            fields=[
+                (
+                    "expires",
+                    models.DateTimeField(default=authentik.core.models.default_token_duration),
+                ),
+                ("expiring", models.BooleanField(default=True)),
+                (
+                    "connection_token_uuid",
+                    models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False),
+                ),
+                ("token", models.TextField(default=authentik.core.models.default_token_key)),
+                ("settings", models.JSONField(default=dict)),
+                (
+                    "endpoint",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="authentik_providers_rac.endpoint",
+                    ),
+                ),
+                (
+                    "provider",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="authentik_providers_rac.racprovider",
+                    ),
+                ),
+                (
+                    "session",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="authentik_core.authenticatedsession",
+                    ),
+                ),
+            ],
+            options={
+                "abstract": False,
+            },
+        ),
+    ]
diff --git a/authentik/enterprise/providers/rac/migrations/0002_endpoint_maximum_connections.py b/authentik/enterprise/providers/rac/migrations/0002_endpoint_maximum_connections.py
new file mode 100644
index 000000000..0760f2313
--- /dev/null
+++ b/authentik/enterprise/providers/rac/migrations/0002_endpoint_maximum_connections.py
@@ -0,0 +1,17 @@
+# Generated by Django 5.0 on 2024-01-03 23:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_providers_rac", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="endpoint",
+            name="maximum_connections",
+            field=models.IntegerField(default=1),
+        ),
+    ]
diff --git a/authentik/enterprise/providers/rac/migrations/__init__.py b/authentik/enterprise/providers/rac/migrations/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/models.py b/authentik/enterprise/providers/rac/models.py
new file mode 100644
index 000000000..927bd23fe
--- /dev/null
+++ b/authentik/enterprise/providers/rac/models.py
@@ -0,0 +1,192 @@
+"""RAC Models"""
+from typing import Optional
+from uuid import uuid4
+
+from deepmerge import always_merger
+from django.db import models
+from django.db.models import QuerySet
+from django.utils.translation import gettext as _
+from rest_framework.serializers import Serializer
+from structlog.stdlib import get_logger
+
+from authentik.core.exceptions import PropertyMappingExpressionException
+from authentik.core.models import ExpiringModel, PropertyMapping, Provider, default_token_key
+from authentik.events.models import Event, EventAction
+from authentik.lib.models import SerializerModel
+from authentik.lib.utils.time import timedelta_string_validator
+from authentik.policies.models import PolicyBindingModel
+
+LOGGER = get_logger()
+
+
+class Protocols(models.TextChoices):
+    """Supported protocols"""
+
+    RDP = "rdp"
+    VNC = "vnc"
+    SSH = "ssh"
+
+
+class AuthenticationMode(models.TextChoices):
+    """Authentication modes"""
+
+    STATIC = "static"
+    PROMPT = "prompt"
+
+
+class RACProvider(Provider):
+    """Remotely access computers/servers via RDP/SSH/VNC."""
+
+    settings = models.JSONField(default=dict)
+    auth_mode = models.TextField(
+        choices=AuthenticationMode.choices, default=AuthenticationMode.PROMPT
+    )
+    connection_expiry = models.TextField(
+        default="hours=8",
+        validators=[timedelta_string_validator],
+        help_text=_(
+            "Determines how long a session lasts. Default of 0 means "
+            "that the sessions lasts until the browser is closed. "
+            "(Format: hours=-1;minutes=-2;seconds=-3)"
+        ),
+    )
+
+    @property
+    def launch_url(self) -> Optional[str]:
+        """URL to this provider and initiate authorization for the user.
+        Can return None for providers that are not URL-based"""
+        return "goauthentik.io://providers/rac/launch"
+
+    @property
+    def component(self) -> str:
+        return "ak-provider-rac-form"
+
+    @property
+    def serializer(self) -> type[Serializer]:
+        from authentik.enterprise.providers.rac.api.providers import RACProviderSerializer
+
+        return RACProviderSerializer
+
+    class Meta:
+        verbose_name = _("RAC Provider")
+        verbose_name_plural = _("RAC Providers")
+
+
+class Endpoint(SerializerModel, PolicyBindingModel):
+    """Remote-accessible endpoint"""
+
+    name = models.TextField()
+    host = models.TextField()
+    protocol = models.TextField(choices=Protocols.choices)
+    settings = models.JSONField(default=dict)
+    auth_mode = models.TextField(choices=AuthenticationMode.choices)
+    provider = models.ForeignKey("RACProvider", on_delete=models.CASCADE)
+    maximum_connections = models.IntegerField(default=1)
+
+    property_mappings = models.ManyToManyField(
+        "authentik_core.PropertyMapping", default=None, blank=True
+    )
+
+    @property
+    def serializer(self) -> type[Serializer]:
+        from authentik.enterprise.providers.rac.api.endpoints import EndpointSerializer
+
+        return EndpointSerializer
+
+    def __str__(self):
+        return f"RAC Endpoint {self.name}"
+
+    class Meta:
+        verbose_name = _("RAC Endpoint")
+        verbose_name_plural = _("RAC Endpoints")
+
+
+class RACPropertyMapping(PropertyMapping):
+    """Configure settings for remote access endpoints."""
+
+    static_settings = models.JSONField(default=dict)
+
+    @property
+    def component(self) -> str:
+        return "ak-property-mapping-rac-form"
+
+    @property
+    def serializer(self) -> type[Serializer]:
+        from authentik.enterprise.providers.rac.api.property_mappings import (
+            RACPropertyMappingSerializer,
+        )
+
+        return RACPropertyMappingSerializer
+
+    class Meta:
+        verbose_name = _("RAC Property Mapping")
+        verbose_name_plural = _("RAC Property Mappings")
+
+
+class ConnectionToken(ExpiringModel):
+    """Token for a single connection to a specified endpoint"""
+
+    connection_token_uuid = models.UUIDField(default=uuid4, primary_key=True)
+    provider = models.ForeignKey(RACProvider, on_delete=models.CASCADE)
+    endpoint = models.ForeignKey(Endpoint, on_delete=models.CASCADE)
+    token = models.TextField(default=default_token_key)
+    settings = models.JSONField(default=dict)
+    session = models.ForeignKey("authentik_core.AuthenticatedSession", on_delete=models.CASCADE)
+
+    def get_settings(self) -> dict:
+        """Get settings"""
+        default_settings = {}
+        if ":" in self.endpoint.host:
+            host, _, port = self.endpoint.host.partition(":")
+            default_settings["hostname"] = host
+            default_settings["port"] = str(port)
+        else:
+            default_settings["hostname"] = self.endpoint.host
+        default_settings["client-name"] = "authentik"
+        # default_settings["enable-drive"] = "true"
+        # default_settings["drive-name"] = "authentik"
+        settings = {}
+        always_merger.merge(settings, default_settings)
+        always_merger.merge(settings, self.endpoint.provider.settings)
+        always_merger.merge(settings, self.endpoint.settings)
+        always_merger.merge(settings, self.settings)
+
+        def mapping_evaluator(mappings: QuerySet):
+            for mapping in mappings:
+                mapping: RACPropertyMapping
+                if len(mapping.static_settings) > 0:
+                    always_merger.merge(settings, mapping.static_settings)
+                    continue
+                try:
+                    mapping_settings = mapping.evaluate(
+                        self.session.user, None, endpoint=self.endpoint, provider=self.provider
+                    )
+                    always_merger.merge(settings, mapping_settings)
+                except PropertyMappingExpressionException as exc:
+                    Event.new(
+                        EventAction.CONFIGURATION_ERROR,
+                        message=f"Failed to evaluate property-mapping: '{mapping.name}'",
+                        provider=self.provider,
+                        mapping=mapping,
+                    ).set_user(self.session.user).save()
+                    LOGGER.warning("Failed to evaluate property mapping", exc=exc)
+
+        mapping_evaluator(
+            RACPropertyMapping.objects.filter(provider__in=[self.provider]).order_by("name")
+        )
+        mapping_evaluator(
+            RACPropertyMapping.objects.filter(endpoint__in=[self.endpoint]).order_by("name")
+        )
+
+        settings["drive-path"] = f"/tmp/connection/{self.token}"  # nosec
+        settings["create-drive-path"] = "true"
+        # Ensure all values of the settings dict are strings
+        for key, value in settings.items():
+            if isinstance(value, str):
+                continue
+            # Special case for bools
+            if isinstance(value, bool):
+                settings[key] = str(value).lower()
+                continue
+            settings[key] = str(value)
+        return settings
diff --git a/authentik/enterprise/providers/rac/signals.py b/authentik/enterprise/providers/rac/signals.py
new file mode 100644
index 000000000..21f727690
--- /dev/null
+++ b/authentik/enterprise/providers/rac/signals.py
@@ -0,0 +1,54 @@
+"""RAC Signals"""
+from asgiref.sync import async_to_sync
+from channels.layers import get_channel_layer
+from django.contrib.auth.signals import user_logged_out
+from django.core.cache import cache
+from django.db.models import Model
+from django.db.models.signals import post_save, pre_delete
+from django.dispatch import receiver
+from django.http import HttpRequest
+
+from authentik.core.models import User
+from authentik.enterprise.providers.rac.api.endpoints import user_endpoint_cache_key
+from authentik.enterprise.providers.rac.consumer_client import (
+    RAC_CLIENT_GROUP_SESSION,
+    RAC_CLIENT_GROUP_TOKEN,
+)
+from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint
+
+
+@receiver(user_logged_out)
+def user_logged_out_session(sender, request: HttpRequest, user: User, **_):
+    """Disconnect any open RAC connections"""
+    layer = get_channel_layer()
+    async_to_sync(layer.group_send)(
+        RAC_CLIENT_GROUP_SESSION
+        % {
+            "session": request.session.session_key,
+        },
+        {"type": "event.disconnect", "reason": "session_logout"},
+    )
+
+
+@receiver(pre_delete, sender=ConnectionToken)
+def pre_delete_connection_token_disconnect(sender, instance: ConnectionToken, **_):
+    """Disconnect session when connection token is deleted"""
+    layer = get_channel_layer()
+    async_to_sync(layer.group_send)(
+        RAC_CLIENT_GROUP_TOKEN
+        % {
+            "token": instance.token,
+        },
+        {"type": "event.disconnect", "reason": "token_delete"},
+    )
+
+
+@receiver(post_save, sender=Endpoint)
+def post_save_application(sender: type[Model], instance, created: bool, **_):
+    """Clear user's application cache upon application creation"""
+    if not created:  # pragma: no cover
+        return
+
+    # Delete user endpoint cache
+    keys = cache.keys(user_endpoint_cache_key("*"))
+    cache.delete_many(keys)
diff --git a/authentik/enterprise/providers/rac/templates/if/rac.html b/authentik/enterprise/providers/rac/templates/if/rac.html
new file mode 100644
index 000000000..1d1a03398
--- /dev/null
+++ b/authentik/enterprise/providers/rac/templates/if/rac.html
@@ -0,0 +1,18 @@
+{% extends "base/skeleton.html" %}
+
+{% load static %}
+
+{% block head %}
+<script src="{% static 'dist/enterprise/rac/index.js' %}?version={{ version }}" type="module"></script>
+<meta name="theme-color" content="#18191a" media="(prefers-color-scheme: dark)">
+<meta name="theme-color" content="#ffffff" media="(prefers-color-scheme: light)">
+<link rel="icon" href="{{ tenant.branding_favicon }}">
+<link rel="shortcut icon" href="{{ tenant.branding_favicon }}">
+{% include "base/header_js.html" %}
+{% endblock %}
+
+{% block body %}
+<ak-rac token="{{ url_kwargs.token }}" endpointName="{{ token.endpoint.name }}">
+  <ak-loading></ak-loading>
+</ak-rac>
+{% endblock %}
diff --git a/authentik/enterprise/providers/rac/tests/__init__.py b/authentik/enterprise/providers/rac/tests/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/enterprise/providers/rac/tests/test_endpoints_api.py b/authentik/enterprise/providers/rac/tests/test_endpoints_api.py
new file mode 100644
index 000000000..3000b345c
--- /dev/null
+++ b/authentik/enterprise/providers/rac/tests/test_endpoints_api.py
@@ -0,0 +1,171 @@
+"""Test Endpoints API"""
+
+from django.urls import reverse
+from rest_framework.test import APITestCase
+
+from authentik.core.models import Application
+from authentik.core.tests.utils import create_test_admin_user
+from authentik.enterprise.providers.rac.models import Endpoint, Protocols, RACProvider
+from authentik.lib.generators import generate_id
+from authentik.policies.dummy.models import DummyPolicy
+from authentik.policies.models import PolicyBinding
+
+
+class TestEndpointsAPI(APITestCase):
+    """Test endpoints API"""
+
+    def setUp(self) -> None:
+        self.user = create_test_admin_user()
+        self.provider = RACProvider.objects.create(
+            name=generate_id(),
+        )
+        self.app = Application.objects.create(
+            name=generate_id(),
+            slug=generate_id(),
+            provider=self.provider,
+        )
+        self.allowed = Endpoint.objects.create(
+            name=f"a-{generate_id()}",
+            host=generate_id(),
+            protocol=Protocols.RDP,
+            provider=self.provider,
+        )
+        self.denied = Endpoint.objects.create(
+            name=f"b-{generate_id()}",
+            host=generate_id(),
+            protocol=Protocols.RDP,
+            provider=self.provider,
+        )
+        PolicyBinding.objects.create(
+            target=self.denied,
+            policy=DummyPolicy.objects.create(name="deny", result=False, wait_min=1, wait_max=2),
+            order=0,
+        )
+
+    def test_list(self):
+        """Test list operation without superuser_full_list"""
+        self.client.force_login(self.user)
+        response = self.client.get(reverse("authentik_api:endpoint-list"))
+        self.assertJSONEqual(
+            response.content.decode(),
+            {
+                "pagination": {
+                    "next": 0,
+                    "previous": 0,
+                    "count": 2,
+                    "current": 1,
+                    "total_pages": 1,
+                    "start_index": 1,
+                    "end_index": 2,
+                },
+                "results": [
+                    {
+                        "pk": str(self.allowed.pk),
+                        "name": self.allowed.name,
+                        "provider": self.provider.pk,
+                        "provider_obj": {
+                            "pk": self.provider.pk,
+                            "name": self.provider.name,
+                            "authentication_flow": None,
+                            "authorization_flow": None,
+                            "property_mappings": [],
+                            "connection_expiry": "hours=8",
+                            "component": "ak-provider-rac-form",
+                            "assigned_application_slug": self.app.slug,
+                            "assigned_application_name": self.app.name,
+                            "verbose_name": "RAC Provider",
+                            "verbose_name_plural": "RAC Providers",
+                            "meta_model_name": "authentik_providers_rac.racprovider",
+                            "settings": {},
+                            "outpost_set": [],
+                        },
+                        "protocol": "rdp",
+                        "host": self.allowed.host,
+                        "maximum_connections": 1,
+                        "settings": {},
+                        "property_mappings": [],
+                        "auth_mode": "",
+                        "launch_url": f"/application/rac/{self.app.slug}/{str(self.allowed.pk)}/",
+                    },
+                ],
+            },
+        )
+
+    def test_list_superuser_full_list(self):
+        """Test list operation with superuser_full_list"""
+        self.client.force_login(self.user)
+        response = self.client.get(
+            reverse("authentik_api:endpoint-list") + "?superuser_full_list=true"
+        )
+        self.assertJSONEqual(
+            response.content.decode(),
+            {
+                "pagination": {
+                    "next": 0,
+                    "previous": 0,
+                    "count": 2,
+                    "current": 1,
+                    "total_pages": 1,
+                    "start_index": 1,
+                    "end_index": 2,
+                },
+                "results": [
+                    {
+                        "pk": str(self.allowed.pk),
+                        "name": self.allowed.name,
+                        "provider": self.provider.pk,
+                        "provider_obj": {
+                            "pk": self.provider.pk,
+                            "name": self.provider.name,
+                            "authentication_flow": None,
+                            "authorization_flow": None,
+                            "property_mappings": [],
+                            "component": "ak-provider-rac-form",
+                            "assigned_application_slug": self.app.slug,
+                            "assigned_application_name": self.app.name,
+                            "connection_expiry": "hours=8",
+                            "verbose_name": "RAC Provider",
+                            "verbose_name_plural": "RAC Providers",
+                            "meta_model_name": "authentik_providers_rac.racprovider",
+                            "settings": {},
+                            "outpost_set": [],
+                        },
+                        "protocol": "rdp",
+                        "host": self.allowed.host,
+                        "maximum_connections": 1,
+                        "settings": {},
+                        "property_mappings": [],
+                        "auth_mode": "",
+                        "launch_url": f"/application/rac/{self.app.slug}/{str(self.allowed.pk)}/",
+                    },
+                    {
+                        "pk": str(self.denied.pk),
+                        "name": self.denied.name,
+                        "provider": self.provider.pk,
+                        "provider_obj": {
+                            "pk": self.provider.pk,
+                            "name": self.provider.name,
+                            "authentication_flow": None,
+                            "authorization_flow": None,
+                            "property_mappings": [],
+                            "component": "ak-provider-rac-form",
+                            "assigned_application_slug": self.app.slug,
+                            "assigned_application_name": self.app.name,
+                            "connection_expiry": "hours=8",
+                            "verbose_name": "RAC Provider",
+                            "verbose_name_plural": "RAC Providers",
+                            "meta_model_name": "authentik_providers_rac.racprovider",
+                            "settings": {},
+                            "outpost_set": [],
+                        },
+                        "protocol": "rdp",
+                        "host": self.denied.host,
+                        "maximum_connections": 1,
+                        "settings": {},
+                        "property_mappings": [],
+                        "auth_mode": "",
+                        "launch_url": f"/application/rac/{self.app.slug}/{str(self.denied.pk)}/",
+                    },
+                ],
+            },
+        )
diff --git a/authentik/enterprise/providers/rac/tests/test_models.py b/authentik/enterprise/providers/rac/tests/test_models.py
new file mode 100644
index 000000000..48218f41b
--- /dev/null
+++ b/authentik/enterprise/providers/rac/tests/test_models.py
@@ -0,0 +1,144 @@
+"""Test RAC Models"""
+from django.test import TransactionTestCase
+
+from authentik.core.models import Application, AuthenticatedSession
+from authentik.core.tests.utils import create_test_admin_user
+from authentik.enterprise.providers.rac.models import (
+    ConnectionToken,
+    Endpoint,
+    Protocols,
+    RACPropertyMapping,
+    RACProvider,
+)
+from authentik.lib.generators import generate_id
+
+
+class TestModels(TransactionTestCase):
+    """Test RAC Models"""
+
+    def setUp(self):
+        self.user = create_test_admin_user()
+        self.provider = RACProvider.objects.create(
+            name=generate_id(),
+        )
+        self.app = Application.objects.create(
+            name=generate_id(),
+            slug=generate_id(),
+            provider=self.provider,
+        )
+        self.endpoint = Endpoint.objects.create(
+            name=generate_id(),
+            host=f"{generate_id()}:1324",
+            protocol=Protocols.RDP,
+            provider=self.provider,
+        )
+
+    def test_settings_merge(self):
+        """Test settings merge"""
+        token = ConnectionToken.objects.create(
+            provider=self.provider,
+            endpoint=self.endpoint,
+            session=AuthenticatedSession.objects.create(
+                user=self.user,
+                session_key=generate_id(),
+            ),
+        )
+        path = f"/tmp/connection/{token.token}"  # nosec
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+            },
+        )
+        # Set settings in provider
+        self.provider.settings = {"level": "provider"}
+        self.provider.save()
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+                "level": "provider",
+            },
+        )
+        # Set settings in endpoint
+        self.endpoint.settings = {
+            "level": "endpoint",
+        }
+        self.endpoint.save()
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+                "level": "endpoint",
+            },
+        )
+        # Set settings in token
+        token.settings = {
+            "level": "token",
+        }
+        token.save()
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+                "level": "token",
+            },
+        )
+        # Set settings in property mapping (provider)
+        mapping = RACPropertyMapping.objects.create(
+            name=generate_id(),
+            expression="""return {
+                "level": "property_mapping_provider"
+            }""",
+        )
+        self.provider.property_mappings.add(mapping)
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+                "level": "property_mapping_provider",
+            },
+        )
+        # Set settings in property mapping (endpoint)
+        mapping = RACPropertyMapping.objects.create(
+            name=generate_id(),
+            static_settings={
+                "level": "property_mapping_endpoint",
+                "foo": True,
+                "bar": 6,
+            },
+        )
+        self.endpoint.property_mappings.add(mapping)
+        self.assertEqual(
+            token.get_settings(),
+            {
+                "hostname": self.endpoint.host.split(":")[0],
+                "port": "1324",
+                "client-name": "authentik",
+                "drive-path": path,
+                "create-drive-path": "true",
+                "level": "property_mapping_endpoint",
+                "foo": "true",
+                "bar": "6",
+            },
+        )
diff --git a/authentik/enterprise/providers/rac/tests/test_views.py b/authentik/enterprise/providers/rac/tests/test_views.py
new file mode 100644
index 000000000..e2fb14a11
--- /dev/null
+++ b/authentik/enterprise/providers/rac/tests/test_views.py
@@ -0,0 +1,132 @@
+"""RAC Views tests"""
+from datetime import timedelta
+from json import loads
+from time import mktime
+from unittest.mock import MagicMock, patch
+
+from django.urls import reverse
+from django.utils.timezone import now
+from rest_framework.test import APITestCase
+
+from authentik.core.models import Application
+from authentik.core.tests.utils import create_test_admin_user, create_test_flow
+from authentik.enterprise.models import License, LicenseKey
+from authentik.enterprise.providers.rac.models import Endpoint, Protocols, RACProvider
+from authentik.lib.generators import generate_id
+from authentik.policies.denied import AccessDeniedResponse
+from authentik.policies.dummy.models import DummyPolicy
+from authentik.policies.models import PolicyBinding
+
+
+class TestRACViews(APITestCase):
+    """RAC Views tests"""
+
+    def setUp(self):
+        self.user = create_test_admin_user()
+        self.flow = create_test_flow()
+        self.provider = RACProvider.objects.create(name=generate_id(), authorization_flow=self.flow)
+        self.app = Application.objects.create(
+            name=generate_id(),
+            slug=generate_id(),
+            provider=self.provider,
+        )
+        self.endpoint = Endpoint.objects.create(
+            name=generate_id(),
+            host=f"{generate_id()}:1324",
+            protocol=Protocols.RDP,
+            provider=self.provider,
+        )
+
+    @patch(
+        "authentik.enterprise.models.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=int(mktime((now() + timedelta(days=3000)).timetuple())),
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    def test_no_policy(self):
+        """Test request"""
+        License.objects.create(key=generate_id())
+        self.client.force_login(self.user)
+        response = self.client.get(
+            reverse(
+                "authentik_providers_rac:start",
+                kwargs={"app": self.app.slug, "endpoint": str(self.endpoint.pk)},
+            )
+        )
+        self.assertEqual(response.status_code, 302)
+        flow_response = self.client.get(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
+        )
+        body = loads(flow_response.content)
+        next_url = body["to"]
+        final_response = self.client.get(next_url)
+        self.assertEqual(final_response.status_code, 200)
+
+    @patch(
+        "authentik.enterprise.models.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=int(mktime((now() + timedelta(days=3000)).timetuple())),
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    def test_app_deny(self):
+        """Test request (deny on app level)"""
+        PolicyBinding.objects.create(
+            target=self.app,
+            policy=DummyPolicy.objects.create(name="deny", result=False, wait_min=1, wait_max=2),
+            order=0,
+        )
+        License.objects.create(key=generate_id())
+        self.client.force_login(self.user)
+        response = self.client.get(
+            reverse(
+                "authentik_providers_rac:start",
+                kwargs={"app": self.app.slug, "endpoint": str(self.endpoint.pk)},
+            )
+        )
+        self.assertIsInstance(response, AccessDeniedResponse)
+
+    @patch(
+        "authentik.enterprise.models.LicenseKey.validate",
+        MagicMock(
+            return_value=LicenseKey(
+                aud="",
+                exp=int(mktime((now() + timedelta(days=3000)).timetuple())),
+                name=generate_id(),
+                internal_users=100,
+                external_users=100,
+            )
+        ),
+    )
+    def test_endpoint_deny(self):
+        """Test request (deny on endpoint level)"""
+        PolicyBinding.objects.create(
+            target=self.endpoint,
+            policy=DummyPolicy.objects.create(name="deny", result=False, wait_min=1, wait_max=2),
+            order=0,
+        )
+        License.objects.create(key=generate_id())
+        self.client.force_login(self.user)
+        response = self.client.get(
+            reverse(
+                "authentik_providers_rac:start",
+                kwargs={"app": self.app.slug, "endpoint": str(self.endpoint.pk)},
+            )
+        )
+        self.assertEqual(response.status_code, 302)
+        flow_response = self.client.get(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
+        )
+        body = loads(flow_response.content)
+        self.assertEqual(body["component"], "ak-stage-access-denied")
diff --git a/authentik/enterprise/providers/rac/urls.py b/authentik/enterprise/providers/rac/urls.py
new file mode 100644
index 000000000..383619a3a
--- /dev/null
+++ b/authentik/enterprise/providers/rac/urls.py
@@ -0,0 +1,47 @@
+"""rac urls"""
+from channels.auth import AuthMiddleware
+from channels.sessions import CookieMiddleware
+from django.urls import path
+from django.views.decorators.csrf import ensure_csrf_cookie
+
+from authentik.core.channels import TokenOutpostMiddleware
+from authentik.enterprise.providers.rac.api.endpoints import EndpointViewSet
+from authentik.enterprise.providers.rac.api.property_mappings import RACPropertyMappingViewSet
+from authentik.enterprise.providers.rac.api.providers import RACProviderViewSet
+from authentik.enterprise.providers.rac.consumer_client import RACClientConsumer
+from authentik.enterprise.providers.rac.consumer_outpost import RACOutpostConsumer
+from authentik.enterprise.providers.rac.views import RACInterface, RACStartView
+from authentik.root.asgi_middleware import SessionMiddleware
+from authentik.root.middleware import ChannelsLoggingMiddleware
+
+urlpatterns = [
+    path(
+        "application/rac/<slug:app>/<uuid:endpoint>/",
+        ensure_csrf_cookie(RACStartView.as_view()),
+        name="start",
+    ),
+    path(
+        "if/rac/<str:token>/",
+        ensure_csrf_cookie(RACInterface.as_view()),
+        name="if-rac",
+    ),
+]
+
+websocket_urlpatterns = [
+    path(
+        "ws/rac/<str:token>/",
+        ChannelsLoggingMiddleware(
+            CookieMiddleware(SessionMiddleware(AuthMiddleware(RACClientConsumer.as_asgi())))
+        ),
+    ),
+    path(
+        "ws/outpost_rac/<str:channel>/",
+        ChannelsLoggingMiddleware(TokenOutpostMiddleware(RACOutpostConsumer.as_asgi())),
+    ),
+]
+
+api_urlpatterns = [
+    ("providers/rac", RACProviderViewSet),
+    ("propertymappings/rac", RACPropertyMappingViewSet),
+    ("rac/endpoints", EndpointViewSet),
+]
diff --git a/authentik/enterprise/providers/rac/views.py b/authentik/enterprise/providers/rac/views.py
new file mode 100644
index 000000000..4b93aee76
--- /dev/null
+++ b/authentik/enterprise/providers/rac/views.py
@@ -0,0 +1,140 @@
+"""RAC Views"""
+from typing import Any
+
+from django.http import Http404, HttpRequest, HttpResponse
+from django.shortcuts import get_object_or_404, redirect
+from django.urls import reverse
+from django.utils.timezone import now
+from django.utils.translation import gettext as _
+
+from authentik.core.models import Application, AuthenticatedSession
+from authentik.core.views.interface import InterfaceView
+from authentik.enterprise.policy import EnterprisePolicyAccessView
+from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint, RACProvider
+from authentik.events.models import Event, EventAction
+from authentik.flows.challenge import RedirectChallenge
+from authentik.flows.exceptions import FlowNonApplicableException
+from authentik.flows.models import in_memory_stage
+from authentik.flows.planner import FlowPlanner
+from authentik.flows.stage import RedirectStage
+from authentik.flows.views.executor import SESSION_KEY_PLAN
+from authentik.lib.utils.time import timedelta_from_string
+from authentik.lib.utils.urls import redirect_with_qs
+from authentik.policies.engine import PolicyEngine
+
+
+class RACStartView(EnterprisePolicyAccessView):
+    """Start a RAC connection by checking access and creating a connection token"""
+
+    endpoint: Endpoint
+
+    def resolve_provider_application(self):
+        self.application = get_object_or_404(Application, slug=self.kwargs["app"])
+        # Endpoint permissions are validated in the RACFinalStage below
+        self.endpoint = get_object_or_404(Endpoint, pk=self.kwargs["endpoint"])
+        self.provider = RACProvider.objects.get(application=self.application)
+
+    def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
+        """Start flow planner for RAC provider"""
+        planner = FlowPlanner(self.provider.authorization_flow)
+        planner.allow_empty_flows = True
+        try:
+            plan = planner.plan(self.request)
+        except FlowNonApplicableException:
+            raise Http404
+        plan.insert_stage(
+            in_memory_stage(
+                RACFinalStage,
+                application=self.application,
+                endpoint=self.endpoint,
+                provider=self.provider,
+            )
+        )
+        request.session[SESSION_KEY_PLAN] = plan
+        return redirect_with_qs(
+            "authentik_core:if-flow",
+            request.GET,
+            flow_slug=self.provider.authorization_flow.slug,
+        )
+
+
+class RACInterface(InterfaceView):
+    """Start RAC connection"""
+
+    template_name = "if/rac.html"
+    token: ConnectionToken
+
+    def dispatch(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
+        # Early sanity check to ensure token still exists
+        token = ConnectionToken.filter_not_expired(token=self.kwargs["token"]).first()
+        if not token:
+            return redirect("authentik_core:if-user")
+        self.token = token
+        return super().dispatch(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs: Any) -> dict[str, Any]:
+        kwargs["token"] = self.token
+        return super().get_context_data(**kwargs)
+
+
+class RACFinalStage(RedirectStage):
+    """RAC Connection final stage, set the connection token in the stage"""
+
+    endpoint: Endpoint
+    provider: RACProvider
+    application: Application
+
+    def dispatch(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
+        self.endpoint = self.executor.current_stage.endpoint
+        self.provider = self.executor.current_stage.provider
+        self.application = self.executor.current_stage.application
+        # Check policies bound to endpoint directly
+        engine = PolicyEngine(self.endpoint, self.request.user, self.request)
+        engine.use_cache = False
+        engine.build()
+        passing = engine.result
+        if not passing.passing:
+            return self.executor.stage_invalid(", ".join(passing.messages))
+        # Check if we're already at the maximum connection limit
+        all_tokens = ConnectionToken.filter_not_expired(
+            endpoint=self.endpoint,
+        ).exclude(endpoint__maximum_connections__lte=-1)
+        if all_tokens.count() >= self.endpoint.maximum_connections:
+            msg = [_("Maximum connection limit reached.")]
+            # Check if any other tokens exist for the current user, and inform them
+            # they are already connected
+            if all_tokens.filter(session__user=self.request.user).exists():
+                msg.append(_("(You are already connected in another tab/window)"))
+            return self.executor.stage_invalid(" ".join(msg))
+        return super().dispatch(request, *args, **kwargs)
+
+    def get_challenge(self, *args, **kwargs) -> RedirectChallenge:
+        token = ConnectionToken.objects.create(
+            provider=self.provider,
+            endpoint=self.endpoint,
+            settings=self.executor.plan.context.get("connection_settings", {}),
+            session=AuthenticatedSession.objects.filter(
+                session_key=self.request.session.session_key
+            ).first(),
+            expires=now() + timedelta_from_string(self.provider.connection_expiry),
+            expiring=True,
+        )
+        Event.new(
+            EventAction.AUTHORIZE_APPLICATION,
+            authorized_application=self.application,
+            flow=self.executor.plan.flow_pk,
+            endpoint=self.endpoint.name,
+        ).from_http(self.request)
+        setattr(
+            self.executor.current_stage,
+            "destination",
+            self.request.build_absolute_uri(
+                reverse(
+                    "authentik_providers_rac:if-rac",
+                    kwargs={
+                        "token": str(token.token),
+                    },
+                )
+            ),
+        )
+        return super().get_challenge(*args, **kwargs)
diff --git a/authentik/enterprise/settings.py b/authentik/enterprise/settings.py
index 87aaea71b..f83a327dc 100644
--- a/authentik/enterprise/settings.py
+++ b/authentik/enterprise/settings.py
@@ -10,3 +10,7 @@ CELERY_BEAT_SCHEDULE = {
         "options": {"queue": "authentik_scheduled"},
     }
 }
+
+INSTALLED_APPS = [
+    "authentik.enterprise.providers.rac",
+]
diff --git a/authentik/events/api/events.py b/authentik/events/api/events.py
index d2e89ae5b..18b60be2c 100644
--- a/authentik/events/api/events.py
+++ b/authentik/events/api/events.py
@@ -6,6 +6,7 @@ import django_filters
 from django.db.models.aggregates import Count
 from django.db.models.fields.json import KeyTextTransform, KeyTransform
 from django.db.models.functions import ExtractDay, ExtractHour
+from django.db.models.query_utils import Q
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import OpenApiParameter, extend_schema
 from guardian.shortcuts import get_objects_for_user
@@ -87,7 +88,12 @@ class EventsFilter(django_filters.FilterSet):
         we need to remove the dashes that a client may send. We can't use a
         UUIDField for this, as some models might not have a UUID PK"""
         value = str(value).replace("-", "")
-        return queryset.filter(context__model__pk=value)
+        query = Q(context__model__pk=value)
+        try:
+            query |= Q(context__model__pk=int(value))
+        except ValueError:
+            pass
+        return queryset.filter(query)
 
     class Meta:
         model = Event
diff --git a/authentik/events/apps.py b/authentik/events/apps.py
index 34368856d..3d939d568 100644
--- a/authentik/events/apps.py
+++ b/authentik/events/apps.py
@@ -2,6 +2,7 @@
 from prometheus_client import Gauge
 
 from authentik.blueprints.apps import ManagedAppConfig
+from authentik.lib.config import CONFIG, ENV_PREFIX
 
 GAUGE_TASKS = Gauge(
     "authentik_system_tasks",
@@ -21,3 +22,24 @@ class AuthentikEventsConfig(ManagedAppConfig):
     def reconcile_load_events_signals(self):
         """Load events signals"""
         self.import_module("authentik.events.signals")
+
+    def reconcile_check_deprecations(self):
+        """Check for config deprecations"""
+        from authentik.events.models import Event, EventAction
+
+        for key_replace, msg in CONFIG.deprecations.items():
+            key, replace = key_replace
+            key_env = f"{ENV_PREFIX}_{key.replace('.', '__')}".upper()
+            replace_env = f"{ENV_PREFIX}_{replace.replace('.', '__')}".upper()
+            if Event.objects.filter(
+                action=EventAction.CONFIGURATION_ERROR, context__deprecated_option=key
+            ).exists():
+                continue
+            Event.new(
+                EventAction.CONFIGURATION_ERROR,
+                deprecated_option=key,
+                deprecated_env=key_env,
+                replacement_option=replace,
+                replacement_env=replace_env,
+                message=msg,
+            ).save()
diff --git a/authentik/events/context_processors/__init__.py b/authentik/events/context_processors/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/events/context_processors/asn.py b/authentik/events/context_processors/asn.py
new file mode 100644
index 000000000..4478c7fb0
--- /dev/null
+++ b/authentik/events/context_processors/asn.py
@@ -0,0 +1,81 @@
+"""ASN Enricher"""
+from typing import TYPE_CHECKING, Optional, TypedDict
+
+from django.http import HttpRequest
+from geoip2.errors import GeoIP2Error
+from geoip2.models import ASN
+from sentry_sdk import Hub
+
+from authentik.events.context_processors.mmdb import MMDBContextProcessor
+from authentik.lib.config import CONFIG
+from authentik.root.middleware import ClientIPMiddleware
+
+if TYPE_CHECKING:
+    from authentik.api.v3.config import Capabilities
+    from authentik.events.models import Event
+
+
+class ASNDict(TypedDict):
+    """ASN Details"""
+
+    asn: int
+    as_org: str | None
+    network: str | None
+
+
+class ASNContextProcessor(MMDBContextProcessor):
+    """ASN Database reader wrapper"""
+
+    def capability(self) -> Optional["Capabilities"]:
+        from authentik.api.v3.config import Capabilities
+
+        return Capabilities.CAN_ASN
+
+    def path(self) -> str | None:
+        return CONFIG.get("events.context_processors.asn")
+
+    def enrich_event(self, event: "Event"):
+        asn = self.asn_dict(event.client_ip)
+        if not asn:
+            return
+        event.context["asn"] = asn
+
+    def enrich_context(self, request: HttpRequest) -> dict:
+        return {
+            "asn": self.asn_dict(ClientIPMiddleware.get_client_ip(request)),
+        }
+
+    def asn(self, ip_address: str) -> Optional[ASN]:
+        """Wrapper for Reader.asn"""
+        with Hub.current.start_span(
+            op="authentik.events.asn.asn",
+            description=ip_address,
+        ):
+            if not self.configured():
+                return None
+            self.check_expired()
+            try:
+                return self.reader.asn(ip_address)
+            except (GeoIP2Error, ValueError):
+                return None
+
+    def asn_to_dict(self, asn: ASN | None) -> ASNDict:
+        """Convert ASN to dict"""
+        if not asn:
+            return {}
+        asn_dict: ASNDict = {
+            "asn": asn.autonomous_system_number,
+            "as_org": asn.autonomous_system_organization,
+            "network": str(asn.network) if asn.network else None,
+        }
+        return asn_dict
+
+    def asn_dict(self, ip_address: str) -> Optional[ASNDict]:
+        """Wrapper for self.asn that returns a dict"""
+        asn = self.asn(ip_address)
+        if not asn:
+            return None
+        return self.asn_to_dict(asn)
+
+
+ASN_CONTEXT_PROCESSOR = ASNContextProcessor()
diff --git a/authentik/events/context_processors/base.py b/authentik/events/context_processors/base.py
new file mode 100644
index 000000000..96a46a65a
--- /dev/null
+++ b/authentik/events/context_processors/base.py
@@ -0,0 +1,43 @@
+"""Base event enricher"""
+from functools import cache
+from typing import TYPE_CHECKING, Optional
+
+from django.http import HttpRequest
+
+if TYPE_CHECKING:
+    from authentik.api.v3.config import Capabilities
+    from authentik.events.models import Event
+
+
+class EventContextProcessor:
+    """Base event enricher"""
+
+    def capability(self) -> Optional["Capabilities"]:
+        """Return the capability this context processor provides"""
+        return None
+
+    def configured(self) -> bool:
+        """Return true if this context processor is configured"""
+        return False
+
+    def enrich_event(self, event: "Event"):
+        """Modify event"""
+        raise NotImplementedError
+
+    def enrich_context(self, request: HttpRequest) -> dict:
+        """Modify context"""
+        raise NotImplementedError
+
+
+@cache
+def get_context_processors() -> list[EventContextProcessor]:
+    """Get a list of all configured context processors"""
+    from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR
+    from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR
+
+    processors_types = [ASN_CONTEXT_PROCESSOR, GEOIP_CONTEXT_PROCESSOR]
+    processors = []
+    for _type in processors_types:
+        if _type.configured():
+            processors.append(_type)
+    return processors
diff --git a/authentik/events/context_processors/geoip.py b/authentik/events/context_processors/geoip.py
new file mode 100644
index 000000000..40ea0b012
--- /dev/null
+++ b/authentik/events/context_processors/geoip.py
@@ -0,0 +1,86 @@
+"""events GeoIP Reader"""
+from typing import TYPE_CHECKING, Optional, TypedDict
+
+from django.http import HttpRequest
+from geoip2.errors import GeoIP2Error
+from geoip2.models import City
+from sentry_sdk.hub import Hub
+
+from authentik.events.context_processors.mmdb import MMDBContextProcessor
+from authentik.lib.config import CONFIG
+from authentik.root.middleware import ClientIPMiddleware
+
+if TYPE_CHECKING:
+    from authentik.api.v3.config import Capabilities
+    from authentik.events.models import Event
+
+
+class GeoIPDict(TypedDict):
+    """GeoIP Details"""
+
+    continent: str
+    country: str
+    lat: float
+    long: float
+    city: str
+
+
+class GeoIPContextProcessor(MMDBContextProcessor):
+    """Slim wrapper around GeoIP API"""
+
+    def capability(self) -> Optional["Capabilities"]:
+        from authentik.api.v3.config import Capabilities
+
+        return Capabilities.CAN_GEO_IP
+
+    def path(self) -> str | None:
+        return CONFIG.get("events.context_processors.geoip")
+
+    def enrich_event(self, event: "Event"):
+        city = self.city_dict(event.client_ip)
+        if not city:
+            return
+        event.context["geo"] = city
+
+    def enrich_context(self, request: HttpRequest) -> dict:
+        # Different key `geoip` vs `geo` for legacy reasons
+        return {"geoip": self.city(ClientIPMiddleware.get_client_ip(request))}
+
+    def city(self, ip_address: str) -> Optional[City]:
+        """Wrapper for Reader.city"""
+        with Hub.current.start_span(
+            op="authentik.events.geo.city",
+            description=ip_address,
+        ):
+            if not self.configured():
+                return None
+            self.check_expired()
+            try:
+                return self.reader.city(ip_address)
+            except (GeoIP2Error, ValueError):
+                return None
+
+    def city_to_dict(self, city: City | None) -> GeoIPDict:
+        """Convert City to dict"""
+        if not city:
+            return {}
+        city_dict: GeoIPDict = {
+            "continent": city.continent.code,
+            "country": city.country.iso_code,
+            "lat": city.location.latitude,
+            "long": city.location.longitude,
+            "city": "",
+        }
+        if city.city.name:
+            city_dict["city"] = city.city.name
+        return city_dict
+
+    def city_dict(self, ip_address: str) -> Optional[GeoIPDict]:
+        """Wrapper for self.city that returns a dict"""
+        city = self.city(ip_address)
+        if not city:
+            return None
+        return self.city_to_dict(city)
+
+
+GEOIP_CONTEXT_PROCESSOR = GeoIPContextProcessor()
diff --git a/authentik/events/context_processors/mmdb.py b/authentik/events/context_processors/mmdb.py
new file mode 100644
index 000000000..45bd85411
--- /dev/null
+++ b/authentik/events/context_processors/mmdb.py
@@ -0,0 +1,53 @@
+"""Common logic for reading MMDB files"""
+from pathlib import Path
+from typing import Optional
+
+from geoip2.database import Reader
+from structlog.stdlib import get_logger
+
+from authentik.events.context_processors.base import EventContextProcessor
+
+
+class MMDBContextProcessor(EventContextProcessor):
+    """Common logic for reading MaxMind DB files, including re-loading if the file has changed"""
+
+    def __init__(self):
+        self.reader: Optional[Reader] = None
+        self._last_mtime: float = 0.0
+        self.logger = get_logger()
+        self.open()
+
+    def path(self) -> str | None:
+        """Get the path to the MMDB file to load"""
+        raise NotImplementedError
+
+    def open(self):
+        """Get GeoIP Reader, if configured, otherwise none"""
+        path = self.path()
+        if path == "" or not path:
+            return
+        try:
+            self.reader = Reader(path)
+            self._last_mtime = Path(path).stat().st_mtime
+            self.logger.info("Loaded MMDB database", last_write=self._last_mtime, file=path)
+        except OSError as exc:
+            self.logger.warning("Failed to load MMDB database", path=path, exc=exc)
+
+    def check_expired(self):
+        """Check if the modification date of the MMDB database has
+        changed, and reload it if so"""
+        path = self.path()
+        if path == "" or not path:
+            return
+        try:
+            mtime = Path(path).stat().st_mtime
+            diff = self._last_mtime < mtime
+            if diff > 0:
+                self.logger.info("Found new MMDB Database, reopening", diff=diff, path=path)
+                self.open()
+        except OSError as exc:
+            self.logger.warning("Failed to check MMDB age", exc=exc)
+
+    def configured(self) -> bool:
+        """Return true if this context processor is configured"""
+        return bool(self.reader)
diff --git a/authentik/events/geo.py b/authentik/events/geo.py
deleted file mode 100644
index 95a28539c..000000000
--- a/authentik/events/geo.py
+++ /dev/null
@@ -1,100 +0,0 @@
-"""events GeoIP Reader"""
-from os import stat
-from typing import Optional, TypedDict
-
-from geoip2.database import Reader
-from geoip2.errors import GeoIP2Error
-from geoip2.models import City
-from sentry_sdk.hub import Hub
-from structlog.stdlib import get_logger
-
-from authentik.lib.config import CONFIG
-
-LOGGER = get_logger()
-
-
-class GeoIPDict(TypedDict):
-    """GeoIP Details"""
-
-    continent: str
-    country: str
-    lat: float
-    long: float
-    city: str
-
-
-class GeoIPReader:
-    """Slim wrapper around GeoIP API"""
-
-    def __init__(self):
-        self.__reader: Optional[Reader] = None
-        self.__last_mtime: float = 0.0
-        self.__open()
-
-    def __open(self):
-        """Get GeoIP Reader, if configured, otherwise none"""
-        path = CONFIG.get("geoip")
-        if path == "" or not path:
-            return
-        try:
-            self.__reader = Reader(path)
-            self.__last_mtime = stat(path).st_mtime
-            LOGGER.info("Loaded GeoIP database", last_write=self.__last_mtime)
-        except OSError as exc:
-            LOGGER.warning("Failed to load GeoIP database", exc=exc)
-
-    def __check_expired(self):
-        """Check if the modification date of the GeoIP database has
-        changed, and reload it if so"""
-        path = CONFIG.get("geoip")
-        try:
-            mtime = stat(path).st_mtime
-            diff = self.__last_mtime < mtime
-            if diff > 0:
-                LOGGER.info("Found new GeoIP Database, reopening", diff=diff)
-                self.__open()
-        except OSError as exc:
-            LOGGER.warning("Failed to check GeoIP age", exc=exc)
-            return
-
-    @property
-    def enabled(self) -> bool:
-        """Check if GeoIP is enabled"""
-        return bool(self.__reader)
-
-    def city(self, ip_address: str) -> Optional[City]:
-        """Wrapper for Reader.city"""
-        with Hub.current.start_span(
-            op="authentik.events.geo.city",
-            description=ip_address,
-        ):
-            if not self.enabled:
-                return None
-            self.__check_expired()
-            try:
-                return self.__reader.city(ip_address)
-            except (GeoIP2Error, ValueError):
-                return None
-
-    def city_to_dict(self, city: City) -> GeoIPDict:
-        """Convert City to dict"""
-        city_dict: GeoIPDict = {
-            "continent": city.continent.code,
-            "country": city.country.iso_code,
-            "lat": city.location.latitude,
-            "long": city.location.longitude,
-            "city": "",
-        }
-        if city.city.name:
-            city_dict["city"] = city.city.name
-        return city_dict
-
-    def city_dict(self, ip_address: str) -> Optional[GeoIPDict]:
-        """Wrapper for self.city that returns a dict"""
-        city = self.city(ip_address)
-        if not city:
-            return None
-        return self.city_to_dict(city)
-
-
-GEOIP_READER = GeoIPReader()
diff --git a/authentik/events/middleware.py b/authentik/events/middleware.py
index 7834bae5e..ea7e6001f 100644
--- a/authentik/events/middleware.py
+++ b/authentik/events/middleware.py
@@ -20,6 +20,7 @@ from authentik.core.models import (
     User,
     UserSourceConnection,
 )
+from authentik.enterprise.providers.rac.models import ConnectionToken
 from authentik.events.models import Event, EventAction, Notification
 from authentik.events.utils import model_to_dict
 from authentik.flows.models import FlowToken, Stage
@@ -54,6 +55,7 @@ IGNORED_MODELS = (
     SCIMUser,
     SCIMGroup,
     Reputation,
+    ConnectionToken,
 )
 
 
diff --git a/authentik/events/models.py b/authentik/events/models.py
index c43128419..240ba11de 100644
--- a/authentik/events/models.py
+++ b/authentik/events/models.py
@@ -26,7 +26,7 @@ from authentik.core.middleware import (
     SESSION_KEY_IMPERSONATE_USER,
 )
 from authentik.core.models import ExpiringModel, Group, PropertyMapping, User
-from authentik.events.geo import GEOIP_READER
+from authentik.events.context_processors.base import get_context_processors
 from authentik.events.utils import (
     cleanse_dict,
     get_user,
@@ -36,9 +36,10 @@ from authentik.events.utils import (
 )
 from authentik.lib.models import DomainlessURLValidator, SerializerModel
 from authentik.lib.sentry import SentryIgnoredException
-from authentik.lib.utils.http import get_client_ip, get_http_session
+from authentik.lib.utils.http import get_http_session
 from authentik.lib.utils.time import timedelta_from_string
 from authentik.policies.models import PolicyBindingModel
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.email.utils import TemplateEmailMessage
 from authentik.tenants.models import Tenant
 from authentik.tenants.utils import DEFAULT_TENANT
@@ -244,22 +245,16 @@ class Event(SerializerModel, ExpiringModel):
                 self.user = get_user(request.session[SESSION_KEY_IMPERSONATE_ORIGINAL_USER])
                 self.user["on_behalf_of"] = get_user(request.session[SESSION_KEY_IMPERSONATE_USER])
         # User 255.255.255.255 as fallback if IP cannot be determined
-        self.client_ip = get_client_ip(request)
-        # Apply GeoIP Data, when enabled
-        self.with_geoip()
+        self.client_ip = ClientIPMiddleware.get_client_ip(request)
+        # Enrich event data
+        for processor in get_context_processors():
+            processor.enrich_event(self)
         # If there's no app set, we get it from the requests too
         if not self.app:
             self.app = Event._get_app_from_request(request)
         self.save()
         return self
 
-    def with_geoip(self):  # pragma: no cover
-        """Apply GeoIP Data, when enabled"""
-        city = GEOIP_READER.city_dict(self.client_ip)
-        if not city:
-            return
-        self.context["geo"] = city
-
     def save(self, *args, **kwargs):
         if self._state.adding:
             LOGGER.info(
@@ -466,7 +461,7 @@ class NotificationTransport(SerializerModel):
             }
         mail = TemplateEmailMessage(
             subject=subject_prefix + context["title"],
-            to=[notification.user.email],
+            to=[f"{notification.user.name} <{notification.user.email}>"],
             language=notification.user.locale(),
             template_name="email/event_notification.html",
             template_context=context,
diff --git a/authentik/events/signals.py b/authentik/events/signals.py
index 0473ef013..d0b7ec06a 100644
--- a/authentik/events/signals.py
+++ b/authentik/events/signals.py
@@ -45,9 +45,14 @@ def get_login_event(request: HttpRequest) -> Optional[Event]:
 
 
 @receiver(user_logged_out)
-def on_user_logged_out(sender, request: HttpRequest, user: User, **_):
+def on_user_logged_out(sender, request: HttpRequest, user: User, **kwargs):
     """Log successfully logout"""
-    Event.new(EventAction.LOGOUT).from_http(request, user=user)
+    # Check if this even comes from the user_login stage's middleware, which will set an extra
+    # argument
+    event = Event.new(EventAction.LOGOUT)
+    if "event_extra" in kwargs:
+        event.context.update(kwargs["event_extra"])
+    event.from_http(request, user=user)
 
 
 @receiver(user_write)
diff --git a/authentik/events/tests/test_api.py b/authentik/events/tests/test_api.py
index 1225d0665..98df7bc69 100644
--- a/authentik/events/tests/test_api.py
+++ b/authentik/events/tests/test_api.py
@@ -1,4 +1,5 @@
 """Event API tests"""
+from json import loads
 
 from django.urls import reverse
 from rest_framework.test import APITestCase
@@ -11,6 +12,9 @@ from authentik.events.models import (
     NotificationSeverity,
     TransportMode,
 )
+from authentik.events.utils import model_to_dict
+from authentik.lib.generators import generate_id
+from authentik.providers.oauth2.models import OAuth2Provider
 
 
 class TestEventsAPI(APITestCase):
@@ -20,6 +24,25 @@ class TestEventsAPI(APITestCase):
         self.user = create_test_admin_user()
         self.client.force_login(self.user)
 
+    def test_filter_model_pk_int(self):
+        """Test event list with context_model_pk and integer PKs"""
+        provider = OAuth2Provider.objects.create(
+            name=generate_id(),
+        )
+        event = Event.new(EventAction.MODEL_CREATED, model=model_to_dict(provider))
+        event.save()
+        response = self.client.get(
+            reverse("authentik_api:event-list"),
+            data={
+                "context_model_pk": provider.pk,
+                "context_model_app": "authentik_providers_oauth2",
+                "context_model_name": "oauth2provider",
+            },
+        )
+        self.assertEqual(response.status_code, 200)
+        body = loads(response.content)
+        self.assertEqual(body["pagination"]["count"], 1)
+
     def test_top_n(self):
         """Test top_per_user"""
         event = Event.new(EventAction.AUTHORIZE_APPLICATION)
diff --git a/authentik/events/tests/test_enrich_asn.py b/authentik/events/tests/test_enrich_asn.py
new file mode 100644
index 000000000..2844c4591
--- /dev/null
+++ b/authentik/events/tests/test_enrich_asn.py
@@ -0,0 +1,24 @@
+"""Test ASN Wrapper"""
+from django.test import TestCase
+
+from authentik.events.context_processors.asn import ASNContextProcessor
+
+
+class TestASN(TestCase):
+    """Test ASN Wrapper"""
+
+    def setUp(self) -> None:
+        self.reader = ASNContextProcessor()
+
+    def test_simple(self):
+        """Test simple asn wrapper"""
+        # IPs from
+        # https://github.com/maxmind/MaxMind-DB/blob/main/source-data/GeoLite2-ASN-Test.json
+        self.assertEqual(
+            self.reader.asn_dict("1.0.0.1"),
+            {
+                "asn": 15169,
+                "as_org": "Google Inc.",
+                "network": "1.0.0.0/24",
+            },
+        )
diff --git a/authentik/events/tests/test_geoip.py b/authentik/events/tests/test_enrich_geoip.py
similarity index 83%
rename from authentik/events/tests/test_geoip.py
rename to authentik/events/tests/test_enrich_geoip.py
index 3120dacae..5317901a4 100644
--- a/authentik/events/tests/test_geoip.py
+++ b/authentik/events/tests/test_enrich_geoip.py
@@ -1,14 +1,14 @@
 """Test GeoIP Wrapper"""
 from django.test import TestCase
 
-from authentik.events.geo import GeoIPReader
+from authentik.events.context_processors.geoip import GeoIPContextProcessor
 
 
 class TestGeoIP(TestCase):
     """Test GeoIP Wrapper"""
 
     def setUp(self) -> None:
-        self.reader = GeoIPReader()
+        self.reader = GeoIPContextProcessor()
 
     def test_simple(self):
         """Test simple city wrapper"""
diff --git a/authentik/events/utils.py b/authentik/events/utils.py
index a7c3bdf3e..cf1b1b78b 100644
--- a/authentik/events/utils.py
+++ b/authentik/events/utils.py
@@ -17,12 +17,13 @@ from django.db.models.base import Model
 from django.http.request import HttpRequest
 from django.utils import timezone
 from django.views.debug import SafeExceptionReporterFilter
-from geoip2.models import City
+from geoip2.models import ASN, City
 from guardian.utils import get_anonymous_user
 
 from authentik.blueprints.v1.common import YAMLTag
 from authentik.core.models import User
-from authentik.events.geo import GEOIP_READER
+from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR
+from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR
 from authentik.policies.types import PolicyRequest
 
 # Special keys which are *not* cleaned, even when the default filter
@@ -123,7 +124,9 @@ def sanitize_item(value: Any) -> Any:
     if isinstance(value, (HttpRequest, WSGIRequest)):
         return ...
     if isinstance(value, City):
-        return GEOIP_READER.city_to_dict(value)
+        return GEOIP_CONTEXT_PROCESSOR.city_to_dict(value)
+    if isinstance(value, ASN):
+        return ASN_CONTEXT_PROCESSOR.asn_to_dict(value)
     if isinstance(value, Path):
         return str(value)
     if isinstance(value, Exception):
diff --git a/authentik/flows/migrations/0027_auto_20231028_1424.py b/authentik/flows/migrations/0027_auto_20231028_1424.py
index 856961a98..70784e6e3 100644
--- a/authentik/flows/migrations/0027_auto_20231028_1424.py
+++ b/authentik/flows/migrations/0027_auto_20231028_1424.py
@@ -1,7 +1,7 @@
 # Generated by Django 4.2.6 on 2023-10-28 14:24
 
 from django.apps.registry import Apps
-from django.db import migrations
+from django.db import migrations, models
 from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 
 
@@ -31,4 +31,19 @@ class Migration(migrations.Migration):
 
     operations = [
         migrations.RunPython(set_oobe_flow_authentication),
+        migrations.AlterField(
+            model_name="flow",
+            name="authentication",
+            field=models.TextField(
+                choices=[
+                    ("none", "None"),
+                    ("require_authenticated", "Require Authenticated"),
+                    ("require_unauthenticated", "Require Unauthenticated"),
+                    ("require_superuser", "Require Superuser"),
+                    ("require_outpost", "Require Outpost"),
+                ],
+                default="none",
+                help_text="Required level of authentication and authorization to access a flow.",
+            ),
+        ),
     ]
diff --git a/authentik/flows/models.py b/authentik/flows/models.py
index 67f7f0a9c..7ed744824 100644
--- a/authentik/flows/models.py
+++ b/authentik/flows/models.py
@@ -31,6 +31,7 @@ class FlowAuthenticationRequirement(models.TextChoices):
     REQUIRE_AUTHENTICATED = "require_authenticated"
     REQUIRE_UNAUTHENTICATED = "require_unauthenticated"
     REQUIRE_SUPERUSER = "require_superuser"
+    REQUIRE_OUTPOST = "require_outpost"
 
 
 class NotConfiguredAction(models.TextChoices):
diff --git a/authentik/flows/planner.py b/authentik/flows/planner.py
index f80461490..a74c43275 100644
--- a/authentik/flows/planner.py
+++ b/authentik/flows/planner.py
@@ -23,6 +23,7 @@ from authentik.flows.models import (
 )
 from authentik.lib.config import CONFIG
 from authentik.policies.engine import PolicyEngine
+from authentik.root.middleware import ClientIPMiddleware
 
 LOGGER = get_logger()
 PLAN_CONTEXT_PENDING_USER = "pending_user"
@@ -141,6 +142,10 @@ class FlowPlanner:
             and not request.user.is_superuser
         ):
             raise FlowNonApplicableException()
+        if self.flow.authentication == FlowAuthenticationRequirement.REQUIRE_OUTPOST:
+            outpost_user = ClientIPMiddleware.get_outpost_user(request)
+            if not outpost_user:
+                raise FlowNonApplicableException()
 
     def plan(
         self, request: HttpRequest, default_context: Optional[dict[str, Any]] = None
diff --git a/authentik/flows/tests/test_planner.py b/authentik/flows/tests/test_planner.py
index 790f5bba4..f95462dc5 100644
--- a/authentik/flows/tests/test_planner.py
+++ b/authentik/flows/tests/test_planner.py
@@ -8,6 +8,7 @@ from django.test import RequestFactory, TestCase
 from django.urls import reverse
 from guardian.shortcuts import get_anonymous_user
 
+from authentik.blueprints.tests import reconcile_app
 from authentik.core.models import User
 from authentik.core.tests.utils import create_test_admin_user, create_test_flow
 from authentik.flows.exceptions import EmptyFlowException, FlowNonApplicableException
@@ -15,9 +16,12 @@ from authentik.flows.markers import ReevaluateMarker, StageMarker
 from authentik.flows.models import FlowAuthenticationRequirement, FlowDesignation, FlowStageBinding
 from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner, cache_key
 from authentik.lib.tests.utils import dummy_get_response
+from authentik.outposts.apps import MANAGED_OUTPOST
+from authentik.outposts.models import Outpost
 from authentik.policies.dummy.models import DummyPolicy
 from authentik.policies.models import PolicyBinding
 from authentik.policies.types import PolicyResult
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.dummy.models import DummyStage
 
 POLICY_RETURN_FALSE = PropertyMock(return_value=PolicyResult(False))
@@ -68,6 +72,34 @@ class TestFlowPlanner(TestCase):
         planner.allow_empty_flows = True
         planner.plan(request)
 
+    @reconcile_app("authentik_outposts")
+    def test_authentication_outpost(self):
+        """Test flow authentication (outpost)"""
+        flow = create_test_flow()
+        flow.authentication = FlowAuthenticationRequirement.REQUIRE_OUTPOST
+        request = self.request_factory.get(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
+        )
+        request.user = AnonymousUser()
+        with self.assertRaises(FlowNonApplicableException):
+            planner = FlowPlanner(flow)
+            planner.allow_empty_flows = True
+            planner.plan(request)
+
+        outpost = Outpost.objects.filter(managed=MANAGED_OUTPOST).first()
+        request = self.request_factory.get(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
+            HTTP_X_AUTHENTIK_OUTPOST_TOKEN=outpost.token.key,
+            HTTP_X_AUTHENTIK_REMOTE_IP="1.2.3.4",
+        )
+        request.user = AnonymousUser()
+        middleware = ClientIPMiddleware(dummy_get_response)
+        middleware(request)
+
+        planner = FlowPlanner(flow)
+        planner.allow_empty_flows = True
+        planner.plan(request)
+
     @patch(
         "authentik.policies.engine.PolicyEngine.result",
         POLICY_RETURN_FALSE,
diff --git a/authentik/lib/config.py b/authentik/lib/config.py
index dd5500f8e..dabd3a64b 100644
--- a/authentik/lib/config.py
+++ b/authentik/lib/config.py
@@ -35,6 +35,7 @@ REDIS_ENV_KEYS = [
 ]
 
 DEPRECATIONS = {
+    "geoip": "events.context_processors.geoip",
     "redis.broker_url": "broker.url",
     "redis.broker_transport_options": "broker.transport_options",
     "redis.cache_timeout": "cache.timeout",
@@ -112,6 +113,8 @@ class ConfigLoader:
 
     A variable like AUTHENTIK_POSTGRESQL__HOST would translate to postgresql.host"""
 
+    deprecations: dict[tuple[str, str], str] = {}
+
     def __init__(self, **kwargs):
         super().__init__()
         self.__config = {}
@@ -138,9 +141,9 @@ class ConfigLoader:
                         self.update_from_file(env_file)
         self.update_from_env()
         self.update(self.__config, kwargs)
-        self.check_deprecations()
+        self.deprecations = self.check_deprecations()
 
-    def check_deprecations(self):
+    def check_deprecations(self) -> dict[str, str]:
         """Warn if any deprecated configuration options are used"""
 
         def _pop_deprecated_key(current_obj, dot_parts, index):
@@ -153,25 +156,23 @@ class ConfigLoader:
                 current_obj.pop(dot_part)
             return value
 
+        deprecation_replacements = {}
         for deprecation, replacement in DEPRECATIONS.items():
-            if self.get(deprecation, default=UNSET) is not UNSET:
-                message = (
-                    f"'{deprecation}' has been deprecated in favor of '{replacement}'! "
-                    + "Please update your configuration."
-                )
-                self.log(
-                    "warning",
-                    message,
-                )
-                try:
-                    from authentik.events.models import Event, EventAction
+            if self.get(deprecation, default=UNSET) is UNSET:
+                continue
+            message = (
+                f"'{deprecation}' has been deprecated in favor of '{replacement}'! "
+                + "Please update your configuration."
+            )
+            self.log(
+                "warning",
+                message,
+            )
+            deprecation_replacements[(deprecation, replacement)] = message
 
-                    Event.new(EventAction.CONFIGURATION_ERROR, message=message).save()
-                except ImportError:
-                    continue
-
-                deprecated_attr = _pop_deprecated_key(self.__config, deprecation.split("."), 0)
-                self.set(replacement, deprecated_attr.value)
+            deprecated_attr = _pop_deprecated_key(self.__config, deprecation.split("."), 0)
+            self.set(replacement, deprecated_attr)
+        return deprecation_replacements
 
     def log(self, level: str, message: str, **kwargs):
         """Custom Log method, we want to ensure ConfigLoader always logs JSON even when
@@ -317,7 +318,9 @@ class ConfigLoader:
 
     def set(self, path: str, value: Any, sep="."):
         """Set value using same syntax as get()"""
-        set_path_in_dict(self.raw, path, Attr(value), sep=sep)
+        if not isinstance(value, Attr):
+            value = Attr(value)
+        set_path_in_dict(self.raw, path, value, sep=sep)
 
 
 CONFIG = ConfigLoader()
diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml
index 83bd3c7c9..afb775c44 100644
--- a/authentik/lib/default.yml
+++ b/authentik/lib/default.yml
@@ -8,6 +8,8 @@ postgresql:
   password: "env://POSTGRES_PASSWORD"
   use_pgbouncer: false
   use_pgpool: false
+  test:
+    name: test_authentik
 
 listen:
   listen_http: 0.0.0.0:9000
@@ -106,7 +108,10 @@ cookie_domain: null
 disable_update_check: false
 disable_startup_analytics: false
 avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar,initials
-geoip: "/geoip/GeoLite2-City.mmdb"
+events:
+  context_processors:
+    geoip: "/geoip/GeoLite2-City.mmdb"
+    asn: "/geoip/GeoLite2-ASN.mmdb"
 
 footer_links: []
 
diff --git a/authentik/lib/tests/test_http.py b/authentik/lib/tests/test_http.py
index e554088cc..92ec5b425 100644
--- a/authentik/lib/tests/test_http.py
+++ b/authentik/lib/tests/test_http.py
@@ -3,8 +3,8 @@ from django.test import RequestFactory, TestCase
 
 from authentik.core.models import Token, TokenIntents, UserTypes
 from authentik.core.tests.utils import create_test_admin_user
-from authentik.lib.utils.http import OUTPOST_REMOTE_IP_HEADER, OUTPOST_TOKEN_HEADER, get_client_ip
 from authentik.lib.views import bad_request_message
+from authentik.root.middleware import ClientIPMiddleware
 
 
 class TestHTTP(TestCase):
@@ -22,12 +22,12 @@ class TestHTTP(TestCase):
     def test_normal(self):
         """Test normal request"""
         request = self.factory.get("/")
-        self.assertEqual(get_client_ip(request), "127.0.0.1")
+        self.assertEqual(ClientIPMiddleware.get_client_ip(request), "127.0.0.1")
 
     def test_forward_for(self):
         """Test x-forwarded-for request"""
         request = self.factory.get("/", HTTP_X_FORWARDED_FOR="127.0.0.2")
-        self.assertEqual(get_client_ip(request), "127.0.0.2")
+        self.assertEqual(ClientIPMiddleware.get_client_ip(request), "127.0.0.2")
 
     def test_fake_outpost(self):
         """Test faked IP which is overridden by an outpost"""
@@ -38,28 +38,28 @@ class TestHTTP(TestCase):
         request = self.factory.get(
             "/",
             **{
-                OUTPOST_REMOTE_IP_HEADER: "1.2.3.4",
-                OUTPOST_TOKEN_HEADER: "abc",
+                ClientIPMiddleware.outpost_remote_ip_header: "1.2.3.4",
+                ClientIPMiddleware.outpost_token_header: "abc",
             },
         )
-        self.assertEqual(get_client_ip(request), "127.0.0.1")
+        self.assertEqual(ClientIPMiddleware.get_client_ip(request), "127.0.0.1")
         # Invalid, user doesn't have permissions
         request = self.factory.get(
             "/",
             **{
-                OUTPOST_REMOTE_IP_HEADER: "1.2.3.4",
-                OUTPOST_TOKEN_HEADER: token.key,
+                ClientIPMiddleware.outpost_remote_ip_header: "1.2.3.4",
+                ClientIPMiddleware.outpost_token_header: token.key,
             },
         )
-        self.assertEqual(get_client_ip(request), "127.0.0.1")
+        self.assertEqual(ClientIPMiddleware.get_client_ip(request), "127.0.0.1")
         # Valid
         self.user.type = UserTypes.INTERNAL_SERVICE_ACCOUNT
         self.user.save()
         request = self.factory.get(
             "/",
             **{
-                OUTPOST_REMOTE_IP_HEADER: "1.2.3.4",
-                OUTPOST_TOKEN_HEADER: token.key,
+                ClientIPMiddleware.outpost_remote_ip_header: "1.2.3.4",
+                ClientIPMiddleware.outpost_token_header: token.key,
             },
         )
-        self.assertEqual(get_client_ip(request), "1.2.3.4")
+        self.assertEqual(ClientIPMiddleware.get_client_ip(request), "1.2.3.4")
diff --git a/authentik/lib/utils/http.py b/authentik/lib/utils/http.py
index adb3ec099..f8d33db98 100644
--- a/authentik/lib/utils/http.py
+++ b/authentik/lib/utils/http.py
@@ -1,89 +1,39 @@
 """http helpers"""
-from typing import Any, Optional
+from uuid import uuid4
 
-from django.http import HttpRequest
-from requests.sessions import Session
-from sentry_sdk.hub import Hub
+from django.conf import settings
+from requests.sessions import PreparedRequest, Session
 from structlog.stdlib import get_logger
 
 from authentik import get_full_version
 
-OUTPOST_REMOTE_IP_HEADER = "HTTP_X_AUTHENTIK_REMOTE_IP"
-OUTPOST_TOKEN_HEADER = "HTTP_X_AUTHENTIK_OUTPOST_TOKEN"  # nosec
-DEFAULT_IP = "255.255.255.255"
 LOGGER = get_logger()
 
 
-def _get_client_ip_from_meta(meta: dict[str, Any]) -> str:
-    """Attempt to get the client's IP by checking common HTTP Headers.
-    Returns none if no IP Could be found
-
-    No additional validation is done here as requests are expected to only arrive here
-    via the go proxy, which deals with validating these headers for us"""
-    headers = (
-        "HTTP_X_FORWARDED_FOR",
-        "REMOTE_ADDR",
-    )
-    for _header in headers:
-        if _header in meta:
-            ips: list[str] = meta.get(_header).split(",")
-            return ips[0].strip()
-    return DEFAULT_IP
-
-
-def _get_outpost_override_ip(request: HttpRequest) -> Optional[str]:
-    """Get the actual remote IP when set by an outpost. Only
-    allowed when the request is authenticated, by an outpost internal service account"""
-    from authentik.core.models import Token, TokenIntents, UserTypes
-
-    if OUTPOST_REMOTE_IP_HEADER not in request.META or OUTPOST_TOKEN_HEADER not in request.META:
-        return None
-    fake_ip = request.META[OUTPOST_REMOTE_IP_HEADER]
-    token = (
-        Token.filter_not_expired(
-            key=request.META.get(OUTPOST_TOKEN_HEADER), intent=TokenIntents.INTENT_API
-        )
-        .select_related("user")
-        .first()
-    )
-    if not token:
-        LOGGER.warning("Attempted remote-ip override without token", fake_ip=fake_ip)
-        return None
-    user = token.user
-    if user.type != UserTypes.INTERNAL_SERVICE_ACCOUNT:
-        LOGGER.warning(
-            "Remote-IP override: user doesn't have permission",
-            user=user,
-            fake_ip=fake_ip,
-        )
-        return None
-    # Update sentry scope to include correct IP
-    user = Hub.current.scope._user
-    if not user:
-        user = {}
-    user["ip_address"] = fake_ip
-    Hub.current.scope.set_user(user)
-    return fake_ip
-
-
-def get_client_ip(request: Optional[HttpRequest]) -> str:
-    """Attempt to get the client's IP by checking common HTTP Headers.
-    Returns none if no IP Could be found"""
-    if not request:
-        return DEFAULT_IP
-    override = _get_outpost_override_ip(request)
-    if override:
-        return override
-    return _get_client_ip_from_meta(request.META)
-
-
 def authentik_user_agent() -> str:
     """Get a common user agent"""
     return f"authentik@{get_full_version()}"
 
 
+class DebugSession(Session):
+    """requests session which logs http requests and responses"""
+
+    def send(self, req: PreparedRequest, *args, **kwargs):
+        request_id = str(uuid4())
+        LOGGER.debug("HTTP request sent", uid=request_id, path=req.path_url, headers=req.headers)
+        resp = super().send(req, *args, **kwargs)
+        LOGGER.debug(
+            "HTTP response received",
+            uid=request_id,
+            status=resp.status_code,
+            body=resp.text,
+            headers=resp.headers,
+        )
+        return resp
+
+
 def get_http_session() -> Session:
     """Get a requests session with common headers"""
-    session = Session()
+    session = DebugSession() if settings.DEBUG else Session()
     session.headers["User-Agent"] = authentik_user_agent()
     return session
diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py
index 140f01fac..182ec4dbf 100644
--- a/authentik/outposts/api/outposts.py
+++ b/authentik/outposts/api/outposts.py
@@ -9,16 +9,17 @@ from rest_framework.fields import BooleanField, CharField, DateTimeField
 from rest_framework.relations import PrimaryKeyRelatedField
 from rest_framework.request import Request
 from rest_framework.response import Response
-from rest_framework.serializers import JSONField, ModelSerializer, ValidationError
+from rest_framework.serializers import ModelSerializer, ValidationError
 from rest_framework.viewsets import ModelViewSet
 
 from authentik import get_build_hash
 from authentik.core.api.providers import ProviderSerializer
 from authentik.core.api.used_by import UsedByMixin
-from authentik.core.api.utils import PassiveSerializer, is_dict
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 from authentik.core.models import Provider
+from authentik.enterprise.providers.rac.models import RACProvider
 from authentik.outposts.api.service_connections import ServiceConnectionSerializer
-from authentik.outposts.apps import MANAGED_OUTPOST
+from authentik.outposts.apps import MANAGED_OUTPOST, MANAGED_OUTPOST_NAME
 from authentik.outposts.models import (
     Outpost,
     OutpostConfig,
@@ -34,7 +35,7 @@ from authentik.providers.radius.models import RadiusProvider
 class OutpostSerializer(ModelSerializer):
     """Outpost Serializer"""
 
-    config = JSONField(validators=[is_dict], source="_config")
+    config = JSONDictField(source="_config")
     # Need to set allow_empty=True for the embedded outpost with no providers
     # is checked for other providers in the API Viewset
     providers = PrimaryKeyRelatedField(
@@ -47,12 +48,23 @@ class OutpostSerializer(ModelSerializer):
         source="service_connection", read_only=True
     )
 
+    def validate_name(self, name: str) -> str:
+        """Validate name (especially for embedded outpost)"""
+        if not self.instance:
+            return name
+        if self.instance.managed == MANAGED_OUTPOST and name != MANAGED_OUTPOST_NAME:
+            raise ValidationError("Embedded outpost's name cannot be changed")
+        if self.instance.name == MANAGED_OUTPOST_NAME:
+            self.instance.managed = MANAGED_OUTPOST
+        return name
+
     def validate_providers(self, providers: list[Provider]) -> list[Provider]:
         """Check that all providers match the type of the outpost"""
         type_map = {
             OutpostType.LDAP: LDAPProvider,
             OutpostType.PROXY: ProxyProvider,
             OutpostType.RADIUS: RadiusProvider,
+            OutpostType.RAC: RACProvider,
             None: Provider,
         }
         for provider in providers:
@@ -95,7 +107,7 @@ class OutpostSerializer(ModelSerializer):
 class OutpostDefaultConfigSerializer(PassiveSerializer):
     """Global default outpost config"""
 
-    config = JSONField(read_only=True)
+    config = JSONDictField(read_only=True)
 
 
 class OutpostHealthSerializer(PassiveSerializer):
diff --git a/authentik/outposts/apps.py b/authentik/outposts/apps.py
index 6898a170a..b0a6298c7 100644
--- a/authentik/outposts/apps.py
+++ b/authentik/outposts/apps.py
@@ -15,6 +15,7 @@ GAUGE_OUTPOSTS_LAST_UPDATE = Gauge(
     ["outpost", "uid", "version"],
 )
 MANAGED_OUTPOST = "goauthentik.io/outposts/embedded"
+MANAGED_OUTPOST_NAME = "authentik Embedded Outpost"
 
 
 class AuthentikOutpostConfig(ManagedAppConfig):
@@ -35,14 +36,17 @@ class AuthentikOutpostConfig(ManagedAppConfig):
             DockerServiceConnection,
             KubernetesServiceConnection,
             Outpost,
-            OutpostConfig,
             OutpostType,
         )
 
+        if outpost := Outpost.objects.filter(name=MANAGED_OUTPOST_NAME, managed="").first():
+            outpost.managed = MANAGED_OUTPOST
+            outpost.save()
+            return
         outpost, updated = Outpost.objects.update_or_create(
             defaults={
-                "name": "authentik Embedded Outpost",
                 "type": OutpostType.PROXY,
+                "name": MANAGED_OUTPOST_NAME,
             },
             managed=MANAGED_OUTPOST,
         )
@@ -51,10 +55,4 @@ class AuthentikOutpostConfig(ManagedAppConfig):
                 outpost.service_connection = KubernetesServiceConnection.objects.first()
             elif DockerServiceConnection.objects.exists():
                 outpost.service_connection = DockerServiceConnection.objects.first()
-            outpost.config = OutpostConfig(
-                kubernetes_disabled_components=[
-                    "deployment",
-                    "secret",
-                ]
-            )
             outpost.save()
diff --git a/authentik/outposts/consumer.py b/authentik/outposts/consumer.py
index dda3feed0..6ed2926b8 100644
--- a/authentik/outposts/consumer.py
+++ b/authentik/outposts/consumer.py
@@ -6,16 +6,18 @@ from typing import Any, Optional
 
 from asgiref.sync import async_to_sync
 from channels.exceptions import DenyConnection
+from channels.generic.websocket import JsonWebsocketConsumer
 from dacite.core import from_dict
 from dacite.data import Data
+from django.http.request import QueryDict
 from guardian.shortcuts import get_objects_for_user
 from structlog.stdlib import BoundLogger, get_logger
 
-from authentik.core.channels import AuthJsonConsumer
 from authentik.outposts.apps import GAUGE_OUTPOSTS_CONNECTED, GAUGE_OUTPOSTS_LAST_UPDATE
 from authentik.outposts.models import OUTPOST_HELLO_INTERVAL, Outpost, OutpostState
 
 OUTPOST_GROUP = "group_outpost_%(outpost_pk)s"
+OUTPOST_GROUP_INSTANCE = "group_outpost_%(outpost_pk)s_%(instance)s"
 
 
 class WebsocketMessageInstruction(IntEnum):
@@ -42,25 +44,23 @@ class WebsocketMessage:
     args: dict[str, Any] = field(default_factory=dict)
 
 
-class OutpostConsumer(AuthJsonConsumer):
+class OutpostConsumer(JsonWebsocketConsumer):
     """Handler for Outposts that connect over websockets for health checks and live updates"""
 
     outpost: Optional[Outpost] = None
     logger: BoundLogger
 
-    last_uid: Optional[str] = None
+    instance_uid: Optional[str] = None
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.logger = get_logger()
 
     def connect(self):
-        super().connect()
         uuid = self.scope["url_route"]["kwargs"]["pk"]
+        user = self.scope["user"]
         outpost = (
-            get_objects_for_user(self.user, "authentik_outposts.view_outpost")
-            .filter(pk=uuid)
-            .first()
+            get_objects_for_user(user, "authentik_outposts.view_outpost").filter(pk=uuid).first()
         )
         if not outpost:
             raise DenyConnection()
@@ -71,13 +71,19 @@ class OutpostConsumer(AuthJsonConsumer):
             self.logger.warning("runtime error during accept", exc=exc)
             raise DenyConnection()
         self.outpost = outpost
-        self.last_uid = self.channel_name
+        query = QueryDict(self.scope["query_string"].decode())
+        self.instance_uid = query.get("instance_uuid", self.channel_name)
         async_to_sync(self.channel_layer.group_add)(
             OUTPOST_GROUP % {"outpost_pk": str(self.outpost.pk)}, self.channel_name
         )
+        async_to_sync(self.channel_layer.group_add)(
+            OUTPOST_GROUP_INSTANCE
+            % {"outpost_pk": str(self.outpost.pk), "instance": self.instance_uid},
+            self.channel_name,
+        )
         GAUGE_OUTPOSTS_CONNECTED.labels(
             outpost=self.outpost.name,
-            uid=self.last_uid,
+            uid=self.instance_uid,
             expected=self.outpost.config.kubernetes_replicas,
         ).inc()
 
@@ -86,34 +92,37 @@ class OutpostConsumer(AuthJsonConsumer):
             async_to_sync(self.channel_layer.group_discard)(
                 OUTPOST_GROUP % {"outpost_pk": str(self.outpost.pk)}, self.channel_name
             )
-        if self.outpost and self.last_uid:
+            if self.instance_uid:
+                async_to_sync(self.channel_layer.group_discard)(
+                    OUTPOST_GROUP_INSTANCE
+                    % {"outpost_pk": str(self.outpost.pk), "instance": self.instance_uid},
+                    self.channel_name,
+                )
+        if self.outpost and self.instance_uid:
             GAUGE_OUTPOSTS_CONNECTED.labels(
                 outpost=self.outpost.name,
-                uid=self.last_uid,
+                uid=self.instance_uid,
                 expected=self.outpost.config.kubernetes_replicas,
             ).dec()
 
     def receive_json(self, content: Data, **kwargs):
         msg = from_dict(WebsocketMessage, content)
-        uid = msg.args.get("uuid", self.channel_name)
-        self.last_uid = uid
-
         if not self.outpost:
             raise DenyConnection()
 
-        state = OutpostState.for_instance_uid(self.outpost, uid)
+        state = OutpostState.for_instance_uid(self.outpost, self.instance_uid)
         state.last_seen = datetime.now()
         state.hostname = msg.args.pop("hostname", "")
 
         if msg.instruction == WebsocketMessageInstruction.HELLO:
             state.version = msg.args.pop("version", None)
             state.build_hash = msg.args.pop("buildHash", "")
-            state.args = msg.args
+            state.args.update(msg.args)
         elif msg.instruction == WebsocketMessageInstruction.ACK:
             return
         GAUGE_OUTPOSTS_LAST_UPDATE.labels(
             outpost=self.outpost.name,
-            uid=self.last_uid or "",
+            uid=self.instance_uid or "",
             version=state.version or "",
         ).set_to_current_time()
         state.save(timeout=OUTPOST_HELLO_INTERVAL * 1.5)
diff --git a/authentik/outposts/controllers/k8s/deployment.py b/authentik/outposts/controllers/k8s/deployment.py
index 4aa10e7f7..e06d97139 100644
--- a/authentik/outposts/controllers/k8s/deployment.py
+++ b/authentik/outposts/controllers/k8s/deployment.py
@@ -43,6 +43,10 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
         self.api = AppsV1Api(controller.client)
         self.outpost = self.controller.outpost
 
+    @property
+    def noop(self) -> bool:
+        return self.is_embedded
+
     @staticmethod
     def reconciler_name() -> str:
         return "deployment"
diff --git a/authentik/outposts/controllers/k8s/secret.py b/authentik/outposts/controllers/k8s/secret.py
index 8a2293404..ddc3643c6 100644
--- a/authentik/outposts/controllers/k8s/secret.py
+++ b/authentik/outposts/controllers/k8s/secret.py
@@ -24,6 +24,10 @@ class SecretReconciler(KubernetesObjectReconciler[V1Secret]):
         super().__init__(controller)
         self.api = CoreV1Api(controller.client)
 
+    @property
+    def noop(self) -> bool:
+        return self.is_embedded
+
     @staticmethod
     def reconciler_name() -> str:
         return "secret"
diff --git a/authentik/outposts/controllers/k8s/service_monitor.py b/authentik/outposts/controllers/k8s/service_monitor.py
index 4e58c119a..8e00f9c50 100644
--- a/authentik/outposts/controllers/k8s/service_monitor.py
+++ b/authentik/outposts/controllers/k8s/service_monitor.py
@@ -77,7 +77,10 @@ class PrometheusServiceMonitorReconciler(KubernetesObjectReconciler[PrometheusSe
 
     @property
     def noop(self) -> bool:
-        return (not self._crd_exists()) or (self.is_embedded)
+        if not self._crd_exists():
+            self.logger.debug("CRD doesn't exist")
+            return True
+        return self.is_embedded
 
     def _crd_exists(self) -> bool:
         """Check if the Prometheus ServiceMonitor exists"""
diff --git a/authentik/outposts/controllers/k8s/utils.py b/authentik/outposts/controllers/k8s/utils.py
index d1f01811f..e9c83f975 100644
--- a/authentik/outposts/controllers/k8s/utils.py
+++ b/authentik/outposts/controllers/k8s/utils.py
@@ -1,5 +1,6 @@
 """k8s utils"""
 from pathlib import Path
+from typing import Optional
 
 from kubernetes.client.models.v1_container_port import V1ContainerPort
 from kubernetes.client.models.v1_service_port import V1ServicePort
@@ -37,9 +38,12 @@ def compare_port(
 
 
 def compare_ports(
-    current: list[V1ServicePort | V1ContainerPort], reference: list[V1ServicePort | V1ContainerPort]
+    current: Optional[list[V1ServicePort | V1ContainerPort]],
+    reference: Optional[list[V1ServicePort | V1ContainerPort]],
 ):
     """Compare ports of a list"""
+    if not current or not reference:
+        raise NeedsRecreate()
     if len(current) != len(reference):
         raise NeedsRecreate()
     for port in reference:
diff --git a/authentik/outposts/controllers/kubernetes.py b/authentik/outposts/controllers/kubernetes.py
index e3a943e2c..e3b358078 100644
--- a/authentik/outposts/controllers/kubernetes.py
+++ b/authentik/outposts/controllers/kubernetes.py
@@ -81,7 +81,10 @@ class KubernetesController(BaseController):
     def up(self):
         try:
             for reconcile_key in self.reconcile_order:
-                reconciler = self.reconcilers[reconcile_key](self)
+                reconciler_cls = self.reconcilers.get(reconcile_key)
+                if not reconciler_cls:
+                    continue
+                reconciler = reconciler_cls(self)
                 reconciler.up()
 
         except (OpenApiException, HTTPError, ServiceConnectionInvalid) as exc:
@@ -95,7 +98,10 @@ class KubernetesController(BaseController):
                     all_logs += [f"{reconcile_key.title()}: Disabled"]
                     continue
                 with capture_logs() as logs:
-                    reconciler = self.reconcilers[reconcile_key](self)
+                    reconciler_cls = self.reconcilers.get(reconcile_key)
+                    if not reconciler_cls:
+                        continue
+                    reconciler = reconciler_cls(self)
                     reconciler.up()
                 all_logs += [f"{reconcile_key.title()}: {x['event']}" for x in logs]
             return all_logs
@@ -105,7 +111,10 @@ class KubernetesController(BaseController):
     def down(self):
         try:
             for reconcile_key in self.reconcile_order:
-                reconciler = self.reconcilers[reconcile_key](self)
+                reconciler_cls = self.reconcilers.get(reconcile_key)
+                if not reconciler_cls:
+                    continue
+                reconciler = reconciler_cls(self)
                 self.logger.debug("Tearing down object", name=reconcile_key)
                 reconciler.down()
 
@@ -120,7 +129,10 @@ class KubernetesController(BaseController):
                     all_logs += [f"{reconcile_key.title()}: Disabled"]
                     continue
                 with capture_logs() as logs:
-                    reconciler = self.reconcilers[reconcile_key](self)
+                    reconciler_cls = self.reconcilers.get(reconcile_key)
+                    if not reconciler_cls:
+                        continue
+                    reconciler = reconciler_cls(self)
                     reconciler.down()
                 all_logs += [f"{reconcile_key.title()}: {x['event']}" for x in logs]
             return all_logs
@@ -130,7 +142,10 @@ class KubernetesController(BaseController):
     def get_static_deployment(self) -> str:
         documents = []
         for reconcile_key in self.reconcile_order:
-            reconciler = self.reconcilers[reconcile_key](self)
+            reconciler_cls = self.reconcilers.get(reconcile_key)
+            if not reconciler_cls:
+                continue
+            reconciler = reconciler_cls(self)
             if reconciler.noop:
                 continue
             documents.append(reconciler.get_reference_object().to_dict())
diff --git a/authentik/outposts/migrations/0021_alter_outpost_type.py b/authentik/outposts/migrations/0021_alter_outpost_type.py
new file mode 100644
index 000000000..52fcf1fd5
--- /dev/null
+++ b/authentik/outposts/migrations/0021_alter_outpost_type.py
@@ -0,0 +1,25 @@
+# Generated by Django 4.2.6 on 2023-10-14 19:23
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_outposts", "0020_alter_outpost_type"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="outpost",
+            name="type",
+            field=models.TextField(
+                choices=[
+                    ("proxy", "Proxy"),
+                    ("ldap", "Ldap"),
+                    ("radius", "Radius"),
+                    ("rac", "Rac"),
+                ],
+                default="proxy",
+            ),
+        ),
+    ]
diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py
index 14f896c35..bcaeda8b8 100644
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@@ -90,11 +90,12 @@ class OutpostModel(Model):
 
 
 class OutpostType(models.TextChoices):
-    """Outpost types, currently only the reverse proxy is available"""
+    """Outpost types"""
 
     PROXY = "proxy"
     LDAP = "ldap"
     RADIUS = "radius"
+    RAC = "rac"
 
 
 def default_outpost_config(host: Optional[str] = None):
@@ -459,7 +460,7 @@ class OutpostState:
     def for_instance_uid(outpost: Outpost, uid: str) -> "OutpostState":
         """Get state for a single instance"""
         key = f"{outpost.state_cache_prefix}/{uid}"
-        default_data = {"uid": uid, "channel_ids": []}
+        default_data = {"uid": uid}
         data = cache.get(key, default_data)
         if isinstance(data, str):
             cache.delete(key)
diff --git a/authentik/outposts/tasks.py b/authentik/outposts/tasks.py
index b6b3a9bab..0d4e54a3a 100644
--- a/authentik/outposts/tasks.py
+++ b/authentik/outposts/tasks.py
@@ -17,6 +17,8 @@ from kubernetes.config.kube_config import KUBE_CONFIG_DEFAULT_LOCATION
 from structlog.stdlib import get_logger
 from yaml import safe_load
 
+from authentik.enterprise.providers.rac.controllers.docker import RACDockerController
+from authentik.enterprise.providers.rac.controllers.kubernetes import RACKubernetesController
 from authentik.events.monitored_tasks import (
     MonitoredTask,
     TaskResult,
@@ -71,6 +73,11 @@ def controller_for_outpost(outpost: Outpost) -> Optional[type[BaseController]]:
             return RadiusDockerController
         if isinstance(service_connection, KubernetesServiceConnection):
             return RadiusKubernetesController
+    if outpost.type == OutpostType.RAC:
+        if isinstance(service_connection, DockerServiceConnection):
+            return RACDockerController
+        if isinstance(service_connection, KubernetesServiceConnection):
+            return RACKubernetesController
     return None
 
 
diff --git a/authentik/outposts/tests/test_api.py b/authentik/outposts/tests/test_api.py
index 5e6fb385e..3edaeb78e 100644
--- a/authentik/outposts/tests/test_api.py
+++ b/authentik/outposts/tests/test_api.py
@@ -2,11 +2,13 @@
 from django.urls import reverse
 from rest_framework.test import APITestCase
 
+from authentik.blueprints.tests import reconcile_app
 from authentik.core.models import PropertyMapping
 from authentik.core.tests.utils import create_test_admin_user, create_test_flow
 from authentik.lib.generators import generate_id
 from authentik.outposts.api.outposts import OutpostSerializer
-from authentik.outposts.models import OutpostType, default_outpost_config
+from authentik.outposts.apps import MANAGED_OUTPOST
+from authentik.outposts.models import Outpost, OutpostType, default_outpost_config
 from authentik.providers.ldap.models import LDAPProvider
 from authentik.providers.proxy.models import ProxyProvider
 
@@ -22,7 +24,36 @@ class TestOutpostServiceConnectionsAPI(APITestCase):
         self.user = create_test_admin_user()
         self.client.force_login(self.user)
 
-    def test_outpost_validaton(self):
+    @reconcile_app("authentik_outposts")
+    def test_managed_name_change(self):
+        """Test name change for embedded outpost"""
+        embedded_outpost = Outpost.objects.filter(managed=MANAGED_OUTPOST).first()
+        self.assertIsNotNone(embedded_outpost)
+        response = self.client.patch(
+            reverse("authentik_api:outpost-detail", kwargs={"pk": embedded_outpost.pk}),
+            {"name": "foo"},
+        )
+        self.assertEqual(response.status_code, 400)
+        self.assertJSONEqual(
+            response.content, {"name": ["Embedded outpost's name cannot be changed"]}
+        )
+
+    @reconcile_app("authentik_outposts")
+    def test_managed_without_managed(self):
+        """Test name change for embedded outpost"""
+        embedded_outpost = Outpost.objects.filter(managed=MANAGED_OUTPOST).first()
+        self.assertIsNotNone(embedded_outpost)
+        embedded_outpost.managed = ""
+        embedded_outpost.save()
+        response = self.client.patch(
+            reverse("authentik_api:outpost-detail", kwargs={"pk": embedded_outpost.pk}),
+            {"name": "foo"},
+        )
+        self.assertEqual(response.status_code, 200)
+        embedded_outpost.refresh_from_db()
+        self.assertEqual(embedded_outpost.managed, MANAGED_OUTPOST)
+
+    def test_outpost_validation(self):
         """Test Outpost validation"""
         valid = OutpostSerializer(
             data={
diff --git a/authentik/outposts/tests/test_ws.py b/authentik/outposts/tests/test_ws.py
index b8fcba925..ec3d543a3 100644
--- a/authentik/outposts/tests/test_ws.py
+++ b/authentik/outposts/tests/test_ws.py
@@ -1,6 +1,7 @@
 """Websocket tests"""
 from dataclasses import asdict
 
+from channels.exceptions import DenyConnection
 from channels.routing import URLRouter
 from channels.testing import WebsocketCommunicator
 from django.test import TransactionTestCase
@@ -35,8 +36,9 @@ class TestOutpostWS(TransactionTestCase):
         communicator = WebsocketCommunicator(
             URLRouter(websocket.websocket_urlpatterns), f"/ws/outpost/{self.outpost.pk}/"
         )
-        connected, _ = await communicator.connect()
-        self.assertFalse(connected)
+        with self.assertRaises(DenyConnection):
+            connected, _ = await communicator.connect()
+            self.assertFalse(connected)
 
     async def test_auth_valid(self):
         """Test auth with token"""
diff --git a/authentik/outposts/urls.py b/authentik/outposts/urls.py
index cd7ba3bf8..9d28a01eb 100644
--- a/authentik/outposts/urls.py
+++ b/authentik/outposts/urls.py
@@ -1,6 +1,7 @@
 """Outpost Websocket URLS"""
 from django.urls import path
 
+from authentik.core.channels import TokenOutpostMiddleware
 from authentik.outposts.api.outposts import OutpostViewSet
 from authentik.outposts.api.service_connections import (
     DockerServiceConnectionViewSet,
@@ -11,7 +12,10 @@ from authentik.outposts.consumer import OutpostConsumer
 from authentik.root.middleware import ChannelsLoggingMiddleware
 
 websocket_urlpatterns = [
-    path("ws/outpost/<uuid:pk>/", ChannelsLoggingMiddleware(OutpostConsumer.as_asgi())),
+    path(
+        "ws/outpost/<uuid:pk>/",
+        ChannelsLoggingMiddleware(TokenOutpostMiddleware(OutpostConsumer.as_asgi())),
+    ),
 ]
 
 api_urlpatterns = [
diff --git a/authentik/policies/api/exec.py b/authentik/policies/api/exec.py
index 580b74f95..56fb42c90 100644
--- a/authentik/policies/api/exec.py
+++ b/authentik/policies/api/exec.py
@@ -1,8 +1,8 @@
 """Serializer for policy execution"""
-from rest_framework.fields import BooleanField, CharField, DictField, JSONField, ListField
+from rest_framework.fields import BooleanField, CharField, DictField, ListField
 from rest_framework.relations import PrimaryKeyRelatedField
 
-from authentik.core.api.utils import PassiveSerializer, is_dict
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 from authentik.core.models import User
 
 
@@ -10,7 +10,7 @@ class PolicyTestSerializer(PassiveSerializer):
     """Test policy execution for a user with context"""
 
     user = PrimaryKeyRelatedField(queryset=User.objects.all())
-    context = JSONField(required=False, validators=[is_dict])
+    context = JSONDictField(required=False)
 
 
 class PolicyTestResultSerializer(PassiveSerializer):
diff --git a/authentik/policies/expression/evaluator.py b/authentik/policies/expression/evaluator.py
index 7617efdb3..4cc167f4b 100644
--- a/authentik/policies/expression/evaluator.py
+++ b/authentik/policies/expression/evaluator.py
@@ -7,9 +7,9 @@ from structlog.stdlib import get_logger
 
 from authentik.flows.planner import PLAN_CONTEXT_SSO
 from authentik.lib.expression.evaluator import BaseEvaluator
-from authentik.lib.utils.http import get_client_ip
 from authentik.policies.exceptions import PolicyException
 from authentik.policies.types import PolicyRequest, PolicyResult
+from authentik.root.middleware import ClientIPMiddleware
 
 LOGGER = get_logger()
 if TYPE_CHECKING:
@@ -49,7 +49,7 @@ class PolicyEvaluator(BaseEvaluator):
         """Update context based on http request"""
         # update website/docs/expressions/_objects.md
         # update website/docs/expressions/_functions.md
-        self._context["ak_client_ip"] = ip_address(get_client_ip(request))
+        self._context["ak_client_ip"] = ip_address(ClientIPMiddleware.get_client_ip(request))
         self._context["http_request"] = request
 
     def handle_error(self, exc: Exception, expression_source: str):
diff --git a/authentik/policies/reputation/api.py b/authentik/policies/reputation/api.py
index 9e9d95e13..885f6c162 100644
--- a/authentik/policies/reputation/api.py
+++ b/authentik/policies/reputation/api.py
@@ -47,6 +47,7 @@ class ReputationSerializer(ModelSerializer):
             "identifier",
             "ip",
             "ip_geo_data",
+            "ip_asn_data",
             "score",
             "updated",
         ]
diff --git a/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py b/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py
new file mode 100644
index 000000000..05557392e
--- /dev/null
+++ b/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py
@@ -0,0 +1,17 @@
+# Generated by Django 4.2.7 on 2023-12-05 22:20
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_policies_reputation", "0005_reputation_expires_reputation_expiring"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="reputation",
+            name="ip_asn_data",
+            field=models.JSONField(default=dict),
+        ),
+    ]
diff --git a/authentik/policies/reputation/models.py b/authentik/policies/reputation/models.py
index 723614f51..ea8ac2bd6 100644
--- a/authentik/policies/reputation/models.py
+++ b/authentik/policies/reputation/models.py
@@ -13,9 +13,9 @@ from structlog import get_logger
 from authentik.core.models import ExpiringModel
 from authentik.lib.config import CONFIG
 from authentik.lib.models import SerializerModel
-from authentik.lib.utils.http import get_client_ip
 from authentik.policies.models import Policy
 from authentik.policies.types import PolicyRequest, PolicyResult
+from authentik.root.middleware import ClientIPMiddleware
 
 LOGGER = get_logger()
 CACHE_KEY_PREFIX = "goauthentik.io/policies/reputation/scores/"
@@ -44,7 +44,7 @@ class ReputationPolicy(Policy):
         return "ak-policy-reputation-form"
 
     def passes(self, request: PolicyRequest) -> PolicyResult:
-        remote_ip = get_client_ip(request.http_request)
+        remote_ip = ClientIPMiddleware.get_client_ip(request.http_request)
         query = Q()
         if self.check_ip:
             query |= Q(ip=remote_ip)
@@ -76,6 +76,7 @@ class Reputation(ExpiringModel, SerializerModel):
     identifier = models.TextField()
     ip = models.GenericIPAddressField()
     ip_geo_data = models.JSONField(default=dict)
+    ip_asn_data = models.JSONField(default=dict)
     score = models.BigIntegerField(default=0)
 
     expires = models.DateTimeField(default=reputation_expiry)
diff --git a/authentik/policies/reputation/signals.py b/authentik/policies/reputation/signals.py
index 49b8cf011..5307672d4 100644
--- a/authentik/policies/reputation/signals.py
+++ b/authentik/policies/reputation/signals.py
@@ -7,9 +7,9 @@ from structlog.stdlib import get_logger
 
 from authentik.core.signals import login_failed
 from authentik.lib.config import CONFIG
-from authentik.lib.utils.http import get_client_ip
 from authentik.policies.reputation.models import CACHE_KEY_PREFIX
 from authentik.policies.reputation.tasks import save_reputation
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.identification.signals import identification_failed
 
 LOGGER = get_logger()
@@ -18,7 +18,7 @@ CACHE_TIMEOUT = CONFIG.get_int("cache.timeout_reputation")
 
 def update_score(request: HttpRequest, identifier: str, amount: int):
     """Update score for IP and User"""
-    remote_ip = get_client_ip(request)
+    remote_ip = ClientIPMiddleware.get_client_ip(request)
 
     try:
         # We only update the cache here, as its faster than writing to the DB
diff --git a/authentik/policies/reputation/tasks.py b/authentik/policies/reputation/tasks.py
index 7fd7b775f..ac65d1748 100644
--- a/authentik/policies/reputation/tasks.py
+++ b/authentik/policies/reputation/tasks.py
@@ -2,7 +2,8 @@
 from django.core.cache import cache
 from structlog.stdlib import get_logger
 
-from authentik.events.geo import GEOIP_READER
+from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR
+from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR
 from authentik.events.monitored_tasks import (
     MonitoredTask,
     TaskResult,
@@ -26,7 +27,8 @@ def save_reputation(self: MonitoredTask):
             ip=score["ip"],
             identifier=score["identifier"],
         )
-        rep.ip_geo_data = GEOIP_READER.city_dict(score["ip"]) or {}
+        rep.ip_geo_data = GEOIP_CONTEXT_PROCESSOR.city_dict(score["ip"]) or {}
+        rep.ip_asn_data = ASN_CONTEXT_PROCESSOR.asn_dict(score["ip"]) or {}
         rep.score = score["score"]
         objects_to_update.append(rep)
     Reputation.objects.bulk_update(objects_to_update, ["score", "ip_geo_data"])
diff --git a/authentik/policies/types.py b/authentik/policies/types.py
index 29ac9c3c8..c9e2e8d86 100644
--- a/authentik/policies/types.py
+++ b/authentik/policies/types.py
@@ -8,8 +8,7 @@ from django.db.models import Model
 from django.http import HttpRequest
 from structlog.stdlib import get_logger
 
-from authentik.events.geo import GEOIP_READER
-from authentik.lib.utils.http import get_client_ip
+from authentik.events.context_processors.base import get_context_processors
 
 if TYPE_CHECKING:
     from authentik.core.models import User
@@ -39,12 +38,8 @@ class PolicyRequest:
     def set_http_request(self, request: HttpRequest):  # pragma: no cover
         """Load data from HTTP request, including geoip when enabled"""
         self.http_request = request
-        if not GEOIP_READER.enabled:
-            return
-        client_ip = get_client_ip(request)
-        if not client_ip:
-            return
-        self.context["geoip"] = GEOIP_READER.city(client_ip)
+        for processor in get_context_processors():
+            self.context.update(processor.enrich_context(request))
 
     @property
     def should_cache(self) -> bool:
diff --git a/authentik/providers/oauth2/constants.py b/authentik/providers/oauth2/constants.py
index 81460b707..baaebbd60 100644
--- a/authentik/providers/oauth2/constants.py
+++ b/authentik/providers/oauth2/constants.py
@@ -7,8 +7,8 @@ GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials"
 GRANT_TYPE_PASSWORD = "password"  # nosec
 GRANT_TYPE_DEVICE_CODE = "urn:ietf:params:oauth:grant-type:device_code"
 
-CLIENT_ASSERTION_TYPE = "client_assertion_type"
 CLIENT_ASSERTION = "client_assertion"
+CLIENT_ASSERTION_TYPE = "client_assertion_type"
 CLIENT_ASSERTION_TYPE_JWT = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
 
 PROMPT_NONE = "none"
@@ -18,9 +18,9 @@ PROMPT_LOGIN = "login"
 SCOPE_OPENID = "openid"
 SCOPE_OPENID_PROFILE = "profile"
 SCOPE_OPENID_EMAIL = "email"
+SCOPE_OFFLINE_ACCESS = "offline_access"
 
-# https://www.iana.org/assignments/oauth-parameters/\
-#   oauth-parameters.xhtml#pkce-code-challenge-method
+# https://www.iana.org/assignments/oauth-parameters/auth-parameters.xhtml#pkce-code-challenge-method
 PKCE_METHOD_PLAIN = "plain"
 PKCE_METHOD_S256 = "S256"
 
@@ -36,6 +36,12 @@ SCOPE_GITHUB_USER_READ = "read:user"
 SCOPE_GITHUB_USER_EMAIL = "user:email"
 # Read info about teams
 SCOPE_GITHUB_ORG_READ = "read:org"
+SCOPE_GITHUB = {
+    SCOPE_GITHUB_USER,
+    SCOPE_GITHUB_USER_READ,
+    SCOPE_GITHUB_USER_EMAIL,
+    SCOPE_GITHUB_ORG_READ,
+}
 
 ACR_AUTHENTIK_DEFAULT = "goauthentik.io/providers/oauth2/default"
 
diff --git a/authentik/providers/oauth2/errors.py b/authentik/providers/oauth2/errors.py
index 1788c9370..fd124cb91 100644
--- a/authentik/providers/oauth2/errors.py
+++ b/authentik/providers/oauth2/errors.py
@@ -127,7 +127,7 @@ class AuthorizeError(OAuth2Error):
         "account_selection_required": (
             "The End-User is required to select a session at the Authorization Server"
         ),
-        "consent_required": "The Authorization Server requires End-Userconsent",
+        "consent_required": "The Authorization Server requires End-User consent",
         "invalid_request_uri": (
             "The request_uri in the Authorization Request returns an error or contains invalid data"
         ),
diff --git a/authentik/providers/oauth2/migrations/0017_accesstoken_session_id_authorizationcode_session_id_and_more.py b/authentik/providers/oauth2/migrations/0017_accesstoken_session_id_authorizationcode_session_id_and_more.py
new file mode 100644
index 000000000..9a8e8d210
--- /dev/null
+++ b/authentik/providers/oauth2/migrations/0017_accesstoken_session_id_authorizationcode_session_id_and_more.py
@@ -0,0 +1,27 @@
+# Generated by Django 5.0 on 2023-12-22 23:20
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_providers_oauth2", "0016_alter_refreshtoken_token"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="accesstoken",
+            name="session_id",
+            field=models.CharField(blank=True, default=""),
+        ),
+        migrations.AddField(
+            model_name="authorizationcode",
+            name="session_id",
+            field=models.CharField(blank=True, default=""),
+        ),
+        migrations.AddField(
+            model_name="refreshtoken",
+            name="session_id",
+            field=models.CharField(blank=True, default=""),
+        ),
+    ]
diff --git a/authentik/providers/oauth2/models.py b/authentik/providers/oauth2/models.py
index e9a2f731a..2917f607f 100644
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@@ -296,6 +296,7 @@ class BaseGrantModel(models.Model):
     revoked = models.BooleanField(default=False)
     _scope = models.TextField(default="", verbose_name=_("Scopes"))
     auth_time = models.DateTimeField(verbose_name="Authentication time")
+    session_id = models.CharField(default="", blank=True)
 
     @property
     def scope(self) -> list[str]:
diff --git a/authentik/providers/oauth2/tests/test_authorize.py b/authentik/providers/oauth2/tests/test_authorize.py
index 91cdc330a..7903c685c 100644
--- a/authentik/providers/oauth2/tests/test_authorize.py
+++ b/authentik/providers/oauth2/tests/test_authorize.py
@@ -5,6 +5,7 @@ from django.test import RequestFactory
 from django.urls import reverse
 from django.utils.timezone import now
 
+from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import Application
 from authentik.core.tests.utils import create_test_admin_user, create_test_flow
 from authentik.events.models import Event, EventAction
@@ -18,6 +19,7 @@ from authentik.providers.oauth2.models import (
     AuthorizationCode,
     GrantTypes,
     OAuth2Provider,
+    ScopeMapping,
 )
 from authentik.providers.oauth2.tests.utils import OAuthTestCase
 from authentik.providers.oauth2.views.authorize import OAuthAuthorizationParams
@@ -172,14 +174,24 @@ class TestAuthorize(OAuthTestCase):
         )
         OAuthAuthorizationParams.from_request(request)
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_response_type(self):
         """test response_type"""
-        OAuth2Provider.objects.create(
+        provider = OAuth2Provider.objects.create(
             name=generate_id(),
             client_id="test",
             authorization_flow=create_test_flow(),
             redirect_uris="http://local.invalid/Foo",
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                ]
+            )
+        )
         request = self.factory.get(
             "/",
             data={
@@ -292,6 +304,7 @@ class TestAuthorize(OAuthTestCase):
             delta=5,
         )
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_full_implicit(self):
         """Test full authorization"""
         flow = create_test_flow()
@@ -302,6 +315,15 @@ class TestAuthorize(OAuthTestCase):
             redirect_uris="http://localhost",
             signing_key=self.keypair,
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                ]
+            )
+        )
         Application.objects.create(name="app", slug="app", provider=provider)
         state = generate_id()
         user = create_test_admin_user()
@@ -409,6 +431,7 @@ class TestAuthorize(OAuthTestCase):
                 delta=5,
             )
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_full_form_post_id_token(self):
         """Test full authorization (form_post response)"""
         flow = create_test_flow()
@@ -419,6 +442,15 @@ class TestAuthorize(OAuthTestCase):
             redirect_uris="http://localhost",
             signing_key=self.keypair,
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                ]
+            )
+        )
         app = Application.objects.create(name=generate_id(), slug=generate_id(), provider=provider)
         state = generate_id()
         user = create_test_admin_user()
@@ -440,6 +472,7 @@ class TestAuthorize(OAuthTestCase):
             reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug}),
         )
         token: AccessToken = AccessToken.objects.filter(user=user).first()
+        self.assertIsNotNone(token)
         self.assertJSONEqual(
             response.content.decode(),
             {
diff --git a/authentik/providers/oauth2/tests/test_token.py b/authentik/providers/oauth2/tests/test_token.py
index 79b3b13fe..5904d38be 100644
--- a/authentik/providers/oauth2/tests/test_token.py
+++ b/authentik/providers/oauth2/tests/test_token.py
@@ -6,6 +6,7 @@ from django.test import RequestFactory
 from django.urls import reverse
 from django.utils import timezone
 
+from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import Application
 from authentik.core.tests.utils import create_test_admin_user, create_test_flow
 from authentik.events.models import Event, EventAction
@@ -21,6 +22,7 @@ from authentik.providers.oauth2.models import (
     AuthorizationCode,
     OAuth2Provider,
     RefreshToken,
+    ScopeMapping,
 )
 from authentik.providers.oauth2.tests.utils import OAuthTestCase
 from authentik.providers.oauth2.views.token import TokenParams
@@ -136,21 +138,20 @@ class TestToken(OAuthTestCase):
             HTTP_AUTHORIZATION=f"Basic {header}",
         )
         access: AccessToken = AccessToken.objects.filter(user=user, provider=provider).first()
-        refresh: RefreshToken = RefreshToken.objects.filter(user=user, provider=provider).first()
         self.assertJSONEqual(
             response.content.decode(),
             {
                 "access_token": access.token,
-                "refresh_token": refresh.token,
                 "token_type": TOKEN_TYPE,
                 "expires_in": 3600,
                 "id_token": provider.encode(
-                    refresh.id_token.to_dict(),
+                    access.id_token.to_dict(),
                 ),
             },
         )
         self.validate_jwt(access, provider)
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_refresh_token_view(self):
         """test request param"""
         provider = OAuth2Provider.objects.create(
@@ -159,6 +160,16 @@ class TestToken(OAuthTestCase):
             redirect_uris="http://local.invalid",
             signing_key=self.keypair,
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                    "goauthentik.io/providers/oauth2/scope-offline_access",
+                ]
+            )
+        )
         # Needs to be assigned to an application for iss to be set
         self.app.provider = provider
         self.app.save()
@@ -170,6 +181,7 @@ class TestToken(OAuthTestCase):
             token=generate_id(),
             _id_token=dumps({}),
             auth_time=timezone.now(),
+            _scope="offline_access",
         )
         response = self.client.post(
             reverse("authentik_providers_oauth2:token"),
@@ -201,6 +213,7 @@ class TestToken(OAuthTestCase):
         )
         self.validate_jwt(access, provider)
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_refresh_token_view_invalid_origin(self):
         """test request param"""
         provider = OAuth2Provider.objects.create(
@@ -209,6 +222,16 @@ class TestToken(OAuthTestCase):
             redirect_uris="http://local.invalid",
             signing_key=self.keypair,
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                    "goauthentik.io/providers/oauth2/scope-offline_access",
+                ]
+            )
+        )
         header = b64encode(f"{provider.client_id}:{provider.client_secret}".encode()).decode()
         user = create_test_admin_user()
         token: RefreshToken = RefreshToken.objects.create(
@@ -217,6 +240,7 @@ class TestToken(OAuthTestCase):
             token=generate_id(),
             _id_token=dumps({}),
             auth_time=timezone.now(),
+            _scope="offline_access",
         )
         response = self.client.post(
             reverse("authentik_providers_oauth2:token"),
@@ -247,6 +271,7 @@ class TestToken(OAuthTestCase):
             },
         )
 
+    @apply_blueprint("system/providers-oauth2.yaml")
     def test_refresh_token_revoke(self):
         """test request param"""
         provider = OAuth2Provider.objects.create(
@@ -255,6 +280,16 @@ class TestToken(OAuthTestCase):
             redirect_uris="http://testserver",
             signing_key=self.keypair,
         )
+        provider.property_mappings.set(
+            ScopeMapping.objects.filter(
+                managed__in=[
+                    "goauthentik.io/providers/oauth2/scope-openid",
+                    "goauthentik.io/providers/oauth2/scope-email",
+                    "goauthentik.io/providers/oauth2/scope-profile",
+                    "goauthentik.io/providers/oauth2/scope-offline_access",
+                ]
+            )
+        )
         # Needs to be assigned to an application for iss to be set
         self.app.provider = provider
         self.app.save()
@@ -266,6 +301,7 @@ class TestToken(OAuthTestCase):
             token=generate_id(),
             _id_token=dumps({}),
             auth_time=timezone.now(),
+            _scope="offline_access",
         )
         # Create initial refresh token
         response = self.client.post(
diff --git a/authentik/providers/oauth2/urls_root.py b/authentik/providers/oauth2/urls_root.py
index b00a90de4..9f7fe05ac 100644
--- a/authentik/providers/oauth2/urls_root.py
+++ b/authentik/providers/oauth2/urls_root.py
@@ -10,7 +10,7 @@ from authentik.providers.oauth2.views.token import TokenView
 github_urlpatterns = [
     path(
         "login/oauth/authorize",
-        AuthorizationFlowInitView.as_view(),
+        AuthorizationFlowInitView.as_view(github_compat=True),
         name="github-authorize",
     ),
     path(
diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py
index 8c31192bf..7ad76a642 100644
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@@ -1,6 +1,7 @@
 """authentik OAuth2 Authorization views"""
-from dataclasses import dataclass, field
+from dataclasses import InitVar, dataclass, field
 from datetime import timedelta
+from hashlib import sha256
 from json import dumps
 from re import error as RegexError
 from re import fullmatch
@@ -40,6 +41,8 @@ from authentik.providers.oauth2.constants import (
     PROMPT_CONSENT,
     PROMPT_LOGIN,
     PROMPT_NONE,
+    SCOPE_GITHUB,
+    SCOPE_OFFLINE_ACCESS,
     SCOPE_OPENID,
     TOKEN_TYPE,
 )
@@ -65,7 +68,6 @@ from authentik.stages.consent.models import ConsentMode, ConsentStage
 from authentik.stages.consent.stage import (
     PLAN_CONTEXT_CONSENT_HEADER,
     PLAN_CONTEXT_CONSENT_PERMISSIONS,
-    ConsentStageView,
 )
 
 LOGGER = get_logger()
@@ -85,7 +87,7 @@ class OAuthAuthorizationParams:
     redirect_uri: str
     response_type: str
     response_mode: Optional[str]
-    scope: list[str]
+    scope: set[str]
     state: str
     nonce: Optional[str]
     prompt: set[str]
@@ -100,8 +102,10 @@ class OAuthAuthorizationParams:
     code_challenge: Optional[str] = None
     code_challenge_method: Optional[str] = None
 
+    github_compat: InitVar[bool] = False
+
     @staticmethod
-    def from_request(request: HttpRequest) -> "OAuthAuthorizationParams":
+    def from_request(request: HttpRequest, github_compat=False) -> "OAuthAuthorizationParams":
         """
         Get all the params used by the Authorization Code Flow
         (and also for the Implicit and Hybrid).
@@ -153,7 +157,7 @@ class OAuthAuthorizationParams:
             response_type=response_type,
             response_mode=response_mode,
             grant_type=grant_type,
-            scope=query_dict.get("scope", "").split(),
+            scope=set(query_dict.get("scope", "").split()),
             state=state,
             nonce=query_dict.get("nonce"),
             prompt=ALLOWED_PROMPT_PARAMS.intersection(set(query_dict.get("prompt", "").split())),
@@ -161,9 +165,10 @@ class OAuthAuthorizationParams:
             max_age=int(max_age) if max_age else None,
             code_challenge=query_dict.get("code_challenge"),
             code_challenge_method=query_dict.get("code_challenge_method", "plain"),
+            github_compat=github_compat,
         )
 
-    def __post_init__(self):
+    def __post_init__(self, github_compat=False):
         self.provider: OAuth2Provider = OAuth2Provider.objects.filter(
             client_id=self.client_id
         ).first()
@@ -171,7 +176,7 @@ class OAuthAuthorizationParams:
             LOGGER.warning("Invalid client identifier", client_id=self.client_id)
             raise ClientIdError(client_id=self.client_id)
         self.check_redirect_uri()
-        self.check_scope()
+        self.check_scope(github_compat)
         self.check_nonce()
         self.check_code_challenge()
 
@@ -198,8 +203,8 @@ class OAuthAuthorizationParams:
             if not any(fullmatch(x, self.redirect_uri) for x in allowed_redirect_urls):
                 LOGGER.warning(
                     "Invalid redirect uri (regex comparison)",
-                    redirect_uri=self.redirect_uri,
-                    expected=allowed_redirect_urls,
+                    redirect_uri_given=self.redirect_uri,
+                    redirect_uri_expected=allowed_redirect_urls,
                 )
                 raise RedirectUriError(self.redirect_uri, allowed_redirect_urls)
         except RegexError as exc:
@@ -207,8 +212,8 @@ class OAuthAuthorizationParams:
             if not any(x == self.redirect_uri for x in allowed_redirect_urls):
                 LOGGER.warning(
                     "Invalid redirect uri (strict comparison)",
-                    redirect_uri=self.redirect_uri,
-                    expected=allowed_redirect_urls,
+                    redirect_uri_given=self.redirect_uri,
+                    redirect_uri_expected=allowed_redirect_urls,
                 )
                 raise RedirectUriError(self.redirect_uri, allowed_redirect_urls)
         if self.request:
@@ -216,24 +221,50 @@ class OAuthAuthorizationParams:
                 self.redirect_uri, "request_not_supported", self.grant_type, self.state
             )
 
-    def check_scope(self):
+    def check_scope(self, github_compat=False):
         """Ensure openid scope is set in Hybrid flows, or when requesting an id_token"""
-        if len(self.scope) == 0:
-            default_scope_names = set(
-                ScopeMapping.objects.filter(provider__in=[self.provider]).values_list(
-                    "scope_name", flat=True
-                )
+        default_scope_names = set(
+            ScopeMapping.objects.filter(provider__in=[self.provider]).values_list(
+                "scope_name", flat=True
             )
+        )
+        if len(self.scope) == 0:
             self.scope = default_scope_names
             LOGGER.info(
                 "No scopes requested, defaulting to all configured scopes", scopes=self.scope
             )
+        scopes_to_check = self.scope
+        if github_compat:
+            scopes_to_check = self.scope - SCOPE_GITHUB
+        if not scopes_to_check.issubset(default_scope_names):
+            LOGGER.info(
+                "Application requested scopes not configured, setting to overlap",
+                scope_allowed=default_scope_names,
+                scope_given=self.scope,
+            )
+            self.scope = self.scope.intersection(default_scope_names)
         if SCOPE_OPENID not in self.scope and (
             self.grant_type == GrantTypes.HYBRID
             or self.response_type in [ResponseTypes.ID_TOKEN, ResponseTypes.ID_TOKEN_TOKEN]
         ):
             LOGGER.warning("Missing 'openid' scope.")
             raise AuthorizeError(self.redirect_uri, "invalid_scope", self.grant_type, self.state)
+        if SCOPE_OFFLINE_ACCESS in self.scope:
+            # https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess
+            if PROMPT_CONSENT not in self.prompt:
+                raise AuthorizeError(
+                    self.redirect_uri, "consent_required", self.grant_type, self.state
+                )
+            if self.response_type not in [
+                ResponseTypes.CODE,
+                ResponseTypes.CODE_TOKEN,
+                ResponseTypes.CODE_ID_TOKEN,
+                ResponseTypes.CODE_ID_TOKEN_TOKEN,
+            ]:
+                # offline_access requires a response type that has some sort of token
+                # Spec says to ignore the scope when the response_type wouldn't result
+                # in an authorization code being generated
+                self.scope.remove(SCOPE_OFFLINE_ACCESS)
 
     def check_nonce(self):
         """Nonce parameter validation."""
@@ -282,6 +313,7 @@ class OAuthAuthorizationParams:
             expires=now + timedelta_from_string(self.provider.access_code_validity),
             scope=self.scope,
             nonce=self.nonce,
+            session_id=sha256(request.session.session_key.encode("ascii")).hexdigest(),
         )
 
         if self.code_challenge and self.code_challenge_method:
@@ -295,6 +327,9 @@ class AuthorizationFlowInitView(PolicyAccessView):
     """OAuth2 Flow initializer, checks access to application and starts flow"""
 
     params: OAuthAuthorizationParams
+    # Enable GitHub compatibility (only allow for scopes which are handled
+    # differently for github compat)
+    github_compat = False
 
     def pre_permission_check(self):
         """Check prompt parameter before checking permission/authentication,
@@ -303,7 +338,9 @@ class AuthorizationFlowInitView(PolicyAccessView):
         if len(self.request.GET) < 1:
             raise Http404
         try:
-            self.params = OAuthAuthorizationParams.from_request(self.request)
+            self.params = OAuthAuthorizationParams.from_request(
+                self.request, github_compat=self.github_compat
+            )
         except AuthorizeError as error:
             LOGGER.warning(error.description, redirect_uri=error.redirect_uri)
             raise RequestValidationError(error.get_response(self.request))
@@ -400,7 +437,7 @@ class AuthorizationFlowInitView(PolicyAccessView):
         # OpenID clients can specify a `prompt` parameter, and if its set to consent we
         # need to inject a consent stage
         if PROMPT_CONSENT in self.params.prompt:
-            if not any(isinstance(x.stage, ConsentStageView) for x in plan.bindings):
+            if not any(isinstance(x.stage, ConsentStage) for x in plan.bindings):
                 # Plan does not have any consent stage, so we add an in-memory one
                 stage = ConsentStage(
                     name="OAuth2 Provider In-memory consent stage",
@@ -569,6 +606,7 @@ class OAuthFulfillmentStage(StageView):
             expires=access_token_expiry,
             provider=self.provider,
             auth_time=auth_event.created if auth_event else now,
+            session_id=sha256(self.request.session.session_key.encode("ascii")).hexdigest(),
         )
 
         id_token = IDToken.new(self.provider, token, self.request)
diff --git a/authentik/providers/oauth2/views/token.py b/authentik/providers/oauth2/views/token.py
index 0c0d7f4a8..3bf134b09 100644
--- a/authentik/providers/oauth2/views/token.py
+++ b/authentik/providers/oauth2/views/token.py
@@ -41,6 +41,7 @@ from authentik.providers.oauth2.constants import (
     GRANT_TYPE_PASSWORD,
     GRANT_TYPE_REFRESH_TOKEN,
     PKCE_METHOD_S256,
+    SCOPE_OFFLINE_ACCESS,
     TOKEN_TYPE,
 )
 from authentik.providers.oauth2.errors import DeviceCodeError, TokenError, UserAuthError
@@ -459,7 +460,7 @@ class TokenView(View):
                 op="authentik.providers.oauth2.post.response",
             ):
                 if self.params.grant_type == GRANT_TYPE_AUTHORIZATION_CODE:
-                    LOGGER.debug("Converting authorization code to refresh token")
+                    LOGGER.debug("Converting authorization code to access token")
                     return TokenResponse(self.create_code_response())
                 if self.params.grant_type == GRANT_TYPE_REFRESH_TOKEN:
                     LOGGER.debug("Refreshing refresh token")
@@ -487,49 +488,58 @@ class TokenView(View):
             # Keep same scopes as previous token
             scope=self.params.authorization_code.scope,
             auth_time=self.params.authorization_code.auth_time,
+            session_id=self.params.authorization_code.session_id,
         )
-        access_token.id_token = IDToken.new(
+        access_id_token = IDToken.new(
             self.provider,
             access_token,
             self.request,
         )
+        access_id_token.nonce = self.params.authorization_code.nonce
+        access_token.id_token = access_id_token
         access_token.save()
 
-        refresh_token_expiry = now + timedelta_from_string(self.provider.refresh_token_validity)
-        refresh_token = RefreshToken(
-            user=self.params.authorization_code.user,
-            scope=self.params.authorization_code.scope,
-            expires=refresh_token_expiry,
-            provider=self.provider,
-            auth_time=self.params.authorization_code.auth_time,
-        )
-        id_token = IDToken.new(
-            self.provider,
-            refresh_token,
-            self.request,
-        )
-        id_token.nonce = self.params.authorization_code.nonce
-        id_token.at_hash = access_token.at_hash
-        refresh_token.id_token = id_token
-        refresh_token.save()
-
-        # Delete old code
-        self.params.authorization_code.delete()
-        return {
+        response = {
             "access_token": access_token.token,
-            "refresh_token": refresh_token.token,
             "token_type": TOKEN_TYPE,
             "expires_in": int(
                 timedelta_from_string(self.provider.access_token_validity).total_seconds()
             ),
-            "id_token": id_token.to_jwt(self.provider),
+            "id_token": access_token.id_token.to_jwt(self.provider),
         }
 
+        if SCOPE_OFFLINE_ACCESS in self.params.authorization_code.scope:
+            refresh_token_expiry = now + timedelta_from_string(self.provider.refresh_token_validity)
+            refresh_token = RefreshToken(
+                user=self.params.authorization_code.user,
+                scope=self.params.authorization_code.scope,
+                expires=refresh_token_expiry,
+                provider=self.provider,
+                auth_time=self.params.authorization_code.auth_time,
+                session_id=self.params.authorization_code.session_id,
+            )
+            id_token = IDToken.new(
+                self.provider,
+                refresh_token,
+                self.request,
+            )
+            id_token.nonce = self.params.authorization_code.nonce
+            id_token.at_hash = access_token.at_hash
+            refresh_token.id_token = id_token
+            refresh_token.save()
+            response["refresh_token"] = refresh_token.token
+
+        # Delete old code
+        self.params.authorization_code.delete()
+        return response
+
     def create_refresh_response(self) -> dict[str, Any]:
         """See https://datatracker.ietf.org/doc/html/rfc6749#section-6"""
         unauthorized_scopes = set(self.params.scope) - set(self.params.refresh_token.scope)
         if unauthorized_scopes:
             raise TokenError("invalid_scope")
+        if SCOPE_OFFLINE_ACCESS not in self.params.scope:
+            raise TokenError("invalid_scope")
         now = timezone.now()
         access_token_expiry = now + timedelta_from_string(self.provider.access_token_validity)
         access_token = AccessToken(
@@ -539,6 +549,7 @@ class TokenView(View):
             # Keep same scopes as previous token
             scope=self.params.refresh_token.scope,
             auth_time=self.params.refresh_token.auth_time,
+            session_id=self.params.refresh_token.session_id,
         )
         access_token.id_token = IDToken.new(
             self.provider,
@@ -554,6 +565,7 @@ class TokenView(View):
             expires=refresh_token_expiry,
             provider=self.provider,
             auth_time=self.params.refresh_token.auth_time,
+            session_id=self.params.refresh_token.session_id,
         )
         id_token = IDToken.new(
             self.provider,
@@ -626,31 +638,34 @@ class TokenView(View):
         )
         access_token.save()
 
-        refresh_token_expiry = now + timedelta_from_string(self.provider.refresh_token_validity)
-        refresh_token = RefreshToken(
-            user=self.params.device_code.user,
-            scope=self.params.device_code.scope,
-            expires=refresh_token_expiry,
-            provider=self.provider,
-            auth_time=auth_event.created if auth_event else now,
-        )
-        id_token = IDToken.new(
-            self.provider,
-            refresh_token,
-            self.request,
-        )
-        id_token.at_hash = access_token.at_hash
-        refresh_token.id_token = id_token
-        refresh_token.save()
-
-        # Delete device code
-        self.params.device_code.delete()
-        return {
+        response = {
             "access_token": access_token.token,
-            "refresh_token": refresh_token.token,
             "token_type": TOKEN_TYPE,
             "expires_in": int(
                 timedelta_from_string(self.provider.access_token_validity).total_seconds()
             ),
-            "id_token": id_token.to_jwt(self.provider),
+            "id_token": access_token.id_token.to_jwt(self.provider),
         }
+
+        if SCOPE_OFFLINE_ACCESS in self.params.scope:
+            refresh_token_expiry = now + timedelta_from_string(self.provider.refresh_token_validity)
+            refresh_token = RefreshToken(
+                user=self.params.device_code.user,
+                scope=self.params.device_code.scope,
+                expires=refresh_token_expiry,
+                provider=self.provider,
+                auth_time=auth_event.created if auth_event else now,
+            )
+            id_token = IDToken.new(
+                self.provider,
+                refresh_token,
+                self.request,
+            )
+            id_token.at_hash = access_token.at_hash
+            refresh_token.id_token = id_token
+            refresh_token.save()
+            response["refresh_token"] = refresh_token.token
+
+        # Delete device code
+        self.params.device_code.delete()
+        return response
diff --git a/authentik/providers/proxy/tasks.py b/authentik/providers/proxy/tasks.py
index aec8e669a..1496ff6ec 100644
--- a/authentik/providers/proxy/tasks.py
+++ b/authentik/providers/proxy/tasks.py
@@ -1,4 +1,6 @@
 """proxy provider tasks"""
+from hashlib import sha256
+
 from asgiref.sync import async_to_sync
 from channels.layers import get_channel_layer
 from django.db import DatabaseError, InternalError, ProgrammingError
@@ -23,6 +25,7 @@ def proxy_set_defaults():
 def proxy_on_logout(session_id: str):
     """Update outpost instances connected to a single outpost"""
     layer = get_channel_layer()
+    hashed_session_id = sha256(session_id.encode("ascii")).hexdigest()
     for outpost in Outpost.objects.filter(type=OutpostType.PROXY):
         group = OUTPOST_GROUP % {"outpost_pk": str(outpost.pk)}
         async_to_sync(layer.group_send)(
@@ -30,6 +33,6 @@ def proxy_on_logout(session_id: str):
             {
                 "type": "event.provider.specific",
                 "sub_type": "logout",
-                "session_id": session_id,
+                "session_id": hashed_session_id,
             },
         )
diff --git a/authentik/providers/scim/api/providers.py b/authentik/providers/scim/api/providers.py
index 546e62e65..ddca8cfef 100644
--- a/authentik/providers/scim/api/providers.py
+++ b/authentik/providers/scim/api/providers.py
@@ -2,6 +2,7 @@
 from django.utils.text import slugify
 from drf_spectacular.utils import OpenApiResponse, extend_schema
 from rest_framework.decorators import action
+from rest_framework.fields import BooleanField
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.viewsets import ModelViewSet
@@ -9,6 +10,7 @@ from rest_framework.viewsets import ModelViewSet
 from authentik.admin.api.tasks import TaskSerializer
 from authentik.core.api.providers import ProviderSerializer
 from authentik.core.api.used_by import UsedByMixin
+from authentik.core.api.utils import PassiveSerializer
 from authentik.events.monitored_tasks import TaskInfo
 from authentik.providers.scim.models import SCIMProvider
 
@@ -37,6 +39,13 @@ class SCIMProviderSerializer(ProviderSerializer):
         extra_kwargs = {}
 
 
+class SCIMSyncStatusSerializer(PassiveSerializer):
+    """SCIM Provider sync status"""
+
+    is_running = BooleanField(read_only=True)
+    tasks = TaskSerializer(many=True, read_only=True)
+
+
 class SCIMProviderViewSet(UsedByMixin, ModelViewSet):
     """SCIMProvider Viewset"""
 
@@ -48,15 +57,18 @@ class SCIMProviderViewSet(UsedByMixin, ModelViewSet):
 
     @extend_schema(
         responses={
-            200: TaskSerializer(),
+            200: SCIMSyncStatusSerializer(),
             404: OpenApiResponse(description="Task not found"),
         }
     )
     @action(methods=["GET"], detail=True, pagination_class=None, filter_backends=[])
     def sync_status(self, request: Request, pk: int) -> Response:
         """Get provider's sync status"""
-        provider = self.get_object()
+        provider: SCIMProvider = self.get_object()
         task = TaskInfo.by_name(f"scim_sync:{slugify(provider.name)}")
-        if not task:
-            return Response(status=404)
-        return Response(TaskSerializer(task).data)
+        tasks = [task] if task else []
+        status = {
+            "tasks": tasks,
+            "is_running": provider.sync_lock.locked(),
+        }
+        return Response(SCIMSyncStatusSerializer(status).data)
diff --git a/authentik/providers/scim/clients/__init__.py b/authentik/providers/scim/clients/__init__.py
index a57539f67..0e2e573b5 100644
--- a/authentik/providers/scim/clients/__init__.py
+++ b/authentik/providers/scim/clients/__init__.py
@@ -1,2 +1,3 @@
 """SCIM constants"""
 PAGE_SIZE = 100
+PAGE_TIMEOUT = 60 * 60 * 0.5  # Half an hour
diff --git a/authentik/providers/scim/models.py b/authentik/providers/scim/models.py
index ac27288f3..b43a59375 100644
--- a/authentik/providers/scim/models.py
+++ b/authentik/providers/scim/models.py
@@ -1,11 +1,14 @@
 """SCIM Provider models"""
+from django.core.cache import cache
 from django.db import models
 from django.db.models import QuerySet
 from django.utils.translation import gettext_lazy as _
 from guardian.shortcuts import get_anonymous_user
+from redis.lock import Lock
 from rest_framework.serializers import Serializer
 
 from authentik.core.models import BackchannelProvider, Group, PropertyMapping, User, UserTypes
+from authentik.providers.scim.clients import PAGE_TIMEOUT
 
 
 class SCIMProvider(BackchannelProvider):
@@ -27,6 +30,15 @@ class SCIMProvider(BackchannelProvider):
         help_text=_("Property mappings used for group creation/updating."),
     )
 
+    @property
+    def sync_lock(self) -> Lock:
+        """Redis lock for syncing SCIM to prevent multiple parallel syncs happening"""
+        return Lock(
+            cache.client.get_client(),
+            name=f"goauthentik.io/providers/scim/sync-{str(self.pk)}",
+            timeout=(60 * 60 * PAGE_TIMEOUT) * 3,
+        )
+
     def get_user_qs(self) -> QuerySet[User]:
         """Get queryset of all users with consistent ordering
         according to the provider's settings"""
diff --git a/authentik/providers/scim/tasks.py b/authentik/providers/scim/tasks.py
index f7639c89f..7b16b293e 100644
--- a/authentik/providers/scim/tasks.py
+++ b/authentik/providers/scim/tasks.py
@@ -12,7 +12,7 @@ from structlog.stdlib import get_logger
 from authentik.core.models import Group, User
 from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
 from authentik.lib.utils.reflection import path_to_class
-from authentik.providers.scim.clients import PAGE_SIZE
+from authentik.providers.scim.clients import PAGE_SIZE, PAGE_TIMEOUT
 from authentik.providers.scim.clients.base import SCIMClient
 from authentik.providers.scim.clients.exceptions import SCIMRequestException, StopSync
 from authentik.providers.scim.clients.group import SCIMGroupClient
@@ -47,12 +47,19 @@ def scim_sync(self: MonitoredTask, provider_pk: int) -> None:
     ).first()
     if not provider:
         return
+    lock = provider.sync_lock
+    if lock.locked():
+        LOGGER.debug("SCIM sync locked, skipping task", source=provider.name)
+        return
     self.set_uid(slugify(provider.name))
     result = TaskResult(TaskResultStatus.SUCCESSFUL, [])
     result.messages.append(_("Starting full SCIM sync"))
     LOGGER.debug("Starting SCIM sync")
     users_paginator = Paginator(provider.get_user_qs(), PAGE_SIZE)
     groups_paginator = Paginator(provider.get_group_qs(), PAGE_SIZE)
+    self.soft_time_limit = self.time_limit = (
+        users_paginator.count + groups_paginator.count
+    ) * PAGE_TIMEOUT
     with allow_join_result():
         try:
             for page in users_paginator.page_range:
@@ -69,7 +76,10 @@ def scim_sync(self: MonitoredTask, provider_pk: int) -> None:
     self.set_status(result)
 
 
-@CELERY_APP.task()
+@CELERY_APP.task(
+    soft_time_limit=PAGE_TIMEOUT,
+    task_time_limit=PAGE_TIMEOUT,
+)
 def scim_sync_users(page: int, provider_pk: int):
     """Sync single or multiple users to SCIM"""
     messages = []
diff --git a/authentik/providers/scim/tests/test_membership.py b/authentik/providers/scim/tests/test_membership.py
index f2bbc74c5..8c792d0cc 100644
--- a/authentik/providers/scim/tests/test_membership.py
+++ b/authentik/providers/scim/tests/test_membership.py
@@ -93,7 +93,7 @@ class SCIMMembershipTests(TestCase):
                     "emails": [],
                     "active": True,
                     "externalId": user.uid,
-                    "name": {"familyName": "", "formatted": "", "givenName": ""},
+                    "name": {"familyName": " ", "formatted": " ", "givenName": ""},
                     "displayName": "",
                     "userName": user.username,
                 },
@@ -184,7 +184,7 @@ class SCIMMembershipTests(TestCase):
                     "displayName": "",
                     "emails": [],
                     "externalId": user.uid,
-                    "name": {"familyName": "", "formatted": "", "givenName": ""},
+                    "name": {"familyName": " ", "formatted": " ", "givenName": ""},
                     "userName": user.username,
                 },
             )
diff --git a/authentik/providers/scim/tests/test_user.py b/authentik/providers/scim/tests/test_user.py
index 36377b925..b9eb46f37 100644
--- a/authentik/providers/scim/tests/test_user.py
+++ b/authentik/providers/scim/tests/test_user.py
@@ -57,7 +57,7 @@ class SCIMUserTests(TestCase):
         uid = generate_id()
         user = User.objects.create(
             username=uid,
-            name=uid,
+            name=f"{uid} {uid}",
             email=f"{uid}@goauthentik.io",
         )
         self.assertEqual(mock.call_count, 2)
@@ -77,11 +77,11 @@ class SCIMUserTests(TestCase):
                 ],
                 "externalId": user.uid,
                 "name": {
-                    "familyName": "",
-                    "formatted": uid,
+                    "familyName": uid,
+                    "formatted": f"{uid} {uid}",
                     "givenName": uid,
                 },
-                "displayName": uid,
+                "displayName": f"{uid} {uid}",
                 "userName": uid,
             },
         )
@@ -110,7 +110,7 @@ class SCIMUserTests(TestCase):
         uid = generate_id()
         user = User.objects.create(
             username=uid,
-            name=uid,
+            name=f"{uid} {uid}",
             email=f"{uid}@goauthentik.io",
         )
         self.assertEqual(mock.call_count, 2)
@@ -131,11 +131,11 @@ class SCIMUserTests(TestCase):
                         "value": f"{uid}@goauthentik.io",
                     }
                 ],
-                "displayName": uid,
+                "displayName": f"{uid} {uid}",
                 "externalId": user.uid,
                 "name": {
-                    "familyName": "",
-                    "formatted": uid,
+                    "familyName": uid,
+                    "formatted": f"{uid} {uid}",
                     "givenName": uid,
                 },
                 "userName": uid,
@@ -166,7 +166,7 @@ class SCIMUserTests(TestCase):
         uid = generate_id()
         user = User.objects.create(
             username=uid,
-            name=uid,
+            name=f"{uid} {uid}",
             email=f"{uid}@goauthentik.io",
         )
         self.assertEqual(mock.call_count, 2)
@@ -186,11 +186,11 @@ class SCIMUserTests(TestCase):
                 ],
                 "externalId": user.uid,
                 "name": {
-                    "familyName": "",
-                    "formatted": uid,
+                    "familyName": uid,
+                    "formatted": f"{uid} {uid}",
                     "givenName": uid,
                 },
-                "displayName": uid,
+                "displayName": f"{uid} {uid}",
                 "userName": uid,
             },
         )
@@ -230,7 +230,7 @@ class SCIMUserTests(TestCase):
         )
         user = User.objects.create(
             username=uid,
-            name=uid,
+            name=f"{uid} {uid}",
             email=f"{uid}@goauthentik.io",
         )
 
@@ -254,11 +254,11 @@ class SCIMUserTests(TestCase):
                 ],
                 "externalId": user.uid,
                 "name": {
-                    "familyName": "",
-                    "formatted": uid,
+                    "familyName": uid,
+                    "formatted": f"{uid} {uid}",
                     "givenName": uid,
                 },
-                "displayName": uid,
+                "displayName": f"{uid} {uid}",
                 "userName": uid,
             },
         )
diff --git a/authentik/rbac/api/rbac_roles.py b/authentik/rbac/api/rbac_roles.py
index 1c48169a2..1ef13c115 100644
--- a/authentik/rbac/api/rbac_roles.py
+++ b/authentik/rbac/api/rbac_roles.py
@@ -24,7 +24,10 @@ class ExtraRoleObjectPermissionSerializer(RoleObjectPermissionSerializer):
 
     def get_app_label_verbose(self, instance: GroupObjectPermission) -> str:
         """Get app label from permission's model"""
-        return apps.get_app_config(instance.content_type.app_label).verbose_name
+        try:
+            return apps.get_app_config(instance.content_type.app_label).verbose_name
+        except LookupError:
+            return instance.content_type.app_label
 
     def get_model_verbose(self, instance: GroupObjectPermission) -> str:
         """Get model label from permission's model"""
diff --git a/authentik/rbac/api/rbac_users.py b/authentik/rbac/api/rbac_users.py
index 636b327f3..6de2e8bce 100644
--- a/authentik/rbac/api/rbac_users.py
+++ b/authentik/rbac/api/rbac_users.py
@@ -24,7 +24,10 @@ class ExtraUserObjectPermissionSerializer(UserObjectPermissionSerializer):
 
     def get_app_label_verbose(self, instance: UserObjectPermission) -> str:
         """Get app label from permission's model"""
-        return apps.get_app_config(instance.content_type.app_label).verbose_name
+        try:
+            return apps.get_app_config(instance.content_type.app_label).verbose_name
+        except LookupError:
+            return instance.content_type.app_label
 
     def get_model_verbose(self, instance: UserObjectPermission) -> str:
         """Get model label from permission's model"""
diff --git a/authentik/root/middleware.py b/authentik/root/middleware.py
index 8f97c3c9e..ba5465d4f 100644
--- a/authentik/root/middleware.py
+++ b/authentik/root/middleware.py
@@ -2,7 +2,7 @@
 from hashlib import sha512
 from time import time
 from timeit import default_timer
-from typing import Callable
+from typing import Any, Callable, Optional
 
 from django.conf import settings
 from django.contrib.sessions.backends.base import UpdateError
@@ -15,9 +15,10 @@ from django.middleware.csrf import CsrfViewMiddleware as UpstreamCsrfViewMiddlew
 from django.utils.cache import patch_vary_headers
 from django.utils.http import http_date
 from jwt import PyJWTError, decode, encode
+from sentry_sdk.hub import Hub
 from structlog.stdlib import get_logger
 
-from authentik.lib.utils.http import get_client_ip
+from authentik.core.models import Token, TokenIntents, User, UserTypes
 
 LOGGER = get_logger("authentik.asgi")
 ACR_AUTHENTIK_SESSION = "goauthentik.io/core/default"
@@ -55,7 +56,7 @@ class SessionMiddleware(UpstreamSessionMiddleware):
             pass
         return session_key
 
-    def process_request(self, request):
+    def process_request(self, request: HttpRequest):
         raw_session = request.COOKIES.get(settings.SESSION_COOKIE_NAME)
         session_key = SessionMiddleware.decode_session_key(raw_session)
         request.session = self.SessionStore(session_key)
@@ -156,6 +157,111 @@ class CsrfViewMiddleware(UpstreamCsrfViewMiddleware):
             patch_vary_headers(response, ("Cookie",))
 
 
+class ClientIPMiddleware:
+    """Set a "known-good" client IP on the request, by default based off of x-forwarded-for
+    which is set by the go proxy, but also allowing the remote IP to be overridden by an outpost
+    for protocols like LDAP"""
+
+    get_response: Callable[[HttpRequest], HttpResponse]
+    outpost_remote_ip_header = "HTTP_X_AUTHENTIK_REMOTE_IP"
+    outpost_token_header = "HTTP_X_AUTHENTIK_OUTPOST_TOKEN"  # nosec
+    default_ip = "255.255.255.255"
+
+    request_attr_client_ip = "client_ip"
+    request_attr_outpost_user = "outpost_user"
+
+    def __init__(self, get_response: Callable[[HttpRequest], HttpResponse]):
+        self.get_response = get_response
+
+    def _get_client_ip_from_meta(self, meta: dict[str, Any]) -> str:
+        """Attempt to get the client's IP by checking common HTTP Headers.
+        Returns none if no IP Could be found
+
+        No additional validation is done here as requests are expected to only arrive here
+        via the go proxy, which deals with validating these headers for us"""
+        headers = (
+            "HTTP_X_FORWARDED_FOR",
+            "REMOTE_ADDR",
+        )
+        for _header in headers:
+            if _header in meta:
+                ips: list[str] = meta.get(_header).split(",")
+                return ips[0].strip()
+        return self.default_ip
+
+    # FIXME: this should probably not be in `root` but rather in a middleware in `outposts`
+    # but for now it's fine
+    def _get_outpost_override_ip(self, request: HttpRequest) -> Optional[str]:
+        """Get the actual remote IP when set by an outpost. Only
+        allowed when the request is authenticated, by an outpost internal service account"""
+        if (
+            self.outpost_remote_ip_header not in request.META
+            or self.outpost_token_header not in request.META
+        ):
+            return None
+        delegated_ip = request.META[self.outpost_remote_ip_header]
+        token = (
+            Token.filter_not_expired(
+                key=request.META.get(self.outpost_token_header), intent=TokenIntents.INTENT_API
+            )
+            .select_related("user")
+            .first()
+        )
+        if not token:
+            LOGGER.warning("Attempted remote-ip override without token", delegated_ip=delegated_ip)
+            return None
+        user: User = token.user
+        if user.type != UserTypes.INTERNAL_SERVICE_ACCOUNT:
+            LOGGER.warning(
+                "Remote-IP override: user doesn't have permission",
+                user=user,
+                delegated_ip=delegated_ip,
+            )
+            return None
+        # Update sentry scope to include correct IP
+        user = Hub.current.scope._user
+        if not user:
+            user = {}
+        user["ip_address"] = delegated_ip
+        Hub.current.scope.set_user(user)
+        # Set the outpost service account on the request
+        setattr(request, self.request_attr_outpost_user, user)
+        return delegated_ip
+
+    def _get_client_ip(self, request: Optional[HttpRequest]) -> str:
+        """Attempt to get the client's IP by checking common HTTP Headers.
+        Returns none if no IP Could be found"""
+        if not request:
+            return self.default_ip
+        override = self._get_outpost_override_ip(request)
+        if override:
+            return override
+        return self._get_client_ip_from_meta(request.META)
+
+    @staticmethod
+    def get_outpost_user(request: HttpRequest) -> Optional[User]:
+        """Get outpost user that authenticated this request"""
+        return getattr(request, ClientIPMiddleware.request_attr_outpost_user, None)
+
+    @staticmethod
+    def get_client_ip(request: HttpRequest) -> str:
+        """Get correct client IP, including any overrides from outposts that
+        have the permission to do so"""
+        if request and not hasattr(request, ClientIPMiddleware.request_attr_client_ip):
+            ClientIPMiddleware(lambda request: request).set_ip(request)
+        return getattr(
+            request, ClientIPMiddleware.request_attr_client_ip, ClientIPMiddleware.default_ip
+        )
+
+    def set_ip(self, request: HttpRequest):
+        """Set the IP"""
+        setattr(request, self.request_attr_client_ip, self._get_client_ip(request))
+
+    def __call__(self, request: HttpRequest) -> HttpResponse:
+        self.set_ip(request)
+        return self.get_response(request)
+
+
 class ChannelsLoggingMiddleware:
     """Logging middleware for channels"""
 
@@ -191,7 +297,7 @@ class LoggingMiddleware:
         response = self.get_response(request)
         status_code = response.status_code
         kwargs = {
-            "request_id": request.request_id,
+            "request_id": getattr(request, "request_id", None),
         }
         kwargs.update(getattr(response, "ak_context", {}))
         self.log(request, status_code, int((default_timer() - start) * 1000), **kwargs)
@@ -201,7 +307,7 @@ class LoggingMiddleware:
         """Log request"""
         LOGGER.info(
             request.get_full_path(),
-            remote=get_client_ip(request),
+            remote=ClientIPMiddleware.get_client_ip(request),
             method=request.method,
             scheme=request.scheme,
             status=status_code,
diff --git a/authentik/root/sessions/__init__.py b/authentik/root/sessions/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/authentik/root/sessions/pickle.py b/authentik/root/sessions/pickle.py
new file mode 100644
index 000000000..94c7f6fc0
--- /dev/null
+++ b/authentik/root/sessions/pickle.py
@@ -0,0 +1,22 @@
+"""
+Module for abstract serializer/unserializer base classes.
+"""
+import pickle  # nosec
+
+
+class PickleSerializer:
+    """
+    Simple wrapper around pickle to be used in signing.dumps()/loads() and
+    cache backends.
+    """
+
+    def __init__(self, protocol=None):
+        self.protocol = pickle.HIGHEST_PROTOCOL if protocol is None else protocol
+
+    def dumps(self, obj):
+        """Pickle data to be stored in redis"""
+        return pickle.dumps(obj, self.protocol)
+
+    def loads(self, data):
+        """Unpickle data to be loaded from redis"""
+        return pickle.loads(data)  # nosec
diff --git a/authentik/root/settings.py b/authentik/root/settings.py
index 634e1bba8..87d4bde9f 100644
--- a/authentik/root/settings.py
+++ b/authentik/root/settings.py
@@ -138,6 +138,7 @@ SPECTACULAR_SETTINGS = {
         "EventActions": "authentik.events.models.EventAction",
         "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes",
         "FlowDesignationEnum": "authentik.flows.models.FlowDesignation",
+        "FlowLayoutEnum": "authentik.flows.models.FlowLayout",
         "PolicyEngineMode": "authentik.policies.models.PolicyEngineMode",
         "ProxyMode": "authentik.providers.proxy.models.ProxyMode",
         "PromptTypeEnum": "authentik.stages.prompt.models.FieldTypes",
@@ -204,7 +205,7 @@ DJANGO_REDIS_SCAN_ITERSIZE = 1000
 DJANGO_REDIS_IGNORE_EXCEPTIONS = True
 DJANGO_REDIS_LOG_IGNORED_EXCEPTIONS = True
 SESSION_ENGINE = "django.contrib.sessions.backends.cache"
-SESSION_SERIALIZER = "django.contrib.sessions.serializers.PickleSerializer"
+SESSION_SERIALIZER = "authentik.root.sessions.pickle.PickleSerializer"
 SESSION_CACHE_ALIAS = "default"
 # Configured via custom SessionMiddleware
 # SESSION_COOKIE_SAMESITE = "None"
@@ -216,7 +217,8 @@ MESSAGE_STORAGE = "authentik.root.messages.storage.ChannelsStorage"
 MIDDLEWARE = [
     "authentik.root.middleware.LoggingMiddleware",
     "django_prometheus.middleware.PrometheusBeforeMiddleware",
-    "authentik.root.middleware.SessionMiddleware",
+    "authentik.root.middleware.ClientIPMiddleware",
+    "authentik.stages.user_login.middleware.BoundSessionMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "authentik.core.middleware.RequestIDMiddleware",
     "authentik.tenants.middleware.TenantMiddleware",
@@ -277,6 +279,9 @@ DATABASES = {
         "SSLROOTCERT": CONFIG.get("postgresql.sslrootcert"),
         "SSLCERT": CONFIG.get("postgresql.sslcert"),
         "SSLKEY": CONFIG.get("postgresql.sslkey"),
+        "TEST": {
+            "NAME": CONFIG.get("postgresql.test.name"),
+        },
     }
 }
 
diff --git a/authentik/root/test_runner.py b/authentik/root/test_runner.py
index b2bf7a3d7..d1e50bad4 100644
--- a/authentik/root/test_runner.py
+++ b/authentik/root/test_runner.py
@@ -32,17 +32,17 @@ class PytestTestRunner(DiscoverRunner):  # pragma: no cover
         settings.TEST = True
         settings.CELERY["task_always_eager"] = True
         CONFIG.set("avatars", "none")
-        CONFIG.set("geoip", "tests/GeoLite2-City-Test.mmdb")
+        CONFIG.set("events.context_processors.geoip", "tests/GeoLite2-City-Test.mmdb")
+        CONFIG.set("events.context_processors.asn", "tests/GeoLite2-ASN-Test.mmdb")
         CONFIG.set("blueprints_dir", "./blueprints")
         CONFIG.set(
             "outposts.container_image_base",
             f"ghcr.io/goauthentik/dev-%(type)s:{get_docker_tag()}",
         )
         CONFIG.set("error_reporting.sample_rate", 0)
-        sentry_init(
-            environment="testing",
-            send_default_pii=True,
-        )
+        CONFIG.set("error_reporting.environment", "testing")
+        CONFIG.set("error_reporting.send_pii", True)
+        sentry_init()
 
     @classmethod
     def add_arguments(cls, parser: ArgumentParser):
diff --git a/authentik/sources/ldap/password.py b/authentik/sources/ldap/password.py
index d4e0dff4e..0593b2078 100644
--- a/authentik/sources/ldap/password.py
+++ b/authentik/sources/ldap/password.py
@@ -4,7 +4,11 @@ from re import split
 from typing import Optional
 
 from ldap3 import BASE
-from ldap3.core.exceptions import LDAPAttributeError, LDAPUnwillingToPerformResult
+from ldap3.core.exceptions import (
+    LDAPAttributeError,
+    LDAPNoSuchAttributeResult,
+    LDAPUnwillingToPerformResult,
+)
 from structlog.stdlib import get_logger
 
 from authentik.core.models import User
@@ -97,7 +101,7 @@ class LDAPPasswordChanger:
             return
         try:
             self._connection.extend.microsoft.modify_password(user_dn, password)
-        except (LDAPAttributeError, LDAPUnwillingToPerformResult):
+        except (LDAPAttributeError, LDAPUnwillingToPerformResult, LDAPNoSuchAttributeResult):
             self._connection.extend.standard.modify_password(user_dn, new_password=password)
 
     def _ad_check_password_existing(self, password: str, user_dn: str) -> bool:
diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py
index a17bc6b03..08b676de5 100644
--- a/authentik/sources/oauth/api/source.py
+++ b/authentik/sources/oauth/api/source.py
@@ -99,7 +99,9 @@ class OAuthSourceSerializer(SourceSerializer):
         ]:
             if getattr(provider_type, url, None) is None:
                 if url not in attrs:
-                    raise ValidationError(f"{url} is required for provider {provider_type.name}")
+                    raise ValidationError(
+                        f"{url} is required for provider {provider_type.verbose_name}"
+                    )
         return attrs
 
     class Meta:
diff --git a/authentik/sources/oauth/types/apple.py b/authentik/sources/oauth/types/apple.py
index 2e0cc8f85..5ead5bdbd 100644
--- a/authentik/sources/oauth/types/apple.py
+++ b/authentik/sources/oauth/types/apple.py
@@ -104,8 +104,8 @@ class AppleType(SourceType):
 
     callback_view = AppleOAuth2Callback
     redirect_view = AppleOAuthRedirect
-    name = "Apple"
-    slug = "apple"
+    verbose_name = "Apple"
+    name = "apple"
 
     authorization_url = "https://appleid.apple.com/auth/authorize"
     access_token_url = "https://appleid.apple.com/auth/token"  # nosec
diff --git a/authentik/sources/oauth/types/azure_ad.py b/authentik/sources/oauth/types/azure_ad.py
index 39c744843..ec57640d1 100644
--- a/authentik/sources/oauth/types/azure_ad.py
+++ b/authentik/sources/oauth/types/azure_ad.py
@@ -4,8 +4,8 @@ from typing import Any
 from structlog.stdlib import get_logger
 
 from authentik.sources.oauth.clients.oauth2 import UserprofileHeaderAuthClient
+from authentik.sources.oauth.types.oidc import OpenIDConnectOAuth2Callback
 from authentik.sources.oauth.types.registry import SourceType, registry
-from authentik.sources.oauth.views.callback import OAuthCallback
 from authentik.sources.oauth.views.redirect import OAuthRedirect
 
 LOGGER = get_logger()
@@ -20,7 +20,7 @@ class AzureADOAuthRedirect(OAuthRedirect):
         }
 
 
-class AzureADOAuthCallback(OAuthCallback):
+class AzureADOAuthCallback(OpenIDConnectOAuth2Callback):
     """AzureAD OAuth2 Callback"""
 
     client_class = UserprofileHeaderAuthClient
@@ -43,14 +43,14 @@ class AzureADType(SourceType):
 
     callback_view = AzureADOAuthCallback
     redirect_view = AzureADOAuthRedirect
-    name = "Azure AD"
-    slug = "azuread"
+    verbose_name = "Azure AD"
+    name = "azuread"
 
     urls_customizable = True
 
     authorization_url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
     access_token_url = "https://login.microsoftonline.com/common/oauth2/v2.0/token"  # nosec
-    profile_url = "https://graph.microsoft.com/v1.0/me"
+    profile_url = "https://login.microsoftonline.com/common/openid/userinfo"
     oidc_well_known_url = (
         "https://login.microsoftonline.com/common/.well-known/openid-configuration"
     )
diff --git a/authentik/sources/oauth/types/discord.py b/authentik/sources/oauth/types/discord.py
index 10c461f5a..4fb34c672 100644
--- a/authentik/sources/oauth/types/discord.py
+++ b/authentik/sources/oauth/types/discord.py
@@ -36,8 +36,8 @@ class DiscordType(SourceType):
 
     callback_view = DiscordOAuth2Callback
     redirect_view = DiscordOAuthRedirect
-    name = "Discord"
-    slug = "discord"
+    verbose_name = "Discord"
+    name = "discord"
 
     authorization_url = "https://discord.com/api/oauth2/authorize"
     access_token_url = "https://discord.com/api/oauth2/token"  # nosec
diff --git a/authentik/sources/oauth/types/facebook.py b/authentik/sources/oauth/types/facebook.py
index 9176afeb5..69893298b 100644
--- a/authentik/sources/oauth/types/facebook.py
+++ b/authentik/sources/oauth/types/facebook.py
@@ -48,8 +48,8 @@ class FacebookType(SourceType):
 
     callback_view = FacebookOAuth2Callback
     redirect_view = FacebookOAuthRedirect
-    name = "Facebook"
-    slug = "facebook"
+    verbose_name = "Facebook"
+    name = "facebook"
 
     authorization_url = "https://www.facebook.com/v7.0/dialog/oauth"
     access_token_url = "https://graph.facebook.com/v7.0/oauth/access_token"  # nosec
diff --git a/authentik/sources/oauth/types/github.py b/authentik/sources/oauth/types/github.py
index 327a4ee81..b9e5ed17c 100644
--- a/authentik/sources/oauth/types/github.py
+++ b/authentik/sources/oauth/types/github.py
@@ -68,8 +68,8 @@ class GitHubType(SourceType):
 
     callback_view = GitHubOAuth2Callback
     redirect_view = GitHubOAuthRedirect
-    name = "GitHub"
-    slug = "github"
+    verbose_name = "GitHub"
+    name = "github"
 
     urls_customizable = True
 
diff --git a/authentik/sources/oauth/types/google.py b/authentik/sources/oauth/types/google.py
index 1956aadcd..94b6f7842 100644
--- a/authentik/sources/oauth/types/google.py
+++ b/authentik/sources/oauth/types/google.py
@@ -34,8 +34,8 @@ class GoogleType(SourceType):
 
     callback_view = GoogleOAuth2Callback
     redirect_view = GoogleOAuthRedirect
-    name = "Google"
-    slug = "google"
+    verbose_name = "Google"
+    name = "google"
 
     authorization_url = "https://accounts.google.com/o/oauth2/auth"
     access_token_url = "https://oauth2.googleapis.com/token"  # nosec
diff --git a/authentik/sources/oauth/types/mailcow.py b/authentik/sources/oauth/types/mailcow.py
index 8be201105..8bff86af5 100644
--- a/authentik/sources/oauth/types/mailcow.py
+++ b/authentik/sources/oauth/types/mailcow.py
@@ -63,7 +63,7 @@ class MailcowType(SourceType):
 
     callback_view = MailcowOAuth2Callback
     redirect_view = MailcowOAuthRedirect
-    name = "Mailcow"
-    slug = "mailcow"
+    verbose_name = "Mailcow"
+    name = "mailcow"
 
     urls_customizable = True
diff --git a/authentik/sources/oauth/types/oidc.py b/authentik/sources/oauth/types/oidc.py
index 7ebd24579..4e32f3fee 100644
--- a/authentik/sources/oauth/types/oidc.py
+++ b/authentik/sources/oauth/types/oidc.py
@@ -23,7 +23,7 @@ class OpenIDConnectOAuth2Callback(OAuthCallback):
     client_class = UserprofileHeaderAuthClient
 
     def get_user_id(self, info: dict[str, str]) -> str:
-        return info.get("sub", "")
+        return info.get("sub", None)
 
     def get_user_enroll_context(
         self,
@@ -42,7 +42,7 @@ class OpenIDConnectType(SourceType):
 
     callback_view = OpenIDConnectOAuth2Callback
     redirect_view = OpenIDConnectOAuthRedirect
-    name = "OpenID Connect"
-    slug = "openidconnect"
+    verbose_name = "OpenID Connect"
+    name = "openidconnect"
 
     urls_customizable = True
diff --git a/authentik/sources/oauth/types/okta.py b/authentik/sources/oauth/types/okta.py
index 8a305bce7..1f1f07dc7 100644
--- a/authentik/sources/oauth/types/okta.py
+++ b/authentik/sources/oauth/types/okta.py
@@ -3,8 +3,8 @@ from typing import Any
 
 from authentik.sources.oauth.clients.oauth2 import UserprofileHeaderAuthClient
 from authentik.sources.oauth.models import OAuthSource
+from authentik.sources.oauth.types.oidc import OpenIDConnectOAuth2Callback
 from authentik.sources.oauth.types.registry import SourceType, registry
-from authentik.sources.oauth.views.callback import OAuthCallback
 from authentik.sources.oauth.views.redirect import OAuthRedirect
 
 
@@ -17,7 +17,7 @@ class OktaOAuthRedirect(OAuthRedirect):
         }
 
 
-class OktaOAuth2Callback(OAuthCallback):
+class OktaOAuth2Callback(OpenIDConnectOAuth2Callback):
     """Okta OAuth2 Callback"""
 
     # Okta has the same quirk as azure and throws an error if the access token
@@ -25,9 +25,6 @@ class OktaOAuth2Callback(OAuthCallback):
     # see https://github.com/goauthentik/authentik/issues/1910
     client_class = UserprofileHeaderAuthClient
 
-    def get_user_id(self, info: dict[str, str]) -> str:
-        return info.get("sub", "")
-
     def get_user_enroll_context(
         self,
         info: dict[str, Any],
@@ -45,7 +42,7 @@ class OktaType(SourceType):
 
     callback_view = OktaOAuth2Callback
     redirect_view = OktaOAuthRedirect
-    name = "Okta"
-    slug = "okta"
+    verbose_name = "Okta"
+    name = "okta"
 
     urls_customizable = True
diff --git a/authentik/sources/oauth/types/patreon.py b/authentik/sources/oauth/types/patreon.py
index d02c3d33d..8d11bf27a 100644
--- a/authentik/sources/oauth/types/patreon.py
+++ b/authentik/sources/oauth/types/patreon.py
@@ -43,8 +43,8 @@ class PatreonType(SourceType):
 
     callback_view = PatreonOAuthCallback
     redirect_view = PatreonOAuthRedirect
-    name = "Patreon"
-    slug = "patreon"
+    verbose_name = "Patreon"
+    name = "patreon"
 
     authorization_url = "https://www.patreon.com/oauth2/authorize"
     access_token_url = "https://www.patreon.com/api/oauth2/token"  # nosec
diff --git a/authentik/sources/oauth/types/reddit.py b/authentik/sources/oauth/types/reddit.py
index 1afd0ca06..7d558cbb3 100644
--- a/authentik/sources/oauth/types/reddit.py
+++ b/authentik/sources/oauth/types/reddit.py
@@ -51,8 +51,8 @@ class RedditType(SourceType):
 
     callback_view = RedditOAuth2Callback
     redirect_view = RedditOAuthRedirect
-    name = "Reddit"
-    slug = "reddit"
+    verbose_name = "Reddit"
+    name = "reddit"
 
     authorization_url = "https://www.reddit.com/api/v1/authorize"
     access_token_url = "https://www.reddit.com/api/v1/access_token"  # nosec
diff --git a/authentik/sources/oauth/types/registry.py b/authentik/sources/oauth/types/registry.py
index ae8a5dd0b..99cb87dd5 100644
--- a/authentik/sources/oauth/types/registry.py
+++ b/authentik/sources/oauth/types/registry.py
@@ -28,7 +28,7 @@ class SourceType:
     callback_view = OAuthCallback
     redirect_view = OAuthRedirect
     name: str = "default"
-    slug: str = "default"
+    verbose_name: str = "Default source type"
 
     urls_customizable = False
 
@@ -41,7 +41,7 @@ class SourceType:
 
     def icon_url(self) -> str:
         """Get Icon URL for login"""
-        return static(f"authentik/sources/{self.slug}.svg")
+        return static(f"authentik/sources/{self.name}.svg")
 
     def login_challenge(self, source: OAuthSource, request: HttpRequest) -> Challenge:
         """Allow types to return custom challenges"""
@@ -77,20 +77,20 @@ class SourceTypeRegistry:
 
     def get_name_tuple(self):
         """Get list of tuples of all registered names"""
-        return [(x.slug, x.name) for x in self.__sources]
+        return [(x.name, x.verbose_name) for x in self.__sources]
 
     def find_type(self, type_name: str) -> Type[SourceType]:
         """Find type based on source"""
         found_type = None
         for src_type in self.__sources:
-            if src_type.slug == type_name:
+            if src_type.name == type_name:
                 return src_type
         if not found_type:
             found_type = SourceType
             LOGGER.warning(
                 "no matching type found, using default",
                 wanted=type_name,
-                have=[x.slug for x in self.__sources],
+                have=[x.name for x in self.__sources],
             )
         return found_type
 
diff --git a/authentik/sources/oauth/types/twitch.py b/authentik/sources/oauth/types/twitch.py
index 5fa9fad74..52b8bae0b 100644
--- a/authentik/sources/oauth/types/twitch.py
+++ b/authentik/sources/oauth/types/twitch.py
@@ -3,8 +3,8 @@ from json import dumps
 from typing import Any, Optional
 
 from authentik.sources.oauth.clients.oauth2 import UserprofileHeaderAuthClient
+from authentik.sources.oauth.types.oidc import OpenIDConnectOAuth2Callback
 from authentik.sources.oauth.types.registry import SourceType, registry
-from authentik.sources.oauth.views.callback import OAuthCallback
 from authentik.sources.oauth.views.redirect import OAuthRedirect
 
 
@@ -27,14 +27,11 @@ class TwitchOAuthRedirect(OAuthRedirect):
         }
 
 
-class TwitchOAuth2Callback(OAuthCallback):
+class TwitchOAuth2Callback(OpenIDConnectOAuth2Callback):
     """Twitch OAuth2 Callback"""
 
     client_class = TwitchClient
 
-    def get_user_id(self, info: dict[str, str]) -> str:
-        return info.get("sub", "")
-
     def get_user_enroll_context(
         self,
         info: dict[str, Any],
@@ -52,8 +49,8 @@ class TwitchType(SourceType):
 
     callback_view = TwitchOAuth2Callback
     redirect_view = TwitchOAuthRedirect
-    name = "Twitch"
-    slug = "twitch"
+    verbose_name = "Twitch"
+    name = "twitch"
 
     authorization_url = "https://id.twitch.tv/oauth2/authorize"
     access_token_url = "https://id.twitch.tv/oauth2/token"  # nosec
diff --git a/authentik/sources/oauth/types/twitter.py b/authentik/sources/oauth/types/twitter.py
index dc9909adb..7b75f04ea 100644
--- a/authentik/sources/oauth/types/twitter.py
+++ b/authentik/sources/oauth/types/twitter.py
@@ -66,8 +66,8 @@ class TwitterType(SourceType):
 
     callback_view = TwitterOAuthCallback
     redirect_view = TwitterOAuthRedirect
-    name = "Twitter"
-    slug = "twitter"
+    verbose_name = "Twitter"
+    name = "twitter"
 
     authorization_url = "https://twitter.com/i/oauth2/authorize"
     access_token_url = "https://api.twitter.com/2/oauth2/token"  # nosec
diff --git a/authentik/stages/authenticator_totp/models.py b/authentik/stages/authenticator_totp/models.py
index e00d39d40..9f4ccacdc 100644
--- a/authentik/stages/authenticator_totp/models.py
+++ b/authentik/stages/authenticator_totp/models.py
@@ -22,8 +22,8 @@ from authentik.stages.authenticator.util import hex_validator, random_hex
 class TOTPDigits(models.TextChoices):
     """OTP Time Digits"""
 
-    SIX = 6, _("6 digits, widely compatible")
-    EIGHT = 8, _("8 digits, not compatible with apps like Google Authenticator")
+    SIX = "6", _("6 digits, widely compatible")
+    EIGHT = "8", _("8 digits, not compatible with apps like Google Authenticator")
 
 
 class AuthenticatorTOTPStage(ConfigurableStage, FriendlyNamedStage, Stage):
diff --git a/authentik/stages/authenticator_validate/challenge.py b/authentik/stages/authenticator_validate/challenge.py
index 3cd43c07b..d883b903a 100644
--- a/authentik/stages/authenticator_validate/challenge.py
+++ b/authentik/stages/authenticator_validate/challenge.py
@@ -7,7 +7,7 @@ from django.http.response import Http404
 from django.shortcuts import get_object_or_404
 from django.utils.translation import gettext as __
 from django.utils.translation import gettext_lazy as _
-from rest_framework.fields import CharField, JSONField
+from rest_framework.fields import CharField
 from rest_framework.serializers import ValidationError
 from structlog.stdlib import get_logger
 from webauthn.authentication.generate_authentication_options import generate_authentication_options
@@ -16,13 +16,13 @@ from webauthn.helpers.base64url_to_bytes import base64url_to_bytes
 from webauthn.helpers.exceptions import InvalidAuthenticationResponse
 from webauthn.helpers.structs import AuthenticationCredential
 
-from authentik.core.api.utils import PassiveSerializer
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 from authentik.core.models import Application, User
 from authentik.core.signals import login_failed
 from authentik.events.models import Event, EventAction
 from authentik.flows.stage import StageView
 from authentik.flows.views.executor import SESSION_KEY_APPLICATION_PRE
-from authentik.lib.utils.http import get_client_ip
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.authenticator import match_token
 from authentik.stages.authenticator.models import Device
 from authentik.stages.authenticator_duo.models import AuthenticatorDuoStage, DuoDevice
@@ -40,7 +40,7 @@ class DeviceChallenge(PassiveSerializer):
 
     device_class = CharField()
     device_uid = CharField()
-    challenge = JSONField()
+    challenge = JSONDictField()
 
 
 def get_challenge_for_device(
@@ -197,7 +197,7 @@ def validate_challenge_duo(device_pk: int, stage_view: StageView, user: User) ->
         response = stage.auth_client().auth(
             "auto",
             user_id=device.duo_user_id,
-            ipaddr=get_client_ip(stage_view.request),
+            ipaddr=ClientIPMiddleware.get_client_ip(stage_view.request),
             type=__(
                 "%(brand_name)s Login request"
                 % {
diff --git a/authentik/stages/authenticator_validate/stage.py b/authentik/stages/authenticator_validate/stage.py
index 4b88041e5..defd55154 100644
--- a/authentik/stages/authenticator_validate/stage.py
+++ b/authentik/stages/authenticator_validate/stage.py
@@ -6,10 +6,10 @@ from typing import Optional
 from django.conf import settings
 from django.http import HttpRequest, HttpResponse
 from jwt import PyJWTError, decode, encode
-from rest_framework.fields import CharField, IntegerField, JSONField, ListField, UUIDField
+from rest_framework.fields import CharField, IntegerField, ListField, UUIDField
 from rest_framework.serializers import ValidationError
 
-from authentik.core.api.utils import PassiveSerializer
+from authentik.core.api.utils import JSONDictField, PassiveSerializer
 from authentik.core.models import User
 from authentik.events.models import Event, EventAction
 from authentik.flows.challenge import ChallengeResponse, ChallengeTypes, WithUserInfoChallenge
@@ -68,7 +68,7 @@ class AuthenticatorValidationChallengeResponse(ChallengeResponse):
     selected_stage = CharField(required=False)
 
     code = CharField(required=False)
-    webauthn = JSONField(required=False)
+    webauthn = JSONDictField(required=False)
     duo = IntegerField(required=False)
     component = CharField(default="ak-stage-authenticator-validate")
 
diff --git a/authentik/stages/authenticator_webauthn/stage.py b/authentik/stages/authenticator_webauthn/stage.py
index 153409879..35d424a00 100644
--- a/authentik/stages/authenticator_webauthn/stage.py
+++ b/authentik/stages/authenticator_webauthn/stage.py
@@ -1,7 +1,7 @@
 """WebAuthn stage"""
 from django.http import HttpRequest, HttpResponse
 from django.http.request import QueryDict
-from rest_framework.fields import CharField, JSONField
+from rest_framework.fields import CharField
 from rest_framework.serializers import ValidationError
 from webauthn.helpers.bytes_to_base64url import bytes_to_base64url
 from webauthn.helpers.exceptions import InvalidRegistrationResponse
@@ -16,6 +16,7 @@ from webauthn.registration.verify_registration_response import (
     verify_registration_response,
 )
 
+from authentik.core.api.utils import JSONDictField
 from authentik.core.models import User
 from authentik.flows.challenge import (
     Challenge,
@@ -33,14 +34,14 @@ SESSION_KEY_WEBAUTHN_CHALLENGE = "authentik/stages/authenticator_webauthn/challe
 class AuthenticatorWebAuthnChallenge(WithUserInfoChallenge):
     """WebAuthn Challenge"""
 
-    registration = JSONField()
+    registration = JSONDictField()
     component = CharField(default="ak-stage-authenticator-webauthn")
 
 
 class AuthenticatorWebAuthnChallengeResponse(ChallengeResponse):
     """WebAuthn Challenge response"""
 
-    response = JSONField()
+    response = JSONDictField()
     component = CharField(default="ak-stage-authenticator-webauthn")
 
     request: HttpRequest
diff --git a/authentik/stages/captcha/stage.py b/authentik/stages/captcha/stage.py
index e6782ef78..e0a8c20d6 100644
--- a/authentik/stages/captcha/stage.py
+++ b/authentik/stages/captcha/stage.py
@@ -12,7 +12,8 @@ from authentik.flows.challenge import (
     WithUserInfoChallenge,
 )
 from authentik.flows.stage import ChallengeStageView
-from authentik.lib.utils.http import get_client_ip, get_http_session
+from authentik.lib.utils.http import get_http_session
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.captcha.models import CaptchaStage
 
 
@@ -42,7 +43,7 @@ class CaptchaChallengeResponse(ChallengeResponse):
                 data={
                     "secret": stage.private_key,
                     "response": token,
-                    "remoteip": get_client_ip(self.stage.request),
+                    "remoteip": ClientIPMiddleware.get_client_ip(self.stage.request),
                 },
             )
             response.raise_for_status()
diff --git a/authentik/stages/email/stage.py b/authentik/stages/email/stage.py
index 0fa36bfbe..160a68e92 100644
--- a/authentik/stages/email/stage.py
+++ b/authentik/stages/email/stage.py
@@ -110,7 +110,7 @@ class EmailStageView(ChallengeStageView):
         try:
             message = TemplateEmailMessage(
                 subject=_(current_stage.subject),
-                to=[email],
+                to=[f"{pending_user.name} <{email}>"],
                 language=pending_user.locale(self.request),
                 template_name=current_stage.template,
                 template_context={
diff --git a/authentik/stages/email/templates/email/account_confirmation.txt b/authentik/stages/email/templates/email/account_confirmation.txt
new file mode 100644
index 000000000..0a1fc70d1
--- /dev/null
+++ b/authentik/stages/email/templates/email/account_confirmation.txt
@@ -0,0 +1,8 @@
+{% load i18n %}{% translate "Welcome!" %}
+
+{% translate "We're excited to have you get started. First, you need to confirm your account. Just open the link below." %}
+
+{{ url }}
+
+-- 
+Powered by goauthentik.io.
diff --git a/authentik/stages/email/templates/email/event_notification.html b/authentik/stages/email/templates/email/event_notification.html
index e34563404..7ca78fc64 100644
--- a/authentik/stages/email/templates/email/event_notification.html
+++ b/authentik/stages/email/templates/email/event_notification.html
@@ -44,7 +44,7 @@
 <tr>
   <td style="padding: 20px; font-size: 12px; color: #212124;" align="center">
     {% blocktranslate with name=source.from %}
-    This email was sent from the notification transport <code>{{name}}</code>.
+    This email was sent from the notification transport <code>{{ name }}</code>.
     {% endblocktranslate %}
   </td>
 </tr>
diff --git a/authentik/stages/email/templates/email/event_notification.txt b/authentik/stages/email/templates/email/event_notification.txt
new file mode 100644
index 000000000..bd7d92896
--- /dev/null
+++ b/authentik/stages/email/templates/email/event_notification.txt
@@ -0,0 +1,18 @@
+{% load authentik_stages_email %}{% load i18n %}{% translate "Dear authentik user," %}
+
+{% translate "The following notification was created:" %}
+
+    {{ body|indent }}
+
+{% if key_value %}
+{% translate "Additional attributes:" %}
+{% for key, value in key_value.items %}
+    {{ key }}: {{ value|indent }}{% endfor %}
+{% endif %}
+
+{% if source %}{% blocktranslate with name=source.from %}
+This email was sent from the notification transport {{ name }}.
+{% endblocktranslate %}{% endif %}
+
+-- 
+Powered by goauthentik.io.
diff --git a/authentik/stages/email/templates/email/password_reset.txt b/authentik/stages/email/templates/email/password_reset.txt
new file mode 100644
index 000000000..0c13ad2f8
--- /dev/null
+++ b/authentik/stages/email/templates/email/password_reset.txt
@@ -0,0 +1,12 @@
+{% load i18n %}{% load humanize %}{% blocktrans with username=user.username %}Hi {{ username }},{% endblocktrans %}
+
+{% blocktrans %}
+You recently requested to change your password for your authentik account. Use the link below to set a new password.
+{% endblocktrans %}
+{{ url }}
+{% blocktrans with expires=expires|naturaltime %}
+If you did not request a password change, please ignore this Email. The link above is valid for {{ expires }}.
+{% endblocktrans %}
+
+-- 
+Powered by goauthentik.io.
diff --git a/authentik/stages/email/templates/email/setup.txt b/authentik/stages/email/templates/email/setup.txt
new file mode 100644
index 000000000..6d0eb0ce0
--- /dev/null
+++ b/authentik/stages/email/templates/email/setup.txt
@@ -0,0 +1,7 @@
+{% load i18n %}authentik Test-Email
+{% blocktrans %}
+This is a test email to inform you, that you've successfully configured authentik emails.
+{% endblocktrans %}
+
+-- 
+Powered by goauthentik.io.
diff --git a/authentik/stages/email/templatetags/authentik_stages_email.py b/authentik/stages/email/templatetags/authentik_stages_email.py
index 7623c6c71..9b3dfb194 100644
--- a/authentik/stages/email/templatetags/authentik_stages_email.py
+++ b/authentik/stages/email/templatetags/authentik_stages_email.py
@@ -29,3 +29,9 @@ def inline_static_binary(path: str) -> str:
             b64content = b64encode(_file.read().encode())
             return f"data:image/{result.suffix};base64,{b64content.decode('utf-8')}"
     return path
+
+
+@register.filter(name="indent")
+def indent_string(val, num_spaces=4):
+    """Intent text by a given amount of spaces"""
+    return val.replace("\n", "\n" + " " * num_spaces)
diff --git a/authentik/stages/email/tests/test_sending.py b/authentik/stages/email/tests/test_sending.py
index 424d474ce..5c67c8842 100644
--- a/authentik/stages/email/tests/test_sending.py
+++ b/authentik/stages/email/tests/test_sending.py
@@ -58,9 +58,11 @@ class TestEmailStageSending(FlowTestCase):
             events = Event.objects.filter(action=EventAction.EMAIL_SENT)
             self.assertEqual(len(events), 1)
             event = events.first()
-            self.assertEqual(event.context["message"], f"Email to {self.user.email} sent")
+            self.assertEqual(
+                event.context["message"], f"Email to {self.user.name} <{self.user.email}> sent"
+            )
             self.assertEqual(event.context["subject"], "authentik")
-            self.assertEqual(event.context["to_email"], [self.user.email])
+            self.assertEqual(event.context["to_email"], [f"{self.user.name} <{self.user.email}>"])
             self.assertEqual(event.context["from_email"], "system@authentik.local")
 
     def test_pending_fake_user(self):
diff --git a/authentik/stages/email/tests/test_stage.py b/authentik/stages/email/tests/test_stage.py
index 853bc2a77..277549937 100644
--- a/authentik/stages/email/tests/test_stage.py
+++ b/authentik/stages/email/tests/test_stage.py
@@ -94,7 +94,7 @@ class TestEmailStage(FlowTestCase):
         self.assertEqual(response.status_code, 200)
         self.assertEqual(len(mail.outbox), 1)
         self.assertEqual(mail.outbox[0].subject, "authentik")
-        self.assertEqual(mail.outbox[0].to, [self.user.email])
+        self.assertEqual(mail.outbox[0].to, [f"{self.user.name} <{self.user.email}>"])
 
     @patch(
         "authentik.stages.email.models.EmailStage.backend_class",
@@ -114,7 +114,7 @@ class TestEmailStage(FlowTestCase):
         self.assertEqual(response.status_code, 200)
         self.assertEqual(len(mail.outbox), 1)
         self.assertEqual(mail.outbox[0].subject, "authentik")
-        self.assertEqual(mail.outbox[0].to, ["foo@bar.baz"])
+        self.assertEqual(mail.outbox[0].to, [f"{self.user.name} <foo@bar.baz>"])
 
     @patch(
         "authentik.stages.email.models.EmailStage.backend_class",
diff --git a/authentik/stages/email/utils.py b/authentik/stages/email/utils.py
index a6edd4609..8f7f702ce 100644
--- a/authentik/stages/email/utils.py
+++ b/authentik/stages/email/utils.py
@@ -4,6 +4,7 @@ from functools import lru_cache
 from pathlib import Path
 
 from django.core.mail import EmailMultiAlternatives
+from django.template.exceptions import TemplateDoesNotExist
 from django.template.loader import render_to_string
 from django.utils import translation
 
@@ -24,9 +25,15 @@ class TemplateEmailMessage(EmailMultiAlternatives):
     """Wrapper around EmailMultiAlternatives with integrated template rendering"""
 
     def __init__(self, template_name=None, template_context=None, language="", **kwargs):
+        super().__init__(**kwargs)
         with translation.override(language):
             html_content = render_to_string(template_name, template_context)
-        super().__init__(**kwargs)
-        self.content_subtype = "html"
+            try:
+                text_content = render_to_string(
+                    template_name.replace("html", "txt"), template_context
+                )
+                self.body = text_content
+            except TemplateDoesNotExist:
+                pass
         self.mixed_subtype = "related"
         self.attach_alternative(html_content, "text/html")
diff --git a/authentik/stages/identification/stage.py b/authentik/stages/identification/stage.py
index 568030af8..b71792ff6 100644
--- a/authentik/stages/identification/stage.py
+++ b/authentik/stages/identification/stage.py
@@ -26,8 +26,8 @@ from authentik.flows.models import FlowDesignation
 from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
 from authentik.flows.stage import PLAN_CONTEXT_PENDING_USER_IDENTIFIER, ChallengeStageView
 from authentik.flows.views.executor import SESSION_KEY_APPLICATION_PRE, SESSION_KEY_GET
-from authentik.lib.utils.http import get_client_ip
 from authentik.lib.utils.urls import reverse_with_qs
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.sources.oauth.types.apple import AppleLoginChallenge
 from authentik.sources.plex.models import PlexAuthenticationChallenge
 from authentik.stages.identification.models import IdentificationStage
@@ -103,7 +103,7 @@ class IdentificationChallengeResponse(ChallengeResponse):
             self.stage.logger.info(
                 "invalid_login",
                 identifier=uid_field,
-                client_ip=get_client_ip(self.stage.request),
+                client_ip=ClientIPMiddleware.get_client_ip(self.stage.request),
                 action="invalid_identifier",
                 context={
                     "stage": sanitize_item(self.stage),
diff --git a/authentik/stages/invitation/api.py b/authentik/stages/invitation/api.py
index f064664b5..827662d53 100644
--- a/authentik/stages/invitation/api.py
+++ b/authentik/stages/invitation/api.py
@@ -1,13 +1,12 @@
 """Invitation Stage API Views"""
 from django_filters.filters import BooleanFilter
 from django_filters.filterset import FilterSet
-from rest_framework.fields import JSONField
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet
 
 from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
-from authentik.core.api.utils import is_dict
+from authentik.core.api.utils import JSONDictField
 from authentik.flows.api.flows import FlowSerializer
 from authentik.flows.api.stages import StageSerializer
 from authentik.stages.invitation.models import Invitation, InvitationStage
@@ -47,7 +46,7 @@ class InvitationSerializer(ModelSerializer):
     """Invitation Serializer"""
 
     created_by = GroupMemberSerializer(read_only=True)
-    fixed_data = JSONField(validators=[is_dict], required=False)
+    fixed_data = JSONDictField(required=False)
     flow_obj = FlowSerializer(read_only=True, required=False, source="flow")
 
     class Meta:
diff --git a/authentik/stages/user_login/api.py b/authentik/stages/user_login/api.py
index c0acc8d5c..dad5f777c 100644
--- a/authentik/stages/user_login/api.py
+++ b/authentik/stages/user_login/api.py
@@ -15,6 +15,8 @@ class UserLoginStageSerializer(StageSerializer):
             "session_duration",
             "terminate_other_sessions",
             "remember_me_offset",
+            "network_binding",
+            "geoip_binding",
         ]
 
 
diff --git a/authentik/stages/user_login/middleware.py b/authentik/stages/user_login/middleware.py
new file mode 100644
index 000000000..73e42e1ac
--- /dev/null
+++ b/authentik/stages/user_login/middleware.py
@@ -0,0 +1,215 @@
+"""Sessions bound to ASN/Network and GeoIP/Continent/etc"""
+from django.conf import settings
+from django.contrib.auth.middleware import AuthenticationMiddleware
+from django.contrib.auth.signals import user_logged_out
+from django.http.request import HttpRequest
+from django.shortcuts import redirect
+from structlog.stdlib import get_logger
+
+from authentik.core.models import AuthenticatedSession
+from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR
+from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR
+from authentik.lib.sentry import SentryIgnoredException
+from authentik.root.middleware import ClientIPMiddleware, SessionMiddleware
+from authentik.stages.user_login.models import GeoIPBinding, NetworkBinding
+
+SESSION_KEY_LAST_IP = "authentik/stages/user_login/last_ip"
+SESSION_KEY_BINDING_NET = "authentik/stages/user_login/binding/net"
+SESSION_KEY_BINDING_GEO = "authentik/stages/user_login/binding/geo"
+LOGGER = get_logger()
+
+
+class SessionBindingBroken(SentryIgnoredException):
+    """Session binding was broken due to specified `reason`"""
+
+    # pylint: disable=too-many-arguments
+    def __init__(
+        self, reason: str, old_value: str, new_value: str, old_ip: str, new_ip: str
+    ) -> None:
+        self.reason = reason
+        self.old_value = old_value
+        self.new_value = new_value
+        self.old_ip = old_ip
+        self.new_ip = new_ip
+
+    def __repr__(self) -> str:
+        return (
+            f"Session binding broken due to {self.reason}; "
+            f"old value: {self.old_value}, new value: {self.new_value}"
+        )
+
+    def to_event(self) -> dict:
+        """Convert to dict for usage with event"""
+        return {
+            "logout_reason": "Session binding broken",
+            "binding": {
+                "reason": self.reason,
+                "previous_value": self.old_value,
+                "new_value": self.new_value,
+            },
+            "ip": {
+                "previous": self.old_ip,
+                "new": self.new_ip,
+            },
+        }
+
+
+def logout_extra(request: HttpRequest, exc: SessionBindingBroken):
+    """Similar to django's logout method, but able to carry more info to the signal"""
+    # Dispatch the signal before the user is logged out so the receivers have a
+    # chance to find out *who* logged out.
+    user = getattr(request, "user", None)
+    if not getattr(user, "is_authenticated", True):
+        user = None
+    user_logged_out.send(
+        sender=user.__class__, request=request, user=user, event_extra=exc.to_event()
+    )
+    request.session.flush()
+    if hasattr(request, "user"):
+        from django.contrib.auth.models import AnonymousUser
+
+        request.user = AnonymousUser()
+
+
+class BoundSessionMiddleware(SessionMiddleware):
+    """Sessions bound to ASN/Network and GeoIP/Continent/etc"""
+
+    def process_request(self, request: HttpRequest):
+        super().process_request(request)
+        try:
+            self.recheck_session(request)
+        except SessionBindingBroken as exc:
+            LOGGER.warning("Session binding broken", exc=exc)
+            # At this point, we need to logout the current user
+            # however since this middleware has to run before the `AuthenticationMiddleware`
+            # we don't have access to the user yet
+            # Logout will still work, however event logs won't display the user being logged out
+            AuthenticationMiddleware(lambda request: request).process_request(request)
+            logout_extra(request, exc)
+            request.session.clear()
+            return redirect(settings.LOGIN_URL)
+        return None
+
+    def recheck_session(self, request: HttpRequest):
+        """Check if a session is still valid with a changed IP"""
+        last_ip = request.session.get(SESSION_KEY_LAST_IP)
+        new_ip = ClientIPMiddleware.get_client_ip(request)
+        # Check changed IP
+        if new_ip == last_ip:
+            return
+        configured_binding_net = request.session.get(
+            SESSION_KEY_BINDING_NET, NetworkBinding.NO_BINDING
+        )
+        configured_binding_geo = request.session.get(
+            SESSION_KEY_BINDING_GEO, GeoIPBinding.NO_BINDING
+        )
+        if configured_binding_net != NetworkBinding.NO_BINDING:
+            self.recheck_session_net(configured_binding_net, last_ip, new_ip)
+        if configured_binding_geo != GeoIPBinding.NO_BINDING:
+            self.recheck_session_geo(configured_binding_geo, last_ip, new_ip)
+        # If we got to this point without any error being raised, we need to
+        # update the last saved IP to the current one
+        if SESSION_KEY_BINDING_NET in request.session or SESSION_KEY_BINDING_GEO in request.session:
+            # Only set the last IP in the session if there's a binding specified
+            # (== basically requires the user to be logged in)
+            request.session[SESSION_KEY_LAST_IP] = new_ip
+        AuthenticatedSession.objects.filter(session_key=request.session.session_key).update(
+            last_ip=new_ip, last_user_agent=request.META.get("HTTP_USER_AGENT", "")
+        )
+
+    def recheck_session_net(self, binding: NetworkBinding, last_ip: str, new_ip: str):
+        """Check network/ASN binding"""
+        last_asn = ASN_CONTEXT_PROCESSOR.asn(last_ip)
+        new_asn = ASN_CONTEXT_PROCESSOR.asn(new_ip)
+        if not last_asn or not new_asn:
+            raise SessionBindingBroken(
+                "network.missing",
+                ASN_CONTEXT_PROCESSOR.asn_to_dict(last_asn),
+                ASN_CONTEXT_PROCESSOR.asn_to_dict(new_asn),
+                last_ip,
+                new_ip,
+            )
+        if binding in [
+            NetworkBinding.BIND_ASN,
+            NetworkBinding.BIND_ASN_NETWORK,
+            NetworkBinding.BIND_ASN_NETWORK_IP,
+        ]:
+            # Check ASN which is required for all 3 modes
+            if last_asn.autonomous_system_number != new_asn.autonomous_system_number:
+                raise SessionBindingBroken(
+                    "network.asn",
+                    last_asn.autonomous_system_number,
+                    new_asn.autonomous_system_number,
+                    last_ip,
+                    new_ip,
+                )
+        if binding in [NetworkBinding.BIND_ASN_NETWORK, NetworkBinding.BIND_ASN_NETWORK_IP]:
+            # Check Network afterwards
+            if last_asn.network != new_asn.network:
+                raise SessionBindingBroken(
+                    "network.asn_network",
+                    last_asn.network,
+                    new_asn.network,
+                    last_ip,
+                    new_ip,
+                )
+        if binding in [NetworkBinding.BIND_ASN_NETWORK_IP]:
+            # Only require strict IP checking
+            if last_ip != new_ip:
+                raise SessionBindingBroken(
+                    "network.ip",
+                    last_ip,
+                    new_ip,
+                    last_ip,
+                    new_ip,
+                )
+
+    def recheck_session_geo(self, binding: GeoIPBinding, last_ip: str, new_ip: str):
+        """Check GeoIP binding"""
+        last_geo = GEOIP_CONTEXT_PROCESSOR.city(last_ip)
+        new_geo = GEOIP_CONTEXT_PROCESSOR.city(new_ip)
+        if not last_geo or not new_geo:
+            raise SessionBindingBroken(
+                "geoip.missing",
+                GEOIP_CONTEXT_PROCESSOR.city_to_dict(last_geo),
+                GEOIP_CONTEXT_PROCESSOR.city_to_dict(new_geo),
+                last_ip,
+                new_ip,
+            )
+        if binding in [
+            GeoIPBinding.BIND_CONTINENT,
+            GeoIPBinding.BIND_CONTINENT_COUNTRY,
+            GeoIPBinding.BIND_CONTINENT_COUNTRY_CITY,
+        ]:
+            # Check Continent which is required for all 3 modes
+            if last_geo.continent != new_geo.continent:
+                raise SessionBindingBroken(
+                    "geoip.continent",
+                    last_geo.continent,
+                    new_geo.continent,
+                    last_ip,
+                    new_ip,
+                )
+        if binding in [
+            GeoIPBinding.BIND_CONTINENT_COUNTRY,
+            GeoIPBinding.BIND_CONTINENT_COUNTRY_CITY,
+        ]:
+            # Check Country afterwards
+            if last_geo.country != new_geo.country:
+                raise SessionBindingBroken(
+                    "geoip.country",
+                    last_geo.country,
+                    new_geo.country,
+                    last_ip,
+                    new_ip,
+                )
+        if binding in [GeoIPBinding.BIND_CONTINENT_COUNTRY_CITY]:
+            # Check city afterwards
+            if last_geo.city != new_geo.city:
+                raise SessionBindingBroken(
+                    "geoip.city",
+                    last_geo.city,
+                    new_geo.city,
+                    last_ip,
+                    new_ip,
+                )
diff --git a/authentik/stages/user_login/migrations/0006_userloginstage_geoip_binding_and_more.py b/authentik/stages/user_login/migrations/0006_userloginstage_geoip_binding_and_more.py
new file mode 100644
index 000000000..155c42b81
--- /dev/null
+++ b/authentik/stages/user_login/migrations/0006_userloginstage_geoip_binding_and_more.py
@@ -0,0 +1,40 @@
+# Generated by Django 4.2.7 on 2023-12-14 10:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_stages_user_login", "0005_userloginstage_remember_me_offset"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="userloginstage",
+            name="geoip_binding",
+            field=models.TextField(
+                choices=[
+                    ("no_binding", "No Binding"),
+                    ("bind_continent", "Bind Continent"),
+                    ("bind_continent_country", "Bind Continent Country"),
+                    ("bind_continent_country_city", "Bind Continent Country City"),
+                ],
+                default="no_binding",
+                help_text="Bind sessions created by this stage to the configured GeoIP location",
+            ),
+        ),
+        migrations.AddField(
+            model_name="userloginstage",
+            name="network_binding",
+            field=models.TextField(
+                choices=[
+                    ("no_binding", "No Binding"),
+                    ("bind_asn", "Bind Asn"),
+                    ("bind_asn_network", "Bind Asn Network"),
+                    ("bind_asn_network_ip", "Bind Asn Network Ip"),
+                ],
+                default="no_binding",
+                help_text="Bind sessions created by this stage to the configured network",
+            ),
+        ),
+    ]
diff --git a/authentik/stages/user_login/models.py b/authentik/stages/user_login/models.py
index 01c85b4fa..27bb6f3bf 100644
--- a/authentik/stages/user_login/models.py
+++ b/authentik/stages/user_login/models.py
@@ -9,6 +9,26 @@ from authentik.flows.models import Stage
 from authentik.lib.utils.time import timedelta_string_validator
 
 
+class NetworkBinding(models.TextChoices):
+    """Network session binding modes"""
+
+    NO_BINDING = "no_binding"
+    BIND_ASN = "bind_asn"  # Bind to ASN only
+    BIND_ASN_NETWORK = "bind_asn_network"  # Bind to ASN and Network
+    BIND_ASN_NETWORK_IP = "bind_asn_network_ip"  # Bind to ASN, Network and IP
+
+
+class GeoIPBinding(models.TextChoices):
+    """Geo session binding modes"""
+
+    NO_BINDING = "no_binding"
+    BIND_CONTINENT = "bind_continent"  # Bind to continent only
+    BIND_CONTINENT_COUNTRY = "bind_continent_country"  # Bind to continent and country
+    BIND_CONTINENT_COUNTRY_CITY = (
+        "bind_continent_country_city"  # Bind to continent, country and city
+    )
+
+
 class UserLoginStage(Stage):
     """Attaches the currently pending user to the current session."""
 
@@ -21,6 +41,16 @@ class UserLoginStage(Stage):
             "(Format: hours=-1;minutes=-2;seconds=-3)"
         ),
     )
+    network_binding = models.TextField(
+        choices=NetworkBinding.choices,
+        default=NetworkBinding.NO_BINDING,
+        help_text=_("Bind sessions created by this stage to the configured network"),
+    )
+    geoip_binding = models.TextField(
+        choices=GeoIPBinding.choices,
+        default=GeoIPBinding.NO_BINDING,
+        help_text=_("Bind sessions created by this stage to the configured GeoIP location"),
+    )
     terminate_other_sessions = models.BooleanField(
         default=False, help_text=_("Terminate all other sessions of the user logging in.")
     )
diff --git a/authentik/stages/user_login/stage.py b/authentik/stages/user_login/stage.py
index 0475c1b84..f771f8faa 100644
--- a/authentik/stages/user_login/stage.py
+++ b/authentik/stages/user_login/stage.py
@@ -1,4 +1,6 @@
 """Login stage logic"""
+from datetime import timedelta
+
 from django.contrib import messages
 from django.contrib.auth import login
 from django.http import HttpRequest, HttpResponse
@@ -10,8 +12,14 @@ from authentik.flows.challenge import ChallengeResponse, ChallengeTypes, WithUse
 from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, PLAN_CONTEXT_SOURCE
 from authentik.flows.stage import ChallengeStageView
 from authentik.lib.utils.time import timedelta_from_string
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.password import BACKEND_INBUILT
 from authentik.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND
+from authentik.stages.user_login.middleware import (
+    SESSION_KEY_BINDING_GEO,
+    SESSION_KEY_BINDING_NET,
+    SESSION_KEY_LAST_IP,
+)
 from authentik.stages.user_login.models import UserLoginStage
 
 
@@ -51,6 +59,26 @@ class UserLoginStageView(ChallengeStageView):
     def challenge_valid(self, response: UserLoginChallengeResponse) -> HttpResponse:
         return self.do_login(self.request, response.validated_data["remember_me"])
 
+    def set_session_duration(self, remember: bool) -> timedelta:
+        """Update the sessions' expiry"""
+        delta = timedelta_from_string(self.executor.current_stage.session_duration)
+        if remember:
+            offset = timedelta_from_string(self.executor.current_stage.remember_me_offset)
+            delta = delta + offset
+        if delta.total_seconds() == 0:
+            self.request.session.set_expiry(0)
+        else:
+            self.request.session.set_expiry(delta)
+        return delta
+
+    def set_session_ip(self):
+        """Set the sessions' last IP and session bindings"""
+        stage: UserLoginStage = self.executor.current_stage
+
+        self.request.session[SESSION_KEY_LAST_IP] = ClientIPMiddleware.get_client_ip(self.request)
+        self.request.session[SESSION_KEY_BINDING_NET] = stage.network_binding
+        self.request.session[SESSION_KEY_BINDING_GEO] = stage.geoip_binding
+
     def do_login(self, request: HttpRequest, remember: bool = False) -> HttpResponse:
         """Attach the currently pending user to the current session"""
         if PLAN_CONTEXT_PENDING_USER not in self.executor.plan.context:
@@ -64,14 +92,8 @@ class UserLoginStageView(ChallengeStageView):
         user: User = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
         if not user.is_active:
             self.logger.warning("User is not active, login will not work.")
-        delta = timedelta_from_string(self.executor.current_stage.session_duration)
-        if remember:
-            offset = timedelta_from_string(self.executor.current_stage.remember_me_offset)
-            delta = delta + offset
-        if delta.total_seconds() == 0:
-            self.request.session.set_expiry(0)
-        else:
-            self.request.session.set_expiry(delta)
+        delta = self.set_session_duration(remember)
+        self.set_session_ip()
         login(
             self.request,
             user,
diff --git a/authentik/stages/user_login/tests.py b/authentik/stages/user_login/tests.py
index fbf92b395..b61f89fd5 100644
--- a/authentik/stages/user_login/tests.py
+++ b/authentik/stages/user_login/tests.py
@@ -16,8 +16,8 @@ from authentik.flows.tests import FlowTestCase
 from authentik.flows.tests.test_executor import TO_STAGE_RESPONSE_MOCK
 from authentik.flows.views.executor import SESSION_KEY_PLAN
 from authentik.lib.generators import generate_id
-from authentik.lib.utils.http import DEFAULT_IP
 from authentik.lib.utils.time import timedelta_from_string
+from authentik.root.middleware import ClientIPMiddleware
 from authentik.stages.user_login.models import UserLoginStage
 
 
@@ -76,7 +76,7 @@ class TestUserLoginStage(FlowTestCase):
         other_session = AuthenticatedSession.objects.create(
             user=self.user,
             session_key=key,
-            last_ip=DEFAULT_IP,
+            last_ip=ClientIPMiddleware.default_ip,
         )
         cache.set(f"{KEY_PREFIX}{other_session.session_key}", "foo")
 
diff --git a/blueprints/schema.json b/blueprints/schema.json
index 423094b60..213cb1673 100644
--- a/blueprints/schema.json
+++ b/blueprints/schema.json
@@ -2779,6 +2779,117 @@
                             }
                         }
                     },
+                    {
+                        "type": "object",
+                        "required": [
+                            "model",
+                            "identifiers"
+                        ],
+                        "properties": {
+                            "model": {
+                                "const": "authentik_providers_rac.racprovider"
+                            },
+                            "id": {
+                                "type": "string"
+                            },
+                            "state": {
+                                "type": "string",
+                                "enum": [
+                                    "absent",
+                                    "present",
+                                    "created",
+                                    "must_created"
+                                ],
+                                "default": "present"
+                            },
+                            "conditions": {
+                                "type": "array",
+                                "items": {
+                                    "type": "boolean"
+                                }
+                            },
+                            "attrs": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.racprovider"
+                            },
+                            "identifiers": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.racprovider"
+                            }
+                        }
+                    },
+                    {
+                        "type": "object",
+                        "required": [
+                            "model",
+                            "identifiers"
+                        ],
+                        "properties": {
+                            "model": {
+                                "const": "authentik_providers_rac.endpoint"
+                            },
+                            "id": {
+                                "type": "string"
+                            },
+                            "state": {
+                                "type": "string",
+                                "enum": [
+                                    "absent",
+                                    "present",
+                                    "created",
+                                    "must_created"
+                                ],
+                                "default": "present"
+                            },
+                            "conditions": {
+                                "type": "array",
+                                "items": {
+                                    "type": "boolean"
+                                }
+                            },
+                            "attrs": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.endpoint"
+                            },
+                            "identifiers": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.endpoint"
+                            }
+                        }
+                    },
+                    {
+                        "type": "object",
+                        "required": [
+                            "model",
+                            "identifiers"
+                        ],
+                        "properties": {
+                            "model": {
+                                "const": "authentik_providers_rac.racpropertymapping"
+                            },
+                            "id": {
+                                "type": "string"
+                            },
+                            "state": {
+                                "type": "string",
+                                "enum": [
+                                    "absent",
+                                    "present",
+                                    "created",
+                                    "must_created"
+                                ],
+                                "default": "present"
+                            },
+                            "conditions": {
+                                "type": "array",
+                                "items": {
+                                    "type": "boolean"
+                                }
+                            },
+                            "attrs": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping"
+                            },
+                            "identifiers": {
+                                "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping"
+                            }
+                        }
+                    },
                     {
                         "type": "object",
                         "required": [
@@ -3167,7 +3278,8 @@
                         "none",
                         "require_authenticated",
                         "require_unauthenticated",
-                        "require_superuser"
+                        "require_superuser",
+                        "require_outpost"
                     ],
                     "title": "Authentication",
                     "description": "Required level of authentication and authorization to access a flow."
@@ -3295,7 +3407,8 @@
                     "enum": [
                         "proxy",
                         "ldap",
-                        "radius"
+                        "radius",
+                        "rac"
                     ],
                     "title": "Type"
                 },
@@ -3475,7 +3588,8 @@
                         "authentik.tenants",
                         "authentik.blueprints",
                         "authentik.core",
-                        "authentik.enterprise"
+                        "authentik.enterprise",
+                        "authentik.enterprise.providers.rac"
                     ],
                     "title": "App",
                     "description": "Match events created by selected application. When left empty, all applications are matched."
@@ -3560,7 +3674,10 @@
                         "authentik_core.user",
                         "authentik_core.application",
                         "authentik_core.token",
-                        "authentik_enterprise.license"
+                        "authentik_enterprise.license",
+                        "authentik_providers_rac.racprovider",
+                        "authentik_providers_rac.endpoint",
+                        "authentik_providers_rac.racpropertymapping"
                     ],
                     "title": "Model",
                     "description": "Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched."
@@ -3755,6 +3872,11 @@
                     "additionalProperties": true,
                     "title": "Ip geo data"
                 },
+                "ip_asn_data": {
+                    "type": "object",
+                    "additionalProperties": true,
+                    "title": "Ip asn data"
+                },
                 "score": {
                     "type": "integer",
                     "minimum": -9223372036854775808,
@@ -5300,13 +5422,13 @@
                     "type": "string",
                     "enum": [
                         "apple",
+                        "openidconnect",
                         "azuread",
                         "discord",
                         "facebook",
                         "github",
                         "google",
                         "mailcow",
-                        "openidconnect",
                         "okta",
                         "patreon",
                         "reddit",
@@ -8167,6 +8289,28 @@
                     "minLength": 1,
                     "title": "Remember me offset",
                     "description": "Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)"
+                },
+                "network_binding": {
+                    "type": "string",
+                    "enum": [
+                        "no_binding",
+                        "bind_asn",
+                        "bind_asn_network",
+                        "bind_asn_network_ip"
+                    ],
+                    "title": "Network binding",
+                    "description": "Bind sessions created by this stage to the configured network"
+                },
+                "geoip_binding": {
+                    "type": "string",
+                    "enum": [
+                        "no_binding",
+                        "bind_continent",
+                        "bind_continent_country",
+                        "bind_continent_country_city"
+                    ],
+                    "title": "Geoip binding",
+                    "description": "Bind sessions created by this stage to the configured GeoIP location"
                 }
             },
             "required": []
@@ -8730,6 +8874,129 @@
             },
             "required": []
         },
+        "model_authentik_providers_rac.racprovider": {
+            "type": "object",
+            "properties": {
+                "name": {
+                    "type": "string",
+                    "minLength": 1,
+                    "title": "Name"
+                },
+                "authentication_flow": {
+                    "type": "integer",
+                    "title": "Authentication flow",
+                    "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user."
+                },
+                "authorization_flow": {
+                    "type": "integer",
+                    "title": "Authorization flow",
+                    "description": "Flow used when authorizing this provider."
+                },
+                "property_mappings": {
+                    "type": "array",
+                    "items": {
+                        "type": "integer"
+                    },
+                    "title": "Property mappings"
+                },
+                "settings": {
+                    "type": "object",
+                    "additionalProperties": true,
+                    "title": "Settings"
+                },
+                "connection_expiry": {
+                    "type": "string",
+                    "minLength": 1,
+                    "title": "Connection expiry",
+                    "description": "Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)"
+                }
+            },
+            "required": []
+        },
+        "model_authentik_providers_rac.endpoint": {
+            "type": "object",
+            "properties": {
+                "name": {
+                    "type": "string",
+                    "minLength": 1,
+                    "title": "Name"
+                },
+                "provider": {
+                    "type": "integer",
+                    "title": "Provider"
+                },
+                "protocol": {
+                    "type": "string",
+                    "enum": [
+                        "rdp",
+                        "vnc",
+                        "ssh"
+                    ],
+                    "title": "Protocol"
+                },
+                "host": {
+                    "type": "string",
+                    "minLength": 1,
+                    "title": "Host"
+                },
+                "settings": {
+                    "type": "object",
+                    "additionalProperties": true,
+                    "title": "Settings"
+                },
+                "property_mappings": {
+                    "type": "array",
+                    "items": {
+                        "type": "integer"
+                    },
+                    "title": "Property mappings"
+                },
+                "auth_mode": {
+                    "type": "string",
+                    "enum": [
+                        "static",
+                        "prompt"
+                    ],
+                    "title": "Auth mode"
+                },
+                "maximum_connections": {
+                    "type": "integer",
+                    "minimum": -2147483648,
+                    "maximum": 2147483647,
+                    "title": "Maximum connections"
+                }
+            },
+            "required": []
+        },
+        "model_authentik_providers_rac.racpropertymapping": {
+            "type": "object",
+            "properties": {
+                "managed": {
+                    "type": [
+                        "string",
+                        "null"
+                    ],
+                    "minLength": 1,
+                    "title": "Managed by authentik",
+                    "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update."
+                },
+                "name": {
+                    "type": "string",
+                    "minLength": 1,
+                    "title": "Name"
+                },
+                "expression": {
+                    "type": "string",
+                    "title": "Expression"
+                },
+                "static_settings": {
+                    "type": "object",
+                    "additionalProperties": true,
+                    "title": "Static settings"
+                }
+            },
+            "required": []
+        },
         "model_authentik_blueprints.metaapplyblueprint": {
             "type": "object",
             "properties": {
diff --git a/blueprints/system/providers-oauth2.yaml b/blueprints/system/providers-oauth2.yaml
index eb4ca5442..0d2448202 100644
--- a/blueprints/system/providers-oauth2.yaml
+++ b/blueprints/system/providers-oauth2.yaml
@@ -45,3 +45,14 @@ entries:
             # groups is not part of the official userinfo schema, but is a quasi-standard
             "groups": [group.name for group in request.user.ak_groups.all()],
         }
+  - identifiers:
+      managed: goauthentik.io/providers/oauth2/scope-offline_access
+    model: authentik_providers_oauth2.scopemapping
+    attrs:
+      name: "authentik default OAuth Mapping: OpenID 'offline_access'"
+      scope_name: offline_access
+      description: "Access to request new tokens without interaction"
+      expression: |
+        # This scope grants the application a refresh token that can be used to refresh user data
+        # and let the application access authentik without the users interaction
+        return {}
diff --git a/blueprints/system/providers-proxy.yaml b/blueprints/system/providers-proxy.yaml
index 0086645a8..2fd4db560 100644
--- a/blueprints/system/providers-proxy.yaml
+++ b/blueprints/system/providers-proxy.yaml
@@ -14,8 +14,11 @@ entries:
       expression: |
         # This mapping is used by the authentik proxy. It passes extra user attributes,
         # which are used for example for the HTTP-Basic Authentication mapping.
+        session_id = None
+        if "token" in request.context:
+            session_id = request.context.get("token").session_id
         return {
-            "sid": request.http_request.session.session_key,
+            "sid": session_id,
             "ak_proxy": {
                 "user_attributes": request.user.group_attributes(request),
                 "is_superuser": request.user.is_superuser,
diff --git a/blueprints/system/providers-rac.yaml b/blueprints/system/providers-rac.yaml
new file mode 100644
index 000000000..63a568673
--- /dev/null
+++ b/blueprints/system/providers-rac.yaml
@@ -0,0 +1,32 @@
+version: 1
+metadata:
+  labels:
+    blueprints.goauthentik.io/system: "true"
+  name: System - RAC Provider - Mappings
+entries:
+  - identifiers:
+      managed: goauthentik.io/providers/rac/rdp-default
+    model: authentik_providers_rac.racpropertymapping
+    attrs:
+      name: "authentik default RAC Mapping: RDP Default settings"
+      static_settings:
+        resize-method: "display-update"
+        enable-wallpaper: "true"
+        enable-font-smoothing: "true"
+  - identifiers:
+      managed: goauthentik.io/providers/rac/rdp-high-fidelity
+    model: authentik_providers_rac.racpropertymapping
+    attrs:
+      name: "authentik default RAC Mapping: RDP High Fidelity"
+      static_settings:
+        enable-theming: "true"
+        enable-full-window-drag: "true"
+        enable-desktop-composition: "true"
+        enable-menu-animations: "true"
+  - identifiers:
+      managed: goauthentik.io/providers/rac/ssh-default
+    model: authentik_providers_rac.racpropertymapping
+    attrs:
+      name: "authentik default RAC Mapping: SSH Default settings"
+      static_settings:
+        terminal-type: "xterm-256color"
diff --git a/blueprints/system/providers-scim.yaml b/blueprints/system/providers-scim.yaml
index 9fdac0376..527992c43 100644
--- a/blueprints/system/providers-scim.yaml
+++ b/blueprints/system/providers-scim.yaml
@@ -11,13 +11,15 @@ entries:
       name: "authentik default SCIM Mapping: User"
       expression: |
         # Some implementations require givenName and familyName to be set
-        givenName, familyName = request.user.name, ""
+        givenName, familyName = request.user.name, " "
+        formatted = request.user.name + " "
         # This default sets givenName to the name before the first space
         # and the remainder as family name
         # if the user's name has no space the givenName is the entire name
         # (this might cause issues with some SCIM implementations)
         if " " in request.user.name:
             givenName, _, familyName = request.user.name.partition(" ")
+            formatted = request.user.name
 
         # photos supports URLs to images, however authentik might return data URIs
         avatar = request.user.avatar
@@ -39,7 +41,7 @@ entries:
         return {
             "userName": request.user.username,
             "name": {
-                "formatted": request.user.name,
+                "formatted": formatted,
                 "givenName": givenName,
                 "familyName": familyName,
             },
diff --git a/cmd/rac/main.go b/cmd/rac/main.go
new file mode 100644
index 000000000..947ad14dd
--- /dev/null
+++ b/cmd/rac/main.go
@@ -0,0 +1,93 @@
+package main
+
+import (
+	"fmt"
+	"net/url"
+	"os"
+
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+
+	"goauthentik.io/internal/common"
+	"goauthentik.io/internal/debug"
+	"goauthentik.io/internal/outpost/ak"
+	"goauthentik.io/internal/outpost/ak/healthcheck"
+	"goauthentik.io/internal/outpost/rac"
+)
+
+const helpMessage = `authentik RAC
+
+Required environment variables:
+- AUTHENTIK_HOST: URL to connect to (format "http://authentik.company")
+- AUTHENTIK_TOKEN: Token to authenticate with
+- AUTHENTIK_INSECURE: Skip SSL Certificate verification`
+
+var rootCmd = &cobra.Command{
+	Long: helpMessage,
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
+		log.SetLevel(log.DebugLevel)
+		log.SetFormatter(&log.JSONFormatter{
+			FieldMap: log.FieldMap{
+				log.FieldKeyMsg:  "event",
+				log.FieldKeyTime: "timestamp",
+			},
+			DisableHTMLEscape: true,
+		})
+	},
+	Run: func(cmd *cobra.Command, args []string) {
+		debug.EnableDebugServer()
+		akURL, found := os.LookupEnv("AUTHENTIK_HOST")
+		if !found {
+			fmt.Println("env AUTHENTIK_HOST not set!")
+			fmt.Println(helpMessage)
+			os.Exit(1)
+		}
+		akToken, found := os.LookupEnv("AUTHENTIK_TOKEN")
+		if !found {
+			fmt.Println("env AUTHENTIK_TOKEN not set!")
+			fmt.Println(helpMessage)
+			os.Exit(1)
+		}
+
+		akURLActual, err := url.Parse(akURL)
+		if err != nil {
+			fmt.Println(err)
+			fmt.Println(helpMessage)
+			os.Exit(1)
+		}
+
+		ex := common.Init()
+		defer common.Defer()
+		go func() {
+			for {
+				<-ex
+				os.Exit(0)
+			}
+		}()
+
+		ac := ak.NewAPIController(*akURLActual, akToken)
+		if ac == nil {
+			os.Exit(1)
+		}
+		defer ac.Shutdown()
+
+		ac.Server = rac.NewServer(ac)
+
+		err = ac.Start()
+		if err != nil {
+			log.WithError(err).Panic("Failed to run server")
+		}
+
+		for {
+			<-ex
+		}
+	},
+}
+
+func main() {
+	rootCmd.AddCommand(healthcheck.Command)
+	err := rootCmd.Execute()
+	if err != nil {
+		os.Exit(1)
+	}
+}
diff --git a/cmd/radius/main.go b/cmd/radius/main.go
index f442cb101..0d6b7abeb 100644
--- a/cmd/radius/main.go
+++ b/cmd/radius/main.go
@@ -81,7 +81,6 @@ var rootCmd = &cobra.Command{
 		for {
 			<-ex
 		}
-
 	},
 }
 
diff --git a/docker-compose.yml b/docker-compose.yml
index 68e7530e7..a7491656d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -32,7 +32,7 @@ services:
     volumes:
       - redis:/data
   server:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.4}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.5}
     restart: unless-stopped
     command: server
     environment:
@@ -53,7 +53,7 @@ services:
       - postgresql
       - redis
   worker:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.4}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.5}
     restart: unless-stopped
     command: worker
     environment:
diff --git a/go.mod b/go.mod
index c05347832..aadc18f18 100644
--- a/go.mod
+++ b/go.mod
@@ -10,27 +10,28 @@ require (
 	github.com/go-http-utils/etag v0.0.0-20161124023236-513ea8f21eb1
 	github.com/go-ldap/ldap/v3 v3.4.6
 	github.com/go-openapi/runtime v0.26.2
-	github.com/go-openapi/strfmt v0.21.9
+	github.com/go-openapi/strfmt v0.22.0
 	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/google/uuid v1.4.0
+	github.com/google/uuid v1.5.0
 	github.com/gorilla/handlers v1.5.2
 	github.com/gorilla/mux v1.8.1
 	github.com/gorilla/securecookie v1.1.2
 	github.com/gorilla/sessions v1.2.2
 	github.com/gorilla/websocket v1.5.1
-	github.com/jellydator/ttlcache/v3 v3.1.0
+	github.com/jellydator/ttlcache/v3 v3.1.1
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
 	github.com/pires/go-proxyproto v0.7.0
-	github.com/prometheus/client_golang v1.17.0
-	github.com/redis/go-redis/v9 v9.3.0
+	github.com/prometheus/client_golang v1.18.0
+	github.com/redis/go-redis/v9 v9.4.0
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.0
 	github.com/stretchr/testify v1.8.4
-	goauthentik.io/api/v3 v3.2023104.2
+	github.com/wwt/guac v1.3.2
+	goauthentik.io/api/v3 v3.2023105.5
 	golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
 	golang.org/x/oauth2 v0.15.0
-	golang.org/x/sync v0.5.0
+	golang.org/x/sync v0.6.0
 	gopkg.in/yaml.v2 v2.4.0
 	layeh.com/radius v0.0.0-20210819152912-ad72663a72ab
 )
@@ -49,7 +50,7 @@ require (
 	github.com/go-logr/logr v1.3.0 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/analysis v0.21.4 // indirect
-	github.com/go-openapi/errors v0.20.4 // indirect
+	github.com/go-openapi/errors v0.21.0 // indirect
 	github.com/go-openapi/jsonpointer v0.20.0 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/loads v0.21.2 // indirect
@@ -60,20 +61,20 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac // indirect
-	github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect
-	github.com/prometheus/common v0.44.0 // indirect
-	github.com/prometheus/procfs v0.11.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	go.mongodb.org/mongo-driver v1.13.1 // indirect
 	go.opentelemetry.io/otel v1.17.0 // indirect
 	go.opentelemetry.io/otel/metric v1.17.0 // indirect
 	go.opentelemetry.io/otel/trace v1.17.0 // indirect
-	golang.org/x/crypto v0.16.0 // indirect
+	golang.org/x/crypto v0.17.0 // indirect
 	golang.org/x/net v0.19.0 // indirect
 	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
diff --git a/go.sum b/go.sum
index 3d974ad6d..fcbdc7618 100644
--- a/go.sum
+++ b/go.sum
@@ -98,8 +98,8 @@ github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre
 github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc=
 github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo=
 github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M=
-github.com/go-openapi/errors v0.20.4 h1:unTcVm6PispJsMECE3zWgvG4xTiKda1LIR5rCRWLG6M=
-github.com/go-openapi/errors v0.20.4/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk=
+github.com/go-openapi/errors v0.21.0 h1:FhChC/duCnfoLj1gZ0BgaBmzhJC2SL/sJr8a2vAobSY=
+github.com/go-openapi/errors v0.21.0/go.mod h1:jxNTMUxRCKj65yb/okJGEtahVd7uvWnuWfj53bse4ho=
 github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
@@ -116,8 +116,8 @@ github.com/go-openapi/spec v0.20.6/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6
 github.com/go-openapi/spec v0.20.11 h1:J/TzFDLTt4Rcl/l1PmyErvkqlJDncGvPTMnCI39I4gY=
 github.com/go-openapi/spec v0.20.11/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA=
 github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqbbXjtDfvmGg=
-github.com/go-openapi/strfmt v0.21.9 h1:LnEGOO9qyEC1v22Bzr323M98G13paIUGPU7yeJtG9Xs=
-github.com/go-openapi/strfmt v0.21.9/go.mod h1:0k3v301mglEaZRJdDDGSlN6Npq4VMVU69DE0LUyf7uA=
+github.com/go-openapi/strfmt v0.22.0 h1:Ew9PnEYc246TwrEspvBdDHS4BVKXy/AOVsfqGDgAcaI=
+github.com/go-openapi/strfmt v0.22.0/go.mod h1:HzJ9kokGIju3/K6ap8jL+OlGAbjpSv27135Yr9OivU4=
 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
 github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
@@ -183,8 +183,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
-github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
+github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
@@ -195,6 +195,7 @@ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kX
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
 github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
 github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
+github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
 github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
@@ -202,14 +203,15 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
-github.com/jellydator/ttlcache/v3 v3.1.0 h1:0gPFG0IHHP6xyUyXq+JaD8fwkDCqgqwohXNJBcYE71g=
-github.com/jellydator/ttlcache/v3 v3.1.0/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4=
+github.com/jellydator/ttlcache/v3 v3.1.1 h1:RCgYJqo3jgvhl+fEWvjNW8thxGWsgxi+TPhRir1Y9y8=
+github.com/jellydator/ttlcache/v3 v3.1.1/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -223,8 +225,8 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN
 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
-github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
-github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
 github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
@@ -247,21 +249,22 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac h1:jWKYCNlX4J5s8M0nHYkh7Y7c9gRVDEb3mq51j5J0F5M=
 github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac/go.mod h1:hoLfEwdY11HjRfKFH6KqnPsfxlo3BP6bJehpDv8t6sQ=
-github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q=
-github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY=
+github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk=
+github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 h1:v7DLqVdK4VrYkVD5diGdl4sxJurKJEMnODWRJlxV9oM=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
-github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
-github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
-github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI=
-github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY=
-github.com/redis/go-redis/v9 v9.3.0 h1:RiVDjmig62jIWp7Kk4XVLs0hzV6pI3PyTnnL0cnn0u0=
-github.com/redis/go-redis/v9 v9.3.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
+github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
+github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
+github.com/redis/go-redis/v9 v9.4.0 h1:Yzoz33UZw9I/mFhx4MNrB6Fk+XHO1VukNcCa1+lwyKk=
+github.com/redis/go-redis/v9 v9.4.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
 github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
@@ -269,8 +272,10 @@ github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyh
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -281,6 +286,8 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
+github.com/wwt/guac v1.3.2 h1:sH6OFGa/1tBs7ieWBVlZe7t6F5JAOWBry/tqQL/Vup4=
+github.com/wwt/guac v1.3.2/go.mod h1:eKm+NrnK7A88l4UBEcYNpZQGMpZRryYKoz4D/0/n1C0=
 github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
 github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g=
 github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4=
@@ -309,8 +316,8 @@ go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYO
 go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY=
 go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
 go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
-goauthentik.io/api/v3 v3.2023104.2 h1:TV3SdaPGhjVE7If0l1kt+H23xwgEabWUFgX4ijkkeSc=
-goauthentik.io/api/v3 v3.2023104.2/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
+goauthentik.io/api/v3 v3.2023105.5 h1:wIL3Q0jry1g4kRWpH/Dv1sQqhzuL4BLC+uP/Tar1P/g=
+goauthentik.io/api/v3 v3.2023105.5/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -320,8 +327,8 @@ golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
-golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
-golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -408,12 +415,13 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
-golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
diff --git a/internal/config/struct.go b/internal/config/struct.go
index c42fb2c7a..e7be9733e 100644
--- a/internal/config/struct.go
+++ b/internal/config/struct.go
@@ -25,13 +25,13 @@ type Config struct {
 }
 
 type RedisConfig struct {
-	Host                   string `yaml:"host" env:"AUTHENTIK_REDIS__HOST"`
-	Port                   int    `yaml:"port" env:"AUTHENTIK_REDIS__PORT"`
-	DB                     int    `yaml:"db" env:"AUTHENTIK_REDIS__DB"`
-	Username               string `yaml:"username" env:"AUTHENTIK_REDIS__USERNAME"`
-	Password               string `yaml:"password" env:"AUTHENTIK_REDIS__PASSWORD"`
-	TLS                    bool   `yaml:"tls" env:"AUTHENTIK_REDIS__TLS"`
-	TLSReqs                string `yaml:"tls_reqs" env:"AUTHENTIK_REDIS__TLS_REQS"`
+	Host     string `yaml:"host" env:"AUTHENTIK_REDIS__HOST"`
+	Port     int    `yaml:"port" env:"AUTHENTIK_REDIS__PORT"`
+	DB       int    `yaml:"db" env:"AUTHENTIK_REDIS__DB"`
+	Username string `yaml:"username" env:"AUTHENTIK_REDIS__USERNAME"`
+	Password string `yaml:"password" env:"AUTHENTIK_REDIS__PASSWORD"`
+	TLS      bool   `yaml:"tls" env:"AUTHENTIK_REDIS__TLS"`
+	TLSReqs  string `yaml:"tls_reqs" env:"AUTHENTIK_REDIS__TLS_REQS"`
 }
 
 type ListenConfig struct {
diff --git a/internal/constants/constants.go b/internal/constants/constants.go
index fb12db690..806dc131c 100644
--- a/internal/constants/constants.go
+++ b/internal/constants/constants.go
@@ -29,4 +29,4 @@ func UserAgent() string {
 	return fmt.Sprintf("authentik@%s", FullVersion())
 }
 
-const VERSION = "2023.10.4"
+const VERSION = "2023.10.5"
diff --git a/internal/outpost/ak/api.go b/internal/outpost/ak/api.go
index f6003c02f..1f744010a 100644
--- a/internal/outpost/ak/api.go
+++ b/internal/outpost/ak/api.go
@@ -76,7 +76,6 @@ func NewAPIController(akURL url.URL, token string) *APIController {
 	// Because we don't know the outpost UUID, we simply do a list and pick the first
 	// The service account this token belongs to should only have access to a single outpost
 	outposts, _, err := apiClient.OutpostsApi.OutpostsInstancesList(context.Background()).Execute()
-
 	if err != nil {
 		log.WithError(err).Error("Failed to fetch outpost configuration, retrying in 3 seconds")
 		time.Sleep(time.Second * 3)
@@ -160,15 +159,14 @@ func (a *APIController) AddRefreshHandler(handler func()) {
 	a.refreshHandlers = append(a.refreshHandlers, handler)
 }
 
-func (a *APIController) AddWSHandler(handler WSHandler) {
-	a.wsHandlers = append(a.wsHandlers, handler)
+func (a *APIController) Token() string {
+	return a.token
 }
 
 func (a *APIController) OnRefresh() error {
 	// Because we don't know the outpost UUID, we simply do a list and pick the first
 	// The service account this token belongs to should only have access to a single outpost
 	outposts, _, err := a.Client.OutpostsApi.OutpostsInstancesList(context.Background()).Execute()
-
 	if err != nil {
 		log.WithError(err).Error("Failed to fetch outpost configuration")
 		return err
@@ -184,7 +182,7 @@ func (a *APIController) OnRefresh() error {
 	return err
 }
 
-func (a *APIController) getWebsocketArgs() map[string]interface{} {
+func (a *APIController) getWebsocketPingArgs() map[string]interface{} {
 	args := map[string]interface{}{
 		"version":   constants.VERSION,
 		"buildHash": constants.BUILD("tagged"),
diff --git a/internal/outpost/ak/api_ws.go b/internal/outpost/ak/api_ws.go
index 24c5099f4..c48cebba3 100644
--- a/internal/outpost/ak/api_ws.go
+++ b/internal/outpost/ak/api_ws.go
@@ -18,6 +18,8 @@ import (
 
 func (ac *APIController) initWS(akURL url.URL, outpostUUID string) error {
 	pathTemplate := "%s://%s/ws/outpost/%s/?%s"
+	query := akURL.Query()
+	query.Set("instance_uuid", ac.instanceUUID.String())
 	scheme := strings.ReplaceAll(akURL.Scheme, "http", "ws")
 
 	authHeader := fmt.Sprintf("Bearer %s", ac.token)
@@ -45,7 +47,7 @@ func (ac *APIController) initWS(akURL url.URL, outpostUUID string) error {
 	// Send hello message with our version
 	msg := websocketMessage{
 		Instruction: WebsocketInstructionHello,
-		Args:        ac.getWebsocketArgs(),
+		Args:        ac.getWebsocketPingArgs(),
 	}
 	err = ws.WriteJSON(msg)
 	if err != nil {
@@ -53,7 +55,7 @@ func (ac *APIController) initWS(akURL url.URL, outpostUUID string) error {
 		return err
 	}
 	ac.lastWsReconnect = time.Now()
-	ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithField("outpost", outpostUUID).Debug("Successfully connected websocket")
+	ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithField("outpost", outpostUUID).Info("Successfully connected websocket")
 	return nil
 }
 
@@ -157,23 +159,19 @@ func (ac *APIController) startWSHandler() {
 func (ac *APIController) startWSHealth() {
 	ticker := time.NewTicker(time.Second * 10)
 	for ; true; <-ticker.C {
-		aliveMsg := websocketMessage{
-			Instruction: WebsocketInstructionHello,
-			Args:        ac.getWebsocketArgs(),
-		}
 		if ac.wsConn == nil {
 			go ac.reconnectWS()
 			time.Sleep(time.Second * 5)
 			continue
 		}
-		err := ac.wsConn.WriteJSON(aliveMsg)
-		ac.logger.WithField("loop", "ws-health").Trace("hello'd")
+		err := ac.SendWSHello(map[string]interface{}{})
 		if err != nil {
 			ac.logger.WithField("loop", "ws-health").WithError(err).Warning("ws write error")
 			go ac.reconnectWS()
 			time.Sleep(time.Second * 5)
 			continue
 		} else {
+			ac.logger.WithField("loop", "ws-health").Trace("hello'd")
 			ConnectionStatus.With(prometheus.Labels{
 				"outpost_name": ac.Outpost.Name,
 				"outpost_type": ac.Server.Type(),
@@ -202,3 +200,20 @@ func (ac *APIController) startIntervalUpdater() {
 		}
 	}
 }
+
+func (a *APIController) AddWSHandler(handler WSHandler) {
+	a.wsHandlers = append(a.wsHandlers, handler)
+}
+
+func (a *APIController) SendWSHello(args map[string]interface{}) error {
+	allArgs := a.getWebsocketPingArgs()
+	for key, value := range args {
+		allArgs[key] = value
+	}
+	aliveMsg := websocketMessage{
+		Instruction: WebsocketInstructionHello,
+		Args:        allArgs,
+	}
+	err := a.wsConn.WriteJSON(aliveMsg)
+	return err
+}
diff --git a/internal/outpost/ak/global.go b/internal/outpost/ak/global.go
index 7373463ee..19047fa5d 100644
--- a/internal/outpost/ak/global.go
+++ b/internal/outpost/ak/global.go
@@ -14,8 +14,10 @@ import (
 	webutils "goauthentik.io/internal/utils/web"
 )
 
-var initialSetup = false
-var tlsTransport *http.RoundTripper = nil
+var (
+	initialSetup                    = false
+	tlsTransport *http.RoundTripper = nil
+)
 
 func doGlobalSetup(outpost api.Outpost, globalConfig *api.Config) {
 	l := log.WithField("logger", "authentik.outpost")
diff --git a/internal/outpost/ldap/entries.go b/internal/outpost/ldap/entries.go
index 2236a9964..d0f4abcf6 100644
--- a/internal/outpost/ldap/entries.go
+++ b/internal/outpost/ldap/entries.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 
 	"beryju.io/ldap"
+
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
 	"goauthentik.io/internal/outpost/ldap/utils"
@@ -49,8 +50,8 @@ func (pi *ProviderInstance) UserEntry(u api.User) *ldap.Entry {
 			constants.OCPosixAccount,
 			constants.OCAKUser,
 		},
-		"uidNumber":     {pi.GetUidNumber(u)},
-		"gidNumber":     {pi.GetUidNumber(u)},
+		"uidNumber":     {pi.GetUserUidNumber(u)},
+		"gidNumber":     {pi.GetUserGidNumber(u)},
 		"homeDirectory": {fmt.Sprintf("/home/%s", u.Username)},
 		"sn":            {u.Name},
 	})
diff --git a/internal/outpost/ldap/group/group.go b/internal/outpost/ldap/group/group.go
index abfdf987f..21fd39b05 100644
--- a/internal/outpost/ldap/group/group.go
+++ b/internal/outpost/ldap/group/group.go
@@ -4,6 +4,7 @@ import (
 	"strconv"
 
 	"beryju.io/ldap"
+
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/constants"
 	"goauthentik.io/internal/outpost/ldap/server"
@@ -50,7 +51,7 @@ func FromAPIGroup(g api.Group, si server.LDAPServerInstance) *LDAPGroup {
 		DN:             si.GetGroupDN(g.Name),
 		CN:             g.Name,
 		Uid:            string(g.Pk),
-		GidNumber:      si.GetGidNumber(g),
+		GidNumber:      si.GetGroupGidNumber(g),
 		Member:         si.UsersForGroup(g),
 		IsVirtualGroup: false,
 		IsSuperuser:    *g.IsSuperuser,
@@ -63,7 +64,7 @@ func FromAPIUser(u api.User, si server.LDAPServerInstance) *LDAPGroup {
 		DN:             si.GetVirtualGroupDN(u.Username),
 		CN:             u.Username,
 		Uid:            u.Uid,
-		GidNumber:      si.GetUidNumber(u),
+		GidNumber:      si.GetUserGidNumber(u),
 		Member:         []string{si.GetUserDN(u.Username)},
 		IsVirtualGroup: true,
 		IsSuperuser:    false,
diff --git a/internal/outpost/ldap/handler/handler.go b/internal/outpost/ldap/handler/handler.go
index 6d1c380cf..f035a8ecc 100644
--- a/internal/outpost/ldap/handler/handler.go
+++ b/internal/outpost/ldap/handler/handler.go
@@ -1,4 +1,3 @@
 package handler
 
-type Handler interface {
-}
+type Handler interface{}
diff --git a/internal/outpost/ldap/search.go b/internal/outpost/ldap/search.go
index b26df5023..6043dbb28 100644
--- a/internal/outpost/ldap/search.go
+++ b/internal/outpost/ldap/search.go
@@ -78,5 +78,4 @@ func (ls *LDAPServer) fallbackRootDSE(req *search.Request) (ldap.ServerSearchRes
 		},
 		Referrals: []string{}, Controls: []ldap.Control{}, ResultCode: ldap.LDAPResultSuccess,
 	}, nil
-
 }
diff --git a/internal/outpost/ldap/search/direct/base.go b/internal/outpost/ldap/search/direct/base.go
index 0f87b7bf3..1afff056f 100644
--- a/internal/outpost/ldap/search/direct/base.go
+++ b/internal/outpost/ldap/search/direct/base.go
@@ -34,26 +34,26 @@ func (ds *DirectSearcher) SearchBase(req *search.Request) (ldap.ServerSearchResu
 						Values: []string{"3"},
 					},
 					{
-						Name:   "supportedCapabilities",
+						Name: "supportedCapabilities",
 						Values: []string{
-							"1.2.840.113556.1.4.800", //LDAP_CAP_ACTIVE_DIRECTORY_OID
-							"1.2.840.113556.1.4.1791", //LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG_OID
-							"1.2.840.113556.1.4.1670", //LDAP_CAP_ACTIVE_DIRECTORY_V51_OID
-							"1.2.840.113556.1.4.1880", //LDAP_CAP_ACTIVE_DIRECTORY_ADAM_DIGEST_OID
-							"1.2.840.113556.1.4.1851", //LDAP_CAP_ACTIVE_DIRECTORY_ADAM_OID
-							"1.2.840.113556.1.4.1920", //LDAP_CAP_ACTIVE_DIRECTORY_PARTIAL_SECRETS_OID
-							"1.2.840.113556.1.4.1935", //LDAP_CAP_ACTIVE_DIRECTORY_V60_OID
-							"1.2.840.113556.1.4.2080", //LDAP_CAP_ACTIVE_DIRECTORY_V61_R2_OID
-							"1.2.840.113556.1.4.2237", //LDAP_CAP_ACTIVE_DIRECTORY_W8_OID
+							"1.2.840.113556.1.4.800",  // LDAP_CAP_ACTIVE_DIRECTORY_OID
+							"1.2.840.113556.1.4.1791", // LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG_OID
+							"1.2.840.113556.1.4.1670", // LDAP_CAP_ACTIVE_DIRECTORY_V51_OID
+							"1.2.840.113556.1.4.1880", // LDAP_CAP_ACTIVE_DIRECTORY_ADAM_DIGEST_OID
+							"1.2.840.113556.1.4.1851", // LDAP_CAP_ACTIVE_DIRECTORY_ADAM_OID
+							"1.2.840.113556.1.4.1920", // LDAP_CAP_ACTIVE_DIRECTORY_PARTIAL_SECRETS_OID
+							"1.2.840.113556.1.4.1935", // LDAP_CAP_ACTIVE_DIRECTORY_V60_OID
+							"1.2.840.113556.1.4.2080", // LDAP_CAP_ACTIVE_DIRECTORY_V61_R2_OID
+							"1.2.840.113556.1.4.2237", // LDAP_CAP_ACTIVE_DIRECTORY_W8_OID
 						},
 					},
 					{
-						Name:   "supportedControl",
+						Name: "supportedControl",
 						Values: []string{
-							"2.16.840.1.113730.3.4.9", //VLV Request LDAPv3 Control
-							"2.16.840.1.113730.3.4.10", //VLV Response LDAPv3 Control
-							"1.2.840.113556.1.4.474", //Sort result
-							"1.2.840.113556.1.4.319", //Paged Result Control
+							"2.16.840.1.113730.3.4.9",  // VLV Request LDAPv3 Control
+							"2.16.840.1.113730.3.4.10", // VLV Response LDAPv3 Control
+							"1.2.840.113556.1.4.474",   // Sort result
+							"1.2.840.113556.1.4.319",   // Paged Result Control
 						},
 					},
 					{
diff --git a/internal/outpost/ldap/search/memory/memory.go b/internal/outpost/ldap/search/memory/memory.go
index 198739122..fa25ed96f 100644
--- a/internal/outpost/ldap/search/memory/memory.go
+++ b/internal/outpost/ldap/search/memory/memory.go
@@ -143,7 +143,7 @@ func (ms *MemorySearcher) Search(req *search.Request) (ldap.ServerSearchResult,
 				// as a member.
 				for _, u := range g.UsersObj {
 					if flag.UserPk == u.Pk {
-						//TODO: Is there a better way to clone this object?
+						// TODO: Is there a better way to clone this object?
 						fg := api.NewGroup(g.Pk, g.NumPk, g.Name, g.ParentName, []api.GroupMember{u}, []api.Role{})
 						fg.SetUsers([]int32{flag.UserPk})
 						if g.Parent.IsSet() {
diff --git a/internal/outpost/ldap/server/base.go b/internal/outpost/ldap/server/base.go
index ff6649a03..2983e3afc 100644
--- a/internal/outpost/ldap/server/base.go
+++ b/internal/outpost/ldap/server/base.go
@@ -3,6 +3,7 @@ package server
 import (
 	"beryju.io/ldap"
 	"github.com/go-openapi/strfmt"
+
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/outpost/ldap/flags"
 )
@@ -28,8 +29,9 @@ type LDAPServerInstance interface {
 	GetGroupDN(string) string
 	GetVirtualGroupDN(string) string
 
-	GetUidNumber(api.User) string
-	GetGidNumber(api.Group) string
+	GetUserUidNumber(api.User) string
+	GetUserGidNumber(api.User) string
+	GetGroupGidNumber(api.Group) string
 
 	UsersForGroup(api.Group) []string
 
diff --git a/internal/outpost/ldap/utils.go b/internal/outpost/ldap/utils.go
index 6dbf0723b..22c44fe90 100644
--- a/internal/outpost/ldap/utils.go
+++ b/internal/outpost/ldap/utils.go
@@ -35,7 +35,7 @@ func (pi *ProviderInstance) GetVirtualGroupDN(group string) string {
 	return fmt.Sprintf("cn=%s,%s", group, pi.VirtualGroupDN)
 }
 
-func (pi *ProviderInstance) GetUidNumber(user api.User) string {
+func (pi *ProviderInstance) GetUserUidNumber(user api.User) string {
 	uidNumber, ok := user.GetAttributes()["uidNumber"].(string)
 
 	if ok {
@@ -45,7 +45,17 @@ func (pi *ProviderInstance) GetUidNumber(user api.User) string {
 	return strconv.FormatInt(int64(pi.uidStartNumber+user.Pk), 10)
 }
 
-func (pi *ProviderInstance) GetGidNumber(group api.Group) string {
+func (pi *ProviderInstance) GetUserGidNumber(user api.User) string {
+	gidNumber, ok := user.GetAttributes()["gidNumber"].(string)
+
+	if ok {
+		return gidNumber
+	}
+
+	return pi.GetUserUidNumber(user)
+}
+
+func (pi *ProviderInstance) GetGroupGidNumber(group api.Group) string {
 	gidNumber, ok := group.GetAttributes()["gidNumber"].(string)
 
 	if ok {
diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go
index 03dc4289d..3f3fcaa3b 100644
--- a/internal/outpost/proxyv2/application/application.go
+++ b/internal/outpost/proxyv2/application/application.go
@@ -220,7 +220,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, server Server) (*A
 		for _, regex := range strings.Split(*p.SkipPathRegex, "\n") {
 			re, err := regexp.Compile(regex)
 			if err != nil {
-				//TODO: maybe create event for this?
+				// TODO: maybe create event for this?
 				a.log.WithError(err).Warning("failed to compile SkipPathRegex")
 				continue
 			} else {
diff --git a/internal/outpost/proxyv2/application/mode_common.go b/internal/outpost/proxyv2/application/mode_common.go
index d2eac42cb..5866f5850 100644
--- a/internal/outpost/proxyv2/application/mode_common.go
+++ b/internal/outpost/proxyv2/application/mode_common.go
@@ -59,12 +59,12 @@ func (a *Application) addHeaders(headers http.Header, c *Claims) {
 	userAttributes := c.Proxy.UserAttributes
 	a.setAuthorizationHeader(headers, c)
 	// Check if user has additional headers set that we should sent
-	if additionalHeaders, ok := userAttributes["additionalHeaders"].(map[string]interface{}); ok {
+	if additionalHeaders, ok := userAttributes["additionalHeaders"]; ok {
 		a.log.WithField("headers", additionalHeaders).Trace("setting additional headers")
 		if additionalHeaders == nil {
 			return
 		}
-		for key, value := range additionalHeaders {
+		for key, value := range additionalHeaders.(map[string]interface{}) {
 			headers.Set(key, toString(value))
 		}
 	}
diff --git a/internal/outpost/proxyv2/application/oauth_callback.go b/internal/outpost/proxyv2/application/oauth_callback.go
index eef418a84..13f28e67a 100644
--- a/internal/outpost/proxyv2/application/oauth_callback.go
+++ b/internal/outpost/proxyv2/application/oauth_callback.go
@@ -31,16 +31,11 @@ func (a *Application) redeemCallback(savedState string, u *url.URL, c context.Co
 		return nil, err
 	}
 
-	// Extract the ID Token from OAuth2 token.
-	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
-	if !ok {
-		return nil, fmt.Errorf("missing id_token")
-	}
-
-	a.log.WithField("id_token", rawIDToken).Trace("id_token")
+	jwt := oauth2Token.AccessToken
+	a.log.WithField("jwt", jwt).Trace("access_token")
 
 	// Parse and verify ID Token payload.
-	idToken, err := a.tokenVerifier.Verify(ctx, rawIDToken)
+	idToken, err := a.tokenVerifier.Verify(ctx, jwt)
 	if err != nil {
 		return nil, err
 	}
@@ -53,6 +48,6 @@ func (a *Application) redeemCallback(savedState string, u *url.URL, c context.Co
 	if claims.Proxy == nil {
 		claims.Proxy = &ProxyClaims{}
 	}
-	claims.RawToken = rawIDToken
+	claims.RawToken = jwt
 	return claims, nil
 }
diff --git a/internal/outpost/proxyv2/application/session.go b/internal/outpost/proxyv2/application/session.go
index 5ffa77b04..b30934fb4 100644
--- a/internal/outpost/proxyv2/application/session.go
+++ b/internal/outpost/proxyv2/application/session.go
@@ -13,6 +13,7 @@ import (
 	"github.com/gorilla/securecookie"
 	"github.com/gorilla/sessions"
 	"github.com/redis/go-redis/v9"
+
 	"goauthentik.io/api/v3"
 	"goauthentik.io/internal/config"
 	"goauthentik.io/internal/outpost/proxyv2/codecs"
@@ -40,7 +41,7 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
 		// New default RedisStore
 		rs, err := redisstore.NewRedisStore(context.Background(), client)
 		if err != nil {
-			panic(err)
+			a.log.WithError(err).Panic("failed to connect to redis")
 		}
 
 		rs.KeyPrefix(RedisKeyPrefix)
@@ -62,7 +63,7 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
 	// https://github.com/markbates/goth/commit/7276be0fdf719ddff753f3574ef0f967e4a5a5f7
 	// set the maxLength of the cookies stored on the disk to a larger number to prevent issues with:
 	// securecookie: the value is too long
-	// when using OpenID Connect , since this can contain a large amount of extra information in the id_token
+	// when using OpenID Connect, since this can contain a large amount of extra information in the id_token
 
 	// Note, when using the FilesystemStore only the session.ID is written to a browser cookie, so this is explicit for the storage on disk
 	cs.MaxLength(math.MaxInt)
diff --git a/internal/outpost/proxyv2/constants/constants.go b/internal/outpost/proxyv2/constants/constants.go
index cdb3fcffe..339d49268 100644
--- a/internal/outpost/proxyv2/constants/constants.go
+++ b/internal/outpost/proxyv2/constants/constants.go
@@ -1,7 +1,9 @@
 package constants
 
-const SessionOAuthState = "oauth_state"
-const SessionClaims = "claims"
+const (
+	SessionOAuthState = "oauth_state"
+	SessionClaims     = "claims"
+)
 
 const SessionRedirect = "redirect"
 
diff --git a/internal/outpost/proxyv2/templates/error.html b/internal/outpost/proxyv2/templates/error.html
index f2c17f5fe..94df09714 100644
--- a/internal/outpost/proxyv2/templates/error.html
+++ b/internal/outpost/proxyv2/templates/error.html
@@ -26,26 +26,13 @@
     </head>
     <body>
         <div class="pf-c-background-image">
-            <svg xmlns="http://www.w3.org/2000/svg" class="pf-c-background-image__filter" width="0" height="0">
-                <filter id="image_overlay">
-                    <feColorMatrix in="SourceGraphic" type="matrix" values="1.3 0 0 0 0 0 1.3 0 0 0 0 0 1.3 0 0 0 0 0 1 0" />
-                    <feComponentTransfer color-interpolation-filters="sRGB" result="duotone">
-                        <feFuncR type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncR>
-                        <feFuncG type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncG>
-                        <feFuncB type="table" tableValues="0.086274509803922 0.43921568627451"></feFuncB>
-                        <feFuncA type="table" tableValues="0 1"></feFuncA>
-                    </feComponentTransfer>
-                </filter>
-            </svg>
         </div>
-        <div class="pf-c-login">
+        <div class="pf-c-login stacked">
             <div class="ak-login-container">
-                <header class="pf-c-login__header">
-                    <div class="pf-c-brand ak-brand">
+                <main class="pf-c-login__main">
+                    <div class="pf-c-login__main-header pf-c-brand ak-brand">
                         <img src="/outpost.goauthentik.io/static/dist/assets/icons/icon_left_brand.svg" alt="authentik Logo" />
                     </div>
-                </header>
-                <main class="pf-c-login__main">
                     <header class="pf-c-login__main-header">
                         <h1 class="pf-c-title pf-m-3xl">
                             {{ .Title }}
diff --git a/internal/outpost/proxyv2/ws.go b/internal/outpost/proxyv2/ws.go
index b75ba50fd..4632a67cb 100644
--- a/internal/outpost/proxyv2/ws.go
+++ b/internal/outpost/proxyv2/ws.go
@@ -36,6 +36,7 @@ func (ps *ProxyServer) handleWSMessage(ctx context.Context, args map[string]inte
 	switch msg.SubType {
 	case WSProviderSubTypeLogout:
 		for _, p := range ps.apps {
+			ps.log.WithField("provider", p.Host).Debug("Logging out")
 			err := p.Logout(ctx, func(c application.Claims) bool {
 				return c.Sid == msg.SessionID
 			})
diff --git a/internal/outpost/rac/connection/connection.go b/internal/outpost/rac/connection/connection.go
new file mode 100644
index 000000000..53ca9ecb0
--- /dev/null
+++ b/internal/outpost/rac/connection/connection.go
@@ -0,0 +1,124 @@
+package connection
+
+import (
+	"context"
+	"crypto/tls"
+	"fmt"
+	"net"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/gorilla/websocket"
+	log "github.com/sirupsen/logrus"
+	"github.com/wwt/guac"
+	"goauthentik.io/internal/config"
+	"goauthentik.io/internal/constants"
+	"goauthentik.io/internal/outpost/ak"
+)
+
+const guacAddr = "0.0.0.0:4822"
+
+type Connection struct {
+	log       *log.Entry
+	st        *guac.SimpleTunnel
+	ac        *ak.APIController
+	ws        *websocket.Conn
+	ctx       context.Context
+	ctxCancel context.CancelFunc
+	OnError   func(error)
+	closing   bool
+}
+
+func NewConnection(ac *ak.APIController, forChannel string, cfg *guac.Config) (*Connection, error) {
+	ctx, canc := context.WithCancel(context.Background())
+	c := &Connection{
+		ac:        ac,
+		log:       log.WithField("connection", forChannel),
+		ctx:       ctx,
+		ctxCancel: canc,
+		OnError:   func(err error) {},
+		closing:   false,
+	}
+	err := c.initGuac(cfg)
+	if err != nil {
+		return nil, err
+	}
+	err = c.initSocket(forChannel)
+	if err != nil {
+		_ = c.st.Close()
+		return nil, err
+	}
+	c.initMirror()
+	return c, nil
+}
+
+func (c *Connection) initSocket(forChannel string) error {
+	pathTemplate := "%s://%s/ws/outpost_rac/%s/"
+	scheme := strings.ReplaceAll(c.ac.Client.GetConfig().Scheme, "http", "ws")
+
+	authHeader := fmt.Sprintf("Bearer %s", c.ac.Token())
+
+	header := http.Header{
+		"Authorization": []string{authHeader},
+		"User-Agent":    []string{constants.OutpostUserAgent()},
+	}
+
+	dialer := websocket.Dialer{
+		Proxy:            http.ProxyFromEnvironment,
+		HandshakeTimeout: 10 * time.Second,
+		TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: config.Get().AuthentikInsecure,
+		},
+	}
+
+	url := fmt.Sprintf(pathTemplate, scheme, c.ac.Client.GetConfig().Host, forChannel)
+	ws, _, err := dialer.Dial(url, header)
+	if err != nil {
+		c.log.WithError(err).Warning("failed to connect websocket")
+		return err
+	}
+	c.ws = ws
+	return nil
+}
+
+func (c *Connection) initGuac(cfg *guac.Config) error {
+	addr, err := net.ResolveTCPAddr("tcp", guacAddr)
+	if err != nil {
+		return err
+	}
+
+	conn, err := net.DialTCP("tcp", nil, addr)
+	if err != nil {
+		return err
+	}
+
+	stream := guac.NewStream(conn, guac.SocketTimeout)
+
+	err = stream.Handshake(cfg)
+	if err != nil {
+		return err
+	}
+	st := guac.NewSimpleTunnel(stream)
+	c.st = st
+	return nil
+}
+
+func (c *Connection) initMirror() {
+	go c.wsToGuacd()
+	go c.guacdToWs()
+}
+
+func (c *Connection) onError(err error) {
+	if c.closing {
+		return
+	}
+	c.closing = true
+	e := c.st.Close()
+	if e != nil {
+		c.log.WithError(e).Warning("failed to close guacd connection")
+	}
+	c.log.WithError(err).Info("removing connection")
+	c.ctxCancel()
+	c.OnError(err)
+}
diff --git a/internal/outpost/rac/connection/mirror.go b/internal/outpost/rac/connection/mirror.go
new file mode 100644
index 000000000..7475c6efc
--- /dev/null
+++ b/internal/outpost/rac/connection/mirror.go
@@ -0,0 +1,103 @@
+package connection
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/gorilla/websocket"
+	"github.com/wwt/guac"
+)
+
+var (
+	internalOpcodeIns = []byte(fmt.Sprint(len(guac.InternalDataOpcode), ".", guac.InternalDataOpcode))
+	authentikOpcode   = []byte("0.authentik.")
+)
+
+// MessageReader wraps a websocket connection and only permits Reading
+type MessageReader interface {
+	// ReadMessage should return a single complete message to send to guac
+	ReadMessage() (int, []byte, error)
+}
+
+func (c *Connection) wsToGuacd() {
+	w := c.st.AcquireWriter()
+	for {
+		select {
+		default:
+			_, data, e := c.ws.ReadMessage()
+			if e != nil {
+				c.log.WithError(e).Trace("Error reading message from ws")
+				c.onError(e)
+				return
+			}
+			if bytes.HasPrefix(data, internalOpcodeIns) {
+				if bytes.HasPrefix(data, authentikOpcode) {
+					switch string(bytes.Replace(data, authentikOpcode, []byte{}, 1)) {
+					case "disconnect":
+						_, e := w.Write([]byte(guac.NewInstruction("disconnect").String()))
+						c.onError(e)
+						return
+					}
+				}
+				// messages starting with the InternalDataOpcode are never sent to guacd
+				continue
+			}
+
+			if _, e = w.Write(data); e != nil {
+				c.log.WithError(e).Trace("Failed writing to guacd")
+				c.onError(e)
+				return
+			}
+		case <-c.ctx.Done():
+			return
+		}
+	}
+}
+
+// MessageWriter wraps a websocket connection and only permits Writing
+type MessageWriter interface {
+	// WriteMessage writes one or more complete guac commands to the websocket
+	WriteMessage(int, []byte) error
+}
+
+func (c *Connection) guacdToWs() {
+	r := c.st.AcquireReader()
+	buf := bytes.NewBuffer(make([]byte, 0, guac.MaxGuacMessage*2))
+	for {
+		select {
+		default:
+			ins, e := r.ReadSome()
+			if e != nil {
+				c.log.WithError(e).Trace("Error reading from guacd")
+				c.onError(e)
+				return
+			}
+
+			if bytes.HasPrefix(ins, internalOpcodeIns) {
+				// messages starting with the InternalDataOpcode are never sent to the websocket
+				continue
+			}
+
+			if _, e = buf.Write(ins); e != nil {
+				c.log.WithError(e).Trace("Failed to buffer guacd to ws")
+				c.onError(e)
+				return
+			}
+
+			// if the buffer has more data in it or we've reached the max buffer size, send the data and reset
+			if !r.Available() || buf.Len() >= guac.MaxGuacMessage {
+				if e = c.ws.WriteMessage(1, buf.Bytes()); e != nil {
+					if e == websocket.ErrCloseSent {
+						return
+					}
+					c.log.WithError(e).Trace("Failed sending message to ws")
+					c.onError(e)
+					return
+				}
+				buf.Reset()
+			}
+		case <-c.ctx.Done():
+			return
+		}
+	}
+}
diff --git a/internal/outpost/rac/guacd.go b/internal/outpost/rac/guacd.go
new file mode 100644
index 000000000..3ae0c4f3f
--- /dev/null
+++ b/internal/outpost/rac/guacd.go
@@ -0,0 +1,26 @@
+package rac
+
+import (
+	"os"
+	"os/exec"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/outpost/ak"
+)
+
+const (
+	guacdPath        = "/opt/guacamole/sbin/guacd"
+	guacdDefaultArgs = " -b 0.0.0.0 -f"
+)
+
+func (rs *RACServer) startGuac() error {
+	guacdArgs := strings.Split(guacdDefaultArgs, " ")
+	guacdArgs = append(guacdArgs, "-L", rs.ac.Outpost.Config[ak.ConfigLogLevel].(string))
+	rs.guacd = exec.Command(guacdPath, guacdArgs...)
+	rs.guacd.Env = os.Environ()
+	rs.guacd.Stdout = rs.log.WithField("logger", "authentik.outpost.rac.guacd").WriterLevel(log.InfoLevel)
+	rs.guacd.Stderr = rs.log.WithField("logger", "authentik.outpost.rac.guacd").WriterLevel(log.InfoLevel)
+	rs.log.Info("starting guacd")
+	return rs.guacd.Start()
+}
diff --git a/internal/outpost/rac/metrics/metrics.go b/internal/outpost/rac/metrics/metrics.go
new file mode 100644
index 000000000..0a3e6b45d
--- /dev/null
+++ b/internal/outpost/rac/metrics/metrics.go
@@ -0,0 +1,28 @@
+package metrics
+
+import (
+	"net/http"
+
+	log "github.com/sirupsen/logrus"
+	"goauthentik.io/internal/config"
+	"goauthentik.io/internal/utils/sentry"
+
+	"github.com/gorilla/mux"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+)
+
+func RunServer() {
+	m := mux.NewRouter()
+	l := log.WithField("logger", "authentik.outpost.metrics")
+	m.Use(sentry.SentryNoSampleMiddleware)
+	m.HandleFunc("/outpost.goauthentik.io/ping", func(rw http.ResponseWriter, r *http.Request) {
+		rw.WriteHeader(204)
+	})
+	m.Path("/metrics").Handler(promhttp.Handler())
+	listen := config.Get().Listen.Metrics
+	l.WithField("listen", listen).Info("Starting Metrics server")
+	err := http.ListenAndServe(listen, m)
+	if err != nil {
+		l.WithError(err).Warning("Failed to start metrics listener")
+	}
+}
diff --git a/internal/outpost/rac/rac.go b/internal/outpost/rac/rac.go
new file mode 100644
index 000000000..1e9920305
--- /dev/null
+++ b/internal/outpost/rac/rac.go
@@ -0,0 +1,126 @@
+package rac
+
+import (
+	"context"
+	"os/exec"
+	"strconv"
+	"sync"
+
+	"github.com/mitchellh/mapstructure"
+	log "github.com/sirupsen/logrus"
+	"github.com/wwt/guac"
+
+	"goauthentik.io/internal/outpost/ak"
+	"goauthentik.io/internal/outpost/rac/connection"
+	"goauthentik.io/internal/outpost/rac/metrics"
+)
+
+type RACServer struct {
+	log   *log.Entry
+	ac    *ak.APIController
+	guacd *exec.Cmd
+	connm sync.RWMutex
+	conns map[string]connection.Connection
+}
+
+func NewServer(ac *ak.APIController) *RACServer {
+	rs := &RACServer{
+		log:   log.WithField("logger", "authentik.outpost.rac"),
+		ac:    ac,
+		connm: sync.RWMutex{},
+		conns: map[string]connection.Connection{},
+	}
+	ac.AddWSHandler(rs.wsHandler)
+	return rs
+}
+
+type WSMessage struct {
+	ConnID              string            `mapstructure:"conn_id"`
+	DestChannelID       string            `mapstructure:"dest_channel_id"`
+	Params              map[string]string `mapstructure:"params"`
+	Protocol            string            `mapstructure:"protocol"`
+	OptimalScreenWidth  string            `mapstructure:"screen_width"`
+	OptimalScreenHeight string            `mapstructure:"screen_height"`
+	OptimalScreenDPI    string            `mapstructure:"screen_dpi"`
+}
+
+func parseIntOrZero(input string) int {
+	x, err := strconv.Atoi(input)
+	if err != nil {
+		return 0
+	}
+	return x
+}
+
+func (rs *RACServer) wsHandler(ctx context.Context, args map[string]interface{}) {
+	wsm := WSMessage{}
+	err := mapstructure.Decode(args, &wsm)
+	if err != nil {
+		rs.log.WithError(err).Warning("invalid ws message")
+		return
+	}
+	config := guac.NewGuacamoleConfiguration()
+	config.Protocol = wsm.Protocol
+	config.Parameters = wsm.Params
+	config.OptimalScreenWidth = parseIntOrZero(wsm.OptimalScreenWidth)
+	config.OptimalScreenHeight = parseIntOrZero(wsm.OptimalScreenHeight)
+	config.OptimalResolution = parseIntOrZero(wsm.OptimalScreenDPI)
+	config.AudioMimetypes = []string{
+		"audio/L8",
+		"audio/L16",
+	}
+	cc, err := connection.NewConnection(rs.ac, wsm.DestChannelID, config)
+	if err != nil {
+		rs.log.WithError(err).Warning("failed to setup connection")
+		return
+	}
+	cc.OnError = func(err error) {
+		rs.connm.Lock()
+		delete(rs.conns, wsm.ConnID)
+		_ = rs.ac.SendWSHello(map[string]interface{}{
+			"active_connections": len(rs.conns),
+		})
+		rs.connm.Unlock()
+	}
+	rs.connm.Lock()
+	rs.conns[wsm.ConnID] = *cc
+	_ = rs.ac.SendWSHello(map[string]interface{}{
+		"active_connections": len(rs.conns),
+	})
+	rs.connm.Unlock()
+}
+
+func (rs *RACServer) Start() error {
+	wg := sync.WaitGroup{}
+	wg.Add(2)
+	go func() {
+		defer wg.Done()
+		metrics.RunServer()
+	}()
+	go func() {
+		defer wg.Done()
+		err := rs.startGuac()
+		if err != nil {
+			panic(err)
+		}
+	}()
+	wg.Wait()
+	return nil
+}
+
+func (rs *RACServer) Stop() error {
+	if rs.guacd != nil {
+		return rs.guacd.Process.Kill()
+	}
+	return nil
+}
+
+func (rs *RACServer) TimerFlowCacheExpiry(context.Context) {}
+
+func (rs *RACServer) Type() string {
+	return "rac"
+}
+
+func (rs *RACServer) Refresh() error {
+	return nil
+}
diff --git a/internal/outpost/radius/handle_access_request.go b/internal/outpost/radius/handle_access_request.go
index 1c5f32202..ea2b5c860 100644
--- a/internal/outpost/radius/handle_access_request.go
+++ b/internal/outpost/radius/handle_access_request.go
@@ -15,7 +15,7 @@ func (rs *RadiusServer) Handle_AccessRequest(w radius.ResponseWriter, r *RadiusR
 	fe := flow.NewFlowExecutor(r.Context(), r.pi.flowSlug, r.pi.s.ac.Client.GetConfig(), log.Fields{
 		"username":  username,
 		"client":    r.RemoteAddr(),
-		"requestId": r.ID,
+		"requestId": r.ID(),
 	})
 	fe.DelegateClientIP(r.RemoteAddr())
 	fe.Params.Add("goauthentik.io/outpost/radius", "true")
@@ -27,7 +27,6 @@ func (rs *RadiusServer) Handle_AccessRequest(w radius.ResponseWriter, r *RadiusR
 	}
 
 	passed, err := fe.Execute()
-
 	if err != nil {
 		r.Log().WithField("username", username).WithError(err).Warning("failed to execute flow")
 		metrics.RequestsRejected.With(prometheus.Labels{
diff --git a/internal/web/metrics.go b/internal/web/metrics.go
index 2e6b0def1..baf486e26 100644
--- a/internal/web/metrics.go
+++ b/internal/web/metrics.go
@@ -14,12 +14,10 @@ import (
 	"goauthentik.io/internal/utils/sentry"
 )
 
-var (
-	Requests = promauto.NewHistogramVec(prometheus.HistogramOpts{
-		Name: "authentik_main_request_duration_seconds",
-		Help: "API request latencies in seconds",
-	}, []string{"dest"})
-)
+var Requests = promauto.NewHistogramVec(prometheus.HistogramOpts{
+	Name: "authentik_main_request_duration_seconds",
+	Help: "API request latencies in seconds",
+}, []string{"dest"})
 
 func (ws *WebServer) runMetricsServer() {
 	m := mux.NewRouter()
diff --git a/internal/web/static.go b/internal/web/static.go
index c4f6dbcf4..8e0e3d0dd 100644
--- a/internal/web/static.go
+++ b/internal/web/static.go
@@ -34,6 +34,11 @@ func (ws *WebServer) configureStatic() {
 	})
 	indexLessRouter.PathPrefix("/if/admin/assets").Handler(http.StripPrefix("/if/admin", distFs))
 	indexLessRouter.PathPrefix("/if/user/assets").Handler(http.StripPrefix("/if/user", distFs))
+	indexLessRouter.PathPrefix("/if/rac/{app_slug}/assets").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		vars := mux.Vars(r)
+
+		web.DisableIndex(http.StripPrefix(fmt.Sprintf("/if/rac/%s", vars["app_slug"]), distFs)).ServeHTTP(rw, r)
+	})
 
 	indexLessRouter.PathPrefix("/media/").Handler(http.StripPrefix("/media", fs))
 
diff --git a/locale/it/LC_MESSAGES/django.mo b/locale/it/LC_MESSAGES/django.mo
new file mode 100644
index 000000000..10aefe661
Binary files /dev/null and b/locale/it/LC_MESSAGES/django.mo differ
diff --git a/locale/it/LC_MESSAGES/django.po b/locale/it/LC_MESSAGES/django.po
new file mode 100644
index 000000000..3f39ddb2e
--- /dev/null
+++ b/locale/it/LC_MESSAGES/django.po
@@ -0,0 +1,2919 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+# 
+# Translators:
+# Dario Rigolin, 2022
+# aoor9, 2023
+# Marco Realacci, 2023
+# Matteo Piccina <altermatte@gmail.com>, 2023
+# Kowalski Dragon <kowalski.7cc@gmail.com>, 2023
+# 
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2023-12-06 16:55+0000\n"
+"PO-Revision-Date: 2022-09-26 16:47+0000\n"
+"Last-Translator: Kowalski Dragon <kowalski.7cc@gmail.com>, 2023\n"
+"Language-Team: Italian (https://app.transifex.com/authentik/teams/119923/it/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: it\n"
+"Plural-Forms: nplurals=3; plural=n == 1 ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;\n"
+
+#: authentik/admin/api/tasks.py:127
+#, python-format
+msgid "Successfully re-scheduled Task %(name)s!"
+msgstr "Operazione ri-pianificata con successo%(name)s!"
+
+#: authentik/api/schema.py:25
+msgid "Generic API Error"
+msgstr "Errore API generico"
+
+#: authentik/api/schema.py:33
+msgid "Validation Error"
+msgstr "Errore di validazione"
+
+#: authentik/blueprints/api.py:43
+msgid "Blueprint file does not exist"
+msgstr "File del modello inesistente"
+
+#: authentik/blueprints/api.py:54
+#, python-format
+msgid "Failed to validate blueprint: %(logs)s"
+msgstr "Validazione del modello fallita: %(logs)s"
+
+#: authentik/blueprints/api.py:59
+msgid "Either path or content must be set."
+msgstr "È necessario impostare il percorso o il contenuto."
+
+#: authentik/blueprints/models.py:30
+msgid "Managed by authentik"
+msgstr "Gestito da authentik"
+
+#: authentik/blueprints/models.py:32
+msgid ""
+"Objects that are managed by authentik. These objects are created and updated"
+" automatically. This flag only indicates that an object can be overwritten "
+"by migrations. You can still modify the objects via the API, but expect "
+"changes to be overwritten in a later update."
+msgstr ""
+"Oggetti gestiti da authentik. Questi oggetti sono creati e aggiornati "
+"automaticamente. Questo controllo indica solo che un oggetto può essere "
+"sovrascritto dalle migrazioni. Puoi ancora modificare gli oggetti tramite "
+"l'API, ma aspettati che le modifiche vengano sovrascritte in un "
+"aggiornamento successivo."
+
+#: authentik/blueprints/models.py:112
+msgid "Blueprint Instance"
+msgstr "Istanza del modello"
+
+#: authentik/blueprints/models.py:113
+msgid "Blueprint Instances"
+msgstr "Istanze dei modelli"
+
+#: authentik/blueprints/v1/exporter.py:62
+#, python-format
+msgid "authentik Export - %(date)s"
+msgstr "Esportazione authentik - %(date)s"
+
+#: authentik/blueprints/v1/tasks.py:150 authentik/crypto/tasks.py:93
+#, python-format
+msgid "Successfully imported %(count)d files."
+msgstr "Importato con successo %(count)d file."
+
+#: authentik/core/api/providers.py:120
+msgid "SAML Provider from Metadata"
+msgstr "Provider SAML dai Metadati"
+
+#: authentik/core/api/providers.py:121
+msgid "Create a SAML Provider by importing its Metadata."
+msgstr "Crea un SAML Provider importando i sui Metadati."
+
+#: authentik/core/api/users.py:156
+msgid "No leading or trailing slashes allowed."
+msgstr "Non sono consentite barre oblique iniziali o finali."
+
+#: authentik/core/api/users.py:159
+msgid "No empty segments in user path allowed."
+msgstr "Non sono consentiti segmenti vuoti nel percorso utente."
+
+#: authentik/core/models.py:86
+msgid "name"
+msgstr "nome"
+
+#: authentik/core/models.py:88
+msgid "Users added to this group will be superusers."
+msgstr "Utenti aggiunti a questo gruppo saranno superutenti."
+
+#: authentik/core/models.py:162
+msgid "Group"
+msgstr "Gruppo"
+
+#: authentik/core/models.py:163
+msgid "Groups"
+msgstr "Gruppi"
+
+#: authentik/core/models.py:178
+msgid "User's display name."
+msgstr "Nome visualizzato dell'utente."
+
+#: authentik/core/models.py:274 authentik/providers/oauth2/models.py:295
+msgid "User"
+msgstr "Utente"
+
+#: authentik/core/models.py:275
+msgid "Users"
+msgstr "Utenti"
+
+#: authentik/core/models.py:277
+#: authentik/stages/email/templates/email/password_reset.html:28
+msgid "Reset Password"
+msgstr "Reimposta Password"
+
+#: authentik/core/models.py:278
+msgid "Can impersonate other users"
+msgstr "Può impersonare altri utenti"
+
+#: authentik/core/models.py:279 authentik/rbac/models.py:54
+msgid "Can assign permissions to users"
+msgstr "Può assegnare permessi a utenti"
+
+#: authentik/core/models.py:280 authentik/rbac/models.py:55
+msgid "Can unassign permissions from users"
+msgstr "Può rimuovere permessi da utenti"
+
+#: authentik/core/models.py:294
+msgid ""
+"Flow used for authentication when the associated application is accessed by "
+"an un-authenticated user."
+msgstr ""
+"Flusso usato per l'autenticazione quando un utente non autenticato accede "
+"all'applicazione associata."
+
+#: authentik/core/models.py:304
+msgid "Flow used when authorizing this provider."
+msgstr "Flusso utilizzato durante l'autorizzazione di questo provider."
+
+#: authentik/core/models.py:316
+msgid ""
+"Accessed from applications; optional backchannel providers for protocols "
+"like LDAP and SCIM."
+msgstr ""
+"Accessibile dalle applicazioni; fornitori di backchannel opzionali per "
+"protocolli come LDAP e SCIM."
+
+#: authentik/core/models.py:371
+msgid "Application's display Name."
+msgstr "Nome visualizzato dell'applicazione."
+
+#: authentik/core/models.py:372
+msgid "Internal application name, used in URLs."
+msgstr "Nome interno dell'applicazione, utilizzato negli URL."
+
+#: authentik/core/models.py:384
+msgid "Open launch URL in a new browser tab or window."
+msgstr "Apri l'URL di avvio in una nuova scheda o finestra del browser."
+
+#: authentik/core/models.py:448
+msgid "Application"
+msgstr "Applicazione"
+
+#: authentik/core/models.py:449
+msgid "Applications"
+msgstr "Applicazioni"
+
+#: authentik/core/models.py:455
+msgid "Use the source-specific identifier"
+msgstr "Utilizzare l'identificatore specifico della fonte"
+
+#: authentik/core/models.py:457
+msgid ""
+"Link to a user with identical email address. Can have security implications "
+"when a source doesn't validate email addresses."
+msgstr ""
+"Collegamento a un utente con indirizzo email identico. Può avere "
+"implicazioni sulla sicurezza quando una fonte non convalida gli indirizzi "
+"e-mail."
+
+#: authentik/core/models.py:461
+msgid ""
+"Use the user's email address, but deny enrollment when the email address "
+"already exists."
+msgstr ""
+"Usa l'indirizzo e-mail dell'utente, ma nega l'iscrizione quando l'indirizzo "
+"e-mail esiste già."
+
+#: authentik/core/models.py:464
+msgid ""
+"Link to a user with identical username. Can have security implications when "
+"a username is used with another source."
+msgstr ""
+"Collegamento a un utente con nome utente identico. Può avere implicazioni "
+"sulla sicurezza quando un nome utente viene utilizzato con un'altra fonte."
+
+#: authentik/core/models.py:468
+msgid ""
+"Use the user's username, but deny enrollment when the username already "
+"exists."
+msgstr ""
+"Utilizza il nome utente dell'utente, ma nega l'iscrizione quando il nome "
+"utente esiste già."
+
+#: authentik/core/models.py:475
+msgid "Source's display Name."
+msgstr "Nome visualizzato della sorgente."
+
+#: authentik/core/models.py:476
+msgid "Internal source name, used in URLs."
+msgstr "Nome interno della sorgente, utilizzato negli URL."
+
+#: authentik/core/models.py:495
+msgid "Flow to use when authenticating existing users."
+msgstr "Flusso da usare per autenticare utenti esistenti."
+
+#: authentik/core/models.py:504
+msgid "Flow to use when enrolling new users."
+msgstr "Flusso da usare per iscrivere nuovi utenti."
+
+#: authentik/core/models.py:512
+msgid ""
+"How the source determines if an existing user should be authenticated or a "
+"new user enrolled."
+msgstr ""
+"Modalità in cui la fonte determina se un utente esistente deve essere "
+"autenticato o un nuovo utente registrato."
+
+#: authentik/core/models.py:684
+msgid "Token"
+msgstr "Token"
+
+#: authentik/core/models.py:685
+msgid "Tokens"
+msgstr "Tokens"
+
+#: authentik/core/models.py:690
+msgid "View token's key"
+msgstr "Visualizza la chiave token"
+
+#: authentik/core/models.py:726
+msgid "Property Mapping"
+msgstr "Mappatura della proprietà"
+
+#: authentik/core/models.py:727
+msgid "Property Mappings"
+msgstr "Mappatura delle proprietà"
+
+#: authentik/core/models.py:762
+msgid "Authenticated Session"
+msgstr "Sessione Autenticata"
+
+#: authentik/core/models.py:763
+msgid "Authenticated Sessions"
+msgstr "Sessioni Autenticate"
+
+#: authentik/core/sources/flow_manager.py:190
+#, python-format
+msgid ""
+"Request to authenticate with %(source)s has been denied. Please authenticate"
+" with the source you've previously signed up with."
+msgstr ""
+"La richiesta di autenticazione con %(source)s è stata negata. Autenticati "
+"con la fonte con cui ti sei registrato in precedenza."
+
+#: authentik/core/sources/flow_manager.py:242
+msgid "Configured flow does not exist."
+msgstr "Flusso configurato inesistente."
+
+#: authentik/core/sources/flow_manager.py:272
+#: authentik/core/sources/flow_manager.py:324
+#, python-format
+msgid "Successfully authenticated with %(source)s!"
+msgstr "Autenticazione riuscita con %(source)s!"
+
+#: authentik/core/sources/flow_manager.py:296
+#, python-format
+msgid "Successfully linked %(source)s!"
+msgstr "%(source)s collegato con successo!"
+
+#: authentik/core/sources/flow_manager.py:315
+msgid "Source is not configured for enrollment."
+msgstr "La sorgente non è configurata per la registrazione."
+
+#: authentik/core/templates/if/end_session.html:7
+msgid "End session"
+msgstr "Fine sessione"
+
+#: authentik/core/templates/if/end_session.html:11
+#, python-format
+msgid ""
+"\n"
+"You've logged out of %(application)s.\n"
+msgstr ""
+"\n"
+"Sei disconnesso da %(application)s.\n"
+
+#: authentik/core/templates/if/end_session.html:19
+#, python-format
+msgid ""
+"\n"
+"            You've logged out of %(application)s. You can go back to the overview to launch another application, or log out of your %(branding_title)s account.\n"
+"        "
+msgstr ""
+"\n"
+"             Hai effettuato il logout da %(application)s. Puoi tornare alla panoramica per avviare un'altra applicazione o effettuare il logout dal tuo account %(branding_title)s."
+
+#: authentik/core/templates/if/end_session.html:25
+msgid "Go back to overview"
+msgstr "Torna alla panoramica"
+
+#: authentik/core/templates/if/end_session.html:29
+#, python-format
+msgid ""
+"\n"
+"            Log out of %(branding_title)s\n"
+"        "
+msgstr ""
+"\n"
+"            Esci da %(branding_title)s\n"
+"        "
+
+#: authentik/core/templates/if/end_session.html:36
+#, python-format
+msgid ""
+"\n"
+"            Log back into %(application)s\n"
+"        "
+msgstr ""
+"\n"
+"            Accedi di nuovo a %(application)s\n"
+"        "
+
+#: authentik/core/templates/if/error.html:18
+msgid "Go home"
+msgstr "Vai alla pagina iniziale"
+
+#: authentik/core/templates/login/base_full.html:89
+msgid "Powered by authentik"
+msgstr "Gestito da authentik"
+
+#: authentik/core/views/apps.py:53
+#: authentik/providers/oauth2/views/authorize.py:393
+#: authentik/providers/oauth2/views/device_init.py:70
+#: authentik/providers/saml/views/sso.py:70
+#, python-format
+msgid "You're about to sign into %(application)s."
+msgstr "Stai per accedere a %(application)s"
+
+#: authentik/crypto/api.py:179
+msgid "Subject-alt name"
+msgstr "Nome alternativo del soggetto"
+
+#: authentik/crypto/models.py:30
+msgid "PEM-encoded Certificate data"
+msgstr "Dati del certificato in codifica PEM"
+
+#: authentik/crypto/models.py:33
+msgid ""
+"Optional Private Key. If this is set, you can use this keypair for "
+"encryption."
+msgstr ""
+"Chiave privata facoltativa. Se è impostato, puoi utilizzare questa coppia di"
+" chiavi per la crittografia."
+
+#: authentik/crypto/models.py:101
+msgid "Certificate-Key Pair"
+msgstr "Coppia certificato-chiave"
+
+#: authentik/crypto/models.py:102
+msgid "Certificate-Key Pairs"
+msgstr "Coppie certificato-chiave"
+
+#: authentik/enterprise/models.py:183
+msgid "License"
+msgstr "Licenza"
+
+#: authentik/enterprise/models.py:184
+msgid "Licenses"
+msgstr "Licenze"
+
+#: authentik/enterprise/models.py:206
+msgid "License Usage"
+msgstr "Utilizzo della licenza"
+
+#: authentik/enterprise/models.py:207
+msgid "License Usage Records"
+msgstr "Registri sull'utilizzo della licenza"
+
+#: authentik/events/models.py:291
+msgid "Event"
+msgstr "Evento"
+
+#: authentik/events/models.py:292
+msgid "Events"
+msgstr "Eventi"
+
+#: authentik/events/models.py:298
+msgid "authentik inbuilt notifications"
+msgstr "notifiche integrate authentik"
+
+#: authentik/events/models.py:299
+msgid "Generic Webhook"
+msgstr "Webhook generico"
+
+#: authentik/events/models.py:300
+msgid "Slack Webhook (Slack/Discord)"
+msgstr "Slack Webhook (Slack/Discord)"
+
+#: authentik/events/models.py:301
+msgid "Email"
+msgstr "Email"
+
+#: authentik/events/models.py:319
+msgid ""
+"Only send notification once, for example when sending a webhook into a chat "
+"channel."
+msgstr ""
+"Invia una notifica solo una volta, ad esempio quando invii un webhook in un "
+"canale di chat."
+
+#: authentik/events/models.py:384
+msgid "Severity"
+msgstr "Gravità"
+
+#: authentik/events/models.py:389
+msgid "Dispatched for user"
+msgstr "Inviato per l'utente"
+
+#: authentik/events/models.py:398
+msgid "Event user"
+msgstr "Evento utente"
+
+#: authentik/events/models.py:492
+msgid "Notification Transport"
+msgstr "Trasporto Notifica"
+
+#: authentik/events/models.py:493
+msgid "Notification Transports"
+msgstr "Trasporti notifica"
+
+#: authentik/events/models.py:499
+msgid "Notice"
+msgstr "Avviso"
+
+#: authentik/events/models.py:500
+msgid "Warning"
+msgstr "Avvertimento"
+
+#: authentik/events/models.py:501
+msgid "Alert"
+msgstr "Allarme"
+
+#: authentik/events/models.py:526
+msgid "Notification"
+msgstr "Notifica"
+
+#: authentik/events/models.py:527
+msgid "Notifications"
+msgstr "Notifiche"
+
+#: authentik/events/models.py:537
+msgid ""
+"Select which transports should be used to notify the user. If none are "
+"selected, the notification will only be shown in the authentik UI."
+msgstr ""
+"Selezionare quali trasporti devono essere utilizzati per notificare "
+"l'utente. Se non ne viene selezionato nessuno, la notifica verrà mostrata "
+"solo nell'interfaccia utente authentik."
+
+#: authentik/events/models.py:545
+msgid "Controls which severity level the created notifications will have."
+msgstr "Controlla quale livello di gravità avranno le notifiche create."
+
+#: authentik/events/models.py:550
+msgid ""
+"Define which group of users this notification should be sent and shown to. "
+"If left empty, Notification won't ben sent."
+msgstr ""
+"Definisci a quale gruppo di utenti deve essere inviata e mostrata questa "
+"notifica. Se lasciato vuoto, la notifica non verrà inviata."
+
+#: authentik/events/models.py:568
+msgid "Notification Rule"
+msgstr "Regola di notifica"
+
+#: authentik/events/models.py:569
+msgid "Notification Rules"
+msgstr "Regole di notifica"
+
+#: authentik/events/models.py:589
+msgid "Webhook Mapping"
+msgstr "Mappatura Webhook"
+
+#: authentik/events/models.py:590
+msgid "Webhook Mappings"
+msgstr "Mappature Webhook"
+
+#: authentik/events/monitored_tasks.py:205
+msgid "Task has not been run yet."
+msgstr "L'attività non è stata ancora eseguita."
+
+#: authentik/flows/api/flows.py:295
+#, python-format
+msgid "Flow not applicable to current user/request: %(messages)s"
+msgstr "Flusso non applicabile all'utente/richiesta corrente: %(messages)s"
+
+#: authentik/flows/api/flows_diagram.py:68
+#: authentik/flows/api/flows_diagram.py:94
+#, python-format
+msgid "Policy (%(type)s)"
+msgstr "Criterio (%(type)s)"
+
+#: authentik/flows/api/flows_diagram.py:71
+#, python-format
+msgid "Binding %(order)d"
+msgstr "Associazione %(order)d"
+
+#: authentik/flows/api/flows_diagram.py:118
+msgid "Policy passed"
+msgstr "Criterio approvato"
+
+#: authentik/flows/api/flows_diagram.py:122
+#, python-format
+msgid "Stage (%(type)s)"
+msgstr "Fase (%(type)s)"
+
+#: authentik/flows/api/flows_diagram.py:146
+#: authentik/flows/api/flows_diagram.py:206
+msgid "Policy denied"
+msgstr "Criterio negato"
+
+#: authentik/flows/api/flows_diagram.py:156
+#: authentik/flows/api/flows_diagram.py:168
+#: authentik/flows/api/flows_diagram.py:205
+#: authentik/flows/api/flows_diagram.py:227
+msgid "End of the flow"
+msgstr "Fine del flusso"
+
+#: authentik/flows/api/flows_diagram.py:169
+msgid "Requirement not fulfilled"
+msgstr "Requisito non soddisfatto"
+
+#: authentik/flows/api/flows_diagram.py:177
+msgid "Flow authentication requirement"
+msgstr "Requisito di autenticazione del flusso"
+
+#: authentik/flows/api/flows_diagram.py:183
+msgid "Requirement fulfilled"
+msgstr "Requisito soddisfatto"
+
+#: authentik/flows/api/flows_diagram.py:196
+msgid "Pre-flow policies"
+msgstr "Politiche pre-flusso"
+
+#: authentik/flows/api/flows_diagram.py:214 authentik/flows/models.py:193
+msgid "Flow"
+msgstr "Flusso"
+
+#: authentik/flows/exceptions.py:19
+msgid "Flow does not apply to current user."
+msgstr "Il flusso non si applica all'utente corrente."
+
+#: authentik/flows/models.py:114
+#, python-format
+msgid "Dynamic In-memory stage: %(doc)s"
+msgstr "Fase dinamica in memoria: %(doc)s"
+
+#: authentik/flows/models.py:129
+msgid "Visible in the URL."
+msgstr "Visibile nell'URL."
+
+#: authentik/flows/models.py:131
+msgid "Shown as the Title in Flow pages."
+msgstr "Mostrato come Titolo nelle pagine Flusso"
+
+#: authentik/flows/models.py:138
+msgid ""
+"Decides what this Flow is used for. For example, the Authentication flow is "
+"redirect to when an un-authenticated user visits authentik."
+msgstr ""
+"Decide cosa viene utilizzato questo Flusso. Ad esempio, il flusso di "
+"autenticazione viene reindirizzato quando un utente non autenticato visita "
+"authentik."
+
+#: authentik/flows/models.py:147
+msgid "Background shown during execution"
+msgstr "Sfondo mostrato durante l'esecuzione"
+
+#: authentik/flows/models.py:154
+msgid ""
+"Enable compatibility mode, increases compatibility with password managers on"
+" mobile devices."
+msgstr ""
+"Abilita compatibilità, incrementa la compatibilità con i gestori password su"
+" dispositivi mobile."
+
+#: authentik/flows/models.py:162
+msgid "Configure what should happen when a flow denies access to a user."
+msgstr ""
+"Configura cosa può accadere quando un flusso nega l'accesso ad un utente."
+
+#: authentik/flows/models.py:168
+msgid "Required level of authentication and authorization to access a flow."
+msgstr ""
+"Livello richiesto di autenticazione e autorizzazione per accedere a un "
+"flusso."
+
+#: authentik/flows/models.py:194
+msgid "Flows"
+msgstr "Flussi"
+
+#: authentik/flows/models.py:197
+msgid "Can export a Flow"
+msgstr "Può esportare un flusso"
+
+#: authentik/flows/models.py:198
+msgid "Can inspect a Flow's execution"
+msgstr "Può ispezionare l'esecuzione di un flusso"
+
+#: authentik/flows/models.py:199
+msgid "View Flow's cache metrics"
+msgstr "Visualizza le metriche della cache del flusso"
+
+#: authentik/flows/models.py:200
+msgid "Clear Flow's cache metrics"
+msgstr "Cancella le metriche della cache del flusso"
+
+#: authentik/flows/models.py:216
+msgid "Evaluate policies during the Flow planning process."
+msgstr ""
+"Valutare le politiche durante il processo di pianificazione del flusso."
+
+#: authentik/flows/models.py:220
+msgid "Evaluate policies when the Stage is present to the user."
+msgstr "Valutare le policy quando lo stage è presente all'utente."
+
+#: authentik/flows/models.py:227
+msgid ""
+"Configure how the flow executor should handle an invalid response to a "
+"challenge. RETRY returns the error message and a similar challenge to the "
+"executor. RESTART restarts the flow from the beginning, and "
+"RESTART_WITH_CONTEXT restarts the flow while keeping the current context."
+msgstr ""
+"Specifica come l'esecutore del flow dovrebbe gestire un riscontro negativo "
+"di una verifica. RETRY restituisce il messaggio di errore e una verifica "
+"simile all'esecutore. RESTART riavvia il flusso da capo, e "
+"RESTART_WITH_CONTEXT lo riavvia mantenendo lo stato attuale."
+
+#: authentik/flows/models.py:250
+msgid "Flow Stage Binding"
+msgstr "Associazione della fase del flusso"
+
+#: authentik/flows/models.py:251
+msgid "Flow Stage Bindings"
+msgstr "Associazioni della fase del flusso"
+
+#: authentik/flows/models.py:266
+msgid ""
+"Flow used by an authenticated user to configure this Stage. If empty, user "
+"will not be able to configure this stage."
+msgstr ""
+"Flusso utilizzato da un utente autenticato per configurare questa fase. Se "
+"vuoto, l'utente non sarà in grado di configurare questa fase."
+
+#: authentik/flows/models.py:306
+msgid "Flow Token"
+msgstr "Token del flusso"
+
+#: authentik/flows/models.py:307
+msgid "Flow Tokens"
+msgstr "Tokens del flusso"
+
+#: authentik/lib/utils/time.py:27
+#, python-format
+msgid "%(value)s is not in the correct format of 'hours=3;minutes=1'."
+msgstr "%(value)s non è nel formato corretto di 'hours=3;minutes=1'."
+
+#: authentik/lib/validators.py:16
+#, python-brace-format
+msgid "The fields {field_names} must be used together."
+msgstr "I campi {field_names} devono essere utilizzati insieme."
+
+#: authentik/outposts/api/service_connections.py:127
+msgid ""
+"You can only use an empty kubeconfig when connecting to a local cluster."
+msgstr ""
+"Puoi usare sono un kubeconfig vuoto durante la connessione ad un cluster "
+"locale."
+
+#: authentik/outposts/api/service_connections.py:135
+msgid "Invalid kubeconfig"
+msgstr "Kubeconfig invalida"
+
+#: authentik/outposts/models.py:122
+msgid ""
+"If enabled, use the local connection. Required Docker socket/Kubernetes "
+"Integration"
+msgstr ""
+"Se abilitato, utilizzare la connessione locale. Socket Docker/Integrazione "
+"Kubernetes richiesto"
+
+#: authentik/outposts/models.py:152
+msgid "Outpost Service-Connection"
+msgstr "Connessione al servizio Outpost"
+
+#: authentik/outposts/models.py:153
+msgid "Outpost Service-Connections"
+msgstr "Connessioni al servizii Outpost"
+
+#: authentik/outposts/models.py:161
+msgid ""
+"Can be in the format of 'unix://<path>' when connecting to a local docker "
+"daemon, or 'https://<hostname>:2376' when connecting to a remote system."
+msgstr ""
+"Può essere nel formato 'unix://<path>' quando si connette a un demone Docker"
+" locale, o 'https://<hostname>:2376' quando si connette a un sistema remoto."
+
+#: authentik/outposts/models.py:173
+msgid ""
+"CA which the endpoint's Certificate is verified against. Can be left empty "
+"for no validation."
+msgstr ""
+"CA contro cui viene verificato il certificato del punto finale. Può essere "
+"lasciato vuoto per nessuna validazione."
+
+#: authentik/outposts/models.py:185
+msgid ""
+"Certificate/Key used for authentication. Can be left empty for no "
+"authentication."
+msgstr ""
+"Certificato/Chiave utilizzata per l'autenticazione. Può essere lasciato "
+"vuoto per nessuna autenticazione."
+
+#: authentik/outposts/models.py:203
+msgid "Docker Service-Connection"
+msgstr "Connessione al servizio Docker"
+
+#: authentik/outposts/models.py:204
+msgid "Docker Service-Connections"
+msgstr "Connessioni al servizi Docker"
+
+#: authentik/outposts/models.py:212
+msgid ""
+"Paste your kubeconfig here. authentik will automatically use the currently "
+"selected context."
+msgstr ""
+"Incolla il tuo kubeconfig qui. authentik utilizzerà automaticamente il "
+"contesto attualmente selezionato."
+
+#: authentik/outposts/models.py:218
+msgid "Verify SSL Certificates of the Kubernetes API endpoint"
+msgstr "Verifica i certificati SSL del punto di accesso API di Kubernetes."
+
+#: authentik/outposts/models.py:235
+msgid "Kubernetes Service-Connection"
+msgstr "Connessione al servizio Kubernetes"
+
+#: authentik/outposts/models.py:236
+msgid "Kubernetes Service-Connections"
+msgstr "Connessione ai servizi Kubernetes"
+
+#: authentik/outposts/models.py:252
+msgid ""
+"Select Service-Connection authentik should use to manage this outpost. Leave"
+" empty if authentik should not handle the deployment."
+msgstr ""
+"Seleziona il servizio di connessione che authentik dovrebbe utilizzare per "
+"gestire questo outpost. Lascia vuoto se authentik non deve gestire la "
+"distribuzione."
+
+#: authentik/outposts/models.py:419
+msgid "Outpost"
+msgstr "Outpost"
+
+#: authentik/outposts/models.py:420
+msgid "Outposts"
+msgstr "Outposts"
+
+#: authentik/policies/denied.py:24
+msgid "Access denied"
+msgstr "Accesso negato"
+
+#: authentik/policies/dummy/models.py:44
+msgid "Dummy Policy"
+msgstr "Criterio fittizio"
+
+#: authentik/policies/dummy/models.py:45
+msgid "Dummy Policies"
+msgstr "Politiche fittizie"
+
+#: authentik/policies/event_matcher/api.py:20
+#: authentik/policies/event_matcher/models.py:56
+msgid ""
+"Match events created by selected application. When left empty, all "
+"applications are matched."
+msgstr ""
+"Eventi di corrispondenza creati dall'applicazione selezionata. Quando "
+"lasciato vuoto, tutte le applicazioni vengono corrisposte."
+
+#: authentik/policies/event_matcher/api.py:29
+#: authentik/policies/event_matcher/models.py:64
+msgid ""
+"Match events created by selected model. When left empty, all models are "
+"matched. When an app is selected, all the application's models are matched."
+msgstr ""
+"Eventi di corrispondenza creati dal modello selezionato. Quando lasciato "
+"vuoto, tutti i modelli vengono abbinati. Quando viene selezionata un'app, "
+"vengono abbinati tutti i modelli dell'applicazione."
+
+#: authentik/policies/event_matcher/api.py:42
+msgid "At least one criteria must be set."
+msgstr "Deve essere impostato almeno un criterio."
+
+#: authentik/policies/event_matcher/models.py:48
+msgid ""
+"Match created events with this action type. When left empty, all action "
+"types will be matched."
+msgstr ""
+"Corrispondere gli eventi creati con questo tipo di azione. Quando lasciato "
+"vuoto, tutti i tipi di azione saranno corrisposti."
+
+#: authentik/policies/event_matcher/models.py:73
+msgid ""
+"Matches Event's Client IP (strict matching, for network matching use an "
+"Expression Policy)"
+msgstr ""
+"Corrisponde all'IP del client dell'evento (corrispondenza rigorosa, per la "
+"corrispondenza di rete utilizzare una criterio di espressione)"
+
+#: authentik/policies/event_matcher/models.py:143
+msgid "Event Matcher Policy"
+msgstr "Criterio Corrispondenza Evento"
+
+#: authentik/policies/event_matcher/models.py:144
+msgid "Event Matcher Policies"
+msgstr "Criteri Corrispondenza Evento"
+
+#: authentik/policies/expiry/models.py:45
+#, python-format
+msgid "Password expired %(days)d days ago. Please update your password."
+msgstr ""
+"Password scaduta %(days)d giorni fa. Si prega di aggiornare la password."
+
+#: authentik/policies/expiry/models.py:49
+msgid "Password has expired."
+msgstr "Password scaduta"
+
+#: authentik/policies/expiry/models.py:53
+msgid "Password Expiry Policy"
+msgstr "Criterio di scadenza della password"
+
+#: authentik/policies/expiry/models.py:54
+msgid "Password Expiry Policies"
+msgstr "Politiche di scadenza della password"
+
+#: authentik/policies/expression/models.py:40
+msgid "Expression Policy"
+msgstr "Criterio di Espressione"
+
+#: authentik/policies/expression/models.py:41
+msgid "Expression Policies"
+msgstr "Criteri di espressione"
+
+#: authentik/policies/models.py:22
+msgid "all, all policies must pass"
+msgstr "tutte, tutti i criteri devono passare"
+
+#: authentik/policies/models.py:23
+msgid "any, any policy must pass"
+msgstr "qualsiasi, qualsiasi criterio deve passare"
+
+#: authentik/policies/models.py:46
+msgid "Policy Binding Model"
+msgstr "Modello Associazione Criterio"
+
+#: authentik/policies/models.py:47
+msgid "Policy Binding Models"
+msgstr "Modelli Associazione Criterio"
+
+#: authentik/policies/models.py:86
+msgid "Negates the outcome of the policy. Messages are unaffected."
+msgstr "Nega il risultato del criterio. I messaggi non sono influenzati."
+
+#: authentik/policies/models.py:89
+msgid "Timeout after which Policy execution is terminated."
+msgstr "Timeout dopo il quale l'esecuzione del Criterio viene terminato."
+
+#: authentik/policies/models.py:92
+msgid "Result if the Policy execution fails."
+msgstr "Risultato se l'esecuzione della Policy fallisce."
+
+#: authentik/policies/models.py:145
+msgid "Policy Binding"
+msgstr "Associazione criterio"
+
+#: authentik/policies/models.py:146
+msgid "Policy Bindings"
+msgstr "Associazioni criterio"
+
+#: authentik/policies/models.py:167
+msgid ""
+"When this option is enabled, all executions of this policy will be logged. "
+"By default, only execution errors are logged."
+msgstr ""
+"Quando questa opzione è abilitata, tutte le esecuzioni di questo criterio "
+"verranno registrate. Per impostazione predefinita, vengono registrati solo "
+"gli errori di esecuzione."
+
+#: authentik/policies/models.py:189
+msgid "Policy"
+msgstr "Criterio"
+
+#: authentik/policies/models.py:190
+msgid "Policies"
+msgstr "Politiche"
+
+#: authentik/policies/models.py:193
+msgid "View Policy's cache metrics"
+msgstr "Visualizza le metriche della cache della Policy"
+
+#: authentik/policies/models.py:194
+msgid "Clear Policy's cache metrics"
+msgstr "Cancellare le metriche della cache della Policy"
+
+#: authentik/policies/password/models.py:27
+msgid "Field key to check, field keys defined in Prompt stages are available."
+msgstr ""
+"Chiave di campo da verificare, sono disponibili le chiavi di campo definite "
+"nelle fasi Richiesta."
+
+#: authentik/policies/password/models.py:44
+msgid "How many times the password hash is allowed to be on haveibeenpwned"
+msgstr ""
+"Quante volte l'hash della password è consentito essere su haveibeenpwned"
+
+#: authentik/policies/password/models.py:49
+msgid ""
+"If the zxcvbn score is equal or less than this value, the policy will fail."
+msgstr ""
+"Se il punteggio zxcvbn è inferiore o uguale a questo valore, il criterio non"
+" verrà soddisfatto."
+
+#: authentik/policies/password/models.py:72
+msgid "Password not set in context"
+msgstr "Password non impostata nel contesto"
+
+#: authentik/policies/password/models.py:134
+#, python-format
+msgid "Password exists on %(count)d online lists."
+msgstr "Password esistente in %(count)d lite online."
+
+#: authentik/policies/password/models.py:154
+msgid "Password is too weak."
+msgstr "Password troppo deblole"
+
+#: authentik/policies/password/models.py:162
+msgid "Password Policy"
+msgstr "Criterio della password"
+
+#: authentik/policies/password/models.py:163
+msgid "Password Policies"
+msgstr "Politiche delle password"
+
+#: authentik/policies/reputation/api.py:18
+msgid "Either IP or Username must be checked"
+msgstr "È necessario controllare l'IP o il nome utente"
+
+#: authentik/policies/reputation/models.py:67
+msgid "Reputation Policy"
+msgstr "Criterio Reputazione"
+
+#: authentik/policies/reputation/models.py:68
+msgid "Reputation Policies"
+msgstr "Politiche della reputazione"
+
+#: authentik/policies/reputation/models.py:95
+msgid "Reputation Score"
+msgstr "Punteggio di reputazione"
+
+#: authentik/policies/reputation/models.py:96
+msgid "Reputation Scores"
+msgstr "Punteggi di reputazione"
+
+#: authentik/policies/templates/policies/denied.html:7
+#: authentik/policies/templates/policies/denied.html:11
+msgid "Permission denied"
+msgstr "Permesso negato"
+
+#: authentik/policies/templates/policies/denied.html:21
+msgid "User's avatar"
+msgstr "Avatar utente"
+
+#: authentik/policies/templates/policies/denied.html:25
+msgid "Not you?"
+msgstr "Non sei tu?"
+
+#: authentik/policies/templates/policies/denied.html:33
+msgid "Request has been denied."
+msgstr "La richiesta è stata negata."
+
+#: authentik/policies/templates/policies/denied.html:44
+msgid "Messages:"
+msgstr "Messaggi:"
+
+#: authentik/policies/templates/policies/denied.html:54
+msgid "Explanation:"
+msgstr "Spiegazione:"
+
+#: authentik/policies/templates/policies/denied.html:58
+#, python-format
+msgid ""
+"\n"
+"                    Policy binding '%(name)s' returned result '%(result)s'\n"
+"                    "
+msgstr ""
+"\n"
+"                    L'associazione criterio '%(name)s' ha restituito '%(result)s'\n"
+"                    "
+
+#: authentik/policies/views.py:68
+msgid "Failed to resolve application"
+msgstr "Impossibile risolvere l'applicazione"
+
+#: authentik/providers/ldap/models.py:25
+msgid "DN under which objects are accessible."
+msgstr "DN sotto il quale gli oggetti sono accessibili."
+
+#: authentik/providers/ldap/models.py:34
+msgid ""
+"Users in this group can do search queries. If not set, every user can "
+"execute search queries."
+msgstr ""
+"Gli utenti di questo gruppo possono scrivere query di ricerca. Se non "
+"specificato, qualsiasi utente può eseguirle."
+
+#: authentik/providers/ldap/models.py:53
+msgid ""
+"The start for uidNumbers, this number is added to the user.pk to make sure "
+"that the numbers aren't too low for POSIX users. Default is 2000 to ensure "
+"that we don't collide with local users uidNumber"
+msgstr ""
+"Il numero di partenza per uidNumbers, questo numero viene aggiunto a user.pk"
+" per assicurarsi che i numeri non siano troppo bassi per gli utenti POSIX. "
+"Il valore predefinito è 2000 per garantire che non ci siano collisioni con "
+"gli uidNumber degli utenti locali."
+
+#: authentik/providers/ldap/models.py:62
+msgid ""
+"The start for gidNumbers, this number is added to a number generated from "
+"the group.pk to make sure that the numbers aren't too low for POSIX groups. "
+"Default is 4000 to ensure that we don't collide with local groups or users "
+"primary groups gidNumber"
+msgstr ""
+"Il punto di partenza per gidNumbers, questo numero viene aggiunto a un "
+"numero generato dal group.pk per assicurarsi che i numeri non siano troppo "
+"bassi per i gruppi POSIX. Il valore predefinito è 4000 per garantire che non"
+" ci siano collisioni con gruppi locali o gruppi primari di utenti gidNumber."
+
+#: authentik/providers/ldap/models.py:76
+#: authentik/providers/radius/models.py:34
+msgid ""
+"When enabled, code-based multi-factor authentication can be used by "
+"appending a semicolon and the TOTP code to the password. This should only be"
+" enabled if all users that will bind to this provider have a TOTP device "
+"configured, as otherwise a password may incorrectly be rejected if it "
+"contains a semicolon."
+msgstr ""
+"Quando abilitato, l'autenticazione a più fattori basata su codice può essere"
+" utilizzata aggiungendo un punto e virgola e il codice TOTP alla password. "
+"Ciò dovrebbe essere abilitato solo se tutti gli utenti che si assoceranno a "
+"questo provider hanno un dispositivo TOTP configurato, poiché altrimenti una"
+" password potrebbe essere erroneamente rifiutata se contiene un punto e "
+"virgola."
+
+#: authentik/providers/ldap/models.py:108
+msgid "LDAP Provider"
+msgstr "Provider LDAP"
+
+#: authentik/providers/ldap/models.py:109
+msgid "LDAP Providers"
+msgstr "Providers LDAP"
+
+#: authentik/providers/oauth2/id_token.py:27
+msgid "Based on the Hashed User ID"
+msgstr "Basato sull'ID utente hashato"
+
+#: authentik/providers/oauth2/id_token.py:28
+msgid "Based on user ID"
+msgstr "Basato sull' ID utente"
+
+#: authentik/providers/oauth2/id_token.py:29
+msgid "Based on user UUID"
+msgstr "Basato sull' UUID utente"
+
+#: authentik/providers/oauth2/id_token.py:30
+msgid "Based on the username"
+msgstr "Basato sull'username"
+
+#: authentik/providers/oauth2/id_token.py:33
+msgid "Based on the User's Email. This is recommended over the UPN method."
+msgstr "Basato sull'email dell'utente. Consigliato per il metodo UPN."
+
+#: authentik/providers/oauth2/id_token.py:38
+msgid ""
+"Based on the User's UPN, only works if user has a 'upn' attribute set. Use "
+"this method only if you have different UPN and Mail domains."
+msgstr ""
+"Basato sull'UPN dell'utente, funziona solo se l'utente ha un attributo 'upn'"
+" impostato. Utilizza questo metodo solo se hai domini UPN e Mail diversi."
+
+#: authentik/providers/oauth2/models.py:43
+msgid "Confidential"
+msgstr "Confidenziale"
+
+#: authentik/providers/oauth2/models.py:44
+msgid "Public"
+msgstr "Pubblico"
+
+#: authentik/providers/oauth2/models.py:66
+msgid "Same identifier is used for all providers"
+msgstr "Stesso identificatore usato su tutti i providers"
+
+#: authentik/providers/oauth2/models.py:68
+msgid "Each provider has a different issuer, based on the application slug."
+msgstr ""
+"Ogni provider ha un issuer differente, basato sullo slug dell'applicazione."
+
+#: authentik/providers/oauth2/models.py:75
+msgid "code (Authorization Code Flow)"
+msgstr "code (Flusso di autorizzazione del codice)"
+
+#: authentik/providers/oauth2/models.py:76
+msgid "id_token (Implicit Flow)"
+msgstr "id_token (Flusso Implicito)"
+
+#: authentik/providers/oauth2/models.py:77
+msgid "id_token token (Implicit Flow)"
+msgstr "id_token token (Flusso Implicito)"
+
+#: authentik/providers/oauth2/models.py:78
+msgid "code token (Hybrid Flow)"
+msgstr "code token (Flusso Ibrido)"
+
+#: authentik/providers/oauth2/models.py:79
+msgid "code id_token (Hybrid Flow)"
+msgstr "code id_token (Flusso Ibrido)"
+
+#: authentik/providers/oauth2/models.py:80
+msgid "code id_token token (Hybrid Flow)"
+msgstr "code id_token token (Flusso Ibrido)"
+
+#: authentik/providers/oauth2/models.py:86
+msgid "HS256 (Symmetric Encryption)"
+msgstr "HS256 (Crittografia Simmetrica)"
+
+#: authentik/providers/oauth2/models.py:87
+msgid "RS256 (Asymmetric Encryption)"
+msgstr "RS256 (Crittografia Asimmetrica)"
+
+#: authentik/providers/oauth2/models.py:88
+msgid "ES256 (Asymmetric Encryption)"
+msgstr "ES256 (Crittografia Asimmetrica)"
+
+#: authentik/providers/oauth2/models.py:94
+msgid "Scope used by the client"
+msgstr "Scope usato dall'utente"
+
+#: authentik/providers/oauth2/models.py:98
+msgid ""
+"Description shown to the user when consenting. If left empty, the user won't"
+" be informed."
+msgstr ""
+"Descrizione mostrata all'utente durante il consenso. Se lasciato vuoto, "
+"l'utente non verrà informato."
+
+#: authentik/providers/oauth2/models.py:117
+msgid "Scope Mapping"
+msgstr "Mappatura dell'ambito"
+
+#: authentik/providers/oauth2/models.py:118
+msgid "Scope Mappings"
+msgstr "Mappature degli ambiti"
+
+#: authentik/providers/oauth2/models.py:128
+msgid "Client Type"
+msgstr "Tipo Client"
+
+#: authentik/providers/oauth2/models.py:130
+msgid ""
+"Confidential clients are capable of maintaining the confidentiality of their"
+" credentials. Public clients are incapable"
+msgstr ""
+"I clienti confidenziali sono in grado di mantenere la riservatezza delle "
+"loro credenziali. I clienti pubblici sono incapaci."
+
+#: authentik/providers/oauth2/models.py:137
+msgid "Client ID"
+msgstr "Client ID"
+
+#: authentik/providers/oauth2/models.py:143
+msgid "Client Secret"
+msgstr "Client Secret"
+
+#: authentik/providers/oauth2/models.py:149
+msgid "Redirect URIs"
+msgstr "URL di reindirizzamento"
+
+#: authentik/providers/oauth2/models.py:150
+msgid "Enter each URI on a new line."
+msgstr "Inserisci ogni URI su una nuova riga."
+
+#: authentik/providers/oauth2/models.py:155
+msgid "Include claims in id_token"
+msgstr "Includere le richieste in id_token"
+
+#: authentik/providers/oauth2/models.py:157
+msgid ""
+"Include User claims from scopes in the id_token, for applications that don't"
+" access the userinfo endpoint."
+msgstr ""
+"Includere le richieste dell'utente dagli ambiti nell'id_token, per le "
+"applicazioni che non accedono al punto di accesso userinfo."
+
+#: authentik/providers/oauth2/models.py:166
+msgid ""
+"Access codes not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Codici di accesso non validi a partire dall'ora corrente + questo valore "
+"(Format: hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/oauth2/models.py:174
+#: authentik/providers/oauth2/models.py:182
+msgid ""
+"Tokens not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Tokens non validi a partire dall'ora corrente + questo valore (Format: "
+"hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/oauth2/models.py:191
+msgid ""
+"Configure what data should be used as unique User Identifier. For most "
+"cases, the default should be fine."
+msgstr ""
+"Configurare quale dato dovrebbe essere utilizzato come identificatore "
+"univoco dell'utente. Per la maggior parte dei casi, il valore predefinito "
+"dovrebbe essere sufficiente."
+
+#: authentik/providers/oauth2/models.py:198
+msgid "Configure how the issuer field of the ID Token should be filled."
+msgstr ""
+"Configurare come il campo emittente dell'ID Token dovrebbe essere compilato."
+
+#: authentik/providers/oauth2/models.py:203
+msgid "Signing Key"
+msgstr "Chiave di firma"
+
+#: authentik/providers/oauth2/models.py:207
+msgid ""
+"Key used to sign the tokens. Only required when JWT Algorithm is set to "
+"RS256."
+msgstr ""
+"Chiave utilizzata per firmare i token. Richiesta solo quando l'algoritmo JWT"
+" è impostato su RS256."
+
+#: authentik/providers/oauth2/models.py:214
+msgid ""
+"Any JWT signed by the JWK of the selected source can be used to "
+"authenticate."
+msgstr ""
+"Ogni JWT firmata dal JWK della sorgente selezionata può essere utilizzata "
+"per l'autenticazione."
+
+#: authentik/providers/oauth2/models.py:287
+msgid "OAuth2/OpenID Provider"
+msgstr "Fornitore OAuth2/OpenID"
+
+#: authentik/providers/oauth2/models.py:288
+msgid "OAuth2/OpenID Providers"
+msgstr "Fornitori OAuth2/OpenID"
+
+#: authentik/providers/oauth2/models.py:297
+#: authentik/providers/oauth2/models.py:429
+msgid "Scopes"
+msgstr "Scopes"
+
+#: authentik/providers/oauth2/models.py:316
+msgid "Code"
+msgstr "Codice"
+
+#: authentik/providers/oauth2/models.py:317
+msgid "Nonce"
+msgstr "Nonce"
+
+#: authentik/providers/oauth2/models.py:318
+msgid "Code Challenge"
+msgstr "Verifica del codice"
+
+#: authentik/providers/oauth2/models.py:320
+msgid "Code Challenge Method"
+msgstr "Metodo di verifica del codice"
+
+#: authentik/providers/oauth2/models.py:340
+msgid "Authorization Code"
+msgstr "Codice di autorizzazione"
+
+#: authentik/providers/oauth2/models.py:341
+msgid "Authorization Codes"
+msgstr "Codici di autorizzazione"
+
+#: authentik/providers/oauth2/models.py:383
+msgid "OAuth2 Access Token"
+msgstr "Token di accesso OAuth2"
+
+#: authentik/providers/oauth2/models.py:384
+msgid "OAuth2 Access Tokens"
+msgstr "Tokens di accesso OAuth2"
+
+#: authentik/providers/oauth2/models.py:394
+msgid "ID Token"
+msgstr "ID Token"
+
+#: authentik/providers/oauth2/models.py:413
+msgid "OAuth2 Refresh Token"
+msgstr "Token di aggiornamento OAuth2"
+
+#: authentik/providers/oauth2/models.py:414
+msgid "OAuth2 Refresh Tokens"
+msgstr "Tokens di aggiornamento OAuth2"
+
+#: authentik/providers/oauth2/models.py:441
+msgid "Device Token"
+msgstr "Token Dispositivo"
+
+#: authentik/providers/oauth2/models.py:442
+msgid "Device Tokens"
+msgstr "Token Dispositivi"
+
+#: authentik/providers/oauth2/views/authorize.py:448
+#: authentik/providers/saml/views/flows.py:87
+#, python-format
+msgid "Redirecting to %(app)s..."
+msgstr "Reindirizzamento a %(app)s..."
+
+#: authentik/providers/oauth2/views/device_init.py:151
+msgid "Invalid code"
+msgstr "Codice non valido"
+
+#: authentik/providers/oauth2/views/userinfo.py:55
+#: authentik/providers/oauth2/views/userinfo.py:56
+msgid "GitHub Compatibility: Access your User Information"
+msgstr "Compatibilità GitHub: Accesso alle tue informazioni utente"
+
+#: authentik/providers/oauth2/views/userinfo.py:57
+msgid "GitHub Compatibility: Access you Email addresses"
+msgstr "Compatibilità GitHub: Accesso ai tuoi indirizzi email"
+
+#: authentik/providers/oauth2/views/userinfo.py:58
+msgid "GitHub Compatibility: Access your Groups"
+msgstr "Compatibilità GitHub: Accesso ai tuoi gruppi"
+
+#: authentik/providers/oauth2/views/userinfo.py:59
+msgid "authentik API Access on behalf of your user"
+msgstr "authentik Accesso API per conto del tuo utente"
+
+#: authentik/providers/proxy/api.py:52
+msgid "User and password attributes must be set when basic auth is enabled."
+msgstr ""
+"Gli attributi utente e password devono essere impostati quando "
+"l'autenticazione di base è abilitata."
+
+#: authentik/providers/proxy/api.py:63
+msgid "Internal host cannot be empty when forward auth is disabled."
+msgstr ""
+"L'host interno non può essere vuoto quando l'autenticazione inoltrata è "
+"disabilitata."
+
+#: authentik/providers/proxy/models.py:54
+msgid "Validate SSL Certificates of upstream servers"
+msgstr "Convalida dei certificati SSL dei server upstream"
+
+#: authentik/providers/proxy/models.py:55
+msgid "Internal host SSL Validation"
+msgstr "Validazione SSL dell'host interno"
+
+#: authentik/providers/proxy/models.py:61
+msgid ""
+"Enable support for forwardAuth in traefik and nginx auth_request. Exclusive "
+"with internal_host."
+msgstr ""
+"Abilita il supporto per forwardAuth in traefik e nginx auth_request. "
+"Esclusivo con internal_host."
+
+#: authentik/providers/proxy/models.py:70
+msgid ""
+"Regular expressions for which authentication is not required. Each new line "
+"is interpreted as a new Regular Expression."
+msgstr ""
+"Espressioni regolari per le quali non è richiesta l'autenticazione. Ogni "
+"nuova riga viene interpretata come una nuova espressione regolare."
+
+#: authentik/providers/proxy/models.py:78
+msgid ""
+"When enabled, this provider will intercept the authorization header and "
+"authenticate requests based on its value."
+msgstr ""
+"Quando abilitato, questo provider intercetterà l'intestazione di "
+"autorizzazione e autenticherà le richieste in base al suo valore."
+
+#: authentik/providers/proxy/models.py:84
+msgid "Set HTTP-Basic Authentication"
+msgstr "Imposta Autenticazione HTTP-Basic"
+
+#: authentik/providers/proxy/models.py:86
+msgid ""
+"Set a custom HTTP-Basic Authentication header based on values from "
+"authentik."
+msgstr ""
+"Imposta un header personalizzato HTTP-Basic Authentication basato su "
+"parametri provenienti da authentik."
+
+#: authentik/providers/proxy/models.py:91
+msgid "HTTP-Basic Username Key"
+msgstr "Chiave Username HTTP-Basic"
+
+#: authentik/providers/proxy/models.py:93
+msgid ""
+"User/Group Attribute used for the user part of the HTTP-Basic Header. If not"
+" set, the user's Email address is used."
+msgstr ""
+"User/Group Attributo utilizzato per la parte utente dell'intestazione HTTP-"
+"Basic. Se non impostato, viene utilizzato l'indirizzo email dell'utente."
+
+#: authentik/providers/proxy/models.py:99
+msgid "HTTP-Basic Password Key"
+msgstr "Chiave Password HTTP-Basic"
+
+#: authentik/providers/proxy/models.py:100
+msgid ""
+"User/Group Attribute used for the password part of the HTTP-Basic Header."
+msgstr ""
+"Attributo utente/gruppo utilizzato per la parte relativa alla password "
+"dell'intestazione HTTP-Basic."
+
+#: authentik/providers/proxy/models.py:154
+msgid "Proxy Provider"
+msgstr "Provider Proxy"
+
+#: authentik/providers/proxy/models.py:155
+msgid "Proxy Providers"
+msgstr "Providers Proxy"
+
+#: authentik/providers/radius/models.py:18
+msgid "Shared secret between clients and server to hash packets."
+msgstr "Segreto condiviso tra client e server per hashare i pacchetti."
+
+#: authentik/providers/radius/models.py:24
+msgid ""
+"List of CIDRs (comma-separated) that clients can connect from. A more "
+"specific CIDR will match before a looser one. Clients connecting from a non-"
+"specified CIDR will be dropped."
+msgstr ""
+"Elenco di CIDR (separati da virgola) da cui i client possono connettersi. Un"
+" CIDR più specifico corrisponderà prima di uno più generico. I client che si"
+" connettono da un CIDR non specificato verranno eliminati."
+
+#: authentik/providers/radius/models.py:60
+msgid "Radius Provider"
+msgstr "Provider Radius"
+
+#: authentik/providers/radius/models.py:61
+msgid "Radius Providers"
+msgstr "Providers Radius"
+
+#: authentik/providers/saml/api/providers.py:258
+msgid "Invalid XML Syntax"
+msgstr "Sintassi XML non valida"
+
+#: authentik/providers/saml/api/providers.py:268
+#, python-format
+msgid "Failed to import Metadata: %(message)s"
+msgstr "Impossibile importare i metadati: %(message)s"
+
+#: authentik/providers/saml/models.py:38
+msgid "ACS URL"
+msgstr "URL ACS"
+
+#: authentik/providers/saml/models.py:43
+msgid ""
+"Value of the audience restriction field of the assertion. When left empty, "
+"no audience restriction will be added."
+msgstr ""
+"Valore del campo di limitazione del pubblico dell'asserzione. Se lasciato "
+"vuoto, non verrà aggiunta alcuna restrizione sul pubblico."
+
+#: authentik/providers/saml/models.py:47
+msgid "Also known as EntityID"
+msgstr "Conosciuto anche come EntityID"
+
+#: authentik/providers/saml/models.py:51
+msgid "Service Provider Binding"
+msgstr "Associazione fornitore di servizi"
+
+#: authentik/providers/saml/models.py:53
+msgid ""
+"This determines how authentik sends the response back to the Service "
+"Provider."
+msgstr ""
+"Ciò determina il modo in cui authentik invia la risposta al fornitore di "
+"servizi."
+
+#: authentik/providers/saml/models.py:63
+msgid "NameID Property Mapping"
+msgstr "Mappatura proprietà NameID"
+
+#: authentik/providers/saml/models.py:65
+msgid ""
+"Configure how the NameID value will be created. When left empty, the "
+"NameIDPolicy of the incoming request will be considered"
+msgstr ""
+"Configura il modo in cui verrà creato il valore NameID. Se lasciato vuoto, "
+"verrà considerato il NameIDPolicy della richiesta in arrivo"
+
+#: authentik/providers/saml/models.py:74
+msgid ""
+"Assertion valid not before current time + this value (Format: "
+"hours=-1;minutes=-2;seconds=-3)."
+msgstr ""
+"L'asserzione non è valida prima dell'ora corrente + questo valore (Formato: "
+"hours=-1;minutes=-2;seconds=-3)."
+
+#: authentik/providers/saml/models.py:82
+msgid ""
+"Assertion not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Asserzione non valida a partire dall'ora corrente + questo valore (Formato: "
+"hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/saml/models.py:91
+msgid ""
+"Session not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Sessione non valida a partire dall'ora corrente + questo valore (Format: "
+"hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/saml/models.py:99 authentik/sources/saml/models.py:150
+msgid "SHA1"
+msgstr "SHA1"
+
+#: authentik/providers/saml/models.py:100 authentik/sources/saml/models.py:151
+msgid "SHA256"
+msgstr "SHA256"
+
+#: authentik/providers/saml/models.py:101 authentik/sources/saml/models.py:152
+msgid "SHA384"
+msgstr "SHA384"
+
+#: authentik/providers/saml/models.py:102 authentik/sources/saml/models.py:153
+msgid "SHA512"
+msgstr "SHA512"
+
+#: authentik/providers/saml/models.py:109 authentik/sources/saml/models.py:160
+msgid "RSA-SHA1"
+msgstr "RSA-SHA1"
+
+#: authentik/providers/saml/models.py:110 authentik/sources/saml/models.py:161
+msgid "RSA-SHA256"
+msgstr "RSA-SHA256"
+
+#: authentik/providers/saml/models.py:111 authentik/sources/saml/models.py:162
+msgid "RSA-SHA384"
+msgstr "RSA-SHA384"
+
+#: authentik/providers/saml/models.py:112 authentik/sources/saml/models.py:163
+msgid "RSA-SHA512"
+msgstr "RSA-SHA512"
+
+#: authentik/providers/saml/models.py:113 authentik/sources/saml/models.py:164
+msgid "DSA-SHA1"
+msgstr "DSA-SHA1"
+
+#: authentik/providers/saml/models.py:124 authentik/sources/saml/models.py:130
+msgid ""
+"When selected, incoming assertion's Signatures will be validated against "
+"this certificate. To allow unsigned Requests, leave on default."
+msgstr ""
+"Quando selezionato, le Firme delle asserzioni in arrivo verranno validate "
+"con questo certificato. Per consentire Richieste non firmate, lasciare su "
+"impostazione predefinita."
+
+#: authentik/providers/saml/models.py:128 authentik/sources/saml/models.py:134
+msgid "Verification Certificate"
+msgstr "Certificato di Verifica"
+
+#: authentik/providers/saml/models.py:136
+msgid "Keypair used to sign outgoing Responses going to the Service Provider."
+msgstr ""
+"Coppia di chiavi utilizzato per firmare le Risposte in uscita inviate al "
+"Service Provider."
+
+#: authentik/providers/saml/models.py:138 authentik/sources/saml/models.py:144
+msgid "Signing Keypair"
+msgstr "Coppia di chiavi di firma"
+
+#: authentik/providers/saml/models.py:142
+msgid "Default relay_state value for IDP-initiated logins"
+msgstr "Valore predefinito di relay_state per i login inizializzati da IDP"
+
+#: authentik/providers/saml/models.py:171
+msgid "SAML Provider"
+msgstr "Provider SAML"
+
+#: authentik/providers/saml/models.py:172
+msgid "SAML Providers"
+msgstr "Providers SAML"
+
+#: authentik/providers/saml/models.py:196
+msgid "SAML Property Mapping"
+msgstr "Mappatura Proprietà SAML"
+
+#: authentik/providers/saml/models.py:197
+msgid "SAML Property Mappings"
+msgstr "Mappature Proprietà SAML"
+
+#: authentik/providers/scim/models.py:20
+msgid "Base URL to SCIM requests, usually ends in /v2"
+msgstr "URL di base per le richieste SCIM, di solito termina con /v2"
+
+#: authentik/providers/scim/models.py:21
+msgid "Authentication token"
+msgstr "Token di autenticazione"
+
+#: authentik/providers/scim/models.py:27 authentik/sources/ldap/models.py:98
+msgid "Property mappings used for group creation/updating."
+msgstr ""
+"Mapping delle proprietà utilizzate per la creazione/aggiornamento dei "
+"gruppi."
+
+#: authentik/providers/scim/models.py:60
+msgid "SCIM Provider"
+msgstr "Privider SCIM"
+
+#: authentik/providers/scim/models.py:61
+msgid "SCIM Providers"
+msgstr "Providers SCIM"
+
+#: authentik/providers/scim/models.py:81
+msgid "SCIM Mapping"
+msgstr "Mappatura SCIM"
+
+#: authentik/providers/scim/models.py:82
+msgid "SCIM Mappings"
+msgstr "Mappature SCIM"
+
+#: authentik/providers/scim/tasks.py:52
+msgid "Starting full SCIM sync"
+msgstr "Iniziando la sincronizzazione completa SCIM"
+
+#: authentik/providers/scim/tasks.py:59
+#, python-format
+msgid "Syncing page %(page)d of users"
+msgstr "Sincronizzando pagina %(page)d degli utenti"
+
+#: authentik/providers/scim/tasks.py:63
+#, python-format
+msgid "Syncing page %(page)d of groups"
+msgstr "Sincronizzando pagina %(page)d dei gruppi"
+
+#: authentik/providers/scim/tasks.py:92
+#, python-format
+msgid "Failed to sync user %(user_name)s due to remote error: %(error)s"
+msgstr ""
+"Impossibile sincronizzare l'utente %(user_name)s a causa di un errore "
+"remoto: %(error)s"
+
+#: authentik/providers/scim/tasks.py:103 authentik/providers/scim/tasks.py:144
+#, python-format
+msgid "Stopping sync due to error: %(error)s"
+msgstr "Arresto della sincronizzazione a causa di un errore: %(error)s"
+
+#: authentik/providers/scim/tasks.py:133
+#, python-format
+msgid "Failed to sync group %(group_name)s due to remote error: %(error)s"
+msgstr ""
+"Impossibile sincronizzare il gruppo %(group_name)s a causa di un errore "
+"remoto: %(error)s"
+
+#: authentik/rbac/models.py:51
+msgid "Role"
+msgstr "Ruolo"
+
+#: authentik/rbac/models.py:52
+msgid "Roles"
+msgstr "Ruoli"
+
+#: authentik/rbac/models.py:66
+msgid "System permission"
+msgstr "Autorizzazione di sistema"
+
+#: authentik/rbac/models.py:67
+msgid "System permissions"
+msgstr "Autorizzazioni di sistema"
+
+#: authentik/rbac/models.py:69
+msgid "Can view system info"
+msgstr "Può visualizzare le informazioni di sistema"
+
+#: authentik/rbac/models.py:70
+msgid "Can view system tasks"
+msgstr "Possono visualizzare le attività di sistema"
+
+#: authentik/rbac/models.py:71
+msgid "Can run system tasks"
+msgstr "Può eseguire attività di sistema"
+
+#: authentik/rbac/models.py:72
+msgid "Can access admin interface"
+msgstr "Può accedere all'interfaccia di amministrazione"
+
+#: authentik/recovery/management/commands/create_admin_group.py:11
+msgid "Create admin group if the default group gets deleted."
+msgstr ""
+"Crea un gruppo di amministratori se il gruppo predefinito viene eliminato."
+
+#: authentik/recovery/management/commands/create_recovery_key.py:17
+msgid "Create a Key which can be used to restore access to authentik."
+msgstr ""
+"Crea una chiave che può essere utilizzata per ripristinare l'accesso ad "
+"authentik."
+
+#: authentik/recovery/views.py:24
+msgid "Used recovery-link to authenticate."
+msgstr "Utilizzato il link di recupero per autenticarsi."
+
+#: authentik/sources/ldap/models.py:41
+msgid "Server URI"
+msgstr "URI Server"
+
+#: authentik/sources/ldap/models.py:50
+msgid ""
+"Optionally verify the LDAP Server's Certificate against the CA Chain in this"
+" keypair."
+msgstr ""
+"Opzionalmente verificare il Certificato del Server LDAP rispetto alla Catena"
+" CA in questa coppia di chiavi."
+
+#: authentik/sources/ldap/models.py:59
+msgid ""
+"Client certificate to authenticate against the LDAP Server's Certificate."
+msgstr ""
+"Certificato del client per autenticarsi con il certificato del server LDAP."
+
+#: authentik/sources/ldap/models.py:62
+msgid "Bind CN"
+msgstr "Associa CN"
+
+#: authentik/sources/ldap/models.py:64
+msgid "Enable Start TLS"
+msgstr "Abilita Start TLS"
+
+#: authentik/sources/ldap/models.py:65
+msgid "Use Server URI for SNI verification"
+msgstr "Usa l'URI del server per la verifica SNI"
+
+#: authentik/sources/ldap/models.py:67
+msgid "Base DN"
+msgstr "Base DN"
+
+#: authentik/sources/ldap/models.py:69
+msgid "Prepended to Base DN for User-queries."
+msgstr "Anteposto al DN di base per le query dell'utente."
+
+#: authentik/sources/ldap/models.py:70
+msgid "Addition User DN"
+msgstr "Aggiunta User DN"
+
+#: authentik/sources/ldap/models.py:74
+msgid "Prepended to Base DN for Group-queries."
+msgstr "Anteposto al DN di base per le query di gruppo."
+
+#: authentik/sources/ldap/models.py:75
+msgid "Addition Group DN"
+msgstr "Gruppo di aggiunta DN"
+
+#: authentik/sources/ldap/models.py:81
+msgid "Consider Objects matching this filter to be Users."
+msgstr "Considerare gli oggetti corrispondenti a questo filtro come Utenti."
+
+#: authentik/sources/ldap/models.py:84
+msgid "Field which contains members of a group."
+msgstr "Campo che contiene i membri di un gruppo."
+
+#: authentik/sources/ldap/models.py:88
+msgid "Consider Objects matching this filter to be Groups."
+msgstr "Considera gli oggetti corrispondenti a questo filtro come Gruppi."
+
+#: authentik/sources/ldap/models.py:91
+msgid "Field which contains a unique Identifier."
+msgstr "Campo che contiene un identificatore unico."
+
+#: authentik/sources/ldap/models.py:105
+msgid ""
+"When a user changes their password, sync it back to LDAP. This can only be "
+"enabled on a single LDAP source."
+msgstr ""
+"Quando un utente cambia la propria password, sincronizzala con LDAP. Questo "
+"può essere abilitato solo su una singola origine LDAP."
+
+#: authentik/sources/ldap/models.py:248
+msgid "LDAP Source"
+msgstr "Sorgente LDAP"
+
+#: authentik/sources/ldap/models.py:249
+msgid "LDAP Sources"
+msgstr "Sorgenti LDAP"
+
+#: authentik/sources/ldap/models.py:271
+msgid "LDAP Property Mapping"
+msgstr "Mappatura proprietà LDAP"
+
+#: authentik/sources/ldap/models.py:272
+msgid "LDAP Property Mappings"
+msgstr "Mappatura proprietà LDAP"
+
+#: authentik/sources/ldap/signals.py:52
+msgid "Password does not match Active Directory Complexity."
+msgstr "La password non soddisfa la complessità Active Directory."
+
+#: authentik/sources/oauth/clients/oauth2.py:68
+msgid "No token received."
+msgstr "Nessun token ricevuto."
+
+#: authentik/sources/oauth/models.py:24
+msgid "Request Token URL"
+msgstr "URL di Richiesta Token"
+
+#: authentik/sources/oauth/models.py:26
+msgid ""
+"URL used to request the initial token. This URL is only required for OAuth "
+"1."
+msgstr ""
+"URL utilizzato per richiedere il token iniziale. Questo URL è richiesto solo"
+" per OAuth 1."
+
+#: authentik/sources/oauth/models.py:32
+msgid "Authorization URL"
+msgstr "Authorization URL"
+
+#: authentik/sources/oauth/models.py:33
+msgid "URL the user is redirect to to conest the flow."
+msgstr "URL a cui l'utente viene reindirizzato per concludere il flusso."
+
+#: authentik/sources/oauth/models.py:38
+msgid "Access Token URL"
+msgstr "URL del token di accesso"
+
+#: authentik/sources/oauth/models.py:39
+msgid "URL used by authentik to retrieve tokens."
+msgstr "URL utilizzato da authentik per recuperare i token."
+
+#: authentik/sources/oauth/models.py:44
+msgid "Profile URL"
+msgstr "URL Profilo"
+
+#: authentik/sources/oauth/models.py:45
+msgid "URL used by authentik to get user information."
+msgstr "URL utilizzato da authentik per ottenere le informazioni dell'utente."
+
+#: authentik/sources/oauth/models.py:48
+msgid "Additional Scopes"
+msgstr "Ambiti aggiuntivi"
+
+#: authentik/sources/oauth/models.py:107
+msgid "OAuth Source"
+msgstr "Sorgente OAuth"
+
+#: authentik/sources/oauth/models.py:108
+msgid "OAuth Sources"
+msgstr "Sorgenti OAuth"
+
+#: authentik/sources/oauth/models.py:116
+msgid "GitHub OAuth Source"
+msgstr "Sorgente OAuth di GitHub"
+
+#: authentik/sources/oauth/models.py:117
+msgid "GitHub OAuth Sources"
+msgstr "Sorgenti OAuth di GitHub"
+
+#: authentik/sources/oauth/models.py:125
+msgid "Twitch OAuth Source"
+msgstr "Sorgente OAuth di Twitch"
+
+#: authentik/sources/oauth/models.py:126
+msgid "Twitch OAuth Sources"
+msgstr "Sorgenti OAuth di Twitch"
+
+#: authentik/sources/oauth/models.py:134
+msgid "Mailcow OAuth Source"
+msgstr "Sorgente OAuth di Mailcow"
+
+#: authentik/sources/oauth/models.py:135
+msgid "Mailcow OAuth Sources"
+msgstr "Sorgenti OAuth di Mailcow"
+
+#: authentik/sources/oauth/models.py:143
+msgid "Twitter OAuth Source"
+msgstr "Sorgente OAuth di Twitter"
+
+#: authentik/sources/oauth/models.py:144
+msgid "Twitter OAuth Sources"
+msgstr "Sorgenti OAuth di Twitter"
+
+#: authentik/sources/oauth/models.py:152
+msgid "Facebook OAuth Source"
+msgstr "Sorgente OAuth di Facebook"
+
+#: authentik/sources/oauth/models.py:153
+msgid "Facebook OAuth Sources"
+msgstr "Sorgenti OAuth di Facebook"
+
+#: authentik/sources/oauth/models.py:161
+msgid "Discord OAuth Source"
+msgstr "Sorgente OAuth di Discord"
+
+#: authentik/sources/oauth/models.py:162
+msgid "Discord OAuth Sources"
+msgstr "Sorgenti OAuth di Discord"
+
+#: authentik/sources/oauth/models.py:170
+msgid "Patreon OAuth Source"
+msgstr "Sorgente OAuth di Patreon"
+
+#: authentik/sources/oauth/models.py:171
+msgid "Patreon OAuth Sources"
+msgstr "Sorgenti OAuth di Patreon"
+
+#: authentik/sources/oauth/models.py:179
+msgid "Google OAuth Source"
+msgstr "Sorgente OAuth di Google"
+
+#: authentik/sources/oauth/models.py:180
+msgid "Google OAuth Sources"
+msgstr "Sorgenti OAuth di Google"
+
+#: authentik/sources/oauth/models.py:188
+msgid "Azure AD OAuth Source"
+msgstr "Sorgente OAuth di Azure AD"
+
+#: authentik/sources/oauth/models.py:189
+msgid "Azure AD OAuth Sources"
+msgstr "Sorgenti OAuth di Azure AD"
+
+#: authentik/sources/oauth/models.py:197
+msgid "OpenID OAuth Source"
+msgstr "Sorgente OAuth di OpenID"
+
+#: authentik/sources/oauth/models.py:198
+msgid "OpenID OAuth Sources"
+msgstr "Sorgenti OAuth di OpenID"
+
+#: authentik/sources/oauth/models.py:206
+msgid "Apple OAuth Source"
+msgstr "Sorgente OAuth di Apple"
+
+#: authentik/sources/oauth/models.py:207
+msgid "Apple OAuth Sources"
+msgstr "Sorgenti OAuth di Apple"
+
+#: authentik/sources/oauth/models.py:215
+msgid "Okta OAuth Source"
+msgstr "Sorgente OAuth di Okta"
+
+#: authentik/sources/oauth/models.py:216
+msgid "Okta OAuth Sources"
+msgstr "Sorgenti OAuth di Okta"
+
+#: authentik/sources/oauth/models.py:224
+msgid "Reddit OAuth Source"
+msgstr "Sorgente OAuth di Reddit"
+
+#: authentik/sources/oauth/models.py:225
+msgid "Reddit OAuth Sources"
+msgstr "Sorgenti OAuth di Reddit"
+
+#: authentik/sources/oauth/models.py:247
+msgid "User OAuth Source Connection"
+msgstr "Connessione origine OAuth utente"
+
+#: authentik/sources/oauth/models.py:248
+msgid "User OAuth Source Connections"
+msgstr "Connessioni origine OAuth utente"
+
+#: authentik/sources/oauth/views/callback.py:100
+#, python-format
+msgid "Authentication failed: %(reason)s"
+msgstr "Autenticazione fallita: %(reason)s"
+
+#: authentik/sources/plex/models.py:37
+msgid "Client identifier used to talk to Plex."
+msgstr "Identificatore client utilizzato per comunicare con Plex."
+
+#: authentik/sources/plex/models.py:44
+msgid ""
+"Which servers a user has to be a member of to be granted access. Empty list "
+"allows every server."
+msgstr ""
+"Quali server un utente deve essere membro per ottenere l'accesso. Una lista "
+"vuota consente ogni server."
+
+#: authentik/sources/plex/models.py:50
+msgid "Allow friends to authenticate, even if you don't share a server."
+msgstr ""
+"Consenti agli amici di autenticarsi, anche se non condividi un server."
+
+#: authentik/sources/plex/models.py:52
+msgid "Plex token used to check friends"
+msgstr "Plex token utilizzato per controllare gli amici"
+
+#: authentik/sources/plex/models.py:95
+msgid "Plex Source"
+msgstr "Sorgente Plex"
+
+#: authentik/sources/plex/models.py:96
+msgid "Plex Sources"
+msgstr "Sorgenti Plex"
+
+#: authentik/sources/plex/models.py:112
+msgid "User Plex Source Connection"
+msgstr "Connessione sorgente Plex utente"
+
+#: authentik/sources/plex/models.py:113
+msgid "User Plex Source Connections"
+msgstr "Connessioni sorgente Plex utente"
+
+#: authentik/sources/saml/models.py:40
+msgid "Redirect Binding"
+msgstr "Associazione reindirizzamento"
+
+#: authentik/sources/saml/models.py:41
+msgid "POST Binding"
+msgstr "Associazione POST"
+
+#: authentik/sources/saml/models.py:42
+msgid "POST Binding with auto-confirmation"
+msgstr "Associazione POST con auto-conferma"
+
+#: authentik/sources/saml/models.py:70
+msgid "Flow used before authentication."
+msgstr "Flusso da usare prima dell'autenticazione."
+
+#: authentik/sources/saml/models.py:77
+msgid "Issuer"
+msgstr "Emittente"
+
+#: authentik/sources/saml/models.py:78
+msgid "Also known as Entity ID. Defaults the Metadata URL."
+msgstr "Anche conosciuto come ID entità. Predefinisce l'URL dei metadati."
+
+#: authentik/sources/saml/models.py:82
+msgid "SSO URL"
+msgstr "URL SSO"
+
+#: authentik/sources/saml/models.py:83
+msgid "URL that the initial Login request is sent to."
+msgstr "URL a cui viene inviata la richiesta di accesso iniziale."
+
+#: authentik/sources/saml/models.py:89
+msgid "SLO URL"
+msgstr "URL SLO"
+
+#: authentik/sources/saml/models.py:90
+msgid "Optional URL if your IDP supports Single-Logout."
+msgstr "URL opzionale se il tuo IDP supporta il Single-Logout."
+
+#: authentik/sources/saml/models.py:96
+msgid ""
+"Allows authentication flows initiated by the IdP. This can be a security "
+"risk, as no validation of the request ID is done."
+msgstr ""
+"Consente i flussi di autenticazione avviati dall'IdP. Questo può "
+"rappresentare un rischio per la sicurezza, poiché non viene eseguita alcuna "
+"convalida dell'ID richiesta."
+
+#: authentik/sources/saml/models.py:104
+msgid ""
+"NameID Policy sent to the IdP. Can be unset, in which case no Policy is "
+"sent."
+msgstr ""
+"Criterio NameID inviata all'IdP. Può essere disattivato, nel qual caso non "
+"verrà inviata alcun criterio."
+
+#: authentik/sources/saml/models.py:115
+msgid "Delete temporary users after"
+msgstr "Elimina gli utenti temporanei dopo"
+
+#: authentik/sources/saml/models.py:118
+msgid ""
+"Time offset when temporary users should be deleted. This only applies if "
+"your IDP uses the NameID Format 'transient', and the user doesn't log out "
+"manually. (Format: hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Offset di tempo quando gli utenti temporanei dovrebbero essere eliminati. "
+"Questo si applica solo se il tuo IDP utilizza il formato NameID 'transient' "
+"e l'utente non effettua il logout manualmente. (Formato: "
+"hours=1;minutes=2;seconds=3)."
+
+#: authentik/sources/saml/models.py:142
+msgid ""
+"Keypair used to sign outgoing Responses going to the Identity Provider."
+msgstr ""
+"Coppia di chiavi utilizzata per firmare le Risposte in uscita inviate "
+"all'Identity Provider."
+
+#: authentik/sources/saml/models.py:226
+msgid "SAML Source"
+msgstr "Sorgente SAML"
+
+#: authentik/sources/saml/models.py:227
+msgid "SAML Sources"
+msgstr "Sorgenti SAML"
+
+#: authentik/sources/saml/models.py:242
+msgid "User SAML Source Connection"
+msgstr "User SAML Source Connection"
+
+#: authentik/sources/saml/models.py:243
+msgid "User SAML Source Connections"
+msgstr "User SAML Source Connections"
+
+#: authentik/stages/authenticator_duo/models.py:79
+msgid "Duo Authenticator Setup Stage"
+msgstr "Fase di configurazione dell'autenticatore Duo"
+
+#: authentik/stages/authenticator_duo/models.py:80
+msgid "Duo Authenticator Setup Stages"
+msgstr "Fasi di configurazione dell'autenticatore Duo"
+
+#: authentik/stages/authenticator_duo/models.py:103
+msgid "Duo Device"
+msgstr "Dispositivo Duo"
+
+#: authentik/stages/authenticator_duo/models.py:104
+msgid "Duo Devices"
+msgstr "Dispositivi Duo"
+
+#: authentik/stages/authenticator_sms/models.py:57
+msgid ""
+"When enabled, the Phone number is only used during enrollment to verify the "
+"users authenticity. Only a hash of the phone number is saved to ensure it is"
+" not reused in the future."
+msgstr ""
+"Quando abilitato, il numero di telefono viene utilizzato solo durante "
+"l'iscrizione per verificare l'autenticità degli utenti. Viene salvato solo "
+"un hash del numero di telefono per garantire che non venga riutilizzato in "
+"futuro."
+
+#: authentik/stages/authenticator_sms/models.py:68
+msgid "Optionally modify the payload being sent to custom providers."
+msgstr ""
+"Opzionalmente modifica il payload che viene inviato ai fornitori "
+"personalizzati."
+
+#: authentik/stages/authenticator_sms/models.py:81
+#, python-format
+msgid "Use this code to authenticate in authentik: %(token)s"
+msgstr "Usa questo codice per accedere in authentik: %(token)s"
+
+#: authentik/stages/authenticator_sms/models.py:180
+msgid "SMS Authenticator Setup Stage"
+msgstr "Fase di configurazione dell'autenticatore SMS"
+
+#: authentik/stages/authenticator_sms/models.py:181
+msgid "SMS Authenticator Setup Stages"
+msgstr "Fasi di configurazione dell'autenticatore SMS"
+
+#: authentik/stages/authenticator_sms/models.py:226
+msgid "SMS Device"
+msgstr "Dispositivo SMS"
+
+#: authentik/stages/authenticator_sms/models.py:227
+msgid "SMS Devices"
+msgstr "Dispositivi SMS"
+
+#: authentik/stages/authenticator_sms/stage.py:57
+#: authentik/stages/authenticator_totp/stage.py:41
+#: authentik/stages/authenticator_totp/stage.py:44
+msgid "Code does not match"
+msgstr "Il codice non corrisponde"
+
+#: authentik/stages/authenticator_sms/stage.py:73
+msgid "Invalid phone number"
+msgstr "Numero di telefono non valido"
+
+#: authentik/stages/authenticator_static/models.py:52
+msgid "Static Authenticator Stage"
+msgstr "Fase di configurazione dell'autenticatore statico"
+
+#: authentik/stages/authenticator_static/models.py:53
+msgid "Static Authenticator Stages"
+msgstr "Fasi di configurazione dell'autenticatore statico"
+
+#: authentik/stages/authenticator_static/models.py:98
+msgid "Static Device"
+msgstr "Dispositivo statico"
+
+#: authentik/stages/authenticator_static/models.py:99
+msgid "Static Devices"
+msgstr "Dispositivi statici"
+
+#: authentik/stages/authenticator_static/models.py:129
+msgid "Static Token"
+msgstr "Token statico"
+
+#: authentik/stages/authenticator_static/models.py:130
+msgid "Static Tokens"
+msgstr "Token statici"
+
+#: authentik/stages/authenticator_totp/models.py:25
+msgid "6 digits, widely compatible"
+msgstr "6 cifre, molto compatibile"
+
+#: authentik/stages/authenticator_totp/models.py:26
+msgid "8 digits, not compatible with apps like Google Authenticator"
+msgstr "8 cifre, non compatibile con app quali Google Authenticator"
+
+#: authentik/stages/authenticator_totp/models.py:62
+msgid "TOTP Authenticator Setup Stage"
+msgstr "Fase di configurazione dell'autenticatore TOTP"
+
+#: authentik/stages/authenticator_totp/models.py:63
+msgid "TOTP Authenticator Setup Stages"
+msgstr "Fasi di configurazione dell'autenticatore TOTP"
+
+#: authentik/stages/authenticator_totp/models.py:244
+msgid "TOTP Device"
+msgstr "Dispositivo TOTP"
+
+#: authentik/stages/authenticator_totp/models.py:245
+msgid "TOTP Devices"
+msgstr "Dispositivi TOTP"
+
+#: authentik/stages/authenticator_validate/challenge.py:131
+msgid "Invalid Token"
+msgstr "Token invalido"
+
+#: authentik/stages/authenticator_validate/models.py:18
+msgid "Static"
+msgstr "Statico"
+
+#: authentik/stages/authenticator_validate/models.py:19
+msgid "TOTP"
+msgstr "TOTP"
+
+#: authentik/stages/authenticator_validate/models.py:20
+msgid "WebAuthn"
+msgstr "WebAuthn"
+
+#: authentik/stages/authenticator_validate/models.py:21
+msgid "Duo"
+msgstr "Duo"
+
+#: authentik/stages/authenticator_validate/models.py:22
+msgid "SMS"
+msgstr "SMS"
+
+#: authentik/stages/authenticator_validate/models.py:49
+msgid ""
+"Stages used to configure Authenticator when user doesn't have any compatible"
+" devices. After this configuration Stage passes, the user is not prompted "
+"again."
+msgstr ""
+"Fasi utilizzate per configurare l'Autenticatore quando l'utente non dispone "
+"di dispositivi compatibili. Dopo il superamento di questa configurazione, "
+"all'utente non verrà più richiesto."
+
+#: authentik/stages/authenticator_validate/models.py:56
+msgid "Device classes which can be used to authenticate"
+msgstr ""
+"Classi di dispositivi che possono essere utilizzate per l'autenticazione"
+
+#: authentik/stages/authenticator_validate/models.py:64
+msgid ""
+"If any of the user's device has been used within this threshold, this stage "
+"will be skipped"
+msgstr ""
+"Se uno qualsiasi dei dispositivi dell'utente è stato utilizzato entro questa"
+" soglia, questa fase verrà saltata."
+
+#: authentik/stages/authenticator_validate/models.py:70
+msgid "Enforce user verification for WebAuthn devices."
+msgstr "Rafforza la verifica utente per dispositivi WebAuthn."
+
+#: authentik/stages/authenticator_validate/models.py:92
+msgid "Authenticator Validation Stage"
+msgstr "Fase di convalida dell'autenticatore"
+
+#: authentik/stages/authenticator_validate/models.py:93
+msgid "Authenticator Validation Stages"
+msgstr "Fasi di convalida dell'autenticatore"
+
+#: authentik/stages/authenticator_webauthn/models.py:112
+msgid "WebAuthn Authenticator Setup Stage"
+msgstr "Fase di configurazione dell'autenticatore WebAuthn"
+
+#: authentik/stages/authenticator_webauthn/models.py:113
+msgid "WebAuthn Authenticator Setup Stages"
+msgstr "Fasi di configurazione dell'autenticatore WebAuthn"
+
+#: authentik/stages/authenticator_webauthn/models.py:151
+msgid "WebAuthn Device"
+msgstr "Dispositivo WebAuthn"
+
+#: authentik/stages/authenticator_webauthn/models.py:152
+msgid "WebAuthn Devices"
+msgstr "Dispositivi WebAuthn"
+
+#: authentik/stages/captcha/models.py:14
+msgid "Public key, acquired your captcha Provider."
+msgstr "Chiave pubblica, acquisito il tuo provider di captcha."
+
+#: authentik/stages/captcha/models.py:15
+msgid "Private key, acquired your captcha Provider."
+msgstr "Chiave privata, acquisito il tuo fornitore di captcha."
+
+#: authentik/stages/captcha/models.py:37
+msgid "Captcha Stage"
+msgstr "Fase Captcha"
+
+#: authentik/stages/captcha/models.py:38
+msgid "Captcha Stages"
+msgstr "Fasi Captcha"
+
+#: authentik/stages/consent/models.py:30
+msgid ""
+"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."
+msgstr ""
+"Compensazione dopo la quale il consenso scade. (Formato: "
+"ore=1;minuti=2;secondi=3)."
+
+#: authentik/stages/consent/models.py:50
+msgid "Consent Stage"
+msgstr "Fase consenso"
+
+#: authentik/stages/consent/models.py:51
+msgid "Consent Stages"
+msgstr "Fasi consenso"
+
+#: authentik/stages/consent/models.py:72
+msgid "User Consent"
+msgstr "Consenso utente"
+
+#: authentik/stages/consent/models.py:73
+msgid "User Consents"
+msgstr "Consensi utente"
+
+#: authentik/stages/deny/models.py:32
+msgid "Deny Stage"
+msgstr "Fase di negazione"
+
+#: authentik/stages/deny/models.py:33
+msgid "Deny Stages"
+msgstr "Fasi di negazione"
+
+#: authentik/stages/dummy/models.py:34
+msgid "Dummy Stage"
+msgstr "Fase fittizia"
+
+#: authentik/stages/dummy/models.py:35
+msgid "Dummy Stages"
+msgstr "Fasi fittizie"
+
+#: authentik/stages/email/models.py:26
+msgid "Password Reset"
+msgstr "Ripristino password"
+
+#: authentik/stages/email/models.py:30
+msgid "Account Confirmation"
+msgstr "Conferma dell'account"
+
+#: authentik/stages/email/models.py:59
+msgid ""
+"When enabled, global Email connection settings will be used and connection "
+"settings below will be ignored."
+msgstr ""
+"Se abilitato, verranno utilizzate le impostazioni di connessione e-mail "
+"globali e le impostazioni di connessione riportate di seguito verranno "
+"ignorate."
+
+#: authentik/stages/email/models.py:74
+msgid "Activate users upon completion of stage."
+msgstr "Attiva gli utenti al completamento della fase."
+
+#: authentik/stages/email/models.py:78
+msgid "Time in minutes the token sent is valid."
+msgstr "Tempo in minuti in cui il token inviato è valido."
+
+#: authentik/stages/email/models.py:132
+msgid "Email Stage"
+msgstr "Fase email"
+
+#: authentik/stages/email/models.py:133
+msgid "Email Stages"
+msgstr "Fasi Email"
+
+#: authentik/stages/email/stage.py:126
+msgid "Exception occurred while rendering E-mail template"
+msgstr ""
+"Eccezione verificatasi durante la visualizzazione del modello di posta "
+"elettronica"
+
+#: authentik/stages/email/stage.py:140
+msgid "Successfully verified Email."
+msgstr "Email verificato con successo."
+
+#: authentik/stages/email/stage.py:147 authentik/stages/email/stage.py:173
+msgid "No pending user."
+msgstr "Nessun utente in attesa."
+
+#: authentik/stages/email/stage.py:163
+msgid "Email sent."
+msgstr "Email inviata."
+
+#: authentik/stages/email/stage.py:176
+msgid "Email Successfully sent."
+msgstr "Email inviata con successo."
+
+#: authentik/stages/email/templates/email/account_confirmation.html:10
+msgid "Welcome!"
+msgstr "Benvenuto!"
+
+#: authentik/stages/email/templates/email/account_confirmation.html:19
+msgid ""
+"We're excited to have you get started. First, you need to confirm your "
+"account. Just press the button below."
+msgstr ""
+"Siamo entusiasti che tu inizi. Per prima cosa devi confermare il tuo "
+"account. Basta premere il pulsante qui sotto."
+
+#: authentik/stages/email/templates/email/account_confirmation.html:24
+msgid "Confirm Account"
+msgstr "Conferma Account"
+
+#: authentik/stages/email/templates/email/account_confirmation.html:36
+#, python-format
+msgid ""
+"\n"
+"    If that doesn't work, copy and paste the following link in your browser: %(url)s\n"
+"    "
+msgstr ""
+"\n"
+"    Se questo non funziona, copia ed incolla il seguente link nel tuo browser: %(url)s\n"
+"    "
+
+#: authentik/stages/email/templates/email/event_notification.html:46
+#, python-format
+msgid ""
+"\n"
+"    This email was sent from the notification transport <code>%(name)s</code>.\n"
+"    "
+msgstr ""
+"\n"
+"     Questa email è stata inviata dal trasporto di notifica <code>%(name)s</code>."
+
+#: authentik/stages/email/templates/email/password_reset.html:10
+#, python-format
+msgid ""
+"\n"
+"      Hi %(username)s,\n"
+"      "
+msgstr ""
+"\n"
+"      Ciao %(username)s,\n"
+"      "
+
+#: authentik/stages/email/templates/email/password_reset.html:21
+msgid ""
+"\n"
+"          You recently requested to change your password for your authentik account. Use the button below to set a new password.\n"
+"          "
+msgstr ""
+"\n"
+"           Hai recentemente richiesto di cambiare la tua password per il tuo account authentik. Utilizza il pulsante qui sotto per impostare una nuova password."
+
+#: authentik/stages/email/templates/email/password_reset.html:39
+#, python-format
+msgid ""
+"\n"
+"    If you did not request a password change, please ignore this Email. The link above is valid for %(expires)s.\n"
+"    "
+msgstr ""
+"\n"
+"     Se non hai richiesto una modifica della password, ignora questa email. Il link sopra è valido \n"
+"per %(expires)s."
+
+#: authentik/stages/email/templates/email/setup.html:9
+msgid "authentik Test-Email"
+msgstr "e-mail di prova di authentik"
+
+#: authentik/stages/email/templates/email/setup.html:17
+msgid ""
+"\n"
+"                    This is a test email to inform you, that you've successfully configured authentik emails.\n"
+"                    "
+msgstr ""
+"\n"
+"                    Questa è un'e-mail di prova per informarti che hai configurato correttamente le e-mail di authentik.\n"
+"                    "
+
+#: authentik/stages/identification/api.py:20
+msgid "When no user fields are selected, at least one source must be selected"
+msgstr ""
+"Quando non viene selezionato alcun campo utente, è necessario selezionare "
+"almeno una sorgente"
+
+#: authentik/stages/identification/models.py:29
+msgid ""
+"Fields of the user object to match against. (Hold shift to select multiple "
+"options)"
+msgstr ""
+"Campi dell'oggetto utente da confrontare. (Mantieni premuto il tasto Maiusc "
+"per selezionare più opzioni)"
+
+#: authentik/stages/identification/models.py:47
+msgid "When enabled, user fields are matched regardless of their casing."
+msgstr ""
+"Quando abilitato, i campi utente vengono abbinati indipendentemente dalla "
+"loro capitalizzazione."
+
+#: authentik/stages/identification/models.py:52
+msgid ""
+"When a valid username/email has been entered, and this option is enabled, "
+"the user's username and avatar will be shown. Otherwise, the text that the "
+"user entered will be shown"
+msgstr ""
+"Quando viene inserito un nome utente/email valido e questa opzione è "
+"abilitata, verranno mostrati il nome utente e l'avatar dell'utente. "
+"Altrimenti, verrà mostrato il testo inserito dall'utente."
+
+#: authentik/stages/identification/models.py:60
+msgid ""
+"When enabled, the stage will succeed and continue even when incorrect user "
+"info is entered."
+msgstr ""
+"Quando abilitato, la fase avrà successo e continuerà anche quando vengono "
+"inserite informazioni utente errate."
+
+#: authentik/stages/identification/models.py:72
+msgid "Optional enrollment flow, which is linked at the bottom of the page."
+msgstr "Flusso di iscrizione opzionale, che è collegato in fondo alla pagina."
+
+#: authentik/stages/identification/models.py:81
+msgid "Optional recovery flow, which is linked at the bottom of the page."
+msgstr ""
+"Flusso di recupero opzionale, mostrato nella parte sottostante della pagina."
+
+#: authentik/stages/identification/models.py:90
+msgid "Optional passwordless flow, which is linked at the bottom of the page."
+msgstr ""
+"Flusso passwordless opzionale, mostrato nella parte sottostante della "
+"pagina."
+
+#: authentik/stages/identification/models.py:94
+msgid "Specify which sources should be shown."
+msgstr "Specifica quali sorgenti devono essere mostrati."
+
+#: authentik/stages/identification/models.py:115
+msgid "Identification Stage"
+msgstr "Fase di identificazione"
+
+#: authentik/stages/identification/models.py:116
+msgid "Identification Stages"
+msgstr "Fasi di identificazione"
+
+#: authentik/stages/identification/stage.py:188
+msgid "Log in"
+msgstr "Accedi"
+
+#: authentik/stages/identification/stage.py:189
+msgid "Continue"
+msgstr "Continua"
+
+#: authentik/stages/invitation/models.py:21
+msgid ""
+"If this flag is set, this Stage will jump to the next Stage when no "
+"Invitation is given. By default this Stage will cancel the Flow when no "
+"invitation is given."
+msgstr ""
+"Se questo flag è impostato, questa fase passerà alla fase successiva quando "
+"non viene dato alcun invito. Per impostazione predefinita, questa fase "
+"annullerà il flusso quando non viene fornito alcun invito."
+
+#: authentik/stages/invitation/models.py:44
+msgid "Invitation Stage"
+msgstr "Fase di invito"
+
+#: authentik/stages/invitation/models.py:45
+msgid "Invitation Stages"
+msgstr "Fasi di invito"
+
+#: authentik/stages/invitation/models.py:60
+msgid "When set, only the configured flow can use this invitation."
+msgstr "Quando impostato, solo il flusso configurato può usare questo invito."
+
+#: authentik/stages/invitation/models.py:64
+msgid "When enabled, the invitation will be deleted after usage."
+msgstr "Se abilitato, l'invito verrà eliminato dopo l'utilizzo."
+
+#: authentik/stages/invitation/models.py:71
+msgid "Optional fixed data to enforce on user enrollment."
+msgstr "Dati fissi facoltativi da applicare alla registrazione dell'utente."
+
+#: authentik/stages/invitation/models.py:84
+msgid "Invitation"
+msgstr "Invito"
+
+#: authentik/stages/invitation/models.py:85
+msgid "Invitations"
+msgstr "Inviti"
+
+#: authentik/stages/invitation/stage.py:62
+msgid "Invalid invite/invite not found"
+msgstr "Invito non disponibile"
+
+#: authentik/stages/password/models.py:20
+msgid "User database + standard password"
+msgstr "Database utente + password standard"
+
+#: authentik/stages/password/models.py:24
+msgid "User database + app passwords"
+msgstr "Database utente + password app"
+
+#: authentik/stages/password/models.py:28
+msgid "User database + LDAP password"
+msgstr "Database utenti + password LDAP"
+
+#: authentik/stages/password/models.py:38
+msgid "Selection of backends to test the password against."
+msgstr "Selezione di backend su cui testare la password."
+
+#: authentik/stages/password/models.py:43
+msgid ""
+"How many attempts a user has before the flow is canceled. To lock the user "
+"out, use a reputation policy and a user_write stage."
+msgstr ""
+"Quanti tentativi ha un utente prima che il flusso venga annullato. Per "
+"escludere l'utente, utilizzare un criterio di reputazione e una fase "
+"user_write."
+
+#: authentik/stages/password/models.py:75
+msgid "Password Stage"
+msgstr "Fase della password"
+
+#: authentik/stages/password/models.py:76
+msgid "Password Stages"
+msgstr "Fasi della password"
+
+#: authentik/stages/password/stage.py:124
+msgid "Invalid password"
+msgstr "Password invalida"
+
+#: authentik/stages/prompt/models.py:43
+msgid "Text: Simple Text input"
+msgstr "Testo: Input di testo semplice"
+
+#: authentik/stages/prompt/models.py:45
+msgid "Text area: Multiline Text Input."
+msgstr "Area di testo: Input di testo multilinea."
+
+#: authentik/stages/prompt/models.py:48
+msgid "Text (read-only): Simple Text input, but cannot be edited."
+msgstr "Testo (sola lettura): Input di testo semplice, ma non modificabile."
+
+#: authentik/stages/prompt/models.py:52
+msgid "Text area (read-only): Multiline Text input, but cannot be edited."
+msgstr ""
+"Area di testo (sola lettura): Input di testo su più righe, ma non può essere"
+" modificato."
+
+#: authentik/stages/prompt/models.py:58
+msgid ""
+"Username: Same as Text input, but checks for and prevents duplicate "
+"usernames."
+msgstr ""
+"Nome utente: Uguale all'input di testo, ma controlla e impedisce i nomi "
+"utente duplicati."
+
+#: authentik/stages/prompt/models.py:60
+msgid "Email: Text field with Email type."
+msgstr "E-mail: Campo di testo con il tipo di e-mail."
+
+#: authentik/stages/prompt/models.py:64
+msgid ""
+"Password: Masked input, multiple inputs of this type on the same prompt need"
+" to be identical."
+msgstr ""
+"Password: Input mascherato, più input di questo tipo sullo stesso prompt "
+"devono essere identici."
+
+#: authentik/stages/prompt/models.py:71
+msgid "Fixed choice field rendered as a group of radio buttons."
+msgstr "Campo a scelta fissa mostrato come gruppo di pulsanti radio."
+
+#: authentik/stages/prompt/models.py:73
+msgid "Fixed choice field rendered as a dropdown."
+msgstr "Campo a scelta fissa mostrato come menu a discesa."
+
+#: authentik/stages/prompt/models.py:80
+msgid ""
+"File: File upload for arbitrary files. File content will be available in "
+"flow context as data-URI"
+msgstr ""
+"File: Caricamento di file per file arbitrari. Il contenuto del file sarà "
+"disponibile nel contesto del flusso come dati-URI"
+
+#: authentik/stages/prompt/models.py:85
+msgid "Separator: Static Separator Line"
+msgstr "Separatore: Linea di separazione statica"
+
+#: authentik/stages/prompt/models.py:86
+msgid "Hidden: Hidden field, can be used to insert data into form."
+msgstr ""
+"Nascosto: Campo nascosto, può essere utilizzato per inserire dati nel "
+"modulo."
+
+#: authentik/stages/prompt/models.py:87
+msgid "Static: Static value, displayed as-is."
+msgstr "Statico: Valore statico, visualizzato così com'è."
+
+#: authentik/stages/prompt/models.py:89
+msgid "authentik: Selection of locales authentik supports"
+msgstr ""
+"authentik: Selezione delle impostazioni locali supportate da authentik"
+
+#: authentik/stages/prompt/models.py:116
+msgid "Name of the form field, also used to store the value"
+msgstr "Nome del campo del modulo, utilizzato anche per memorizzare il valore"
+
+#: authentik/stages/prompt/models.py:124
+msgid ""
+"Optionally provide a short hint that describes the expected input value. "
+"When creating a fixed choice field, enable interpreting as expression and "
+"return a list to return multiple choices."
+msgstr ""
+"Opzionalmente fornire un breve suggerimento che descrive il valore di input "
+"previsto. Quando si crea un campo di scelta fissa, abilitare "
+"l'interpretazione come espressione e restituire una lista per restituire "
+"scelte multiple."
+
+#: authentik/stages/prompt/models.py:132
+msgid ""
+"Optionally pre-fill the input with an initial value. When creating a fixed "
+"choice field, enable interpreting as expression and return a list to return "
+"multiple default choices."
+msgstr ""
+"Opzionalmente precompila l'input con un valore iniziale. Quando si crea un "
+"campo di scelta fissa, abilita l'interpretazione come espressione e "
+"restituisci una lista per restituire più scelte predefinite."
+
+#: authentik/stages/prompt/models.py:321
+msgid "Prompt"
+msgstr "Richiesta"
+
+#: authentik/stages/prompt/models.py:322
+msgid "Prompts"
+msgstr "Richieste"
+
+#: authentik/stages/prompt/models.py:349
+msgid "Prompt Stage"
+msgstr "Fase Richiesta"
+
+#: authentik/stages/prompt/models.py:350
+msgid "Prompt Stages"
+msgstr "Fasi Richiesta"
+
+#: authentik/stages/prompt/stage.py:108
+msgid "Passwords don't match."
+msgstr "Le password non corrispondono."
+
+#: authentik/stages/user_delete/models.py:31
+msgid "User Delete Stage"
+msgstr "Fase di cancellazione dell'utente"
+
+#: authentik/stages/user_delete/models.py:32
+msgid "User Delete Stages"
+msgstr "Fasi di cancellazione dell'utente"
+
+#: authentik/stages/user_delete/stage.py:18
+msgid "No Pending User."
+msgstr "Nessun utente in attesa."
+
+#: authentik/stages/user_login/models.py:19
+msgid ""
+"Determines how long a session lasts. Default of 0 means that the sessions "
+"lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr ""
+"Determina quanto può durare una sessione. Se impostato a 0, la sessione "
+"durerà fino alla chiusura del browser. (Formato: "
+"hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/stages/user_login/models.py:25
+msgid "Terminate all other sessions of the user logging in."
+msgstr "Termina tutte le altre sessioni dell'utente che accede."
+
+#: authentik/stages/user_login/models.py:31
+msgid ""
+"Offset the session will be extended by when the user picks the remember me "
+"option. Default of 0 means that the remember me option will not be shown. "
+"(Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr ""
+"Offset la sessione verrà estesa quando l'utente seleziona l'opzione "
+"ricordami. Il valore predefinito di 0 significa che l'opzione ricordami non "
+"verrà mostrata. (Formato: hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/stages/user_login/models.py:54
+msgid "User Login Stage"
+msgstr "Fase di accesso utente"
+
+#: authentik/stages/user_login/models.py:55
+msgid "User Login Stages"
+msgstr "Fasi di accesso utente"
+
+#: authentik/stages/user_login/stage.py:57
+msgid "No Pending user to login."
+msgstr "Nessun utente in attesa di accesso."
+
+#: authentik/stages/user_login/stage.py:90
+msgid "Successfully logged in!"
+msgstr "Accesso effettuato!"
+
+#: authentik/stages/user_logout/models.py:30
+msgid "User Logout Stage"
+msgstr "Fase di disconnessione dell'utente"
+
+#: authentik/stages/user_logout/models.py:31
+msgid "User Logout Stages"
+msgstr "Fasi di disconnessione dell'utente"
+
+#: authentik/stages/user_write/models.py:31
+msgid "When set, newly created users are inactive and cannot login."
+msgstr "Se specificato, i nuovi utenti sono inattivi e non possono accedere."
+
+#: authentik/stages/user_write/models.py:39
+msgid "Optionally add newly created users to this group."
+msgstr "Opzionalmente, aggiungi gli utenti appena creati a questo gruppo."
+
+#: authentik/stages/user_write/models.py:68
+msgid "User Write Stage"
+msgstr "Fase di scrittura dell'utente"
+
+#: authentik/stages/user_write/models.py:69
+msgid "User Write Stages"
+msgstr "Fasi di scrittura dell'utente"
+
+#: authentik/stages/user_write/stage.py:141
+msgid "No Pending data."
+msgstr "Nessun dato in attesa."
+
+#: authentik/stages/user_write/stage.py:147
+msgid "No user found and can't create new user."
+msgstr "Nessun utente trovato e impossibile creare un nuovo utente."
+
+#: authentik/stages/user_write/stage.py:164
+#: authentik/stages/user_write/stage.py:178
+msgid "Failed to update user. Please try again later."
+msgstr "Impossibile aggiornare l'utente. Per favore riprova più tardi."
+
+#: authentik/tenants/models.py:23
+msgid ""
+"Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` "
+"and `ba.b`"
+msgstr ""
+"Dominio che attiva questo tenant. Può essere un superset, ad esempio `a.b` "
+"per `aa.b` e `ba.b`"
+
+#: authentik/tenants/models.py:58
+msgid ""
+"Events will be deleted after this duration.(Format: "
+"weeks=3;days=2;hours=3,seconds=2)."
+msgstr ""
+"Gli eventi saranno cancellati dopo questa durata. (Formato: "
+"weeks=3;days=2;hours=3,seconds=2)."
+
+#: authentik/tenants/models.py:67
+msgid "Web Certificate used by the authentik Core webserver."
+msgstr "Certificato Web utilizzato dal server Web authentik Core."
+
+#: authentik/tenants/models.py:93
+msgid "Tenant"
+msgstr "Tenant"
+
+#: authentik/tenants/models.py:94
+msgid "Tenants"
+msgstr "Tenants"
diff --git a/locale/ko/LC_MESSAGES/django.mo b/locale/ko/LC_MESSAGES/django.mo
new file mode 100644
index 000000000..971aa815b
Binary files /dev/null and b/locale/ko/LC_MESSAGES/django.mo differ
diff --git a/locale/ko/LC_MESSAGES/django.po b/locale/ko/LC_MESSAGES/django.po
new file mode 100644
index 000000000..345c0916d
--- /dev/null
+++ b/locale/ko/LC_MESSAGES/django.po
@@ -0,0 +1,2717 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+# 
+# Translators:
+# Eunsung Kim, 2023
+# NavyStack, 2023
+# 
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2023-12-06 16:55+0000\n"
+"PO-Revision-Date: 2022-09-26 16:47+0000\n"
+"Last-Translator: NavyStack, 2023\n"
+"Language-Team: Korean (https://app.transifex.com/authentik/teams/119923/ko/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: ko\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: authentik/admin/api/tasks.py:127
+#, python-format
+msgid "Successfully re-scheduled Task %(name)s!"
+msgstr "%(name)s 작업을 성공적으로 다시 예약했습니다."
+
+#: authentik/api/schema.py:25
+msgid "Generic API Error"
+msgstr "일반 API 오류"
+
+#: authentik/api/schema.py:33
+msgid "Validation Error"
+msgstr "유효성 검사 오류"
+
+#: authentik/blueprints/api.py:43
+msgid "Blueprint file does not exist"
+msgstr "Blueprint 파일이 존재하지 않습니다"
+
+#: authentik/blueprints/api.py:54
+#, python-format
+msgid "Failed to validate blueprint: %(logs)s"
+msgstr "blueprint 유효성을 검사하지 못했습니다: %(logs)s"
+
+#: authentik/blueprints/api.py:59
+msgid "Either path or content must be set."
+msgstr "경로 또는 콘텐츠 중 하나는 설정해야 합니다."
+
+#: authentik/blueprints/models.py:30
+msgid "Managed by authentik"
+msgstr "authentik에서 관리"
+
+#: authentik/blueprints/models.py:32
+msgid ""
+"Objects that are managed by authentik. These objects are created and updated"
+" automatically. This flag only indicates that an object can be overwritten "
+"by migrations. You can still modify the objects via the API, but expect "
+"changes to be overwritten in a later update."
+msgstr ""
+"authentik에서 관리하는 오브젝트입니다. 자동으로 생성 및 업데이트됩니다. 이 플래그는 객체가 마이그레이션에 의해 덮어쓰일 수 "
+"있음을 나타냅니다. 여전히 API를 통해 오브젝트를 수정할 수 있지만, 나중에 업데이트에서 덮어 쓰여집니다."
+
+#: authentik/blueprints/models.py:112
+msgid "Blueprint Instance"
+msgstr "블루프린트 인스턴스"
+
+#: authentik/blueprints/models.py:113
+msgid "Blueprint Instances"
+msgstr "블루프린트 인스턴스"
+
+#: authentik/blueprints/v1/exporter.py:62
+#, python-format
+msgid "authentik Export - %(date)s"
+msgstr "authentik 내보내기 - %(date)s"
+
+#: authentik/blueprints/v1/tasks.py:150 authentik/crypto/tasks.py:93
+#, python-format
+msgid "Successfully imported %(count)d files."
+msgstr "%(count)d 파일을 성공적으로 가져왔습니다."
+
+#: authentik/core/api/providers.py:120
+msgid "SAML Provider from Metadata"
+msgstr "SAML 공급자 메타데이터"
+
+#: authentik/core/api/providers.py:121
+msgid "Create a SAML Provider by importing its Metadata."
+msgstr "메타데이터를 가져와 SAML 공급자를 생성합니다."
+
+#: authentik/core/api/users.py:156
+msgid "No leading or trailing slashes allowed."
+msgstr "앞 또는 뒤에 슬래시가 허용되지 않습니다."
+
+#: authentik/core/api/users.py:159
+msgid "No empty segments in user path allowed."
+msgstr "사용자 경로에 빈 세그먼트가 허용되지 않습니다."
+
+#: authentik/core/models.py:86
+msgid "name"
+msgstr "이름"
+
+#: authentik/core/models.py:88
+msgid "Users added to this group will be superusers."
+msgstr "이 그룹에 추가된 사용자는 슈퍼유저가 됩니다."
+
+#: authentik/core/models.py:162
+msgid "Group"
+msgstr "그룹"
+
+#: authentik/core/models.py:163
+msgid "Groups"
+msgstr "그룹"
+
+#: authentik/core/models.py:178
+msgid "User's display name."
+msgstr "사용자의 표시 이름"
+
+#: authentik/core/models.py:274 authentik/providers/oauth2/models.py:295
+msgid "User"
+msgstr "사용자"
+
+#: authentik/core/models.py:275
+msgid "Users"
+msgstr "사용자"
+
+#: authentik/core/models.py:277
+#: authentik/stages/email/templates/email/password_reset.html:28
+msgid "Reset Password"
+msgstr "비밀번호 초기화"
+
+#: authentik/core/models.py:278
+msgid "Can impersonate other users"
+msgstr "다른 사람으로 위장할 수 있음"
+
+#: authentik/core/models.py:279 authentik/rbac/models.py:54
+msgid "Can assign permissions to users"
+msgstr "다른 사용자의 권한을 할당할 수 있음"
+
+#: authentik/core/models.py:280 authentik/rbac/models.py:55
+msgid "Can unassign permissions from users"
+msgstr "다른 사용자의 권한을 취소 할당할 수 있음"
+
+#: authentik/core/models.py:294
+msgid ""
+"Flow used for authentication when the associated application is accessed by "
+"an un-authenticated user."
+msgstr "플로우는 연결된 응용 프로그램이 인증되지 않은 사용자에게 액세스될 때 사용됩니다."
+
+#: authentik/core/models.py:304
+msgid "Flow used when authorizing this provider."
+msgstr "이 공급자를 인증할 때 사용되는 플로우입니다."
+
+#: authentik/core/models.py:316
+msgid ""
+"Accessed from applications; optional backchannel providers for protocols "
+"like LDAP and SCIM."
+msgstr "애플리케이션에서 액세스, LDAP 및 SCIM과 같은 프로토콜을 위한 선택적 백채널 공급자입니다."
+
+#: authentik/core/models.py:371
+msgid "Application's display Name."
+msgstr "애플리케이션의 표시 이름입니다."
+
+#: authentik/core/models.py:372
+msgid "Internal application name, used in URLs."
+msgstr "URL에 사용되는, 내부 애플리케이션 이름입니다."
+
+#: authentik/core/models.py:384
+msgid "Open launch URL in a new browser tab or window."
+msgstr "새 브라우저 탭 또는 창에서 실행 URL을 엽니다."
+
+#: authentik/core/models.py:448
+msgid "Application"
+msgstr "애플리케이션"
+
+#: authentik/core/models.py:449
+msgid "Applications"
+msgstr "애플리케이션"
+
+#: authentik/core/models.py:455
+msgid "Use the source-specific identifier"
+msgstr "소스별 식별자를 사용합니다."
+
+#: authentik/core/models.py:457
+msgid ""
+"Link to a user with identical email address. Can have security implications "
+"when a source doesn't validate email addresses."
+msgstr ""
+"이메일 주소가 동일한 사용자에게 링크합니다. 소스에서 이메일 주소의 유효성을 검사하지 않을 경우 보안에 영향을 미칠 수 있습니다."
+
+#: authentik/core/models.py:461
+msgid ""
+"Use the user's email address, but deny enrollment when the email address "
+"already exists."
+msgstr "사용자의 이메일 주소를 사용하되, 이메일 주소가 이미 존재하는 경우 등록을 거부합니다."
+
+#: authentik/core/models.py:464
+msgid ""
+"Link to a user with identical username. Can have security implications when "
+"a username is used with another source."
+msgstr ""
+"동일한 사용자 아이디를 가진 사용자와 연결합니다. 사용자 아이디가 다른 소스와 함께 사용될 경우 보안에 영향을 미칠 수 있습니다."
+
+#: authentik/core/models.py:468
+msgid ""
+"Use the user's username, but deny enrollment when the username already "
+"exists."
+msgstr "사용자의 사용자명을 사용하지만, 사용자명이 이미 존재하는 경우 등록을 거부합니다."
+
+#: authentik/core/models.py:475
+msgid "Source's display Name."
+msgstr "소스의 표시 이름입니다."
+
+#: authentik/core/models.py:476
+msgid "Internal source name, used in URLs."
+msgstr "URL에 사용되는, 내부 소스 이름입니다."
+
+#: authentik/core/models.py:495
+msgid "Flow to use when authenticating existing users."
+msgstr "기존 사용자를 인증할 때 사용되는 플로우입니다."
+
+#: authentik/core/models.py:504
+msgid "Flow to use when enrolling new users."
+msgstr "새 사용자를 등록할 때 사용되는 플로우입니다."
+
+#: authentik/core/models.py:512
+msgid ""
+"How the source determines if an existing user should be authenticated or a "
+"new user enrolled."
+msgstr "소스가 기존 사용자를 인증할지 또는 새 사용자를 등록할지를 결정하는 방법입니다."
+
+#: authentik/core/models.py:684
+msgid "Token"
+msgstr "토큰"
+
+#: authentik/core/models.py:685
+msgid "Tokens"
+msgstr "토큰"
+
+#: authentik/core/models.py:690
+msgid "View token's key"
+msgstr "토큰 키 보기"
+
+#: authentik/core/models.py:726
+msgid "Property Mapping"
+msgstr "속성 매핑"
+
+#: authentik/core/models.py:727
+msgid "Property Mappings"
+msgstr "속성 매핑"
+
+#: authentik/core/models.py:762
+msgid "Authenticated Session"
+msgstr "인증된 세션"
+
+#: authentik/core/models.py:763
+msgid "Authenticated Sessions"
+msgstr "인증된 세션"
+
+#: authentik/core/sources/flow_manager.py:190
+#, python-format
+msgid ""
+"Request to authenticate with %(source)s has been denied. Please authenticate"
+" with the source you've previously signed up with."
+msgstr "%(source)s의 인증 요청이 거부되었습니다. 이전에 가입한 소스로 인증하세요."
+
+#: authentik/core/sources/flow_manager.py:242
+msgid "Configured flow does not exist."
+msgstr "구성된 플로우가 존재하지 않습니다."
+
+#: authentik/core/sources/flow_manager.py:272
+#: authentik/core/sources/flow_manager.py:324
+#, python-format
+msgid "Successfully authenticated with %(source)s!"
+msgstr "성공적으로 %(source)s을(를) 통해 인증되었습니다!"
+
+#: authentik/core/sources/flow_manager.py:296
+#, python-format
+msgid "Successfully linked %(source)s!"
+msgstr "%(source)s을(를) 성공적으로 연결했습니다!"
+
+#: authentik/core/sources/flow_manager.py:315
+msgid "Source is not configured for enrollment."
+msgstr "소스가 등록을 위해 구성되지 않았습니다."
+
+#: authentik/core/templates/if/end_session.html:7
+msgid "End session"
+msgstr "세션 종료"
+
+#: authentik/core/templates/if/end_session.html:11
+#, python-format
+msgid ""
+"\n"
+"You've logged out of %(application)s.\n"
+msgstr ""
+"\n"
+"%(application)s에서 로그아웃 했습니다.\n"
+
+#: authentik/core/templates/if/end_session.html:19
+#, python-format
+msgid ""
+"\n"
+"            You've logged out of %(application)s. You can go back to the overview to launch another application, or log out of your %(branding_title)s account.\n"
+"        "
+msgstr ""
+"\n"
+"            %(application)s에서 로그아웃했습니다. 다른 응용 프로그램을 시작하거나 %(branding_title)s 계정에서 로그아웃할 수 있습니다.\n"
+"        "
+
+#: authentik/core/templates/if/end_session.html:25
+msgid "Go back to overview"
+msgstr "개요로 돌아가기"
+
+#: authentik/core/templates/if/end_session.html:29
+#, python-format
+msgid ""
+"\n"
+"            Log out of %(branding_title)s\n"
+"        "
+msgstr ""
+"\n"
+"            %(branding_title)s에서 로그아웃합니다.\n"
+"        "
+
+#: authentik/core/templates/if/end_session.html:36
+#, python-format
+msgid ""
+"\n"
+"            Log back into %(application)s\n"
+"        "
+msgstr ""
+"\n"
+"            %(application)s에 다시 로그인\n"
+"        "
+
+#: authentik/core/templates/if/error.html:18
+msgid "Go home"
+msgstr "홈으로 가기"
+
+#: authentik/core/templates/login/base_full.html:89
+msgid "Powered by authentik"
+msgstr "Powered by authentik"
+
+#: authentik/core/views/apps.py:53
+#: authentik/providers/oauth2/views/authorize.py:393
+#: authentik/providers/oauth2/views/device_init.py:70
+#: authentik/providers/saml/views/sso.py:70
+#, python-format
+msgid "You're about to sign into %(application)s."
+msgstr "%(application)s에 로그인하려고 합니다."
+
+#: authentik/crypto/api.py:179
+msgid "Subject-alt name"
+msgstr "주체 대체 이름"
+
+#: authentik/crypto/models.py:30
+msgid "PEM-encoded Certificate data"
+msgstr "PEM 인코딩된 인증서 데이터"
+
+#: authentik/crypto/models.py:33
+msgid ""
+"Optional Private Key. If this is set, you can use this keypair for "
+"encryption."
+msgstr "선택적 개인 키. 이 옵션을 설정하면 이 키쌍을 암호화에 사용할 수 있습니다."
+
+#: authentik/crypto/models.py:101
+msgid "Certificate-Key Pair"
+msgstr "인증서-키 쌍"
+
+#: authentik/crypto/models.py:102
+msgid "Certificate-Key Pairs"
+msgstr "인증서-키 쌍"
+
+#: authentik/enterprise/models.py:183
+msgid "License"
+msgstr "라이선스"
+
+#: authentik/enterprise/models.py:184
+msgid "Licenses"
+msgstr "라이선스"
+
+#: authentik/enterprise/models.py:206
+msgid "License Usage"
+msgstr "라이선스 사용"
+
+#: authentik/enterprise/models.py:207
+msgid "License Usage Records"
+msgstr "라이선스 사용 기록"
+
+#: authentik/events/models.py:291
+msgid "Event"
+msgstr "이력"
+
+#: authentik/events/models.py:292
+msgid "Events"
+msgstr "이력"
+
+#: authentik/events/models.py:298
+msgid "authentik inbuilt notifications"
+msgstr "authentik 내장 통지"
+
+#: authentik/events/models.py:299
+msgid "Generic Webhook"
+msgstr "일반 웹훅"
+
+#: authentik/events/models.py:300
+msgid "Slack Webhook (Slack/Discord)"
+msgstr "Slack 웹훅 (Slack/Discord)"
+
+#: authentik/events/models.py:301
+msgid "Email"
+msgstr "이메일"
+
+#: authentik/events/models.py:319
+msgid ""
+"Only send notification once, for example when sending a webhook into a chat "
+"channel."
+msgstr "예를 들어 채팅 채널로 웹훅을 보낼 때 알림을 한 번만 보내세요."
+
+#: authentik/events/models.py:384
+msgid "Severity"
+msgstr "심각도"
+
+#: authentik/events/models.py:389
+msgid "Dispatched for user"
+msgstr "사용자를 위해 발송됨"
+
+#: authentik/events/models.py:398
+msgid "Event user"
+msgstr "사용자 이력"
+
+#: authentik/events/models.py:492
+msgid "Notification Transport"
+msgstr "통지 전송"
+
+#: authentik/events/models.py:493
+msgid "Notification Transports"
+msgstr "통지 전송"
+
+#: authentik/events/models.py:499
+msgid "Notice"
+msgstr "통지"
+
+#: authentik/events/models.py:500
+msgid "Warning"
+msgstr "주의"
+
+#: authentik/events/models.py:501
+msgid "Alert"
+msgstr "경고"
+
+#: authentik/events/models.py:526
+msgid "Notification"
+msgstr "통지"
+
+#: authentik/events/models.py:527
+msgid "Notifications"
+msgstr "통지"
+
+#: authentik/events/models.py:537
+msgid ""
+"Select which transports should be used to notify the user. If none are "
+"selected, the notification will only be shown in the authentik UI."
+msgstr ""
+"사용자에게 통지를 보내는 데 사용할 전송을 선택합니다. 아무것도 선택하지 않으면 통지는 authentik UI에만 표시됩니다."
+
+#: authentik/events/models.py:545
+msgid "Controls which severity level the created notifications will have."
+msgstr "생성된 통지의 심각도 수준을 제어합니다."
+
+#: authentik/events/models.py:550
+msgid ""
+"Define which group of users this notification should be sent and shown to. "
+"If left empty, Notification won't ben sent."
+msgstr "이 통지를 받고 표시할 사용자 그룹을 정의합니다. 비워 둘 경우 통지가 전송되지 않습니다."
+
+#: authentik/events/models.py:568
+msgid "Notification Rule"
+msgstr "통지 규칙"
+
+#: authentik/events/models.py:569
+msgid "Notification Rules"
+msgstr "통지 규칙"
+
+#: authentik/events/models.py:589
+msgid "Webhook Mapping"
+msgstr "웹훅 매핑"
+
+#: authentik/events/models.py:590
+msgid "Webhook Mappings"
+msgstr "웹훅 매핑"
+
+#: authentik/events/monitored_tasks.py:205
+msgid "Task has not been run yet."
+msgstr "작업이 아직 실행되지 않았습니다."
+
+#: authentik/flows/api/flows.py:295
+#, python-format
+msgid "Flow not applicable to current user/request: %(messages)s"
+msgstr "현재 사용자/요청에는 플로우를 적용할 수 없습니다: %(messages)s"
+
+#: authentik/flows/api/flows_diagram.py:68
+#: authentik/flows/api/flows_diagram.py:94
+#, python-format
+msgid "Policy (%(type)s)"
+msgstr "정책 (%(type)s)"
+
+#: authentik/flows/api/flows_diagram.py:71
+#, python-format
+msgid "Binding %(order)d"
+msgstr "바인딩 %(order)d"
+
+#: authentik/flows/api/flows_diagram.py:118
+msgid "Policy passed"
+msgstr "정책 통과됨"
+
+#: authentik/flows/api/flows_diagram.py:122
+#, python-format
+msgid "Stage (%(type)s)"
+msgstr "스테이지 (%(type)s)"
+
+#: authentik/flows/api/flows_diagram.py:146
+#: authentik/flows/api/flows_diagram.py:206
+msgid "Policy denied"
+msgstr "정책 거부됨"
+
+#: authentik/flows/api/flows_diagram.py:156
+#: authentik/flows/api/flows_diagram.py:168
+#: authentik/flows/api/flows_diagram.py:205
+#: authentik/flows/api/flows_diagram.py:227
+msgid "End of the flow"
+msgstr "플로우 종료"
+
+#: authentik/flows/api/flows_diagram.py:169
+msgid "Requirement not fulfilled"
+msgstr "요구 사항 충족되지 않음"
+
+#: authentik/flows/api/flows_diagram.py:177
+msgid "Flow authentication requirement"
+msgstr "플로우 인증 요구 사항"
+
+#: authentik/flows/api/flows_diagram.py:183
+msgid "Requirement fulfilled"
+msgstr "요구 사항 충족됨"
+
+#: authentik/flows/api/flows_diagram.py:196
+msgid "Pre-flow policies"
+msgstr "사전 플로우 정책"
+
+#: authentik/flows/api/flows_diagram.py:214 authentik/flows/models.py:193
+msgid "Flow"
+msgstr "플로우"
+
+#: authentik/flows/exceptions.py:19
+msgid "Flow does not apply to current user."
+msgstr "플로우가 현재 사용자에게 적용되지 않습니다."
+
+#: authentik/flows/models.py:114
+#, python-format
+msgid "Dynamic In-memory stage: %(doc)s"
+msgstr "동적 메모리 스테이지: %(doc)s"
+
+#: authentik/flows/models.py:129
+msgid "Visible in the URL."
+msgstr "URL에 표시됩니다."
+
+#: authentik/flows/models.py:131
+msgid "Shown as the Title in Flow pages."
+msgstr "플로우 페이지에서 타이틀로 표시됩니다."
+
+#: authentik/flows/models.py:138
+msgid ""
+"Decides what this Flow is used for. For example, the Authentication flow is "
+"redirect to when an un-authenticated user visits authentik."
+msgstr ""
+"이 플로우가 사용되는 용도를 결정합니다. 예를 들어, 인증되지 않은 사용자가 authentik을 방문할 때 인증 플로우가 리디렉션됩니다."
+
+#: authentik/flows/models.py:147
+msgid "Background shown during execution"
+msgstr "실행 중에 표시되는 배경"
+
+#: authentik/flows/models.py:154
+msgid ""
+"Enable compatibility mode, increases compatibility with password managers on"
+" mobile devices."
+msgstr "호환성 모드를 활성화하면, 모바일 장치에서 비밀번호 관리자와의 호환성이 향상됩니다."
+
+#: authentik/flows/models.py:162
+msgid "Configure what should happen when a flow denies access to a user."
+msgstr "플로우가 사용자에게 액세스를 거부할 때 어떻게 처리할지 구성합니다."
+
+#: authentik/flows/models.py:168
+msgid "Required level of authentication and authorization to access a flow."
+msgstr "플로우에 액세스하려면 필요한 인증 및 권한 수준입니다."
+
+#: authentik/flows/models.py:194
+msgid "Flows"
+msgstr "플로우"
+
+#: authentik/flows/models.py:197
+msgid "Can export a Flow"
+msgstr "플로우를 내보낼 수 있습니다."
+
+#: authentik/flows/models.py:198
+msgid "Can inspect a Flow's execution"
+msgstr "플로우 실행을 검사할 수 있습니다."
+
+#: authentik/flows/models.py:199
+msgid "View Flow's cache metrics"
+msgstr "플로우의 캐시 메트릭 보기"
+
+#: authentik/flows/models.py:200
+msgid "Clear Flow's cache metrics"
+msgstr "플로우의 캐시 메트릭 삭제"
+
+#: authentik/flows/models.py:216
+msgid "Evaluate policies during the Flow planning process."
+msgstr "플로우 계획 프로세스 중에 정책을 평가할 수 있습니다."
+
+#: authentik/flows/models.py:220
+msgid "Evaluate policies when the Stage is present to the user."
+msgstr "스테이지가 사용자에게 표시될 때 정책을 심사합니다."
+
+#: authentik/flows/models.py:227
+msgid ""
+"Configure how the flow executor should handle an invalid response to a "
+"challenge. RETRY returns the error message and a similar challenge to the "
+"executor. RESTART restarts the flow from the beginning, and "
+"RESTART_WITH_CONTEXT restarts the flow while keeping the current context."
+msgstr ""
+"플로우 실행기가 챌린지에 대한 유효하지 않은 응답을 처리하는 방법을 구성합니다. RETRY는 오류 메시지와 유사한 챌린지를 실행기에 "
+"반환합니다. RESTART는 플로우를 처음부터 다시 시작하고, RESTART_WITH_CONTEXT는 현재 컨텍스트를 유지하면서 플로우를"
+" 다시 시작합니다."
+
+#: authentik/flows/models.py:250
+msgid "Flow Stage Binding"
+msgstr "플로우 스테이지 바인딩"
+
+#: authentik/flows/models.py:251
+msgid "Flow Stage Bindings"
+msgstr "플로우 스테이지 바인딩"
+
+#: authentik/flows/models.py:266
+msgid ""
+"Flow used by an authenticated user to configure this Stage. If empty, user "
+"will not be able to configure this stage."
+msgstr "이 스테이지를 구성하는 데 사용되는 인증된 사용자의 플로우입니다. 비어 있으면 사용자가 이 스테이지를 구성할 수 없습니다."
+
+#: authentik/flows/models.py:306
+msgid "Flow Token"
+msgstr "플로우 토큰"
+
+#: authentik/flows/models.py:307
+msgid "Flow Tokens"
+msgstr "플로우 토큰"
+
+#: authentik/lib/utils/time.py:27
+#, python-format
+msgid "%(value)s is not in the correct format of 'hours=3;minutes=1'."
+msgstr "%(value)s의 형식이 'hours=3;minutes=1'인 올바른 형식이 아닙니다."
+
+#: authentik/lib/validators.py:16
+#, python-brace-format
+msgid "The fields {field_names} must be used together."
+msgstr "{field_names} 필드는 함께 사용되어야 합니다."
+
+#: authentik/outposts/api/service_connections.py:127
+msgid ""
+"You can only use an empty kubeconfig when connecting to a local cluster."
+msgstr "로컬 클러스터에 연결할 때만 빈 kubeconfig을 사용할 수 있습니다."
+
+#: authentik/outposts/api/service_connections.py:135
+msgid "Invalid kubeconfig"
+msgstr "kubeconfig이 올바르지 않음"
+
+#: authentik/outposts/models.py:122
+msgid ""
+"If enabled, use the local connection. Required Docker socket/Kubernetes "
+"Integration"
+msgstr "활성화되면 로컬 연결을 사용합니다. 필요한 Docker 소켓/쿠버네티스 통합에 필요합니다"
+
+#: authentik/outposts/models.py:152
+msgid "Outpost Service-Connection"
+msgstr "Outpost 서비스 연결"
+
+#: authentik/outposts/models.py:153
+msgid "Outpost Service-Connections"
+msgstr "Outpost 서비스 연결"
+
+#: authentik/outposts/models.py:161
+msgid ""
+"Can be in the format of 'unix://<path>' when connecting to a local docker "
+"daemon, or 'https://<hostname>:2376' when connecting to a remote system."
+msgstr ""
+"로컬 도커 데몬에 연결할 때는 'unix://<path>' 형식, 원격 시스템에 연결할 때는 "
+"'https://<hostname>:2376' 형식일 수 있습니다."
+
+#: authentik/outposts/models.py:173
+msgid ""
+"CA which the endpoint's Certificate is verified against. Can be left empty "
+"for no validation."
+msgstr "엔드포인트의 인증서를 검증하는 CA입니다. 검증을 수행하지 않으려면 비워둘 수 있습니다."
+
+#: authentik/outposts/models.py:185
+msgid ""
+"Certificate/Key used for authentication. Can be left empty for no "
+"authentication."
+msgstr "인증에 사용되는 인증서/키입니다. 인증이 필요하지 않은 경우 비워 둘 수 있습니다."
+
+#: authentik/outposts/models.py:203
+msgid "Docker Service-Connection"
+msgstr "도커 서비스 연결"
+
+#: authentik/outposts/models.py:204
+msgid "Docker Service-Connections"
+msgstr "도커 서비스 연결"
+
+#: authentik/outposts/models.py:212
+msgid ""
+"Paste your kubeconfig here. authentik will automatically use the currently "
+"selected context."
+msgstr "여기에 kubeconfig를 붙여넣습니다. authentik은 자동으로 현재 선택된 컨텍스트를 사용합니다."
+
+#: authentik/outposts/models.py:218
+msgid "Verify SSL Certificates of the Kubernetes API endpoint"
+msgstr "Kubernetes API 엔드포인트의 SSL 인증서 확인"
+
+#: authentik/outposts/models.py:235
+msgid "Kubernetes Service-Connection"
+msgstr "쿠버네티스 서비스 연결"
+
+#: authentik/outposts/models.py:236
+msgid "Kubernetes Service-Connections"
+msgstr "쿠버네티스 서비스 연결"
+
+#: authentik/outposts/models.py:252
+msgid ""
+"Select Service-Connection authentik should use to manage this outpost. Leave"
+" empty if authentik should not handle the deployment."
+msgstr ""
+"이 Outpost를 관리하는 데 사용할 서비스 연결을 선택하십시오. authentik이 배포를 처리하지 않아야 하는 경우 비워 두십시오."
+
+#: authentik/outposts/models.py:419
+msgid "Outpost"
+msgstr "Outpost"
+
+#: authentik/outposts/models.py:420
+msgid "Outposts"
+msgstr "Outposts"
+
+#: authentik/policies/denied.py:24
+msgid "Access denied"
+msgstr "액세스 거부됨"
+
+#: authentik/policies/dummy/models.py:44
+msgid "Dummy Policy"
+msgstr "더미 정책"
+
+#: authentik/policies/dummy/models.py:45
+msgid "Dummy Policies"
+msgstr "더미 정책"
+
+#: authentik/policies/event_matcher/api.py:20
+#: authentik/policies/event_matcher/models.py:56
+msgid ""
+"Match events created by selected application. When left empty, all "
+"applications are matched."
+msgstr "선택한 응용 프로그램에서 생성된 이벤트와 일치시킵니다. 비워 둘 경우 모든 응용 프로그램이 일치합니다."
+
+#: authentik/policies/event_matcher/api.py:29
+#: authentik/policies/event_matcher/models.py:64
+msgid ""
+"Match events created by selected model. When left empty, all models are "
+"matched. When an app is selected, all the application's models are matched."
+msgstr ""
+"선택한 모델에서 생성된 이벤트와 일치시킵니다. 비워 두면 모든 모델이 일치합니다. 응용 프로그램이 선택된 경우 해당 응용 프로그램의 모든"
+" 모델이 일치합니다."
+
+#: authentik/policies/event_matcher/api.py:42
+msgid "At least one criteria must be set."
+msgstr "기준을 하나 이상 설정해야 합니다."
+
+#: authentik/policies/event_matcher/models.py:48
+msgid ""
+"Match created events with this action type. When left empty, all action "
+"types will be matched."
+msgstr "생성된 이벤트를 이 액션 유형과 일치시킵니다. 비워두면 모든 액션 유형이 일치합니다."
+
+#: authentik/policies/event_matcher/models.py:73
+msgid ""
+"Matches Event's Client IP (strict matching, for network matching use an "
+"Expression Policy)"
+msgstr "이벤트의 클라이언트 IP와 일치시킵니다 (엄격한 일치, 네트워크 일치에는 표현식 정책을 사용하세요)."
+
+#: authentik/policies/event_matcher/models.py:143
+msgid "Event Matcher Policy"
+msgstr "이벤트 일치 정책"
+
+#: authentik/policies/event_matcher/models.py:144
+msgid "Event Matcher Policies"
+msgstr "이벤트 일치 정책"
+
+#: authentik/policies/expiry/models.py:45
+#, python-format
+msgid "Password expired %(days)d days ago. Please update your password."
+msgstr "비밀번호가 %(days)d 일 전에 만료되었습니다. 비밀번호를 업데이트하세요."
+
+#: authentik/policies/expiry/models.py:49
+msgid "Password has expired."
+msgstr "비밀번호가 만료되었습니다."
+
+#: authentik/policies/expiry/models.py:53
+msgid "Password Expiry Policy"
+msgstr "비밀번호 만료 정책"
+
+#: authentik/policies/expiry/models.py:54
+msgid "Password Expiry Policies"
+msgstr "비밀번호 만료 정책"
+
+#: authentik/policies/expression/models.py:40
+msgid "Expression Policy"
+msgstr "정규표현식 정책"
+
+#: authentik/policies/expression/models.py:41
+msgid "Expression Policies"
+msgstr "정규표현식 정책"
+
+#: authentik/policies/models.py:22
+msgid "all, all policies must pass"
+msgstr "all, 모든 정책이 통과해야 함"
+
+#: authentik/policies/models.py:23
+msgid "any, any policy must pass"
+msgstr "any, 어떤 정책이라도 통과하면 됨"
+
+#: authentik/policies/models.py:46
+msgid "Policy Binding Model"
+msgstr "정책 바인딩 모델"
+
+#: authentik/policies/models.py:47
+msgid "Policy Binding Models"
+msgstr "정책 바인딩 모델"
+
+#: authentik/policies/models.py:86
+msgid "Negates the outcome of the policy. Messages are unaffected."
+msgstr "정책의 결과를 무효화합니다. 메시지는 영향을 받지 않습니다."
+
+#: authentik/policies/models.py:89
+msgid "Timeout after which Policy execution is terminated."
+msgstr "시간을 초과하면 정책 실행을 종료합니다."
+
+#: authentik/policies/models.py:92
+msgid "Result if the Policy execution fails."
+msgstr "정책 실행이 실패한 경우의 결과입니다."
+
+#: authentik/policies/models.py:145
+msgid "Policy Binding"
+msgstr "정책 바인딩"
+
+#: authentik/policies/models.py:146
+msgid "Policy Bindings"
+msgstr "정책 바인딩"
+
+#: authentik/policies/models.py:167
+msgid ""
+"When this option is enabled, all executions of this policy will be logged. "
+"By default, only execution errors are logged."
+msgstr "이 옵션을 활성화하면 이 정책의 모든 실행이 기록됩니다. 기본적으로 실행 오류만 기록됩니다."
+
+#: authentik/policies/models.py:189
+msgid "Policy"
+msgstr "정책"
+
+#: authentik/policies/models.py:190
+msgid "Policies"
+msgstr "정책"
+
+#: authentik/policies/models.py:193
+msgid "View Policy's cache metrics"
+msgstr "정책의 캐시 메트릭 보기"
+
+#: authentik/policies/models.py:194
+msgid "Clear Policy's cache metrics"
+msgstr "정책의 캐시 메트릭 삭제"
+
+#: authentik/policies/password/models.py:27
+msgid "Field key to check, field keys defined in Prompt stages are available."
+msgstr "확인하려는 필드 키, 프롬프트 스테이지에서 정의된 필드 키를 사용할 수 있습니다."
+
+#: authentik/policies/password/models.py:44
+msgid "How many times the password hash is allowed to be on haveibeenpwned"
+msgstr "비밀번호 해시가 허용되는 해시 횟수"
+
+#: authentik/policies/password/models.py:49
+msgid ""
+"If the zxcvbn score is equal or less than this value, the policy will fail."
+msgstr "만약 zxcvbn 점수가 이 값과 같거나 이 값보다 작다면, 정책이 실패합니다."
+
+#: authentik/policies/password/models.py:72
+msgid "Password not set in context"
+msgstr "비밀번호가 컨텍스트에 설정되지 않음"
+
+#: authentik/policies/password/models.py:134
+#, python-format
+msgid "Password exists on %(count)d online lists."
+msgstr "비밀번호가 %(count)d개의 온라인 목록에 있습니다."
+
+#: authentik/policies/password/models.py:154
+msgid "Password is too weak."
+msgstr "비밀번호가 너무 약합니다."
+
+#: authentik/policies/password/models.py:162
+msgid "Password Policy"
+msgstr "비밀번호 정책"
+
+#: authentik/policies/password/models.py:163
+msgid "Password Policies"
+msgstr "비밀번호 정책"
+
+#: authentik/policies/reputation/api.py:18
+msgid "Either IP or Username must be checked"
+msgstr "IP 또는 사용자명 중 하나를 선택해야 합니다."
+
+#: authentik/policies/reputation/models.py:67
+msgid "Reputation Policy"
+msgstr "평판 정책"
+
+#: authentik/policies/reputation/models.py:68
+msgid "Reputation Policies"
+msgstr "평판 정책"
+
+#: authentik/policies/reputation/models.py:95
+msgid "Reputation Score"
+msgstr "평판 점수"
+
+#: authentik/policies/reputation/models.py:96
+msgid "Reputation Scores"
+msgstr "평판 점수"
+
+#: authentik/policies/templates/policies/denied.html:7
+#: authentik/policies/templates/policies/denied.html:11
+msgid "Permission denied"
+msgstr "권한 거부됨"
+
+#: authentik/policies/templates/policies/denied.html:21
+msgid "User's avatar"
+msgstr "사용자 아바타"
+
+#: authentik/policies/templates/policies/denied.html:25
+msgid "Not you?"
+msgstr "본인이 아닌가요?"
+
+#: authentik/policies/templates/policies/denied.html:33
+msgid "Request has been denied."
+msgstr "요청이 거부되었습니다."
+
+#: authentik/policies/templates/policies/denied.html:44
+msgid "Messages:"
+msgstr "메세지:"
+
+#: authentik/policies/templates/policies/denied.html:54
+msgid "Explanation:"
+msgstr "설명:"
+
+#: authentik/policies/templates/policies/denied.html:58
+#, python-format
+msgid ""
+"\n"
+"                    Policy binding '%(name)s' returned result '%(result)s'\n"
+"                    "
+msgstr ""
+"\n"
+"                    정책 바인딩 '%(name)s'이(가) 결과 '%(result)s'을(를) 반환했습니다\n"
+"                    "
+
+#: authentik/policies/views.py:68
+msgid "Failed to resolve application"
+msgstr "애플리케이션 확인 실패"
+
+#: authentik/providers/ldap/models.py:25
+msgid "DN under which objects are accessible."
+msgstr "개체에 액세스할 수 있는 DN입니다."
+
+#: authentik/providers/ldap/models.py:34
+msgid ""
+"Users in this group can do search queries. If not set, every user can "
+"execute search queries."
+msgstr "이 그룹의 사용자는 검색 쿼리를 실행할 수 있습니다. 설정되지 않은 경우 모든 사용자가 검색 쿼리를 실행할 수 있습니다."
+
+#: authentik/providers/ldap/models.py:53
+msgid ""
+"The start for uidNumbers, this number is added to the user.pk to make sure "
+"that the numbers aren't too low for POSIX users. Default is 2000 to ensure "
+"that we don't collide with local users uidNumber"
+msgstr ""
+"UID의 시작값입니다. 이 숫자는 user.Pk에 추가되어 POSIX 사용자의 숫자가 너무 낮지 않도록 합니다. 기본값은 2000으로 "
+"설정되어 로컬 사용자 UID와 충돌하지 않도록 합니다."
+
+#: authentik/providers/ldap/models.py:62
+msgid ""
+"The start for gidNumbers, this number is added to a number generated from "
+"the group.pk to make sure that the numbers aren't too low for POSIX groups. "
+"Default is 4000 to ensure that we don't collide with local groups or users "
+"primary groups gidNumber"
+msgstr ""
+"GID의 시작값입니다. 이 숫자는 group.Pk에서 생성된 숫자에 추가되어 POSIX 그룹의 숫자가 너무 낮지 않도록 합니다. 기본값은"
+" 4000으로 설정되어 로컬 그룹 또는 사용자의 기본 그룹 gidNumber와 충돌하지 않도록 합니다."
+
+#: authentik/providers/ldap/models.py:76
+#: authentik/providers/radius/models.py:34
+msgid ""
+"When enabled, code-based multi-factor authentication can be used by "
+"appending a semicolon and the TOTP code to the password. This should only be"
+" enabled if all users that will bind to this provider have a TOTP device "
+"configured, as otherwise a password may incorrectly be rejected if it "
+"contains a semicolon."
+msgstr ""
+"이 옵션을 활성화하면, 비밀번호에 세미콜론과 TOTP 코드를 추가하여 코드 기반 멀티팩터 인증을 사용할 수 있습니다. 비밀번호에 "
+"세미콜론이 포함되어 있으면 비밀번호가 거부될 수 있으므로, 이 공급자에 바인딩할 모든 사용자가 TOTP 디바이스를 구성한 경우에만 이 "
+"기능을 사용하도록 설정해야 합니다."
+
+#: authentik/providers/ldap/models.py:108
+msgid "LDAP Provider"
+msgstr "LDAP 공급자"
+
+#: authentik/providers/ldap/models.py:109
+msgid "LDAP Providers"
+msgstr "LDAP 공급자"
+
+#: authentik/providers/oauth2/id_token.py:27
+msgid "Based on the Hashed User ID"
+msgstr "해시된 사용자 ID 기반"
+
+#: authentik/providers/oauth2/id_token.py:28
+msgid "Based on user ID"
+msgstr "사용자 ID 기반"
+
+#: authentik/providers/oauth2/id_token.py:29
+msgid "Based on user UUID"
+msgstr "사용자 UUID 기반"
+
+#: authentik/providers/oauth2/id_token.py:30
+msgid "Based on the username"
+msgstr "사용자명 기반"
+
+#: authentik/providers/oauth2/id_token.py:33
+msgid "Based on the User's Email. This is recommended over the UPN method."
+msgstr "사용자 이메일 기반. 이 방법은 UPN 방법보다 권장됩니다."
+
+#: authentik/providers/oauth2/id_token.py:38
+msgid ""
+"Based on the User's UPN, only works if user has a 'upn' attribute set. Use "
+"this method only if you have different UPN and Mail domains."
+msgstr ""
+"사용자의 UPN을 기반으로 하며, 사용자에게 'upn' 특성이 설정되어 있는 경우에만 작동합니다. 이 방법은 UPN과 메일 도메인이 다른"
+" 경우에만 사용하세요."
+
+#: authentik/providers/oauth2/models.py:43
+msgid "Confidential"
+msgstr "컨피덴셜"
+
+#: authentik/providers/oauth2/models.py:44
+msgid "Public"
+msgstr "공개"
+
+#: authentik/providers/oauth2/models.py:66
+msgid "Same identifier is used for all providers"
+msgstr "모든 공급자에 대해 동일한 식별자가 사용됨"
+
+#: authentik/providers/oauth2/models.py:68
+msgid "Each provider has a different issuer, based on the application slug."
+msgstr "각 공급자는 애플리케이션 슬러그를 기반으로 서로 다른 발급자를 가짐"
+
+#: authentik/providers/oauth2/models.py:75
+msgid "code (Authorization Code Flow)"
+msgstr "code (인증 코드 플로우)"
+
+#: authentik/providers/oauth2/models.py:76
+msgid "id_token (Implicit Flow)"
+msgstr "id_token (암시적 플로우)"
+
+#: authentik/providers/oauth2/models.py:77
+msgid "id_token token (Implicit Flow)"
+msgstr "id_token token (암시적 플로우)"
+
+#: authentik/providers/oauth2/models.py:78
+msgid "code token (Hybrid Flow)"
+msgstr "code token (하이브리드 플로우)"
+
+#: authentik/providers/oauth2/models.py:79
+msgid "code id_token (Hybrid Flow)"
+msgstr "code id_token (하이브리드 플로우)"
+
+#: authentik/providers/oauth2/models.py:80
+msgid "code id_token token (Hybrid Flow)"
+msgstr "code id_token token (하이브리드 플로우)"
+
+#: authentik/providers/oauth2/models.py:86
+msgid "HS256 (Symmetric Encryption)"
+msgstr "HS256 (대칭 암호화)"
+
+#: authentik/providers/oauth2/models.py:87
+msgid "RS256 (Asymmetric Encryption)"
+msgstr "RS256 (비대칭 암호화)"
+
+#: authentik/providers/oauth2/models.py:88
+msgid "ES256 (Asymmetric Encryption)"
+msgstr "ES256 (비대칭 암호화)"
+
+#: authentik/providers/oauth2/models.py:94
+msgid "Scope used by the client"
+msgstr "클라이언트에서 사용할 스코프"
+
+#: authentik/providers/oauth2/models.py:98
+msgid ""
+"Description shown to the user when consenting. If left empty, the user won't"
+" be informed."
+msgstr "동의할 때 사용자에게 표시되는 설명입니다. 비워두면 사용자에게 통지가 표시되지 않습니다."
+
+#: authentik/providers/oauth2/models.py:117
+msgid "Scope Mapping"
+msgstr "스코프 매핑"
+
+#: authentik/providers/oauth2/models.py:118
+msgid "Scope Mappings"
+msgstr "스코프 매핑"
+
+#: authentik/providers/oauth2/models.py:128
+msgid "Client Type"
+msgstr "클라이언트 유형"
+
+#: authentik/providers/oauth2/models.py:130
+msgid ""
+"Confidential clients are capable of maintaining the confidentiality of their"
+" credentials. Public clients are incapable"
+msgstr "기밀 클라이언트는 자격 증명의 기밀을 유지할 수 있습니다. 공개 클라이언트는 불가능"
+
+#: authentik/providers/oauth2/models.py:137
+msgid "Client ID"
+msgstr "클라이언트 ID"
+
+#: authentik/providers/oauth2/models.py:143
+msgid "Client Secret"
+msgstr "클라이언트 Secret"
+
+#: authentik/providers/oauth2/models.py:149
+msgid "Redirect URIs"
+msgstr "리다이렉트 URI"
+
+#: authentik/providers/oauth2/models.py:150
+msgid "Enter each URI on a new line."
+msgstr "각 행마다 URI를 입력하세요."
+
+#: authentik/providers/oauth2/models.py:155
+msgid "Include claims in id_token"
+msgstr "id_token에 클레임 포함"
+
+#: authentik/providers/oauth2/models.py:157
+msgid ""
+"Include User claims from scopes in the id_token, for applications that don't"
+" access the userinfo endpoint."
+msgstr "사용자 정보 엔드포인트에 액세스하지 않는 애플리케이션의 경우, 범위의 사용자 선언을 Id_token에 포함하세요."
+
+#: authentik/providers/oauth2/models.py:166
+msgid ""
+"Access codes not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr "현재 시간 이후로 이 값 (형식: hours=1;minutes=2;seconds=3)만큼 유효한 액세스 코드가 아닙니다."
+
+#: authentik/providers/oauth2/models.py:174
+#: authentik/providers/oauth2/models.py:182
+msgid ""
+"Tokens not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr "현재 시간 이후로 이 값 (형식: hours=1;minutes=2;seconds=3)만큼 토큰이 유효하지 않습니다."
+
+#: authentik/providers/oauth2/models.py:191
+msgid ""
+"Configure what data should be used as unique User Identifier. For most "
+"cases, the default should be fine."
+msgstr "고유 사용자 식별자로 사용할 데이터를 구성합니다. 대부분의 경우 기본값을 사용해도 무방합니다."
+
+#: authentik/providers/oauth2/models.py:198
+msgid "Configure how the issuer field of the ID Token should be filled."
+msgstr "ID 토큰의 발급자 필드를 채우는 방법을 구성합니다."
+
+#: authentik/providers/oauth2/models.py:203
+msgid "Signing Key"
+msgstr "서명 키"
+
+#: authentik/providers/oauth2/models.py:207
+msgid ""
+"Key used to sign the tokens. Only required when JWT Algorithm is set to "
+"RS256."
+msgstr "토큰에 서명하는 데 사용되는 키입니다. JWT 알고리즘이 RS256으로 설정된 경우에만 필요합니다."
+
+#: authentik/providers/oauth2/models.py:214
+msgid ""
+"Any JWT signed by the JWK of the selected source can be used to "
+"authenticate."
+msgstr "선택한 소스의 JWK로 서명된 모든 JWT는 인증에 사용될 수 있습니다."
+
+#: authentik/providers/oauth2/models.py:287
+msgid "OAuth2/OpenID Provider"
+msgstr "OAuth2/OpenID 공급자"
+
+#: authentik/providers/oauth2/models.py:288
+msgid "OAuth2/OpenID Providers"
+msgstr "OAuth2/OpenID 공급자"
+
+#: authentik/providers/oauth2/models.py:297
+#: authentik/providers/oauth2/models.py:429
+msgid "Scopes"
+msgstr "스코프"
+
+#: authentik/providers/oauth2/models.py:316
+msgid "Code"
+msgstr "코드"
+
+#: authentik/providers/oauth2/models.py:317
+msgid "Nonce"
+msgstr "Nonce"
+
+#: authentik/providers/oauth2/models.py:318
+msgid "Code Challenge"
+msgstr "코드 챌린지"
+
+#: authentik/providers/oauth2/models.py:320
+msgid "Code Challenge Method"
+msgstr "코드 챌린지 메서드"
+
+#: authentik/providers/oauth2/models.py:340
+msgid "Authorization Code"
+msgstr "인증 코드"
+
+#: authentik/providers/oauth2/models.py:341
+msgid "Authorization Codes"
+msgstr "인증 코드"
+
+#: authentik/providers/oauth2/models.py:383
+msgid "OAuth2 Access Token"
+msgstr "OAuth2 액세스 토큰"
+
+#: authentik/providers/oauth2/models.py:384
+msgid "OAuth2 Access Tokens"
+msgstr "OAuth2 액세스 토큰"
+
+#: authentik/providers/oauth2/models.py:394
+msgid "ID Token"
+msgstr "ID 토큰"
+
+#: authentik/providers/oauth2/models.py:413
+msgid "OAuth2 Refresh Token"
+msgstr "OAuth2 토큰 새로고침"
+
+#: authentik/providers/oauth2/models.py:414
+msgid "OAuth2 Refresh Tokens"
+msgstr "OAuth2 토큰 새로고침"
+
+#: authentik/providers/oauth2/models.py:441
+msgid "Device Token"
+msgstr "디바이스 토큰"
+
+#: authentik/providers/oauth2/models.py:442
+msgid "Device Tokens"
+msgstr "디바이스 토큰"
+
+#: authentik/providers/oauth2/views/authorize.py:448
+#: authentik/providers/saml/views/flows.py:87
+#, python-format
+msgid "Redirecting to %(app)s..."
+msgstr "%(app)s 으로 리디렉션 중..."
+
+#: authentik/providers/oauth2/views/device_init.py:151
+msgid "Invalid code"
+msgstr "유효하지 않은 코드"
+
+#: authentik/providers/oauth2/views/userinfo.py:55
+#: authentik/providers/oauth2/views/userinfo.py:56
+msgid "GitHub Compatibility: Access your User Information"
+msgstr "GitHub Compatibility: 사용자 정보에 액세스"
+
+#: authentik/providers/oauth2/views/userinfo.py:57
+msgid "GitHub Compatibility: Access you Email addresses"
+msgstr "GitHub Compatibility: 이메일 주소에 액세스"
+
+#: authentik/providers/oauth2/views/userinfo.py:58
+msgid "GitHub Compatibility: Access your Groups"
+msgstr "GitHub Compatibility 그룹 정보에 액세스"
+
+#: authentik/providers/oauth2/views/userinfo.py:59
+msgid "authentik API Access on behalf of your user"
+msgstr "사용자를 대신하여 Authentik API 액세스 권한 부여"
+
+#: authentik/providers/proxy/api.py:52
+msgid "User and password attributes must be set when basic auth is enabled."
+msgstr "기본 인증이 활성화된 경우 사용자 및 비밀번호 특성을 설정해야 합니다."
+
+#: authentik/providers/proxy/api.py:63
+msgid "Internal host cannot be empty when forward auth is disabled."
+msgstr "전달 인증이 비활성화되면 내부 호스트를 비울 수 없습니다."
+
+#: authentik/providers/proxy/models.py:54
+msgid "Validate SSL Certificates of upstream servers"
+msgstr "업스트림 서버의 SSL 인증서 유효성 검사"
+
+#: authentik/providers/proxy/models.py:55
+msgid "Internal host SSL Validation"
+msgstr "내부 호스트 SSL 유효성 검사"
+
+#: authentik/providers/proxy/models.py:61
+msgid ""
+"Enable support for forwardAuth in traefik and nginx auth_request. Exclusive "
+"with internal_host."
+msgstr ""
+"traefik과 nginx auth_request의 forwardAuth 지원을 사용합니다. internal_host는 제외입니다."
+
+#: authentik/providers/proxy/models.py:70
+msgid ""
+"Regular expressions for which authentication is not required. Each new line "
+"is interpreted as a new Regular Expression."
+msgstr "인증이 필요하지 않은 정규 표현식. 각 새 줄은 새 표현식으로 해석됩니다."
+
+#: authentik/providers/proxy/models.py:78
+msgid ""
+"When enabled, this provider will intercept the authorization header and "
+"authenticate requests based on its value."
+msgstr "활성화하면 이 공급자는 권한 부여 헤더를 가로채고 그 값에 따라 요청을 인증합니다."
+
+#: authentik/providers/proxy/models.py:84
+msgid "Set HTTP-Basic Authentication"
+msgstr "HTTP-Basic 인증 설정"
+
+#: authentik/providers/proxy/models.py:86
+msgid ""
+"Set a custom HTTP-Basic Authentication header based on values from "
+"authentik."
+msgstr "authentik의 값을 기반으로 커스텀 HTTP-Basic 인증 헤더를 설정합니다."
+
+#: authentik/providers/proxy/models.py:91
+msgid "HTTP-Basic Username Key"
+msgstr "HTTP-Basic 사용자명 키"
+
+#: authentik/providers/proxy/models.py:93
+msgid ""
+"User/Group Attribute used for the user part of the HTTP-Basic Header. If not"
+" set, the user's Email address is used."
+msgstr ""
+"HTTP-Basic 헤더의 사용자 부분에 사용되는 사용자/그룹 속성입니다. 설정하지 않으면 사용자의 이메일 주소가 사용됩니다."
+
+#: authentik/providers/proxy/models.py:99
+msgid "HTTP-Basic Password Key"
+msgstr "HTTP-Basic 비밀번호 키"
+
+#: authentik/providers/proxy/models.py:100
+msgid ""
+"User/Group Attribute used for the password part of the HTTP-Basic Header."
+msgstr "HTTP-Basic 헤더의 비밀번호 부분에 사용되는 사용자/그룹 속성입니다."
+
+#: authentik/providers/proxy/models.py:154
+msgid "Proxy Provider"
+msgstr "프록시 공급자"
+
+#: authentik/providers/proxy/models.py:155
+msgid "Proxy Providers"
+msgstr "프록시 공급자"
+
+#: authentik/providers/radius/models.py:18
+msgid "Shared secret between clients and server to hash packets."
+msgstr "클라이언트와 서버가 패킷을 해시하기 위해 공유하는 비밀입니다."
+
+#: authentik/providers/radius/models.py:24
+msgid ""
+"List of CIDRs (comma-separated) that clients can connect from. A more "
+"specific CIDR will match before a looser one. Clients connecting from a non-"
+"specified CIDR will be dropped."
+msgstr ""
+"클라이언트가 연결할 수 있는 CIDR 목록(쉼표로 구분). 더 구체적인 CIDR은 더 일반적인 CIDR 앞에 매칭됩니다. 지정되지 않은 "
+"CIDR에서 연결된 클라이언트는 드롭됩니다."
+
+#: authentik/providers/radius/models.py:60
+msgid "Radius Provider"
+msgstr "Radius 공급자"
+
+#: authentik/providers/radius/models.py:61
+msgid "Radius Providers"
+msgstr "Radius 공급자"
+
+#: authentik/providers/saml/api/providers.py:258
+msgid "Invalid XML Syntax"
+msgstr "올바르지 않은 XML 구문"
+
+#: authentik/providers/saml/api/providers.py:268
+#, python-format
+msgid "Failed to import Metadata: %(message)s"
+msgstr "메타데이터를 가져오지 못했습니다: %(message)s"
+
+#: authentik/providers/saml/models.py:38
+msgid "ACS URL"
+msgstr "ACS URL"
+
+#: authentik/providers/saml/models.py:43
+msgid ""
+"Value of the audience restriction field of the assertion. When left empty, "
+"no audience restriction will be added."
+msgstr "어설션의 대상 제한 필드의 값입니다. 비워두면 대상 제한이 추가되지 않습니다."
+
+#: authentik/providers/saml/models.py:47
+msgid "Also known as EntityID"
+msgstr "EntityID라고도 합니다."
+
+#: authentik/providers/saml/models.py:51
+msgid "Service Provider Binding"
+msgstr "서비스 공급자 바인딩"
+
+#: authentik/providers/saml/models.py:53
+msgid ""
+"This determines how authentik sends the response back to the Service "
+"Provider."
+msgstr "이는 Authentik이 응답을 서비스 제공자에게 다시 전송하는 방식을 결정합니다."
+
+#: authentik/providers/saml/models.py:63
+msgid "NameID Property Mapping"
+msgstr "NameID 속성 매핑"
+
+#: authentik/providers/saml/models.py:65
+msgid ""
+"Configure how the NameID value will be created. When left empty, the "
+"NameIDPolicy of the incoming request will be considered"
+msgstr "NameID 값이 어떻게 생성될지 구성합니다. 비워 둘 경우, 들어오는 요청의 NameIDPolicy을 고려합니다."
+
+#: authentik/providers/saml/models.py:74
+msgid ""
+"Assertion valid not before current time + this value (Format: "
+"hours=-1;minutes=-2;seconds=-3)."
+msgstr "어설션이 현재 시간 + 이 값 이후에만 유효합니다 (형식: hours=-1;minutes=-2;seconds=-3)."
+
+#: authentik/providers/saml/models.py:82
+msgid ""
+"Assertion not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr "어설션이 현재 시간 + 이 값 이전에만 유효합니다 (형식: hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/saml/models.py:91
+msgid ""
+"Session not valid on or after current time + this value (Format: "
+"hours=1;minutes=2;seconds=3)."
+msgstr "세션이 현재 시간 + 이 값 이전에만 유효합니다 (형식: hours=1;minutes=2;seconds=3)."
+
+#: authentik/providers/saml/models.py:99 authentik/sources/saml/models.py:150
+msgid "SHA1"
+msgstr "SHA1"
+
+#: authentik/providers/saml/models.py:100 authentik/sources/saml/models.py:151
+msgid "SHA256"
+msgstr "SHA256"
+
+#: authentik/providers/saml/models.py:101 authentik/sources/saml/models.py:152
+msgid "SHA384"
+msgstr "SHA384"
+
+#: authentik/providers/saml/models.py:102 authentik/sources/saml/models.py:153
+msgid "SHA512"
+msgstr "SHA512"
+
+#: authentik/providers/saml/models.py:109 authentik/sources/saml/models.py:160
+msgid "RSA-SHA1"
+msgstr "RSA-SHA1"
+
+#: authentik/providers/saml/models.py:110 authentik/sources/saml/models.py:161
+msgid "RSA-SHA256"
+msgstr "RSA-SHA256"
+
+#: authentik/providers/saml/models.py:111 authentik/sources/saml/models.py:162
+msgid "RSA-SHA384"
+msgstr "RSA-SHA384"
+
+#: authentik/providers/saml/models.py:112 authentik/sources/saml/models.py:163
+msgid "RSA-SHA512"
+msgstr "RSA-SHA512"
+
+#: authentik/providers/saml/models.py:113 authentik/sources/saml/models.py:164
+msgid "DSA-SHA1"
+msgstr "DSA-SHA1"
+
+#: authentik/providers/saml/models.py:124 authentik/sources/saml/models.py:130
+msgid ""
+"When selected, incoming assertion's Signatures will be validated against "
+"this certificate. To allow unsigned Requests, leave on default."
+msgstr ""
+"이 옵션을 선택하면 들어오는 어설션의 서명이 이 인증서에 대해 유효성을 검사합니다. 서명되지 않은 요청을 허용하려면 기본값으로 둡니다."
+
+#: authentik/providers/saml/models.py:128 authentik/sources/saml/models.py:134
+msgid "Verification Certificate"
+msgstr "검증 인증서"
+
+#: authentik/providers/saml/models.py:136
+msgid "Keypair used to sign outgoing Responses going to the Service Provider."
+msgstr "서비스 공급자에게 보내는 응답에 서명하는 데 사용되는 키 쌍입니다."
+
+#: authentik/providers/saml/models.py:138 authentik/sources/saml/models.py:144
+msgid "Signing Keypair"
+msgstr "서명 키 쌍"
+
+#: authentik/providers/saml/models.py:142
+msgid "Default relay_state value for IDP-initiated logins"
+msgstr "IDP-initiated 로그인에 대한 기본 relay_state 값"
+
+#: authentik/providers/saml/models.py:171
+msgid "SAML Provider"
+msgstr "SAML 공급자"
+
+#: authentik/providers/saml/models.py:172
+msgid "SAML Providers"
+msgstr "SAML 공급자"
+
+#: authentik/providers/saml/models.py:196
+msgid "SAML Property Mapping"
+msgstr "SAML 속성 매핑"
+
+#: authentik/providers/saml/models.py:197
+msgid "SAML Property Mappings"
+msgstr "SAML 속성 매핑"
+
+#: authentik/providers/scim/models.py:20
+msgid "Base URL to SCIM requests, usually ends in /v2"
+msgstr "SCIM 요청에 대한 기본 URL은, 일반적으로 /v2로 끝납니다"
+
+#: authentik/providers/scim/models.py:21
+msgid "Authentication token"
+msgstr "인증 토큰"
+
+#: authentik/providers/scim/models.py:27 authentik/sources/ldap/models.py:98
+msgid "Property mappings used for group creation/updating."
+msgstr "그룹 생성/업데이트에 사용될 속성 매핑입니다."
+
+#: authentik/providers/scim/models.py:60
+msgid "SCIM Provider"
+msgstr "SCIM 공급자"
+
+#: authentik/providers/scim/models.py:61
+msgid "SCIM Providers"
+msgstr "SCIM 공급자"
+
+#: authentik/providers/scim/models.py:81
+msgid "SCIM Mapping"
+msgstr "SCIM 매핑"
+
+#: authentik/providers/scim/models.py:82
+msgid "SCIM Mappings"
+msgstr "SCIM 매핑"
+
+#: authentik/providers/scim/tasks.py:52
+msgid "Starting full SCIM sync"
+msgstr "전체 SCIM 동기화 시작"
+
+#: authentik/providers/scim/tasks.py:59
+#, python-format
+msgid "Syncing page %(page)d of users"
+msgstr "사용자 페이지 %(page)d 동기화 중"
+
+#: authentik/providers/scim/tasks.py:63
+#, python-format
+msgid "Syncing page %(page)d of groups"
+msgstr "그룹 페이지 %(page)d 동기화 중"
+
+#: authentik/providers/scim/tasks.py:92
+#, python-format
+msgid "Failed to sync user %(user_name)s due to remote error: %(error)s"
+msgstr "원격 오류로 인해 사용자 %(user_name)s 동기화에 실패했습니다: %(error)s"
+
+#: authentik/providers/scim/tasks.py:103 authentik/providers/scim/tasks.py:144
+#, python-format
+msgid "Stopping sync due to error: %(error)s"
+msgstr "오류로 인해 동기화를 중지합니다: %(error)s"
+
+#: authentik/providers/scim/tasks.py:133
+#, python-format
+msgid "Failed to sync group %(group_name)s due to remote error: %(error)s"
+msgstr "원격 오류로 인해 그룹 %(group_name)s 동기화에 실패했습니다: %(error)s"
+
+#: authentik/rbac/models.py:51
+msgid "Role"
+msgstr "역할"
+
+#: authentik/rbac/models.py:52
+msgid "Roles"
+msgstr "역할"
+
+#: authentik/rbac/models.py:66
+msgid "System permission"
+msgstr "시스템 권한"
+
+#: authentik/rbac/models.py:67
+msgid "System permissions"
+msgstr "시스템 권한"
+
+#: authentik/rbac/models.py:69
+msgid "Can view system info"
+msgstr "시스템 정보를 볼 수 있음"
+
+#: authentik/rbac/models.py:70
+msgid "Can view system tasks"
+msgstr "시스템 작업을 볼 수 있음"
+
+#: authentik/rbac/models.py:71
+msgid "Can run system tasks"
+msgstr "시스템 작업을 실행할 수 있음"
+
+#: authentik/rbac/models.py:72
+msgid "Can access admin interface"
+msgstr "관리자 인터페이스 액세스 가능"
+
+#: authentik/recovery/management/commands/create_admin_group.py:11
+msgid "Create admin group if the default group gets deleted."
+msgstr "기본 그룹이 삭제되면 관리자 그룹을 만듭니다."
+
+#: authentik/recovery/management/commands/create_recovery_key.py:17
+msgid "Create a Key which can be used to restore access to authentik."
+msgstr "authentik에 대한 액세스를 복원하는 데 사용할 수 있는 키를 만듭니다."
+
+#: authentik/recovery/views.py:24
+msgid "Used recovery-link to authenticate."
+msgstr "인증하는 데 복구 링크를 사용합니다."
+
+#: authentik/sources/ldap/models.py:41
+msgid "Server URI"
+msgstr "서버 URI"
+
+#: authentik/sources/ldap/models.py:50
+msgid ""
+"Optionally verify the LDAP Server's Certificate against the CA Chain in this"
+" keypair."
+msgstr "선택적으로 이 키 쌍의 CA 체인에 대해 LDAP 서버의 인증서를 인증합니다."
+
+#: authentik/sources/ldap/models.py:59
+msgid ""
+"Client certificate to authenticate against the LDAP Server's Certificate."
+msgstr "클라이언트 인증서를 사용하여 LDAP 서버의 인증서에 대해 인증합니다."
+
+#: authentik/sources/ldap/models.py:62
+msgid "Bind CN"
+msgstr "Bind CN"
+
+#: authentik/sources/ldap/models.py:64
+msgid "Enable Start TLS"
+msgstr "TLS 시작 활성화"
+
+#: authentik/sources/ldap/models.py:65
+msgid "Use Server URI for SNI verification"
+msgstr "SNI 확인에 서버 URI 사용"
+
+#: authentik/sources/ldap/models.py:67
+msgid "Base DN"
+msgstr "Base DN"
+
+#: authentik/sources/ldap/models.py:69
+msgid "Prepended to Base DN for User-queries."
+msgstr "사용자 쿼리의 Base DN 앞에 추가됩니다."
+
+#: authentik/sources/ldap/models.py:70
+msgid "Addition User DN"
+msgstr "추가 사용자 DN"
+
+#: authentik/sources/ldap/models.py:74
+msgid "Prepended to Base DN for Group-queries."
+msgstr "그룹 쿼리의 Base DN 앞에 추가됩니다."
+
+#: authentik/sources/ldap/models.py:75
+msgid "Addition Group DN"
+msgstr "추가 그룹 DN"
+
+#: authentik/sources/ldap/models.py:81
+msgid "Consider Objects matching this filter to be Users."
+msgstr "이 필터와 일치하는 개체를 사용자로 간주합니다."
+
+#: authentik/sources/ldap/models.py:84
+msgid "Field which contains members of a group."
+msgstr "그룹의 구성원을 포함하는 필드입니다."
+
+#: authentik/sources/ldap/models.py:88
+msgid "Consider Objects matching this filter to be Groups."
+msgstr "이 필터와 일치하는 개체를 그룹으로 간주합니다."
+
+#: authentik/sources/ldap/models.py:91
+msgid "Field which contains a unique Identifier."
+msgstr "고유 식별자를 포함하는 필드입니다."
+
+#: authentik/sources/ldap/models.py:105
+msgid ""
+"When a user changes their password, sync it back to LDAP. This can only be "
+"enabled on a single LDAP source."
+msgstr "사용자가 비밀번호를 변경하면 LDAP로 다시 동기화합니다. 이 기능은 단일의 LDAP 소스에서만 활성화할 수 있습니다."
+
+#: authentik/sources/ldap/models.py:248
+msgid "LDAP Source"
+msgstr "LDAP 소스"
+
+#: authentik/sources/ldap/models.py:249
+msgid "LDAP Sources"
+msgstr "LDAP 소스"
+
+#: authentik/sources/ldap/models.py:271
+msgid "LDAP Property Mapping"
+msgstr "LDAP 속성 매핑"
+
+#: authentik/sources/ldap/models.py:272
+msgid "LDAP Property Mappings"
+msgstr "LDAP 속성 매핑"
+
+#: authentik/sources/ldap/signals.py:52
+msgid "Password does not match Active Directory Complexity."
+msgstr "비밀번호가 Active Directory 복잡도와 일치하지 않습니다."
+
+#: authentik/sources/oauth/clients/oauth2.py:68
+msgid "No token received."
+msgstr "수신된 토큰이 없습니다."
+
+#: authentik/sources/oauth/models.py:24
+msgid "Request Token URL"
+msgstr "토큰 요청 URL"
+
+#: authentik/sources/oauth/models.py:26
+msgid ""
+"URL used to request the initial token. This URL is only required for OAuth "
+"1."
+msgstr "초기 토큰을 요청하는 데 사용되는 URL입니다. 이 URL은 OAuth 1에만 필요합니다."
+
+#: authentik/sources/oauth/models.py:32
+msgid "Authorization URL"
+msgstr "인증 URL"
+
+#: authentik/sources/oauth/models.py:33
+msgid "URL the user is redirect to to conest the flow."
+msgstr "사용자가 플로우에 이의를 제기하기 위해 리디렉션되는 URL입니다."
+
+#: authentik/sources/oauth/models.py:38
+msgid "Access Token URL"
+msgstr "액세스 토큰 URL"
+
+#: authentik/sources/oauth/models.py:39
+msgid "URL used by authentik to retrieve tokens."
+msgstr "토큰을 검색하기 위해 authentik에서 사용하는 URL입니다."
+
+#: authentik/sources/oauth/models.py:44
+msgid "Profile URL"
+msgstr "프로필 URL"
+
+#: authentik/sources/oauth/models.py:45
+msgid "URL used by authentik to get user information."
+msgstr "사용자 정보를 가져오기 위해 authentik에서 사용하는 URL입니다."
+
+#: authentik/sources/oauth/models.py:48
+msgid "Additional Scopes"
+msgstr "추가 스코프"
+
+#: authentik/sources/oauth/models.py:107
+msgid "OAuth Source"
+msgstr "OAuth 소스"
+
+#: authentik/sources/oauth/models.py:108
+msgid "OAuth Sources"
+msgstr "OAuth 소스"
+
+#: authentik/sources/oauth/models.py:116
+msgid "GitHub OAuth Source"
+msgstr "GitHub OAuth 소스"
+
+#: authentik/sources/oauth/models.py:117
+msgid "GitHub OAuth Sources"
+msgstr "GitHub OAuth 소스"
+
+#: authentik/sources/oauth/models.py:125
+msgid "Twitch OAuth Source"
+msgstr "Twitch OAuth 소스"
+
+#: authentik/sources/oauth/models.py:126
+msgid "Twitch OAuth Sources"
+msgstr "Twitch OAuth 소스"
+
+#: authentik/sources/oauth/models.py:134
+msgid "Mailcow OAuth Source"
+msgstr "Mailcow OAuth 소스"
+
+#: authentik/sources/oauth/models.py:135
+msgid "Mailcow OAuth Sources"
+msgstr "Mailcow OAuth 소스"
+
+#: authentik/sources/oauth/models.py:143
+msgid "Twitter OAuth Source"
+msgstr "Twitter OAuth 소스"
+
+#: authentik/sources/oauth/models.py:144
+msgid "Twitter OAuth Sources"
+msgstr "Twitter OAuth 소스"
+
+#: authentik/sources/oauth/models.py:152
+msgid "Facebook OAuth Source"
+msgstr "Facebook OAuth 소스"
+
+#: authentik/sources/oauth/models.py:153
+msgid "Facebook OAuth Sources"
+msgstr "Facebook OAuth 소스"
+
+#: authentik/sources/oauth/models.py:161
+msgid "Discord OAuth Source"
+msgstr "Discord OAuth 소스"
+
+#: authentik/sources/oauth/models.py:162
+msgid "Discord OAuth Sources"
+msgstr "Discord OAuth 소스"
+
+#: authentik/sources/oauth/models.py:170
+msgid "Patreon OAuth Source"
+msgstr "Patreon OAuth 소스"
+
+#: authentik/sources/oauth/models.py:171
+msgid "Patreon OAuth Sources"
+msgstr "Patreon OAuth 소스"
+
+#: authentik/sources/oauth/models.py:179
+msgid "Google OAuth Source"
+msgstr "Google OAuth 소스"
+
+#: authentik/sources/oauth/models.py:180
+msgid "Google OAuth Sources"
+msgstr "Google OAuth 소스"
+
+#: authentik/sources/oauth/models.py:188
+msgid "Azure AD OAuth Source"
+msgstr "Azure AD OAuth 소스"
+
+#: authentik/sources/oauth/models.py:189
+msgid "Azure AD OAuth Sources"
+msgstr "Azure AD OAuth 소스"
+
+#: authentik/sources/oauth/models.py:197
+msgid "OpenID OAuth Source"
+msgstr "OpenID OAuth 소스"
+
+#: authentik/sources/oauth/models.py:198
+msgid "OpenID OAuth Sources"
+msgstr "OpenID OAuth 소스"
+
+#: authentik/sources/oauth/models.py:206
+msgid "Apple OAuth Source"
+msgstr "Apple OAuth 소스"
+
+#: authentik/sources/oauth/models.py:207
+msgid "Apple OAuth Sources"
+msgstr "Apple OAuth 소스"
+
+#: authentik/sources/oauth/models.py:215
+msgid "Okta OAuth Source"
+msgstr "Okta OAuth 소스"
+
+#: authentik/sources/oauth/models.py:216
+msgid "Okta OAuth Sources"
+msgstr "Okta OAuth 소스"
+
+#: authentik/sources/oauth/models.py:224
+msgid "Reddit OAuth Source"
+msgstr "Reddit OAuth 소스"
+
+#: authentik/sources/oauth/models.py:225
+msgid "Reddit OAuth Sources"
+msgstr "Reddit OAuth 소스"
+
+#: authentik/sources/oauth/models.py:247
+msgid "User OAuth Source Connection"
+msgstr "사용자 OAuth 소스 연결"
+
+#: authentik/sources/oauth/models.py:248
+msgid "User OAuth Source Connections"
+msgstr "사용자 OAuth 소스 연결"
+
+#: authentik/sources/oauth/views/callback.py:100
+#, python-format
+msgid "Authentication failed: %(reason)s"
+msgstr "인증 실패: %(reason)s"
+
+#: authentik/sources/plex/models.py:37
+msgid "Client identifier used to talk to Plex."
+msgstr "Plex와 통신하는 데 사용되는 클라이언트 식별자입니다."
+
+#: authentik/sources/plex/models.py:44
+msgid ""
+"Which servers a user has to be a member of to be granted access. Empty list "
+"allows every server."
+msgstr "사용자가 액세스를 허용받기 위해 소속되어야 하는 서버입니다. 빈 목록은 모든 서버를 허용합니다."
+
+#: authentik/sources/plex/models.py:50
+msgid "Allow friends to authenticate, even if you don't share a server."
+msgstr "서버를 공유하지 않더라도 친구의 인증을 허용합니다."
+
+#: authentik/sources/plex/models.py:52
+msgid "Plex token used to check friends"
+msgstr "친구를 확인하는 데 사용되는 Plex 토큰"
+
+#: authentik/sources/plex/models.py:95
+msgid "Plex Source"
+msgstr "Plex 소스"
+
+#: authentik/sources/plex/models.py:96
+msgid "Plex Sources"
+msgstr "Plex 소스"
+
+#: authentik/sources/plex/models.py:112
+msgid "User Plex Source Connection"
+msgstr "사용자 Plex 소스 연결"
+
+#: authentik/sources/plex/models.py:113
+msgid "User Plex Source Connections"
+msgstr "사용자 Plex 소스 연결"
+
+#: authentik/sources/saml/models.py:40
+msgid "Redirect Binding"
+msgstr "리다이렉트 바인딩"
+
+#: authentik/sources/saml/models.py:41
+msgid "POST Binding"
+msgstr "POST 바인딩"
+
+#: authentik/sources/saml/models.py:42
+msgid "POST Binding with auto-confirmation"
+msgstr "자동 확인 기능이 있는 POST 바인딩"
+
+#: authentik/sources/saml/models.py:70
+msgid "Flow used before authentication."
+msgstr "인증 전에 사용될 플로우"
+
+#: authentik/sources/saml/models.py:77
+msgid "Issuer"
+msgstr "발행자"
+
+#: authentik/sources/saml/models.py:78
+msgid "Also known as Entity ID. Defaults the Metadata URL."
+msgstr "Entity ID라고도 합니다. 기본값은 Metadata URL입니다."
+
+#: authentik/sources/saml/models.py:82
+msgid "SSO URL"
+msgstr "SSO URL"
+
+#: authentik/sources/saml/models.py:83
+msgid "URL that the initial Login request is sent to."
+msgstr "초기 로그인 요청을 전송할 URL입니다."
+
+#: authentik/sources/saml/models.py:89
+msgid "SLO URL"
+msgstr "SLO URL"
+
+#: authentik/sources/saml/models.py:90
+msgid "Optional URL if your IDP supports Single-Logout."
+msgstr "IDP가 단일 로그아웃을 지원하는 경우 사용하는 선택적 URL입니다."
+
+#: authentik/sources/saml/models.py:96
+msgid ""
+"Allows authentication flows initiated by the IdP. This can be a security "
+"risk, as no validation of the request ID is done."
+msgstr ""
+"IdP에 의해 시작된 인증 플로우를 허용합니다. 요청 ID에 대한 유효성 검사가 수행되지 않으므로 보안 위험이 있을 수 있습니다."
+
+#: authentik/sources/saml/models.py:104
+msgid ""
+"NameID Policy sent to the IdP. Can be unset, in which case no Policy is "
+"sent."
+msgstr "IdP로 보낼 NameID 정책입니다. 비워둘 수 있으며, 비워둘 경우 정책이 전송되지 않습니다."
+
+#: authentik/sources/saml/models.py:115
+msgid "Delete temporary users after"
+msgstr "다음 이후 임시 사용자를 삭제"
+
+#: authentik/sources/saml/models.py:118
+msgid ""
+"Time offset when temporary users should be deleted. This only applies if "
+"your IDP uses the NameID Format 'transient', and the user doesn't log out "
+"manually. (Format: hours=1;minutes=2;seconds=3)."
+msgstr ""
+"임시 사용자를 삭제해야 하는 시간 오프셋입니다. 이 설정은 IDP가 'Transient' NameID 형식을 사용하고 사용자가 수동으로 "
+"로그아웃하지 않는 경우에만 적용됩니다. (형식: hours=1;minutes=2;seconds=3)"
+
+#: authentik/sources/saml/models.py:142
+msgid ""
+"Keypair used to sign outgoing Responses going to the Identity Provider."
+msgstr "인증 공급자에게 보내는 응답에 서명하는 데 사용되는 키 쌍입니다."
+
+#: authentik/sources/saml/models.py:226
+msgid "SAML Source"
+msgstr "SAML 소스"
+
+#: authentik/sources/saml/models.py:227
+msgid "SAML Sources"
+msgstr "SAML 소스"
+
+#: authentik/sources/saml/models.py:242
+msgid "User SAML Source Connection"
+msgstr "사용자 SAML 소스 연결"
+
+#: authentik/sources/saml/models.py:243
+msgid "User SAML Source Connections"
+msgstr "사용자 SAML 소스 연결"
+
+#: authentik/stages/authenticator_duo/models.py:79
+msgid "Duo Authenticator Setup Stage"
+msgstr "Duo 인증기 설정 스테이지"
+
+#: authentik/stages/authenticator_duo/models.py:80
+msgid "Duo Authenticator Setup Stages"
+msgstr "Duo 인증기 설정 스테이지"
+
+#: authentik/stages/authenticator_duo/models.py:103
+msgid "Duo Device"
+msgstr "Duo 디바이스"
+
+#: authentik/stages/authenticator_duo/models.py:104
+msgid "Duo Devices"
+msgstr "Duo 디바이스"
+
+#: authentik/stages/authenticator_sms/models.py:57
+msgid ""
+"When enabled, the Phone number is only used during enrollment to verify the "
+"users authenticity. Only a hash of the phone number is saved to ensure it is"
+" not reused in the future."
+msgstr ""
+"활성화되면 전화번호는 사용자의 신원을 확인하는 데 사용되며 등록 중에만 사용됩니다. 전화번호의 해시만 저장되어 나중에 재사용되지 않도록 "
+"보장됩니다."
+
+#: authentik/stages/authenticator_sms/models.py:68
+msgid "Optionally modify the payload being sent to custom providers."
+msgstr "선택적으로 사용자 지정 제공자에게 전송되는 페이로드를 수정합니다."
+
+#: authentik/stages/authenticator_sms/models.py:81
+#, python-format
+msgid "Use this code to authenticate in authentik: %(token)s"
+msgstr "authentik에서 인증하려면 이 코드를 사용하세요: %(token)s"
+
+#: authentik/stages/authenticator_sms/models.py:180
+msgid "SMS Authenticator Setup Stage"
+msgstr "SMS 인증기 설정 스테이지"
+
+#: authentik/stages/authenticator_sms/models.py:181
+msgid "SMS Authenticator Setup Stages"
+msgstr "SMS 인증기 설정 스테이지"
+
+#: authentik/stages/authenticator_sms/models.py:226
+msgid "SMS Device"
+msgstr "SMS 디바이스"
+
+#: authentik/stages/authenticator_sms/models.py:227
+msgid "SMS Devices"
+msgstr "SMS 디바이스"
+
+#: authentik/stages/authenticator_sms/stage.py:57
+#: authentik/stages/authenticator_totp/stage.py:41
+#: authentik/stages/authenticator_totp/stage.py:44
+msgid "Code does not match"
+msgstr "코드가 일치하지 않음"
+
+#: authentik/stages/authenticator_sms/stage.py:73
+msgid "Invalid phone number"
+msgstr "유효하지 않은 전화번호"
+
+#: authentik/stages/authenticator_static/models.py:52
+msgid "Static Authenticator Stage"
+msgstr "정적 인증 스테이지"
+
+#: authentik/stages/authenticator_static/models.py:53
+msgid "Static Authenticator Stages"
+msgstr "정적 인증 스테이지"
+
+#: authentik/stages/authenticator_static/models.py:98
+msgid "Static Device"
+msgstr "정적 디바이스"
+
+#: authentik/stages/authenticator_static/models.py:99
+msgid "Static Devices"
+msgstr "정적 디바이스"
+
+#: authentik/stages/authenticator_static/models.py:129
+msgid "Static Token"
+msgstr "정적 토큰"
+
+#: authentik/stages/authenticator_static/models.py:130
+msgid "Static Tokens"
+msgstr "정적 토큰"
+
+#: authentik/stages/authenticator_totp/models.py:25
+msgid "6 digits, widely compatible"
+msgstr "6자리, 널리 호환됩니다."
+
+#: authentik/stages/authenticator_totp/models.py:26
+msgid "8 digits, not compatible with apps like Google Authenticator"
+msgstr "8자리, Google Authenticator와 같은 앱과 호환되지 않습니다."
+
+#: authentik/stages/authenticator_totp/models.py:62
+msgid "TOTP Authenticator Setup Stage"
+msgstr "TOTP 인증 설정 스테이지"
+
+#: authentik/stages/authenticator_totp/models.py:63
+msgid "TOTP Authenticator Setup Stages"
+msgstr "TOTP 인증 설정 스테이지"
+
+#: authentik/stages/authenticator_totp/models.py:244
+msgid "TOTP Device"
+msgstr "TOTP 디바이스"
+
+#: authentik/stages/authenticator_totp/models.py:245
+msgid "TOTP Devices"
+msgstr "TOTP 디바이스"
+
+#: authentik/stages/authenticator_validate/challenge.py:131
+msgid "Invalid Token"
+msgstr "올바르지 않은 토큰"
+
+#: authentik/stages/authenticator_validate/models.py:18
+msgid "Static"
+msgstr "정적"
+
+#: authentik/stages/authenticator_validate/models.py:19
+msgid "TOTP"
+msgstr "TOTP"
+
+#: authentik/stages/authenticator_validate/models.py:20
+msgid "WebAuthn"
+msgstr "WebAuthn"
+
+#: authentik/stages/authenticator_validate/models.py:21
+msgid "Duo"
+msgstr "Duo"
+
+#: authentik/stages/authenticator_validate/models.py:22
+msgid "SMS"
+msgstr "SMS"
+
+#: authentik/stages/authenticator_validate/models.py:49
+msgid ""
+"Stages used to configure Authenticator when user doesn't have any compatible"
+" devices. After this configuration Stage passes, the user is not prompted "
+"again."
+msgstr ""
+"사용자에게 호환되는 디바이스가 없는 경우 인증기를 구성하는 데 사용되는 단계입니다. 이 구성 스테이지를 통과한 후에는 사용자에게 다시 "
+"메시지가 표시되지 않습니다."
+
+#: authentik/stages/authenticator_validate/models.py:56
+msgid "Device classes which can be used to authenticate"
+msgstr "인증에 사용할 수 있는 디바이스 클래스"
+
+#: authentik/stages/authenticator_validate/models.py:64
+msgid ""
+"If any of the user's device has been used within this threshold, this stage "
+"will be skipped"
+msgstr "사용자의 장치 중 하나라도 이 기간 내에 사용된 경우, 이 단계는 건너뜁니다."
+
+#: authentik/stages/authenticator_validate/models.py:70
+msgid "Enforce user verification for WebAuthn devices."
+msgstr "WebAuthn 장치에 대한 사용자 확인을 강제합니다."
+
+#: authentik/stages/authenticator_validate/models.py:92
+msgid "Authenticator Validation Stage"
+msgstr "인증기 유효성 검사 스테이지"
+
+#: authentik/stages/authenticator_validate/models.py:93
+msgid "Authenticator Validation Stages"
+msgstr "인증기 유효성 검사 스테이지"
+
+#: authentik/stages/authenticator_webauthn/models.py:112
+msgid "WebAuthn Authenticator Setup Stage"
+msgstr "WebAuthn 인증 설정 스테이지"
+
+#: authentik/stages/authenticator_webauthn/models.py:113
+msgid "WebAuthn Authenticator Setup Stages"
+msgstr "WebAuthn 인증 설정 스테이지"
+
+#: authentik/stages/authenticator_webauthn/models.py:151
+msgid "WebAuthn Device"
+msgstr "WebAuthn 디바이스"
+
+#: authentik/stages/authenticator_webauthn/models.py:152
+msgid "WebAuthn Devices"
+msgstr "WebAuthn 디바이스"
+
+#: authentik/stages/captcha/models.py:14
+msgid "Public key, acquired your captcha Provider."
+msgstr "공개 키, 캡챠 공급자에서 얻을 수 있습니다."
+
+#: authentik/stages/captcha/models.py:15
+msgid "Private key, acquired your captcha Provider."
+msgstr "개인 키, 캡챠 공급자에서 얻을 수 있습니다."
+
+#: authentik/stages/captcha/models.py:37
+msgid "Captcha Stage"
+msgstr "캡챠 스테이지"
+
+#: authentik/stages/captcha/models.py:38
+msgid "Captcha Stages"
+msgstr "캡챠 스테이지"
+
+#: authentik/stages/consent/models.py:30
+msgid ""
+"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."
+msgstr "동의의 만료 후 오프셋입니다. (형식: hours=1;minutes=2;seconds=3)"
+
+#: authentik/stages/consent/models.py:50
+msgid "Consent Stage"
+msgstr "동의 스테이지"
+
+#: authentik/stages/consent/models.py:51
+msgid "Consent Stages"
+msgstr "동의 스테이지"
+
+#: authentik/stages/consent/models.py:72
+msgid "User Consent"
+msgstr "사용자 동의"
+
+#: authentik/stages/consent/models.py:73
+msgid "User Consents"
+msgstr "사용자 동의"
+
+#: authentik/stages/deny/models.py:32
+msgid "Deny Stage"
+msgstr "거부 스테이지"
+
+#: authentik/stages/deny/models.py:33
+msgid "Deny Stages"
+msgstr "거부 스테이지"
+
+#: authentik/stages/dummy/models.py:34
+msgid "Dummy Stage"
+msgstr "더미 스테이지"
+
+#: authentik/stages/dummy/models.py:35
+msgid "Dummy Stages"
+msgstr "더미 스테이지"
+
+#: authentik/stages/email/models.py:26
+msgid "Password Reset"
+msgstr "비밀번호 초기화"
+
+#: authentik/stages/email/models.py:30
+msgid "Account Confirmation"
+msgstr "계정 확인"
+
+#: authentik/stages/email/models.py:59
+msgid ""
+"When enabled, global Email connection settings will be used and connection "
+"settings below will be ignored."
+msgstr "활성화하면, 전역 이메일 연결 설정이 사용되며 아래의 연결 설정은 무시됩니다."
+
+#: authentik/stages/email/models.py:74
+msgid "Activate users upon completion of stage."
+msgstr "스테이지가 완료되면 사용자를 활성화합니다."
+
+#: authentik/stages/email/models.py:78
+msgid "Time in minutes the token sent is valid."
+msgstr "전송된 토큰이 유효한 시간(분)입니다."
+
+#: authentik/stages/email/models.py:132
+msgid "Email Stage"
+msgstr "이메일 스테이지"
+
+#: authentik/stages/email/models.py:133
+msgid "Email Stages"
+msgstr "이메일 스테이지"
+
+#: authentik/stages/email/stage.py:126
+msgid "Exception occurred while rendering E-mail template"
+msgstr "이메일 템플릿 렌더링 중 예외가 발생"
+
+#: authentik/stages/email/stage.py:140
+msgid "Successfully verified Email."
+msgstr "이메일을 성공적으로 확인했습니다."
+
+#: authentik/stages/email/stage.py:147 authentik/stages/email/stage.py:173
+msgid "No pending user."
+msgstr "보류 중인 사용자가 없습니다."
+
+#: authentik/stages/email/stage.py:163
+msgid "Email sent."
+msgstr "이메일을 보냈습니다."
+
+#: authentik/stages/email/stage.py:176
+msgid "Email Successfully sent."
+msgstr "성공적으로 이메일을 보냈습니다."
+
+#: authentik/stages/email/templates/email/account_confirmation.html:10
+msgid "Welcome!"
+msgstr "반갑습니다!"
+
+#: authentik/stages/email/templates/email/account_confirmation.html:19
+msgid ""
+"We're excited to have you get started. First, you need to confirm your "
+"account. Just press the button below."
+msgstr "시작하게 되어 기쁩니다. 먼저 계정을 확인해야 합니다. 아래 버튼을 누르기만 하면 됩니다."
+
+#: authentik/stages/email/templates/email/account_confirmation.html:24
+msgid "Confirm Account"
+msgstr "계정 확인"
+
+#: authentik/stages/email/templates/email/account_confirmation.html:36
+#, python-format
+msgid ""
+"\n"
+"    If that doesn't work, copy and paste the following link in your browser: %(url)s\n"
+"    "
+msgstr ""
+"\n"
+"    그래도 문제가 해결되지 않으면 다음 링크를 복사하여 브라우저에 붙여넣으세요: %(url)s\n"
+"    "
+
+#: authentik/stages/email/templates/email/event_notification.html:46
+#, python-format
+msgid ""
+"\n"
+"    This email was sent from the notification transport <code>%(name)s</code>.\n"
+"    "
+msgstr ""
+"\n"
+"    이 이메일은 통지 전송 <code>%(name)s</code>에서 전송되었습니다.\n"
+"    "
+
+#: authentik/stages/email/templates/email/password_reset.html:10
+#, python-format
+msgid ""
+"\n"
+"      Hi %(username)s,\n"
+"      "
+msgstr ""
+"\n"
+"      %(username)s 님께,\n"
+"      "
+
+#: authentik/stages/email/templates/email/password_reset.html:21
+msgid ""
+"\n"
+"          You recently requested to change your password for your authentik account. Use the button below to set a new password.\n"
+"          "
+msgstr ""
+"\n"
+"          최근에 인증 계정의 비밀번호 변경을 요청하셨습니다. 아래 버튼을 사용하여 새 비밀번호를 설정하세요.\n"
+"          "
+
+#: authentik/stages/email/templates/email/password_reset.html:39
+#, python-format
+msgid ""
+"\n"
+"    If you did not request a password change, please ignore this Email. The link above is valid for %(expires)s.\n"
+"    "
+msgstr ""
+"\n"
+"    비밀번호 변경을 요청하지 않은 경우 이 이메일을 무시하세요. 위의 링크는 %(expires)s후에 유효합니다.\n"
+"    "
+
+#: authentik/stages/email/templates/email/setup.html:9
+msgid "authentik Test-Email"
+msgstr "authentik 테스트 이메일"
+
+#: authentik/stages/email/templates/email/setup.html:17
+msgid ""
+"\n"
+"                    This is a test email to inform you, that you've successfully configured authentik emails.\n"
+"                    "
+msgstr ""
+"\n"
+"                    이 이메일은 인증 이메일을 성공적으로 구성했음을 알려주는 테스트 이메일입니다.\n"
+"                    "
+
+#: authentik/stages/identification/api.py:20
+msgid "When no user fields are selected, at least one source must be selected"
+msgstr "사용자 필드를 선택하지 않은 경우 하나 이상의 소스를 선택해야 합니다."
+
+#: authentik/stages/identification/models.py:29
+msgid ""
+"Fields of the user object to match against. (Hold shift to select multiple "
+"options)"
+msgstr "사용자 오브젝트와 일치시키기 위한 사용자 필드입니다. (여러 옵션을 선택하려면 Shift 키를 누르세요)"
+
+#: authentik/stages/identification/models.py:47
+msgid "When enabled, user fields are matched regardless of their casing."
+msgstr "활성화하면, 사용자 필드를 대소문자에 관계없이 일치시킵니다."
+
+#: authentik/stages/identification/models.py:52
+msgid ""
+"When a valid username/email has been entered, and this option is enabled, "
+"the user's username and avatar will be shown. Otherwise, the text that the "
+"user entered will be shown"
+msgstr ""
+"유효한 사용자 아이디/이메일을 입력하고 이 옵션을 활성화하면 사용자의 사용자 아이디와 아바타가 표시됩니다. 그렇지 않으면 사용자가 입력한"
+" 텍스트가 표시됩니다."
+
+#: authentik/stages/identification/models.py:60
+msgid ""
+"When enabled, the stage will succeed and continue even when incorrect user "
+"info is entered."
+msgstr "활성화되면 잘못된 사용자 정보가 입력되더라도 단계가 성공하고 계속됩니다."
+
+#: authentik/stages/identification/models.py:72
+msgid "Optional enrollment flow, which is linked at the bottom of the page."
+msgstr "페이지 하단에 링크된,  선택적 등록 플로우를 참조하세요."
+
+#: authentik/stages/identification/models.py:81
+msgid "Optional recovery flow, which is linked at the bottom of the page."
+msgstr "페이지 하단에 링크된,  선택적 복구 플로우를 참조하세요."
+
+#: authentik/stages/identification/models.py:90
+msgid "Optional passwordless flow, which is linked at the bottom of the page."
+msgstr "페이지 하단에 링크된, 선택적 비밀번호 없는 플로우를 참조하세요."
+
+#: authentik/stages/identification/models.py:94
+msgid "Specify which sources should be shown."
+msgstr "표시할 소스를 지정합니다."
+
+#: authentik/stages/identification/models.py:115
+msgid "Identification Stage"
+msgstr "식별 스테이지"
+
+#: authentik/stages/identification/models.py:116
+msgid "Identification Stages"
+msgstr "식별 스테이지"
+
+#: authentik/stages/identification/stage.py:188
+msgid "Log in"
+msgstr "로그인"
+
+#: authentik/stages/identification/stage.py:189
+msgid "Continue"
+msgstr "계속"
+
+#: authentik/stages/invitation/models.py:21
+msgid ""
+"If this flag is set, this Stage will jump to the next Stage when no "
+"Invitation is given. By default this Stage will cancel the Flow when no "
+"invitation is given."
+msgstr ""
+"이 플래그를 설정하면 초대를 받지 못했을 때 이 스테이지가 다음 스테이지로 이동합니다. 기본적으로 이 스테이지는 초대를 받지 못하면 "
+"플로우를 취소합니다."
+
+#: authentik/stages/invitation/models.py:44
+msgid "Invitation Stage"
+msgstr "초대 스테이지"
+
+#: authentik/stages/invitation/models.py:45
+msgid "Invitation Stages"
+msgstr "초대 스테이지"
+
+#: authentik/stages/invitation/models.py:60
+msgid "When set, only the configured flow can use this invitation."
+msgstr "설정되면, 구성된 플로우만이 이 초대를 사용할 수 있습니다."
+
+#: authentik/stages/invitation/models.py:64
+msgid "When enabled, the invitation will be deleted after usage."
+msgstr "활성화하면, 한 번만 사용할 수 있습니다."
+
+#: authentik/stages/invitation/models.py:71
+msgid "Optional fixed data to enforce on user enrollment."
+msgstr "사용자 등록에 강제로 적용할 선택적인 고정 데이터입니다."
+
+#: authentik/stages/invitation/models.py:84
+msgid "Invitation"
+msgstr "초대"
+
+#: authentik/stages/invitation/models.py:85
+msgid "Invitations"
+msgstr "초대"
+
+#: authentik/stages/invitation/stage.py:62
+msgid "Invalid invite/invite not found"
+msgstr "유효하지 않은 초대 / 초대를 찾을 수 없음"
+
+#: authentik/stages/password/models.py:20
+msgid "User database + standard password"
+msgstr "사용자 데이터베이스 + 표준 비밀번호"
+
+#: authentik/stages/password/models.py:24
+msgid "User database + app passwords"
+msgstr "사용자 데이터베이스 + 앱 비밀번호"
+
+#: authentik/stages/password/models.py:28
+msgid "User database + LDAP password"
+msgstr "사용자 데이터베이스 + LDAP 비밀번호"
+
+#: authentik/stages/password/models.py:38
+msgid "Selection of backends to test the password against."
+msgstr "비밀번호를 테스트할 백엔드를 선택합니다."
+
+#: authentik/stages/password/models.py:43
+msgid ""
+"How many attempts a user has before the flow is canceled. To lock the user "
+"out, use a reputation policy and a user_write stage."
+msgstr ""
+"플로우가 취소되기 전에 사용자가 시도할 수 있는 횟수입니다. 사용자를 잠그려면 평판 정책과 user_write 단계를 사용하세요."
+
+#: authentik/stages/password/models.py:75
+msgid "Password Stage"
+msgstr "비밀번호 스테이지"
+
+#: authentik/stages/password/models.py:76
+msgid "Password Stages"
+msgstr "비밀번호 스테이지"
+
+#: authentik/stages/password/stage.py:124
+msgid "Invalid password"
+msgstr "올바르지 않은 비밀번호"
+
+#: authentik/stages/prompt/models.py:43
+msgid "Text: Simple Text input"
+msgstr "텍스트: 간단한 텍스트 입력"
+
+#: authentik/stages/prompt/models.py:45
+msgid "Text area: Multiline Text Input."
+msgstr "텍스트 영역: 여러줄의 텍스트 입력"
+
+#: authentik/stages/prompt/models.py:48
+msgid "Text (read-only): Simple Text input, but cannot be edited."
+msgstr "텍스트(읽기 전용): 간단한 텍스트 입력이 가능하지만 편집은 불가능합니다."
+
+#: authentik/stages/prompt/models.py:52
+msgid "Text area (read-only): Multiline Text input, but cannot be edited."
+msgstr "텍스트 영역(읽기 전용): 여러 줄 텍스트 입력이 가능하지만 편집은 불가능합니다."
+
+#: authentik/stages/prompt/models.py:58
+msgid ""
+"Username: Same as Text input, but checks for and prevents duplicate "
+"usernames."
+msgstr "사용자이름: 텍스트 입력과 동일하지만 중복된 사용자이름을 확인하고 방지합니다."
+
+#: authentik/stages/prompt/models.py:60
+msgid "Email: Text field with Email type."
+msgstr "이메일: 이메일 유형이 있는 텍스트 필드입니다."
+
+#: authentik/stages/prompt/models.py:64
+msgid ""
+"Password: Masked input, multiple inputs of this type on the same prompt need"
+" to be identical."
+msgstr "비밀번호: 마스킹 입력, 동일한 프롬프트에서 이 유형의 입력을 여러 번 입력할 경우 동일해야 합니다."
+
+#: authentik/stages/prompt/models.py:71
+msgid "Fixed choice field rendered as a group of radio buttons."
+msgstr "고정된 선택 필드는 라디오 버튼 그룹으로 렌더링됩니다."
+
+#: authentik/stages/prompt/models.py:73
+msgid "Fixed choice field rendered as a dropdown."
+msgstr "고정된 선택 필드는 드롭다운으로 렌더링됩니다."
+
+#: authentik/stages/prompt/models.py:80
+msgid ""
+"File: File upload for arbitrary files. File content will be available in "
+"flow context as data-URI"
+msgstr "파일: 임의의 파일을 업로드하는 데 사용됩니다. 파일 내용은 데이터 URI로 플로우 컨텍스트에서 사용 가능합니다."
+
+#: authentik/stages/prompt/models.py:85
+msgid "Separator: Static Separator Line"
+msgstr "구분자: 정적 구분선"
+
+#: authentik/stages/prompt/models.py:86
+msgid "Hidden: Hidden field, can be used to insert data into form."
+msgstr "숨김: 숨겨진 필드로, 양식에 데이터를 삽입하는 데 사용할 수 있습니다."
+
+#: authentik/stages/prompt/models.py:87
+msgid "Static: Static value, displayed as-is."
+msgstr "정적: 정적 값, 있는 그대로 표시됩니다."
+
+#: authentik/stages/prompt/models.py:89
+msgid "authentik: Selection of locales authentik supports"
+msgstr "Authentik: Authentik이 지원하는 로케일 선택"
+
+#: authentik/stages/prompt/models.py:116
+msgid "Name of the form field, also used to store the value"
+msgstr "값을 저장하는 데 사용되는, 양식 필드의 이름입니다."
+
+#: authentik/stages/prompt/models.py:124
+msgid ""
+"Optionally provide a short hint that describes the expected input value. "
+"When creating a fixed choice field, enable interpreting as expression and "
+"return a list to return multiple choices."
+msgstr ""
+"옵션으로 예상되는 입력값을 설명하는 짧은 힌트를 제공할 수 있습니다. 고정 선택 필드를 만들 때, 식으로 해석을 활성화하고 여러 선택지를"
+" 반환하려면 목록을 반환하세요."
+
+#: authentik/stages/prompt/models.py:132
+msgid ""
+"Optionally pre-fill the input with an initial value. When creating a fixed "
+"choice field, enable interpreting as expression and return a list to return "
+"multiple default choices."
+msgstr ""
+"옵션으로 입력을 초기 값으로 채울 수 있습니다. 고정 선택 필드를 만들 때, 정규표현식으로 해석을 활성화하고 목록을 반환하여 여러 개의 "
+"기본 선택지를 반환합니다."
+
+#: authentik/stages/prompt/models.py:321
+msgid "Prompt"
+msgstr "프롬프트"
+
+#: authentik/stages/prompt/models.py:322
+msgid "Prompts"
+msgstr "프롬프트"
+
+#: authentik/stages/prompt/models.py:349
+msgid "Prompt Stage"
+msgstr "프롬프트 스테이지"
+
+#: authentik/stages/prompt/models.py:350
+msgid "Prompt Stages"
+msgstr "프롬프트 스테이지"
+
+#: authentik/stages/prompt/stage.py:108
+msgid "Passwords don't match."
+msgstr "비밀번호가 일치하지 않습니다."
+
+#: authentik/stages/user_delete/models.py:31
+msgid "User Delete Stage"
+msgstr "사용자 삭제 스테이지"
+
+#: authentik/stages/user_delete/models.py:32
+msgid "User Delete Stages"
+msgstr "사용자 삭제 스테이지"
+
+#: authentik/stages/user_delete/stage.py:18
+msgid "No Pending User."
+msgstr "보류 중인 사용자가 없습니다."
+
+#: authentik/stages/user_login/models.py:19
+msgid ""
+"Determines how long a session lasts. Default of 0 means that the sessions "
+"lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr ""
+"세션이 지속되는 시간을 결정합니다. 기본값인 0초는 브라우저가 닫힐 때까지 세션이 지속된다는 의미입니다. (서식: "
+"hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/stages/user_login/models.py:25
+msgid "Terminate all other sessions of the user logging in."
+msgstr "로그인하는 사용자의 다른 모든 세션을 종료합니다."
+
+#: authentik/stages/user_login/models.py:31
+msgid ""
+"Offset the session will be extended by when the user picks the remember me "
+"option. Default of 0 means that the remember me option will not be shown. "
+"(Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr ""
+"사용자가 나를 기억 옵션을 선택하면 세션이 연장될 시간의 오프셋입니다. 기본값 0은 나를 기억 옵션이 표시되지 않음을 의미합니다. "
+"(서식: hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/stages/user_login/models.py:54
+msgid "User Login Stage"
+msgstr "사용자 로그인 스테이지"
+
+#: authentik/stages/user_login/models.py:55
+msgid "User Login Stages"
+msgstr "사용자 로그인 스테이지"
+
+#: authentik/stages/user_login/stage.py:57
+msgid "No Pending user to login."
+msgstr "로그인할 보류 중인 사용자가 없습니다."
+
+#: authentik/stages/user_login/stage.py:90
+msgid "Successfully logged in!"
+msgstr "성공적으로 로그인했습니다!"
+
+#: authentik/stages/user_logout/models.py:30
+msgid "User Logout Stage"
+msgstr "사용자 로그아웃 스테이지"
+
+#: authentik/stages/user_logout/models.py:31
+msgid "User Logout Stages"
+msgstr "사용자 로그아웃 스테이지"
+
+#: authentik/stages/user_write/models.py:31
+msgid "When set, newly created users are inactive and cannot login."
+msgstr "이 옵션을 설정하면 새로 만든 사용자가 비활성화되어 로그인할 수 없습니다."
+
+#: authentik/stages/user_write/models.py:39
+msgid "Optionally add newly created users to this group."
+msgstr "선택적으로 새로 만든 사용자를 이 그룹에 추가합니다."
+
+#: authentik/stages/user_write/models.py:68
+msgid "User Write Stage"
+msgstr "사용자 쓰기 스테이지"
+
+#: authentik/stages/user_write/models.py:69
+msgid "User Write Stages"
+msgstr "사용자 쓰기 스테이지"
+
+#: authentik/stages/user_write/stage.py:141
+msgid "No Pending data."
+msgstr "보류 중인 데이터가 없습니다."
+
+#: authentik/stages/user_write/stage.py:147
+msgid "No user found and can't create new user."
+msgstr "사용자를 찾을 수 없으며 새 사용자를 만들 수 없습니다."
+
+#: authentik/stages/user_write/stage.py:164
+#: authentik/stages/user_write/stage.py:178
+msgid "Failed to update user. Please try again later."
+msgstr "사용자를 업데이트하지 못했습니다. 나중에 다시 시도하세요."
+
+#: authentik/tenants/models.py:23
+msgid ""
+"Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` "
+"and `ba.b`"
+msgstr ""
+"이 테넌트를 활성화하는 도메인입니다. 상위 집합도 가능합니다. 예를 들어, `a.b`는 `aa.b`와 `ba.b`가 될 수 있습니다."
+
+#: authentik/tenants/models.py:58
+msgid ""
+"Events will be deleted after this duration.(Format: "
+"weeks=3;days=2;hours=3,seconds=2)."
+msgstr "이 기간이 지나면 이벤트가 삭제됩니다. (서식: hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/tenants/models.py:67
+msgid "Web Certificate used by the authentik Core webserver."
+msgstr "Authentik Core 웹서버에서 사용하는 웹 인증서."
+
+#: authentik/tenants/models.py:93
+msgid "Tenant"
+msgstr "테넌트"
+
+#: authentik/tenants/models.py:94
+msgid "Tenants"
+msgstr "테넌트"
diff --git a/locale/zh-Hans/LC_MESSAGES/django.mo b/locale/zh-Hans/LC_MESSAGES/django.mo
index 7e17e6c28..d9e5e2ac3 100644
Binary files a/locale/zh-Hans/LC_MESSAGES/django.mo and b/locale/zh-Hans/LC_MESSAGES/django.mo differ
diff --git a/locale/zh_CN/LC_MESSAGES/django.mo b/locale/zh_CN/LC_MESSAGES/django.mo
index 221747fab..2d4f24324 100644
Binary files a/locale/zh_CN/LC_MESSAGES/django.mo and b/locale/zh_CN/LC_MESSAGES/django.mo differ
diff --git a/poetry.lock b/poetry.lock
index fe90220ed..ce3e4f754 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,88 +1,88 @@
-# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.7.1 and should not be changed by hand.
 
 [[package]]
 name = "aiohttp"
-version = "3.9.0"
+version = "3.9.1"
 description = "Async http client/server framework (asyncio)"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "aiohttp-3.9.0-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:6896b8416be9ada4d22cd359d7cb98955576ce863eadad5596b7cdfbf3e17c6c"},
-    {file = "aiohttp-3.9.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:1736d87dad8ef46a8ec9cddd349fa9f7bd3a064c47dd6469c0d6763d3d49a4fc"},
-    {file = "aiohttp-3.9.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:8c9e5f4d7208cda1a2bb600e29069eecf857e6980d0ccc922ccf9d1372c16f4b"},
-    {file = "aiohttp-3.9.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8488519aa05e636c5997719fe543c8daf19f538f4fa044f3ce94bee608817cff"},
-    {file = "aiohttp-3.9.0-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5ab16c254e2312efeb799bc3c06897f65a133b38b69682bf75d1f1ee1a9c43a9"},
-    {file = "aiohttp-3.9.0-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7a94bde005a8f926d0fa38b88092a03dea4b4875a61fbcd9ac6f4351df1b57cd"},
-    {file = "aiohttp-3.9.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4b777c9286b6c6a94f50ddb3a6e730deec327e9e2256cb08b5530db0f7d40fd8"},
-    {file = "aiohttp-3.9.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:571760ad7736b34d05597a1fd38cbc7d47f7b65deb722cb8e86fd827404d1f6b"},
-    {file = "aiohttp-3.9.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:deac0a32aec29608eb25d730f4bc5a261a65b6c48ded1ed861d2a1852577c932"},
-    {file = "aiohttp-3.9.0-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:4ee1b4152bc3190cc40ddd6a14715e3004944263ea208229ab4c297712aa3075"},
-    {file = "aiohttp-3.9.0-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:3607375053df58ed6f23903aa10cf3112b1240e8c799d243bbad0f7be0666986"},
-    {file = "aiohttp-3.9.0-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:65b0a70a25456d329a5e1426702dde67be0fb7a4ead718005ba2ca582d023a94"},
-    {file = "aiohttp-3.9.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:5a2eb5311a37fe105aa35f62f75a078537e1a9e4e1d78c86ec9893a3c97d7a30"},
-    {file = "aiohttp-3.9.0-cp310-cp310-win32.whl", hash = "sha256:2cbc14a13fb6b42d344e4f27746a4b03a2cb0c1c3c5b932b0d6ad8881aa390e3"},
-    {file = "aiohttp-3.9.0-cp310-cp310-win_amd64.whl", hash = "sha256:ac9669990e2016d644ba8ae4758688534aabde8dbbc81f9af129c3f5f01ca9cd"},
-    {file = "aiohttp-3.9.0-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:f8e05f5163528962ce1d1806fce763ab893b1c5b7ace0a3538cd81a90622f844"},
-    {file = "aiohttp-3.9.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:4afa8f71dba3a5a2e1e1282a51cba7341ae76585345c43d8f0e624882b622218"},
-    {file = "aiohttp-3.9.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:f929f4c9b9a00f3e6cc0587abb95ab9c05681f8b14e0fe1daecfa83ea90f8318"},
-    {file = "aiohttp-3.9.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:28185e36a78d247c55e9fbea2332d16aefa14c5276a582ce7a896231c6b1c208"},
-    {file = "aiohttp-3.9.0-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a486ddf57ab98b6d19ad36458b9f09e6022de0381674fe00228ca7b741aacb2f"},
-    {file = "aiohttp-3.9.0-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:70e851f596c00f40a2f00a46126c95c2e04e146015af05a9da3e4867cfc55911"},
-    {file = "aiohttp-3.9.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c5b7bf8fe4d39886adc34311a233a2e01bc10eb4e842220235ed1de57541a896"},
-    {file = "aiohttp-3.9.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c67a51ea415192c2e53e4e048c78bab82d21955b4281d297f517707dc836bf3d"},
-    {file = "aiohttp-3.9.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:694df243f394629bcae2d8ed94c589a181e8ba8604159e6e45e7b22e58291113"},
-    {file = "aiohttp-3.9.0-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:3dd8119752dd30dd7bca7d4bc2a92a59be6a003e4e5c2cf7e248b89751b8f4b7"},
-    {file = "aiohttp-3.9.0-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:eb6dfd52063186ac97b4caa25764cdbcdb4b10d97f5c5f66b0fa95052e744eb7"},
-    {file = "aiohttp-3.9.0-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:d97c3e286d0ac9af6223bc132dc4bad6540b37c8d6c0a15fe1e70fb34f9ec411"},
-    {file = "aiohttp-3.9.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:816f4db40555026e4cdda604a1088577c1fb957d02f3f1292e0221353403f192"},
-    {file = "aiohttp-3.9.0-cp311-cp311-win32.whl", hash = "sha256:3abf0551874fecf95f93b58f25ef4fc9a250669a2257753f38f8f592db85ddea"},
-    {file = "aiohttp-3.9.0-cp311-cp311-win_amd64.whl", hash = "sha256:e18d92c3e9e22553a73e33784fcb0ed484c9874e9a3e96c16a8d6a1e74a0217b"},
-    {file = "aiohttp-3.9.0-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:99ae01fb13a618b9942376df77a1f50c20a281390dad3c56a6ec2942e266220d"},
-    {file = "aiohttp-3.9.0-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:05857848da443c8c12110d99285d499b4e84d59918a21132e45c3f0804876994"},
-    {file = "aiohttp-3.9.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:317719d7f824eba55857fe0729363af58e27c066c731bc62cd97bc9c3d9c7ea4"},
-    {file = "aiohttp-3.9.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a1e3b3c107ccb0e537f309f719994a55621acd2c8fdf6d5ce5152aed788fb940"},
-    {file = "aiohttp-3.9.0-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:45820ddbb276113ead8d4907a7802adb77548087ff5465d5c554f9aa3928ae7d"},
-    {file = "aiohttp-3.9.0-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:05a183f1978802588711aed0dea31e697d760ce9055292db9dc1604daa9a8ded"},
-    {file = "aiohttp-3.9.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:51a4cd44788ea0b5e6bb8fa704597af3a30be75503a7ed1098bc5b8ffdf6c982"},
-    {file = "aiohttp-3.9.0-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:673343fbc0c1ac44d0d2640addc56e97a052504beacd7ade0dc5e76d3a4c16e8"},
-    {file = "aiohttp-3.9.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:7e8a3b79b6d186a9c99761fd4a5e8dd575a48d96021f220ac5b5fa856e5dd029"},
-    {file = "aiohttp-3.9.0-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:6777a390e41e78e7c45dab43a4a0196c55c3b8c30eebe017b152939372a83253"},
-    {file = "aiohttp-3.9.0-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:7ae5f99a32c53731c93ac3075abd3e1e5cfbe72fc3eaac4c27c9dd64ba3b19fe"},
-    {file = "aiohttp-3.9.0-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:f1e4f254e9c35d8965d377e065c4a8a55d396fe87c8e7e8429bcfdeeb229bfb3"},
-    {file = "aiohttp-3.9.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:11ca808f9a6b63485059f5f6e164ef7ec826483c1212a44f268b3653c91237d8"},
-    {file = "aiohttp-3.9.0-cp312-cp312-win32.whl", hash = "sha256:de3cc86f4ea8b4c34a6e43a7306c40c1275e52bfa9748d869c6b7d54aa6dad80"},
-    {file = "aiohttp-3.9.0-cp312-cp312-win_amd64.whl", hash = "sha256:ca4fddf84ac7d8a7d0866664936f93318ff01ee33e32381a115b19fb5a4d1202"},
-    {file = "aiohttp-3.9.0-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:f09960b5bb1017d16c0f9e9f7fc42160a5a49fa1e87a175fd4a2b1a1833ea0af"},
-    {file = "aiohttp-3.9.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:8303531e2c17b1a494ffaeba48f2da655fe932c4e9a2626c8718403c83e5dd2b"},
-    {file = "aiohttp-3.9.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:4790e44f46a4aa07b64504089def5744d3b6780468c4ec3a1a36eb7f2cae9814"},
-    {file = "aiohttp-3.9.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a1d7edf74a36de0e5ca50787e83a77cf352f5504eb0ffa3f07000a911ba353fb"},
-    {file = "aiohttp-3.9.0-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:94697c7293199c2a2551e3e3e18438b4cba293e79c6bc2319f5fd652fccb7456"},
-    {file = "aiohttp-3.9.0-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a1b66dbb8a7d5f50e9e2ea3804b01e766308331d0cac76eb30c563ac89c95985"},
-    {file = "aiohttp-3.9.0-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9623cfd9e85b76b83ef88519d98326d4731f8d71869867e47a0b979ffec61c73"},
-    {file = "aiohttp-3.9.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f32c86dc967ab8c719fd229ce71917caad13cc1e8356ee997bf02c5b368799bf"},
-    {file = "aiohttp-3.9.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:f50b4663c3e0262c3a361faf440761fbef60ccdde5fe8545689a4b3a3c149fb4"},
-    {file = "aiohttp-3.9.0-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:dcf71c55ec853826cd70eadb2b6ac62ec577416442ca1e0a97ad875a1b3a0305"},
-    {file = "aiohttp-3.9.0-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:42fe4fd9f0dfcc7be4248c162d8056f1d51a04c60e53366b0098d1267c4c9da8"},
-    {file = "aiohttp-3.9.0-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:76a86a9989ebf82ee61e06e2bab408aec4ea367dc6da35145c3352b60a112d11"},
-    {file = "aiohttp-3.9.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:f9e09a1c83521d770d170b3801eea19b89f41ccaa61d53026ed111cb6f088887"},
-    {file = "aiohttp-3.9.0-cp38-cp38-win32.whl", hash = "sha256:a00ce44c21612d185c5275c5cba4bab8d7c1590f248638b667ed8a782fa8cd6f"},
-    {file = "aiohttp-3.9.0-cp38-cp38-win_amd64.whl", hash = "sha256:d5b9345ab92ebe6003ae11d8092ce822a0242146e6fa270889b9ba965457ca40"},
-    {file = "aiohttp-3.9.0-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:98d21092bf2637c5fa724a428a69e8f5955f2182bff61f8036827cf6ce1157bf"},
-    {file = "aiohttp-3.9.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:35a68cd63ca6aaef5707888f17a70c36efe62b099a4e853d33dc2e9872125be8"},
-    {file = "aiohttp-3.9.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:3d7f6235c7475658acfc1769d968e07ab585c79f6ca438ddfecaa9a08006aee2"},
-    {file = "aiohttp-3.9.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:db04d1de548f7a62d1dd7e7cdf7c22893ee168e22701895067a28a8ed51b3735"},
-    {file = "aiohttp-3.9.0-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:536b01513d67d10baf6f71c72decdf492fb7433c5f2f133e9a9087379d4b6f31"},
-    {file = "aiohttp-3.9.0-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:87c8b0a6487e8109427ccf638580865b54e2e3db4a6e0e11c02639231b41fc0f"},
-    {file = "aiohttp-3.9.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7276fe0017664414fdc3618fca411630405f1aaf0cc3be69def650eb50441787"},
-    {file = "aiohttp-3.9.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:23170247ef89ffa842a02bbfdc425028574d9e010611659abeb24d890bc53bb8"},
-    {file = "aiohttp-3.9.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:b1a2ea8252cacc7fd51df5a56d7a2bb1986ed39be9397b51a08015727dfb69bd"},
-    {file = "aiohttp-3.9.0-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:2d71abc15ff7047412ef26bf812dfc8d0d1020d664617f4913df2df469f26b76"},
-    {file = "aiohttp-3.9.0-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:2d820162c8c2bdbe97d328cd4f417c955ca370027dce593345e437b2e9ffdc4d"},
-    {file = "aiohttp-3.9.0-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:2779f5e7c70f7b421915fd47db332c81de365678180a9f3ab404088f87ba5ff9"},
-    {file = "aiohttp-3.9.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:366bc870d7ac61726f32a489fbe3d1d8876e87506870be66b01aeb84389e967e"},
-    {file = "aiohttp-3.9.0-cp39-cp39-win32.whl", hash = "sha256:1df43596b826022b14998f0460926ce261544fedefe0d2f653e1b20f49e96454"},
-    {file = "aiohttp-3.9.0-cp39-cp39-win_amd64.whl", hash = "sha256:9c196b30f1b1aa3363a69dd69079ae9bec96c2965c4707eaa6914ba099fb7d4f"},
-    {file = "aiohttp-3.9.0.tar.gz", hash = "sha256:09f23292d29135025e19e8ff4f0a68df078fe4ee013bca0105b2e803989de92d"},
+    {file = "aiohttp-3.9.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:e1f80197f8b0b846a8d5cf7b7ec6084493950d0882cc5537fb7b96a69e3c8590"},
+    {file = "aiohttp-3.9.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:c72444d17777865734aa1a4d167794c34b63e5883abb90356a0364a28904e6c0"},
+    {file = "aiohttp-3.9.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9b05d5cbe9dafcdc733262c3a99ccf63d2f7ce02543620d2bd8db4d4f7a22f83"},
+    {file = "aiohttp-3.9.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5c4fa235d534b3547184831c624c0b7c1e262cd1de847d95085ec94c16fddcd5"},
+    {file = "aiohttp-3.9.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:289ba9ae8e88d0ba16062ecf02dd730b34186ea3b1e7489046fc338bdc3361c4"},
+    {file = "aiohttp-3.9.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:bff7e2811814fa2271be95ab6e84c9436d027a0e59665de60edf44e529a42c1f"},
+    {file = "aiohttp-3.9.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:81b77f868814346662c96ab36b875d7814ebf82340d3284a31681085c051320f"},
+    {file = "aiohttp-3.9.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3b9c7426923bb7bd66d409da46c41e3fb40f5caf679da624439b9eba92043fa6"},
+    {file = "aiohttp-3.9.1-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:8d44e7bf06b0c0a70a20f9100af9fcfd7f6d9d3913e37754c12d424179b4e48f"},
+    {file = "aiohttp-3.9.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:22698f01ff5653fe66d16ffb7658f582a0ac084d7da1323e39fd9eab326a1f26"},
+    {file = "aiohttp-3.9.1-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:ca7ca5abfbfe8d39e653870fbe8d7710be7a857f8a8386fc9de1aae2e02ce7e4"},
+    {file = "aiohttp-3.9.1-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:8d7f98fde213f74561be1d6d3fa353656197f75d4edfbb3d94c9eb9b0fc47f5d"},
+    {file = "aiohttp-3.9.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:5216b6082c624b55cfe79af5d538e499cd5f5b976820eac31951fb4325974501"},
+    {file = "aiohttp-3.9.1-cp310-cp310-win32.whl", hash = "sha256:0e7ba7ff228c0d9a2cd66194e90f2bca6e0abca810b786901a569c0de082f489"},
+    {file = "aiohttp-3.9.1-cp310-cp310-win_amd64.whl", hash = "sha256:c7e939f1ae428a86e4abbb9a7c4732bf4706048818dfd979e5e2839ce0159f23"},
+    {file = "aiohttp-3.9.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:df9cf74b9bc03d586fc53ba470828d7b77ce51b0582d1d0b5b2fb673c0baa32d"},
+    {file = "aiohttp-3.9.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:ecca113f19d5e74048c001934045a2b9368d77b0b17691d905af18bd1c21275e"},
+    {file = "aiohttp-3.9.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:8cef8710fb849d97c533f259103f09bac167a008d7131d7b2b0e3a33269185c0"},
+    {file = "aiohttp-3.9.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bea94403a21eb94c93386d559bce297381609153e418a3ffc7d6bf772f59cc35"},
+    {file = "aiohttp-3.9.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:91c742ca59045dce7ba76cab6e223e41d2c70d79e82c284a96411f8645e2afff"},
+    {file = "aiohttp-3.9.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:6c93b7c2e52061f0925c3382d5cb8980e40f91c989563d3d32ca280069fd6a87"},
+    {file = "aiohttp-3.9.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ee2527134f95e106cc1653e9ac78846f3a2ec1004cf20ef4e02038035a74544d"},
+    {file = "aiohttp-3.9.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:11ff168d752cb41e8492817e10fb4f85828f6a0142b9726a30c27c35a1835f01"},
+    {file = "aiohttp-3.9.1-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:b8c3a67eb87394386847d188996920f33b01b32155f0a94f36ca0e0c635bf3e3"},
+    {file = "aiohttp-3.9.1-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:c7b5d5d64e2a14e35a9240b33b89389e0035e6de8dbb7ffa50d10d8b65c57449"},
+    {file = "aiohttp-3.9.1-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:69985d50a2b6f709412d944ffb2e97d0be154ea90600b7a921f95a87d6f108a2"},
+    {file = "aiohttp-3.9.1-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:c9110c06eaaac7e1f5562caf481f18ccf8f6fdf4c3323feab28a93d34cc646bd"},
+    {file = "aiohttp-3.9.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:d737e69d193dac7296365a6dcb73bbbf53bb760ab25a3727716bbd42022e8d7a"},
+    {file = "aiohttp-3.9.1-cp311-cp311-win32.whl", hash = "sha256:4ee8caa925aebc1e64e98432d78ea8de67b2272252b0a931d2ac3bd876ad5544"},
+    {file = "aiohttp-3.9.1-cp311-cp311-win_amd64.whl", hash = "sha256:a34086c5cc285be878622e0a6ab897a986a6e8bf5b67ecb377015f06ed316587"},
+    {file = "aiohttp-3.9.1-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:f800164276eec54e0af5c99feb9494c295118fc10a11b997bbb1348ba1a52065"},
+    {file = "aiohttp-3.9.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:500f1c59906cd142d452074f3811614be04819a38ae2b3239a48b82649c08821"},
+    {file = "aiohttp-3.9.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:0b0a6a36ed7e164c6df1e18ee47afbd1990ce47cb428739d6c99aaabfaf1b3af"},
+    {file = "aiohttp-3.9.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:69da0f3ed3496808e8cbc5123a866c41c12c15baaaead96d256477edf168eb57"},
+    {file = "aiohttp-3.9.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:176df045597e674fa950bf5ae536be85699e04cea68fa3a616cf75e413737eb5"},
+    {file = "aiohttp-3.9.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b796b44111f0cab6bbf66214186e44734b5baab949cb5fb56154142a92989aeb"},
+    {file = "aiohttp-3.9.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f27fdaadce22f2ef950fc10dcdf8048407c3b42b73779e48a4e76b3c35bca26c"},
+    {file = "aiohttp-3.9.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bcb6532b9814ea7c5a6a3299747c49de30e84472fa72821b07f5a9818bce0f66"},
+    {file = "aiohttp-3.9.1-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:54631fb69a6e44b2ba522f7c22a6fb2667a02fd97d636048478db2fd8c4e98fe"},
+    {file = "aiohttp-3.9.1-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:4b4c452d0190c5a820d3f5c0f3cd8a28ace48c54053e24da9d6041bf81113183"},
+    {file = "aiohttp-3.9.1-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:cae4c0c2ca800c793cae07ef3d40794625471040a87e1ba392039639ad61ab5b"},
+    {file = "aiohttp-3.9.1-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:565760d6812b8d78d416c3c7cfdf5362fbe0d0d25b82fed75d0d29e18d7fc30f"},
+    {file = "aiohttp-3.9.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:54311eb54f3a0c45efb9ed0d0a8f43d1bc6060d773f6973efd90037a51cd0a3f"},
+    {file = "aiohttp-3.9.1-cp312-cp312-win32.whl", hash = "sha256:85c3e3c9cb1d480e0b9a64c658cd66b3cfb8e721636ab8b0e746e2d79a7a9eed"},
+    {file = "aiohttp-3.9.1-cp312-cp312-win_amd64.whl", hash = "sha256:11cb254e397a82efb1805d12561e80124928e04e9c4483587ce7390b3866d213"},
+    {file = "aiohttp-3.9.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:8a22a34bc594d9d24621091d1b91511001a7eea91d6652ea495ce06e27381f70"},
+    {file = "aiohttp-3.9.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:598db66eaf2e04aa0c8900a63b0101fdc5e6b8a7ddd805c56d86efb54eb66672"},
+    {file = "aiohttp-3.9.1-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:2c9376e2b09895c8ca8b95362283365eb5c03bdc8428ade80a864160605715f1"},
+    {file = "aiohttp-3.9.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:41473de252e1797c2d2293804e389a6d6986ef37cbb4a25208de537ae32141dd"},
+    {file = "aiohttp-3.9.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9c5857612c9813796960c00767645cb5da815af16dafb32d70c72a8390bbf690"},
+    {file = "aiohttp-3.9.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ffcd828e37dc219a72c9012ec44ad2e7e3066bec6ff3aaa19e7d435dbf4032ca"},
+    {file = "aiohttp-3.9.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:219a16763dc0294842188ac8a12262b5671817042b35d45e44fd0a697d8c8361"},
+    {file = "aiohttp-3.9.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f694dc8a6a3112059258a725a4ebe9acac5fe62f11c77ac4dcf896edfa78ca28"},
+    {file = "aiohttp-3.9.1-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:bcc0ea8d5b74a41b621ad4a13d96c36079c81628ccc0b30cfb1603e3dfa3a014"},
+    {file = "aiohttp-3.9.1-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:90ec72d231169b4b8d6085be13023ece8fa9b1bb495e4398d847e25218e0f431"},
+    {file = "aiohttp-3.9.1-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:cf2a0ac0615842b849f40c4d7f304986a242f1e68286dbf3bd7a835e4f83acfd"},
+    {file = "aiohttp-3.9.1-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:0e49b08eafa4f5707ecfb321ab9592717a319e37938e301d462f79b4e860c32a"},
+    {file = "aiohttp-3.9.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:2c59e0076ea31c08553e868cec02d22191c086f00b44610f8ab7363a11a5d9d8"},
+    {file = "aiohttp-3.9.1-cp38-cp38-win32.whl", hash = "sha256:4831df72b053b1eed31eb00a2e1aff6896fb4485301d4ccb208cac264b648db4"},
+    {file = "aiohttp-3.9.1-cp38-cp38-win_amd64.whl", hash = "sha256:3135713c5562731ee18f58d3ad1bf41e1d8883eb68b363f2ffde5b2ea4b84cc7"},
+    {file = "aiohttp-3.9.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:cfeadf42840c1e870dc2042a232a8748e75a36b52d78968cda6736de55582766"},
+    {file = "aiohttp-3.9.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:70907533db712f7aa791effb38efa96f044ce3d4e850e2d7691abd759f4f0ae0"},
+    {file = "aiohttp-3.9.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:cdefe289681507187e375a5064c7599f52c40343a8701761c802c1853a504558"},
+    {file = "aiohttp-3.9.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7481f581251bb5558ba9f635db70908819caa221fc79ee52a7f58392778c636"},
+    {file = "aiohttp-3.9.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:49f0c1b3c2842556e5de35f122fc0f0b721334ceb6e78c3719693364d4af8499"},
+    {file = "aiohttp-3.9.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:0d406b01a9f5a7e232d1b0d161b40c05275ffbcbd772dc18c1d5a570961a1ca4"},
+    {file = "aiohttp-3.9.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8d8e4450e7fe24d86e86b23cc209e0023177b6d59502e33807b732d2deb6975f"},
+    {file = "aiohttp-3.9.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3c0266cd6f005e99f3f51e583012de2778e65af6b73860038b968a0a8888487a"},
+    {file = "aiohttp-3.9.1-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:ab221850108a4a063c5b8a70f00dd7a1975e5a1713f87f4ab26a46e5feac5a0e"},
+    {file = "aiohttp-3.9.1-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:c88a15f272a0ad3d7773cf3a37cc7b7d077cbfc8e331675cf1346e849d97a4e5"},
+    {file = "aiohttp-3.9.1-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:237533179d9747080bcaad4d02083ce295c0d2eab3e9e8ce103411a4312991a0"},
+    {file = "aiohttp-3.9.1-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:02ab6006ec3c3463b528374c4cdce86434e7b89ad355e7bf29e2f16b46c7dd6f"},
+    {file = "aiohttp-3.9.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:04fa38875e53eb7e354ece1607b1d2fdee2d175ea4e4d745f6ec9f751fe20c7c"},
+    {file = "aiohttp-3.9.1-cp39-cp39-win32.whl", hash = "sha256:82eefaf1a996060602f3cc1112d93ba8b201dbf5d8fd9611227de2003dddb3b7"},
+    {file = "aiohttp-3.9.1-cp39-cp39-win_amd64.whl", hash = "sha256:9b05d33ff8e6b269e30a7957bd3244ffbce2a7a35a81b81c382629b80af1a8bf"},
+    {file = "aiohttp-3.9.1.tar.gz", hash = "sha256:8fc49a87ac269d4529da45871e2ffb6874e87779c3d0e2ccd813c0899221239d"},
 ]
 
 [package.dependencies]
@@ -150,13 +150,13 @@ files = [
 
 [[package]]
 name = "anyio"
-version = "4.0.0"
+version = "4.2.0"
 description = "High level compatibility layer for multiple asynchronous event loop implementations"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "anyio-4.0.0-py3-none-any.whl", hash = "sha256:cfdb2b588b9fc25ede96d8db56ed50848b0b649dca3dd1df0b11f683bb9e0b5f"},
-    {file = "anyio-4.0.0.tar.gz", hash = "sha256:f7ed51751b2c2add651e5747c891b47e26d2a21be5d32d9311dfe9692f3e5d7a"},
+    {file = "anyio-4.2.0-py3-none-any.whl", hash = "sha256:745843b39e829e108e518c489b31dc757de7d2131d53fac32bd8df268227bfee"},
+    {file = "anyio-4.2.0.tar.gz", hash = "sha256:e1875bb4b4e2de1669f4bc7869b6d3f54231cdced71605e6e64c9be77e3be50f"},
 ]
 
 [package.dependencies]
@@ -164,9 +164,9 @@ idna = ">=2.8"
 sniffio = ">=1.1"
 
 [package.extras]
-doc = ["Sphinx (>=7)", "packaging", "sphinx-autodoc-typehints (>=1.2.0)"]
-test = ["anyio[trio]", "coverage[toml] (>=7)", "hypothesis (>=4.0)", "psutil (>=5.9)", "pytest (>=7.0)", "pytest-mock (>=3.6.1)", "trustme", "uvloop (>=0.17)"]
-trio = ["trio (>=0.22)"]
+doc = ["Sphinx (>=7)", "packaging", "sphinx-autodoc-typehints (>=1.2.0)", "sphinx-rtd-theme"]
+test = ["anyio[trio]", "coverage[toml] (>=7)", "exceptiongroup (>=1.2.0)", "hypothesis (>=4.0)", "psutil (>=5.9)", "pytest (>=7.0)", "pytest-mock (>=3.6.1)", "trustme", "uvloop (>=0.17)"]
+trio = ["trio (>=0.23)"]
 
 [[package]]
 name = "argon2-cffi"
@@ -252,32 +252,33 @@ files = [
 
 [[package]]
 name = "astroid"
-version = "3.0.1"
+version = "3.0.2"
 description = "An abstract syntax tree for Python with inference support."
 optional = false
 python-versions = ">=3.8.0"
 files = [
-    {file = "astroid-3.0.1-py3-none-any.whl", hash = "sha256:7d5895c9825e18079c5aeac0572bc2e4c83205c95d416e0b4fee8bc361d2d9ca"},
-    {file = "astroid-3.0.1.tar.gz", hash = "sha256:86b0bb7d7da0be1a7c4aedb7974e391b32d4ed89e33de6ed6902b4b15c97577e"},
+    {file = "astroid-3.0.2-py3-none-any.whl", hash = "sha256:d6e62862355f60e716164082d6b4b041d38e2a8cf1c7cd953ded5108bac8ff5c"},
+    {file = "astroid-3.0.2.tar.gz", hash = "sha256:4a61cf0a59097c7bb52689b0fd63717cd2a8a14dc9f1eee97b82d814881c8c91"},
 ]
 
 [[package]]
 name = "attrs"
-version = "23.1.0"
+version = "23.2.0"
 description = "Classes Without Boilerplate"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "attrs-23.1.0-py3-none-any.whl", hash = "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04"},
-    {file = "attrs-23.1.0.tar.gz", hash = "sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015"},
+    {file = "attrs-23.2.0-py3-none-any.whl", hash = "sha256:99b87a485a5820b23b879f04c2305b44b951b502fd64be915879d77a7e8fc6f1"},
+    {file = "attrs-23.2.0.tar.gz", hash = "sha256:935dc3b529c262f6cf76e50877d35a4bd3c1de194fd41f47a2b7ae8f19971f30"},
 ]
 
 [package.extras]
 cov = ["attrs[tests]", "coverage[toml] (>=5.3)"]
-dev = ["attrs[docs,tests]", "pre-commit"]
+dev = ["attrs[tests]", "pre-commit"]
 docs = ["furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier", "zope-interface"]
 tests = ["attrs[tests-no-zope]", "zope-interface"]
-tests-no-zope = ["cloudpickle", "hypothesis", "mypy (>=1.1.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
+tests-mypy = ["mypy (>=1.6)", "pytest-mypy-plugins"]
+tests-no-zope = ["attrs[tests-mypy]", "cloudpickle", "hypothesis", "pympler", "pytest (>=4.3.0)", "pytest-xdist[psutil]"]
 
 [[package]]
 name = "autobahn"
@@ -341,18 +342,18 @@ pycodestyle = ">=2.10.0"
 
 [[package]]
 name = "bandit"
-version = "1.7.5"
+version = "1.7.6"
 description = "Security oriented static analyser for python code."
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "bandit-1.7.5-py3-none-any.whl", hash = "sha256:75665181dc1e0096369112541a056c59d1c5f66f9bb74a8d686c3c362b83f549"},
-    {file = "bandit-1.7.5.tar.gz", hash = "sha256:bdfc739baa03b880c2d15d0431b31c658ffc348e907fe197e54e0389dd59e11e"},
+    {file = "bandit-1.7.6-py3-none-any.whl", hash = "sha256:36da17c67fc87579a5d20c323c8d0b1643a890a2b93f00b3d1229966624694ff"},
+    {file = "bandit-1.7.6.tar.gz", hash = "sha256:72ce7bc9741374d96fb2f1c9a8960829885f1243ffde743de70a19cee353e8f3"},
 ]
 
 [package.dependencies]
 colorama = {version = ">=0.3.9", markers = "platform_system == \"Windows\""}
-GitPython = ">=1.0.1"
+GitPython = ">=3.1.30"
 PyYAML = ">=5.3.1"
 rich = "*"
 stevedore = ">=1.20.0"
@@ -364,32 +365,38 @@ yaml = ["PyYAML"]
 
 [[package]]
 name = "bcrypt"
-version = "4.0.1"
+version = "4.1.2"
 description = "Modern password hashing for your software and your servers"
 optional = false
-python-versions = ">=3.6"
+python-versions = ">=3.7"
 files = [
-    {file = "bcrypt-4.0.1-cp36-abi3-macosx_10_10_universal2.whl", hash = "sha256:b1023030aec778185a6c16cf70f359cbb6e0c289fd564a7cfa29e727a1c38f8f"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:08d2947c490093a11416df18043c27abe3921558d2c03e2076ccb28a116cb6d0"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0eaa47d4661c326bfc9d08d16debbc4edf78778e6aaba29c1bc7ce67214d4410"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ae88eca3024bb34bb3430f964beab71226e761f51b912de5133470b649d82344"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_24_x86_64.whl", hash = "sha256:a522427293d77e1c29e303fc282e2d71864579527a04ddcfda6d4f8396c6c36a"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:fbdaec13c5105f0c4e5c52614d04f0bca5f5af007910daa8b6b12095edaa67b3"},
-    {file = "bcrypt-4.0.1-cp36-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:ca3204d00d3cb2dfed07f2d74a25f12fc12f73e606fcaa6975d1f7ae69cacbb2"},
-    {file = "bcrypt-4.0.1-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:089098effa1bc35dc055366740a067a2fc76987e8ec75349eb9484061c54f535"},
-    {file = "bcrypt-4.0.1-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:e9a51bbfe7e9802b5f3508687758b564069ba937748ad7b9e890086290d2f79e"},
-    {file = "bcrypt-4.0.1-cp36-abi3-win32.whl", hash = "sha256:2caffdae059e06ac23fce178d31b4a702f2a3264c20bfb5ff541b338194d8fab"},
-    {file = "bcrypt-4.0.1-cp36-abi3-win_amd64.whl", hash = "sha256:8a68f4341daf7522fe8d73874de8906f3a339048ba406be6ddc1b3ccb16fc0d9"},
-    {file = "bcrypt-4.0.1-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bf4fa8b2ca74381bb5442c089350f09a3f17797829d958fad058d6e44d9eb83c"},
-    {file = "bcrypt-4.0.1-pp37-pypy37_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:67a97e1c405b24f19d08890e7ae0c4f7ce1e56a712a016746c8b2d7732d65d4b"},
-    {file = "bcrypt-4.0.1-pp37-pypy37_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:b3b85202d95dd568efcb35b53936c5e3b3600c7cdcc6115ba461df3a8e89f38d"},
-    {file = "bcrypt-4.0.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cbb03eec97496166b704ed663a53680ab57c5084b2fc98ef23291987b525cb7d"},
-    {file = "bcrypt-4.0.1-pp38-pypy38_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:5ad4d32a28b80c5fa6671ccfb43676e8c1cc232887759d1cd7b6f56ea4355215"},
-    {file = "bcrypt-4.0.1-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:b57adba8a1444faf784394de3436233728a1ecaeb6e07e8c22c8848f179b893c"},
-    {file = "bcrypt-4.0.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:705b2cea8a9ed3d55b4491887ceadb0106acf7c6387699fca771af56b1cdeeda"},
-    {file = "bcrypt-4.0.1-pp39-pypy39_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:2b3ac11cf45161628f1f3733263e63194f22664bf4d0c0f3ab34099c02134665"},
-    {file = "bcrypt-4.0.1-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:3100851841186c25f127731b9fa11909ab7b1df6fc4b9f8353f4f1fd952fbf71"},
-    {file = "bcrypt-4.0.1.tar.gz", hash = "sha256:27d375903ac8261cfe4047f6709d16f7d18d39b1ec92aaf72af989552a650ebd"},
+    {file = "bcrypt-4.1.2-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:ac621c093edb28200728a9cca214d7e838529e557027ef0581685909acd28b5e"},
+    {file = "bcrypt-4.1.2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ea505c97a5c465ab8c3ba75c0805a102ce526695cd6818c6de3b1a38f6f60da1"},
+    {file = "bcrypt-4.1.2-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:57fa9442758da926ed33a91644649d3e340a71e2d0a5a8de064fb621fd5a3326"},
+    {file = "bcrypt-4.1.2-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:eb3bd3321517916696233b5e0c67fd7d6281f0ef48e66812db35fc963a422a1c"},
+    {file = "bcrypt-4.1.2-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:6cad43d8c63f34b26aef462b6f5e44fdcf9860b723d2453b5d391258c4c8e966"},
+    {file = "bcrypt-4.1.2-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:44290ccc827d3a24604f2c8bcd00d0da349e336e6503656cb8192133e27335e2"},
+    {file = "bcrypt-4.1.2-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:732b3920a08eacf12f93e6b04ea276c489f1c8fb49344f564cca2adb663b3e4c"},
+    {file = "bcrypt-4.1.2-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:1c28973decf4e0e69cee78c68e30a523be441972c826703bb93099868a8ff5b5"},
+    {file = "bcrypt-4.1.2-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:b8df79979c5bae07f1db22dcc49cc5bccf08a0380ca5c6f391cbb5790355c0b0"},
+    {file = "bcrypt-4.1.2-cp37-abi3-win32.whl", hash = "sha256:fbe188b878313d01b7718390f31528be4010fed1faa798c5a1d0469c9c48c369"},
+    {file = "bcrypt-4.1.2-cp37-abi3-win_amd64.whl", hash = "sha256:9800ae5bd5077b13725e2e3934aa3c9c37e49d3ea3d06318010aa40f54c63551"},
+    {file = "bcrypt-4.1.2-cp39-abi3-macosx_10_12_universal2.whl", hash = "sha256:71b8be82bc46cedd61a9f4ccb6c1a493211d031415a34adde3669ee1b0afbb63"},
+    {file = "bcrypt-4.1.2-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:68e3c6642077b0c8092580c819c1684161262b2e30c4f45deb000c38947bf483"},
+    {file = "bcrypt-4.1.2-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:387e7e1af9a4dd636b9505a465032f2f5cb8e61ba1120e79a0e1cd0b512f3dfc"},
+    {file = "bcrypt-4.1.2-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:f70d9c61f9c4ca7d57f3bfe88a5ccf62546ffbadf3681bb1e268d9d2e41c91a7"},
+    {file = "bcrypt-4.1.2-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:2a298db2a8ab20056120b45e86c00a0a5eb50ec4075b6142db35f593b97cb3fb"},
+    {file = "bcrypt-4.1.2-cp39-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:ba55e40de38a24e2d78d34c2d36d6e864f93e0d79d0b6ce915e4335aa81d01b1"},
+    {file = "bcrypt-4.1.2-cp39-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:3566a88234e8de2ccae31968127b0ecccbb4cddb629da744165db72b58d88ca4"},
+    {file = "bcrypt-4.1.2-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:b90e216dc36864ae7132cb151ffe95155a37a14e0de3a8f64b49655dd959ff9c"},
+    {file = "bcrypt-4.1.2-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:69057b9fc5093ea1ab00dd24ede891f3e5e65bee040395fb1e66ee196f9c9b4a"},
+    {file = "bcrypt-4.1.2-cp39-abi3-win32.whl", hash = "sha256:02d9ef8915f72dd6daaef40e0baeef8a017ce624369f09754baf32bb32dba25f"},
+    {file = "bcrypt-4.1.2-cp39-abi3-win_amd64.whl", hash = "sha256:be3ab1071662f6065899fe08428e45c16aa36e28bc42921c4901a191fda6ee42"},
+    {file = "bcrypt-4.1.2-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:d75fc8cd0ba23f97bae88a6ec04e9e5351ff3c6ad06f38fe32ba50cbd0d11946"},
+    {file = "bcrypt-4.1.2-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:a97e07e83e3262599434816f631cc4c7ca2aa8e9c072c1b1a7fec2ae809a1d2d"},
+    {file = "bcrypt-4.1.2-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:e51c42750b7585cee7892c2614be0d14107fad9581d1738d954a262556dd1aab"},
+    {file = "bcrypt-4.1.2-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:ba4e4cc26610581a6329b3937e02d319f5ad4b85b074846bf4fef8a8cf51e7bb"},
+    {file = "bcrypt-4.1.2.tar.gz", hash = "sha256:33313a1200a3ae90b75587ceac502b048b840fc69e7f7a0905b5f87fac7a1258"},
 ]
 
 [package.extras]
@@ -409,29 +416,33 @@ files = [
 
 [[package]]
 name = "black"
-version = "23.11.0"
+version = "23.12.1"
 description = "The uncompromising code formatter."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "black-23.11.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:dbea0bb8575c6b6303cc65017b46351dc5953eea5c0a59d7b7e3a2d2f433a911"},
-    {file = "black-23.11.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:412f56bab20ac85927f3a959230331de5614aecda1ede14b373083f62ec24e6f"},
-    {file = "black-23.11.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d136ef5b418c81660ad847efe0e55c58c8208b77a57a28a503a5f345ccf01394"},
-    {file = "black-23.11.0-cp310-cp310-win_amd64.whl", hash = "sha256:6c1cac07e64433f646a9a838cdc00c9768b3c362805afc3fce341af0e6a9ae9f"},
-    {file = "black-23.11.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cf57719e581cfd48c4efe28543fea3d139c6b6f1238b3f0102a9c73992cbb479"},
-    {file = "black-23.11.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:698c1e0d5c43354ec5d6f4d914d0d553a9ada56c85415700b81dc90125aac244"},
-    {file = "black-23.11.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:760415ccc20f9e8747084169110ef75d545f3b0932ee21368f63ac0fee86b221"},
-    {file = "black-23.11.0-cp311-cp311-win_amd64.whl", hash = "sha256:58e5f4d08a205b11800332920e285bd25e1a75c54953e05502052738fe16b3b5"},
-    {file = "black-23.11.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:45aa1d4675964946e53ab81aeec7a37613c1cb71647b5394779e6efb79d6d187"},
-    {file = "black-23.11.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:4c44b7211a3a0570cc097e81135faa5f261264f4dfaa22bd5ee2875a4e773bd6"},
-    {file = "black-23.11.0-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2a9acad1451632021ee0d146c8765782a0c3846e0e0ea46659d7c4f89d9b212b"},
-    {file = "black-23.11.0-cp38-cp38-win_amd64.whl", hash = "sha256:fc7f6a44d52747e65a02558e1d807c82df1d66ffa80a601862040a43ec2e3142"},
-    {file = "black-23.11.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:7f622b6822f02bfaf2a5cd31fdb7cd86fcf33dab6ced5185c35f5db98260b055"},
-    {file = "black-23.11.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:250d7e60f323fcfc8ea6c800d5eba12f7967400eb6c2d21ae85ad31c204fb1f4"},
-    {file = "black-23.11.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5133f5507007ba08d8b7b263c7aa0f931af5ba88a29beacc4b2dc23fcefe9c06"},
-    {file = "black-23.11.0-cp39-cp39-win_amd64.whl", hash = "sha256:421f3e44aa67138ab1b9bfbc22ee3780b22fa5b291e4db8ab7eee95200726b07"},
-    {file = "black-23.11.0-py3-none-any.whl", hash = "sha256:54caaa703227c6e0c87b76326d0862184729a69b73d3b7305b6288e1d830067e"},
-    {file = "black-23.11.0.tar.gz", hash = "sha256:4c68855825ff432d197229846f971bc4d6666ce90492e5b02013bcaca4d9ab05"},
+    {file = "black-23.12.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e0aaf6041986767a5e0ce663c7a2f0e9eaf21e6ff87a5f95cbf3675bfd4c41d2"},
+    {file = "black-23.12.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c88b3711d12905b74206227109272673edce0cb29f27e1385f33b0163c414bba"},
+    {file = "black-23.12.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a920b569dc6b3472513ba6ddea21f440d4b4c699494d2e972a1753cdc25df7b0"},
+    {file = "black-23.12.1-cp310-cp310-win_amd64.whl", hash = "sha256:3fa4be75ef2a6b96ea8d92b1587dd8cb3a35c7e3d51f0738ced0781c3aa3a5a3"},
+    {file = "black-23.12.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:8d4df77958a622f9b5a4c96edb4b8c0034f8434032ab11077ec6c56ae9f384ba"},
+    {file = "black-23.12.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:602cfb1196dc692424c70b6507593a2b29aac0547c1be9a1d1365f0d964c353b"},
+    {file = "black-23.12.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9c4352800f14be5b4864016882cdba10755bd50805c95f728011bcb47a4afd59"},
+    {file = "black-23.12.1-cp311-cp311-win_amd64.whl", hash = "sha256:0808494f2b2df923ffc5723ed3c7b096bd76341f6213989759287611e9837d50"},
+    {file = "black-23.12.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:25e57fd232a6d6ff3f4478a6fd0580838e47c93c83eaf1ccc92d4faf27112c4e"},
+    {file = "black-23.12.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:2d9e13db441c509a3763a7a3d9a49ccc1b4e974a47be4e08ade2a228876500ec"},
+    {file = "black-23.12.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6d1bd9c210f8b109b1762ec9fd36592fdd528485aadb3f5849b2740ef17e674e"},
+    {file = "black-23.12.1-cp312-cp312-win_amd64.whl", hash = "sha256:ae76c22bde5cbb6bfd211ec343ded2163bba7883c7bc77f6b756a1049436fbb9"},
+    {file = "black-23.12.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:1fa88a0f74e50e4487477bc0bb900c6781dbddfdfa32691e780bf854c3b4a47f"},
+    {file = "black-23.12.1-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:a4d6a9668e45ad99d2f8ec70d5c8c04ef4f32f648ef39048d010b0689832ec6d"},
+    {file = "black-23.12.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b18fb2ae6c4bb63eebe5be6bd869ba2f14fd0259bda7d18a46b764d8fb86298a"},
+    {file = "black-23.12.1-cp38-cp38-win_amd64.whl", hash = "sha256:c04b6d9d20e9c13f43eee8ea87d44156b8505ca8a3c878773f68b4e4812a421e"},
+    {file = "black-23.12.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:3e1b38b3135fd4c025c28c55ddfc236b05af657828a8a6abe5deec419a0b7055"},
+    {file = "black-23.12.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:4f0031eaa7b921db76decd73636ef3a12c942ed367d8c3841a0739412b260a54"},
+    {file = "black-23.12.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:97e56155c6b737854e60a9ab1c598ff2533d57e7506d97af5481141671abf3ea"},
+    {file = "black-23.12.1-cp39-cp39-win_amd64.whl", hash = "sha256:dd15245c8b68fe2b6bd0f32c1556509d11bb33aec9b5d0866dd8e2ed3dba09c2"},
+    {file = "black-23.12.1-py3-none-any.whl", hash = "sha256:78baad24af0f033958cad29731e27363183e140962595def56423e626f4bee3e"},
+    {file = "black-23.12.1.tar.gz", hash = "sha256:4ce3ef14ebe8d9509188014d96af1c456a910d5b5cbf434a09fef7e024b3d0d5"},
 ]
 
 [package.dependencies]
@@ -443,7 +454,7 @@ platformdirs = ">=2"
 
 [package.extras]
 colorama = ["colorama (>=0.4.3)"]
-d = ["aiohttp (>=3.7.4)"]
+d = ["aiohttp (>=3.7.4)", "aiohttp (>=3.7.4,!=3.9.0)"]
 jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"]
 uvloop = ["uvloop (>=0.15.2)"]
 
@@ -522,13 +533,13 @@ test = ["coverage (>=7)", "hypothesis", "pytest"]
 
 [[package]]
 name = "celery"
-version = "5.3.5"
+version = "5.3.6"
 description = "Distributed Task Queue."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "celery-5.3.5-py3-none-any.whl", hash = "sha256:30b75ac60fb081c2d9f8881382c148ed7c9052031a75a1e8743ff4b4b071f184"},
-    {file = "celery-5.3.5.tar.gz", hash = "sha256:6b65d8dd5db499dd6190c45aa6398e171b99592f2af62c312f7391587feb5458"},
+    {file = "celery-5.3.6-py3-none-any.whl", hash = "sha256:9da4ea0118d232ce97dff5ed4974587fb1c0ff5c10042eb15278487cdd27d1af"},
+    {file = "celery-5.3.6.tar.gz", hash = "sha256:870cc71d737c0200c397290d730344cc991d13a057534353d124c9380267aab9"},
 ]
 
 [package.dependencies]
@@ -537,7 +548,7 @@ click = ">=8.1.2,<9.0"
 click-didyoumean = ">=0.3.0"
 click-plugins = ">=1.1.1"
 click-repl = ">=0.2.0"
-kombu = ">=5.3.3,<6.0"
+kombu = ">=5.3.4,<6.0"
 python-dateutil = ">=2.8.2"
 tzdata = ">=2022.7"
 vine = ">=5.1.0,<6.0"
@@ -554,7 +565,7 @@ couchbase = ["couchbase (>=3.0.0)"]
 couchdb = ["pycouchdb (==1.14.2)"]
 django = ["Django (>=2.2.28)"]
 dynamodb = ["boto3 (>=1.26.143)"]
-elasticsearch = ["elastic-transport (<=8.10.0)", "elasticsearch (<=8.10.1)"]
+elasticsearch = ["elastic-transport (<=8.10.0)", "elasticsearch (<=8.11.0)"]
 eventlet = ["eventlet (>=0.32.0)"]
 gevent = ["gevent (>=1.5.0)"]
 librabbitmq = ["librabbitmq (>=2.0.0)"]
@@ -894,63 +905,63 @@ files = [
 
 [[package]]
 name = "coverage"
-version = "7.3.2"
+version = "7.4.0"
 description = "Code coverage measurement for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "coverage-7.3.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:d872145f3a3231a5f20fd48500274d7df222e291d90baa2026cc5152b7ce86bf"},
-    {file = "coverage-7.3.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:310b3bb9c91ea66d59c53fa4989f57d2436e08f18fb2f421a1b0b6b8cc7fffda"},
-    {file = "coverage-7.3.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f47d39359e2c3779c5331fc740cf4bce6d9d680a7b4b4ead97056a0ae07cb49a"},
-    {file = "coverage-7.3.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:aa72dbaf2c2068404b9870d93436e6d23addd8bbe9295f49cbca83f6e278179c"},
-    {file = "coverage-7.3.2-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:beaa5c1b4777f03fc63dfd2a6bd820f73f036bfb10e925fce067b00a340d0f3f"},
-    {file = "coverage-7.3.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:dbc1b46b92186cc8074fee9d9fbb97a9dd06c6cbbef391c2f59d80eabdf0faa6"},
-    {file = "coverage-7.3.2-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:315a989e861031334d7bee1f9113c8770472db2ac484e5b8c3173428360a9148"},
-    {file = "coverage-7.3.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:d1bc430677773397f64a5c88cb522ea43175ff16f8bfcc89d467d974cb2274f9"},
-    {file = "coverage-7.3.2-cp310-cp310-win32.whl", hash = "sha256:a889ae02f43aa45032afe364c8ae84ad3c54828c2faa44f3bfcafecb5c96b02f"},
-    {file = "coverage-7.3.2-cp310-cp310-win_amd64.whl", hash = "sha256:c0ba320de3fb8c6ec16e0be17ee1d3d69adcda99406c43c0409cb5c41788a611"},
-    {file = "coverage-7.3.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:ac8c802fa29843a72d32ec56d0ca792ad15a302b28ca6203389afe21f8fa062c"},
-    {file = "coverage-7.3.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:89a937174104339e3a3ffcf9f446c00e3a806c28b1841c63edb2b369310fd074"},
-    {file = "coverage-7.3.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e267e9e2b574a176ddb983399dec325a80dbe161f1a32715c780b5d14b5f583a"},
-    {file = "coverage-7.3.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2443cbda35df0d35dcfb9bf8f3c02c57c1d6111169e3c85fc1fcc05e0c9f39a3"},
-    {file = "coverage-7.3.2-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4175e10cc8dda0265653e8714b3174430b07c1dca8957f4966cbd6c2b1b8065a"},
-    {file = "coverage-7.3.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:0cbf38419fb1a347aaf63481c00f0bdc86889d9fbf3f25109cf96c26b403fda1"},
-    {file = "coverage-7.3.2-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:5c913b556a116b8d5f6ef834038ba983834d887d82187c8f73dec21049abd65c"},
-    {file = "coverage-7.3.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:1981f785239e4e39e6444c63a98da3a1db8e971cb9ceb50a945ba6296b43f312"},
-    {file = "coverage-7.3.2-cp311-cp311-win32.whl", hash = "sha256:43668cabd5ca8258f5954f27a3aaf78757e6acf13c17604d89648ecc0cc66640"},
-    {file = "coverage-7.3.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10c39c0452bf6e694511c901426d6b5ac005acc0f78ff265dbe36bf81f808a2"},
-    {file = "coverage-7.3.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:4cbae1051ab791debecc4a5dcc4a1ff45fc27b91b9aee165c8a27514dd160836"},
-    {file = "coverage-7.3.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:12d15ab5833a997716d76f2ac1e4b4d536814fc213c85ca72756c19e5a6b3d63"},
-    {file = "coverage-7.3.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3c7bba973ebee5e56fe9251300c00f1579652587a9f4a5ed8404b15a0471f216"},
-    {file = "coverage-7.3.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:fe494faa90ce6381770746077243231e0b83ff3f17069d748f645617cefe19d4"},
-    {file = "coverage-7.3.2-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f6e9589bd04d0461a417562649522575d8752904d35c12907d8c9dfeba588faf"},
-    {file = "coverage-7.3.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:d51ac2a26f71da1b57f2dc81d0e108b6ab177e7d30e774db90675467c847bbdf"},
-    {file = "coverage-7.3.2-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:99b89d9f76070237975b315b3d5f4d6956ae354a4c92ac2388a5695516e47c84"},
-    {file = "coverage-7.3.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:fa28e909776dc69efb6ed975a63691bc8172b64ff357e663a1bb06ff3c9b589a"},
-    {file = "coverage-7.3.2-cp312-cp312-win32.whl", hash = "sha256:289fe43bf45a575e3ab10b26d7b6f2ddb9ee2dba447499f5401cfb5ecb8196bb"},
-    {file = "coverage-7.3.2-cp312-cp312-win_amd64.whl", hash = "sha256:7dbc3ed60e8659bc59b6b304b43ff9c3ed858da2839c78b804973f613d3e92ed"},
-    {file = "coverage-7.3.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:f94b734214ea6a36fe16e96a70d941af80ff3bfd716c141300d95ebc85339738"},
-    {file = "coverage-7.3.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:af3d828d2c1cbae52d34bdbb22fcd94d1ce715d95f1a012354a75e5913f1bda2"},
-    {file = "coverage-7.3.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:630b13e3036e13c7adc480ca42fa7afc2a5d938081d28e20903cf7fd687872e2"},
-    {file = "coverage-7.3.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c9eacf273e885b02a0273bb3a2170f30e2d53a6d53b72dbe02d6701b5296101c"},
-    {file = "coverage-7.3.2-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d8f17966e861ff97305e0801134e69db33b143bbfb36436efb9cfff6ec7b2fd9"},
-    {file = "coverage-7.3.2-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:b4275802d16882cf9c8b3d057a0839acb07ee9379fa2749eca54efbce1535b82"},
-    {file = "coverage-7.3.2-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:72c0cfa5250f483181e677ebc97133ea1ab3eb68645e494775deb6a7f6f83901"},
-    {file = "coverage-7.3.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:cb536f0dcd14149425996821a168f6e269d7dcd2c273a8bff8201e79f5104e76"},
-    {file = "coverage-7.3.2-cp38-cp38-win32.whl", hash = "sha256:307adb8bd3abe389a471e649038a71b4eb13bfd6b7dd9a129fa856f5c695cf92"},
-    {file = "coverage-7.3.2-cp38-cp38-win_amd64.whl", hash = "sha256:88ed2c30a49ea81ea3b7f172e0269c182a44c236eb394718f976239892c0a27a"},
-    {file = "coverage-7.3.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:b631c92dfe601adf8f5ebc7fc13ced6bb6e9609b19d9a8cd59fa47c4186ad1ce"},
-    {file = "coverage-7.3.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:d3d9df4051c4a7d13036524b66ecf7a7537d14c18a384043f30a303b146164e9"},
-    {file = "coverage-7.3.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5f7363d3b6a1119ef05015959ca24a9afc0ea8a02c687fe7e2d557705375c01f"},
-    {file = "coverage-7.3.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2f11cc3c967a09d3695d2a6f03fb3e6236622b93be7a4b5dc09166a861be6d25"},
-    {file = "coverage-7.3.2-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:149de1d2401ae4655c436a3dced6dd153f4c3309f599c3d4bd97ab172eaf02d9"},
-    {file = "coverage-7.3.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:3a4006916aa6fee7cd38db3bfc95aa9c54ebb4ffbfc47c677c8bba949ceba0a6"},
-    {file = "coverage-7.3.2-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:9028a3871280110d6e1aa2df1afd5ef003bab5fb1ef421d6dc748ae1c8ef2ebc"},
-    {file = "coverage-7.3.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:9f805d62aec8eb92bab5b61c0f07329275b6f41c97d80e847b03eb894f38d083"},
-    {file = "coverage-7.3.2-cp39-cp39-win32.whl", hash = "sha256:d1c88ec1a7ff4ebca0219f5b1ef863451d828cccf889c173e1253aa84b1e07ce"},
-    {file = "coverage-7.3.2-cp39-cp39-win_amd64.whl", hash = "sha256:b4767da59464bb593c07afceaddea61b154136300881844768037fd5e859353f"},
-    {file = "coverage-7.3.2-pp38.pp39.pp310-none-any.whl", hash = "sha256:ae97af89f0fbf373400970c0a21eef5aa941ffeed90aee43650b81f7d7f47637"},
-    {file = "coverage-7.3.2.tar.gz", hash = "sha256:be32ad29341b0170e795ca590e1c07e81fc061cb5b10c74ce7203491484404ef"},
+    {file = "coverage-7.4.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:36b0ea8ab20d6a7564e89cb6135920bc9188fb5f1f7152e94e8300b7b189441a"},
+    {file = "coverage-7.4.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:0676cd0ba581e514b7f726495ea75aba3eb20899d824636c6f59b0ed2f88c471"},
+    {file = "coverage-7.4.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d0ca5c71a5a1765a0f8f88022c52b6b8be740e512980362f7fdbb03725a0d6b9"},
+    {file = "coverage-7.4.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a7c97726520f784239f6c62506bc70e48d01ae71e9da128259d61ca5e9788516"},
+    {file = "coverage-7.4.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:815ac2d0f3398a14286dc2cea223a6f338109f9ecf39a71160cd1628786bc6f5"},
+    {file = "coverage-7.4.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:80b5ee39b7f0131ebec7968baa9b2309eddb35b8403d1869e08f024efd883566"},
+    {file = "coverage-7.4.0-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:5b2ccb7548a0b65974860a78c9ffe1173cfb5877460e5a229238d985565574ae"},
+    {file = "coverage-7.4.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:995ea5c48c4ebfd898eacb098164b3cc826ba273b3049e4a889658548e321b43"},
+    {file = "coverage-7.4.0-cp310-cp310-win32.whl", hash = "sha256:79287fd95585ed36e83182794a57a46aeae0b64ca53929d1176db56aacc83451"},
+    {file = "coverage-7.4.0-cp310-cp310-win_amd64.whl", hash = "sha256:5b14b4f8760006bfdb6e08667af7bc2d8d9bfdb648351915315ea17645347137"},
+    {file = "coverage-7.4.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:04387a4a6ecb330c1878907ce0dc04078ea72a869263e53c72a1ba5bbdf380ca"},
+    {file = "coverage-7.4.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:ea81d8f9691bb53f4fb4db603203029643caffc82bf998ab5b59ca05560f4c06"},
+    {file = "coverage-7.4.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:74775198b702868ec2d058cb92720a3c5a9177296f75bd97317c787daf711505"},
+    {file = "coverage-7.4.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:76f03940f9973bfaee8cfba70ac991825611b9aac047e5c80d499a44079ec0bc"},
+    {file = "coverage-7.4.0-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:485e9f897cf4856a65a57c7f6ea3dc0d4e6c076c87311d4bc003f82cfe199d25"},
+    {file = "coverage-7.4.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:6ae8c9d301207e6856865867d762a4b6fd379c714fcc0607a84b92ee63feff70"},
+    {file = "coverage-7.4.0-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:bf477c355274a72435ceb140dc42de0dc1e1e0bf6e97195be30487d8eaaf1a09"},
+    {file = "coverage-7.4.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:83c2dda2666fe32332f8e87481eed056c8b4d163fe18ecc690b02802d36a4d26"},
+    {file = "coverage-7.4.0-cp311-cp311-win32.whl", hash = "sha256:697d1317e5290a313ef0d369650cfee1a114abb6021fa239ca12b4849ebbd614"},
+    {file = "coverage-7.4.0-cp311-cp311-win_amd64.whl", hash = "sha256:26776ff6c711d9d835557ee453082025d871e30b3fd6c27fcef14733f67f0590"},
+    {file = "coverage-7.4.0-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:13eaf476ec3e883fe3e5fe3707caeb88268a06284484a3daf8250259ef1ba143"},
+    {file = "coverage-7.4.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:846f52f46e212affb5bcf131c952fb4075b55aae6b61adc9856222df89cbe3e2"},
+    {file = "coverage-7.4.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:26f66da8695719ccf90e794ed567a1549bb2644a706b41e9f6eae6816b398c4a"},
+    {file = "coverage-7.4.0-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:164fdcc3246c69a6526a59b744b62e303039a81e42cfbbdc171c91a8cc2f9446"},
+    {file = "coverage-7.4.0-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:316543f71025a6565677d84bc4df2114e9b6a615aa39fb165d697dba06a54af9"},
+    {file = "coverage-7.4.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:bb1de682da0b824411e00a0d4da5a784ec6496b6850fdf8c865c1d68c0e318dd"},
+    {file = "coverage-7.4.0-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:0e8d06778e8fbffccfe96331a3946237f87b1e1d359d7fbe8b06b96c95a5407a"},
+    {file = "coverage-7.4.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:a56de34db7b7ff77056a37aedded01b2b98b508227d2d0979d373a9b5d353daa"},
+    {file = "coverage-7.4.0-cp312-cp312-win32.whl", hash = "sha256:51456e6fa099a8d9d91497202d9563a320513fcf59f33991b0661a4a6f2ad450"},
+    {file = "coverage-7.4.0-cp312-cp312-win_amd64.whl", hash = "sha256:cd3c1e4cb2ff0083758f09be0f77402e1bdf704adb7f89108007300a6da587d0"},
+    {file = "coverage-7.4.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:e9d1bf53c4c8de58d22e0e956a79a5b37f754ed1ffdbf1a260d9dcfa2d8a325e"},
+    {file = "coverage-7.4.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:109f5985182b6b81fe33323ab4707011875198c41964f014579cf82cebf2bb85"},
+    {file = "coverage-7.4.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3cc9d4bc55de8003663ec94c2f215d12d42ceea128da8f0f4036235a119c88ac"},
+    {file = "coverage-7.4.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cc6d65b21c219ec2072c1293c505cf36e4e913a3f936d80028993dd73c7906b1"},
+    {file = "coverage-7.4.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5a10a4920def78bbfff4eff8a05c51be03e42f1c3735be42d851f199144897ba"},
+    {file = "coverage-7.4.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:b8e99f06160602bc64da35158bb76c73522a4010f0649be44a4e167ff8555952"},
+    {file = "coverage-7.4.0-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:7d360587e64d006402b7116623cebf9d48893329ef035278969fa3bbf75b697e"},
+    {file = "coverage-7.4.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:29f3abe810930311c0b5d1a7140f6395369c3db1be68345638c33eec07535105"},
+    {file = "coverage-7.4.0-cp38-cp38-win32.whl", hash = "sha256:5040148f4ec43644702e7b16ca864c5314ccb8ee0751ef617d49aa0e2d6bf4f2"},
+    {file = "coverage-7.4.0-cp38-cp38-win_amd64.whl", hash = "sha256:9864463c1c2f9cb3b5db2cf1ff475eed2f0b4285c2aaf4d357b69959941aa555"},
+    {file = "coverage-7.4.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:936d38794044b26c99d3dd004d8af0035ac535b92090f7f2bb5aa9c8e2f5cd42"},
+    {file = "coverage-7.4.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:799c8f873794a08cdf216aa5d0531c6a3747793b70c53f70e98259720a6fe2d7"},
+    {file = "coverage-7.4.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e7defbb9737274023e2d7af02cac77043c86ce88a907c58f42b580a97d5bcca9"},
+    {file = "coverage-7.4.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a1526d265743fb49363974b7aa8d5899ff64ee07df47dd8d3e37dcc0818f09ed"},
+    {file = "coverage-7.4.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bf635a52fc1ea401baf88843ae8708591aa4adff875e5c23220de43b1ccf575c"},
+    {file = "coverage-7.4.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:756ded44f47f330666843b5781be126ab57bb57c22adbb07d83f6b519783b870"},
+    {file = "coverage-7.4.0-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:0eb3c2f32dabe3a4aaf6441dde94f35687224dfd7eb2a7f47f3fd9428e421058"},
+    {file = "coverage-7.4.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:bfd5db349d15c08311702611f3dccbef4b4e2ec148fcc636cf8739519b4a5c0f"},
+    {file = "coverage-7.4.0-cp39-cp39-win32.whl", hash = "sha256:53d7d9158ee03956e0eadac38dfa1ec8068431ef8058fe6447043db1fb40d932"},
+    {file = "coverage-7.4.0-cp39-cp39-win_amd64.whl", hash = "sha256:cfd2a8b6b0d8e66e944d47cdec2f47c48fef2ba2f2dff5a9a75757f64172857e"},
+    {file = "coverage-7.4.0-pp38.pp39.pp310-none-any.whl", hash = "sha256:c530833afc4707fe48524a44844493f36d8727f04dcce91fb978c414a8556cc6"},
+    {file = "coverage-7.4.0.tar.gz", hash = "sha256:707c0f58cb1712b8809ece32b68996ee1e609f71bd14615bd8f87a1293cb610e"},
 ]
 
 [package.extras]
@@ -958,34 +969,34 @@ toml = ["tomli"]
 
 [[package]]
 name = "cryptography"
-version = "41.0.5"
+version = "41.0.7"
 description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "cryptography-41.0.5-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:da6a0ff8f1016ccc7477e6339e1d50ce5f59b88905585f77193ebd5068f1e797"},
-    {file = "cryptography-41.0.5-cp37-abi3-macosx_10_12_x86_64.whl", hash = "sha256:b948e09fe5fb18517d99994184854ebd50b57248736fd4c720ad540560174ec5"},
-    {file = "cryptography-41.0.5-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d38e6031e113b7421db1de0c1b1f7739564a88f1684c6b89234fbf6c11b75147"},
-    {file = "cryptography-41.0.5-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e270c04f4d9b5671ebcc792b3ba5d4488bf7c42c3c241a3748e2599776f29696"},
-    {file = "cryptography-41.0.5-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ec3b055ff8f1dce8e6ef28f626e0972981475173d7973d63f271b29c8a2897da"},
-    {file = "cryptography-41.0.5-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:7d208c21e47940369accfc9e85f0de7693d9a5d843c2509b3846b2db170dfd20"},
-    {file = "cryptography-41.0.5-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:8254962e6ba1f4d2090c44daf50a547cd5f0bf446dc658a8e5f8156cae0d8548"},
-    {file = "cryptography-41.0.5-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:a48e74dad1fb349f3dc1d449ed88e0017d792997a7ad2ec9587ed17405667e6d"},
-    {file = "cryptography-41.0.5-cp37-abi3-win32.whl", hash = "sha256:d3977f0e276f6f5bf245c403156673db103283266601405376f075c849a0b936"},
-    {file = "cryptography-41.0.5-cp37-abi3-win_amd64.whl", hash = "sha256:73801ac9736741f220e20435f84ecec75ed70eda90f781a148f1bad546963d81"},
-    {file = "cryptography-41.0.5-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:3be3ca726e1572517d2bef99a818378bbcf7d7799d5372a46c79c29eb8d166c1"},
-    {file = "cryptography-41.0.5-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:e886098619d3815e0ad5790c973afeee2c0e6e04b4da90b88e6bd06e2a0b1b72"},
-    {file = "cryptography-41.0.5-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:573eb7128cbca75f9157dcde974781209463ce56b5804983e11a1c462f0f4e88"},
-    {file = "cryptography-41.0.5-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:0c327cac00f082013c7c9fb6c46b7cc9fa3c288ca702c74773968173bda421bf"},
-    {file = "cryptography-41.0.5-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:227ec057cd32a41c6651701abc0328135e472ed450f47c2766f23267b792a88e"},
-    {file = "cryptography-41.0.5-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:22892cc830d8b2c89ea60148227631bb96a7da0c1b722f2aac8824b1b7c0b6b8"},
-    {file = "cryptography-41.0.5-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:5a70187954ba7292c7876734183e810b728b4f3965fbe571421cb2434d279179"},
-    {file = "cryptography-41.0.5-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:88417bff20162f635f24f849ab182b092697922088b477a7abd6664ddd82291d"},
-    {file = "cryptography-41.0.5-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:c707f7afd813478e2019ae32a7c49cd932dd60ab2d2a93e796f68236b7e1fbf1"},
-    {file = "cryptography-41.0.5-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:580afc7b7216deeb87a098ef0674d6ee34ab55993140838b14c9b83312b37b86"},
-    {file = "cryptography-41.0.5-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:fba1e91467c65fe64a82c689dc6cf58151158993b13eb7a7f3f4b7f395636723"},
-    {file = "cryptography-41.0.5-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:0d2a6a598847c46e3e321a7aef8af1436f11c27f1254933746304ff014664d84"},
-    {file = "cryptography-41.0.5.tar.gz", hash = "sha256:392cb88b597247177172e02da6b7a63deeff1937fa6fec3bbf902ebd75d97ec7"},
+    {file = "cryptography-41.0.7-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:3c78451b78313fa81607fa1b3f1ae0a5ddd8014c38a02d9db0616133987b9cdf"},
+    {file = "cryptography-41.0.7-cp37-abi3-macosx_10_12_x86_64.whl", hash = "sha256:928258ba5d6f8ae644e764d0f996d61a8777559f72dfeb2eea7e2fe0ad6e782d"},
+    {file = "cryptography-41.0.7-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5a1b41bc97f1ad230a41657d9155113c7521953869ae57ac39ac7f1bb471469a"},
+    {file = "cryptography-41.0.7-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:841df4caa01008bad253bce2a6f7b47f86dc9f08df4b433c404def869f590a15"},
+    {file = "cryptography-41.0.7-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:5429ec739a29df2e29e15d082f1d9ad683701f0ec7709ca479b3ff2708dae65a"},
+    {file = "cryptography-41.0.7-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:43f2552a2378b44869fe8827aa19e69512e3245a219104438692385b0ee119d1"},
+    {file = "cryptography-41.0.7-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:af03b32695b24d85a75d40e1ba39ffe7db7ffcb099fe507b39fd41a565f1b157"},
+    {file = "cryptography-41.0.7-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:49f0805fc0b2ac8d4882dd52f4a3b935b210935d500b6b805f321addc8177406"},
+    {file = "cryptography-41.0.7-cp37-abi3-win32.whl", hash = "sha256:f983596065a18a2183e7f79ab3fd4c475205b839e02cbc0efbbf9666c4b3083d"},
+    {file = "cryptography-41.0.7-cp37-abi3-win_amd64.whl", hash = "sha256:90452ba79b8788fa380dfb587cca692976ef4e757b194b093d845e8d99f612f2"},
+    {file = "cryptography-41.0.7-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:079b85658ea2f59c4f43b70f8119a52414cdb7be34da5d019a77bf96d473b960"},
+    {file = "cryptography-41.0.7-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:b640981bf64a3e978a56167594a0e97db71c89a479da8e175d8bb5be5178c003"},
+    {file = "cryptography-41.0.7-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:e3114da6d7f95d2dee7d3f4eec16dacff819740bbab931aff8648cb13c5ff5e7"},
+    {file = "cryptography-41.0.7-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:d5ec85080cce7b0513cfd233914eb8b7bbd0633f1d1703aa28d1dd5a72f678ec"},
+    {file = "cryptography-41.0.7-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:7a698cb1dac82c35fcf8fe3417a3aaba97de16a01ac914b89a0889d364d2f6be"},
+    {file = "cryptography-41.0.7-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:37a138589b12069efb424220bf78eac59ca68b95696fc622b6ccc1c0a197204a"},
+    {file = "cryptography-41.0.7-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:68a2dec79deebc5d26d617bfdf6e8aab065a4f34934b22d3b5010df3ba36612c"},
+    {file = "cryptography-41.0.7-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:09616eeaef406f99046553b8a40fbf8b1e70795a91885ba4c96a70793de5504a"},
+    {file = "cryptography-41.0.7-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:48a0476626da912a44cc078f9893f292f0b3e4c739caf289268168d8f4702a39"},
+    {file = "cryptography-41.0.7-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:c7f3201ec47d5207841402594f1d7950879ef890c0c495052fa62f58283fde1a"},
+    {file = "cryptography-41.0.7-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c5ca78485a255e03c32b513f8c2bc39fedb7f5c5f8535545bdc223a03b24f248"},
+    {file = "cryptography-41.0.7-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:d6c391c021ab1f7a82da5d8d0b3cee2f4b2c455ec86c8aebbc84837a631ff309"},
+    {file = "cryptography-41.0.7.tar.gz", hash = "sha256:13f93ce9bea8016c253b34afc6bd6a75993e5c40672ed5405a9c832f0d4a00bc"},
 ]
 
 [package.dependencies]
@@ -1062,13 +1073,13 @@ files = [
 
 [[package]]
 name = "deepmerge"
-version = "1.1.0"
+version = "1.1.1"
 description = "a toolset to deeply merge python dictionaries."
 optional = false
 python-versions = "*"
 files = [
-    {file = "deepmerge-1.1.0-py3-none-any.whl", hash = "sha256:59e6ef80b77dc52af3882a1ea78da22bcfc91ae9cdabc0c80729049fe295ff8b"},
-    {file = "deepmerge-1.1.0.tar.gz", hash = "sha256:4c27a0db5de285e1a7ceac7dbc1531deaa556b627dea4900c8244581ecdfea2d"},
+    {file = "deepmerge-1.1.1-py3-none-any.whl", hash = "sha256:7219dad9763f15be9dcd4bcb53e00f48e4eed6f5ed8f15824223eb934bb35977"},
+    {file = "deepmerge-1.1.1.tar.gz", hash = "sha256:53a489dc9449636e480a784359ae2aab3191748c920649551c8e378622f0eca4"},
 ]
 
 [[package]]
@@ -1098,17 +1109,17 @@ graph = ["objgraph (>=1.7.2)"]
 
 [[package]]
 name = "django"
-version = "4.2.7"
+version = "5.0"
 description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.10"
 files = [
-    {file = "Django-4.2.7-py3-none-any.whl", hash = "sha256:e1d37c51ad26186de355cbcec16613ebdabfa9689bbade9c538835205a8abbe9"},
-    {file = "Django-4.2.7.tar.gz", hash = "sha256:8e0f1c2c2786b5c0e39fe1afce24c926040fad47c8ea8ad30aaf1188df29fc41"},
+    {file = "Django-5.0-py3-none-any.whl", hash = "sha256:3a9fd52b8dbeae335ddf4a9dfa6c6a0853a1122f1fb071a8d5eca979f73a05c8"},
+    {file = "Django-5.0.tar.gz", hash = "sha256:7d29e14dfbc19cb6a95a4bd669edbde11f5d4c6a71fdaa42c2d40b6846e807f7"},
 ]
 
 [package.dependencies]
-asgiref = ">=3.6.0,<4"
+asgiref = ">=3.7.0"
 sqlparse = ">=0.3.1"
 tzdata = {version = "*", markers = "sys_platform == \"win32\""}
 
@@ -1118,13 +1129,13 @@ bcrypt = ["bcrypt"]
 
 [[package]]
 name = "django-filter"
-version = "23.4"
+version = "23.5"
 description = "Django-filter is a reusable Django application for allowing users to filter querysets dynamically."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "django-filter-23.4.tar.gz", hash = "sha256:bed070b38359dce7d2dbe057b165d59773057986356cb809ded983b36c77a976"},
-    {file = "django_filter-23.4-py3-none-any.whl", hash = "sha256:526954f18bd7d6423f232a9a7974f58fbc6863908b9fc160de075e01adcc2a5f"},
+    {file = "django-filter-23.5.tar.gz", hash = "sha256:67583aa43b91fe8c49f74a832d95f4d8442be628fd4c6d65e9f811f5153a4e5c"},
+    {file = "django_filter-23.5-py3-none-any.whl", hash = "sha256:99122a201d83860aef4fe77758b69dda913e874cc5e0eaa50a86b0b18d708400"},
 ]
 
 [package.dependencies]
@@ -1259,13 +1270,13 @@ wmi = ["wmi (>=1.5.1,<2.0.0)"]
 
 [[package]]
 name = "docker"
-version = "6.1.3"
+version = "7.0.0"
 description = "A Python library for the Docker Engine API."
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "docker-6.1.3-py3-none-any.whl", hash = "sha256:aecd2277b8bf8e506e484f6ab7aec39abe0038e29fa4a6d3ba86c3fe01844ed9"},
-    {file = "docker-6.1.3.tar.gz", hash = "sha256:aa6d17830045ba5ef0168d5eaa34d37beeb113948c413affe1d5991fc11f9a20"},
+    {file = "docker-7.0.0-py3-none-any.whl", hash = "sha256:12ba681f2777a0ad28ffbcc846a69c31b4dfd9752b47eb425a274ee269c5e14b"},
+    {file = "docker-7.0.0.tar.gz", hash = "sha256:323736fb92cd9418fc5e7133bc953e11a9da04f4483f828b527db553f1e7e5a3"},
 ]
 
 [package.dependencies]
@@ -1273,10 +1284,10 @@ packaging = ">=14.0"
 pywin32 = {version = ">=304", markers = "sys_platform == \"win32\""}
 requests = ">=2.26.0"
 urllib3 = ">=1.26.0"
-websocket-client = ">=0.32.0"
 
 [package.extras]
 ssh = ["paramiko (>=2.4.3)"]
+websockets = ["websocket-client (>=1.3.0)"]
 
 [[package]]
 name = "drf-jsonschema-serializer"
@@ -1303,13 +1314,13 @@ tests = ["black", "django-stubs[compatible-mypy]", "djangorestframework-stubs[co
 
 [[package]]
 name = "drf-spectacular"
-version = "0.26.5"
+version = "0.27.0"
 description = "Sane and flexible OpenAPI 3 schema generation for Django REST framework"
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "drf-spectacular-0.26.5.tar.gz", hash = "sha256:aee55330a774ba8a9cbdb125714d1c9ee05a8aafd3ce3be8bfd26527649aeb44"},
-    {file = "drf_spectacular-0.26.5-py3-none-any.whl", hash = "sha256:c0002a820b11771fdbf37853deb371947caf0159d1afeeffe7598e964bc1db94"},
+    {file = "drf-spectacular-0.27.0.tar.gz", hash = "sha256:18d7ae74b2b5d533fd31f1c591ebaa5cce1447e0976ced927401e3163040dea9"},
+    {file = "drf_spectacular-0.27.0-py3-none-any.whl", hash = "sha256:6ab2d20674244e8c940c2883f744b43c34fc68c70ea3aefa802f574108c9699b"},
 ]
 
 [package.dependencies]
@@ -1402,13 +1413,13 @@ tornado = ">=5.0.0,<7.0.0"
 
 [[package]]
 name = "freezegun"
-version = "1.2.2"
+version = "1.4.0"
 description = "Let your Python tests travel through time"
 optional = false
-python-versions = ">=3.6"
+python-versions = ">=3.7"
 files = [
-    {file = "freezegun-1.2.2-py3-none-any.whl", hash = "sha256:ea1b963b993cb9ea195adbd893a48d573fda951b0da64f60883d7e988b606c9f"},
-    {file = "freezegun-1.2.2.tar.gz", hash = "sha256:cd22d1ba06941384410cd967d8a99d5ae2442f57dfafeff2fda5de8dc5c05446"},
+    {file = "freezegun-1.4.0-py3-none-any.whl", hash = "sha256:55e0fc3c84ebf0a96a5aa23ff8b53d70246479e9a68863f1fcac5a3e52f19dd6"},
+    {file = "freezegun-1.4.0.tar.gz", hash = "sha256:10939b0ba0ff5adaecf3b06a5c2f73071d9678e507c5eaedb23c761d56ac774b"},
 ]
 
 [package.dependencies]
@@ -1416,89 +1427,109 @@ python-dateutil = ">=2.7"
 
 [[package]]
 name = "frozenlist"
-version = "1.4.0"
+version = "1.4.1"
 description = "A list-like structure which implements collections.abc.MutableSequence"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "frozenlist-1.4.0-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:764226ceef3125e53ea2cb275000e309c0aa5464d43bd72abd661e27fffc26ab"},
-    {file = "frozenlist-1.4.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:d6484756b12f40003c6128bfcc3fa9f0d49a687e171186c2d85ec82e3758c559"},
-    {file = "frozenlist-1.4.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9ac08e601308e41eb533f232dbf6b7e4cea762f9f84f6357136eed926c15d12c"},
-    {file = "frozenlist-1.4.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d081f13b095d74b67d550de04df1c756831f3b83dc9881c38985834387487f1b"},
-    {file = "frozenlist-1.4.0-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:71932b597f9895f011f47f17d6428252fc728ba2ae6024e13c3398a087c2cdea"},
-    {file = "frozenlist-1.4.0-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:981b9ab5a0a3178ff413bca62526bb784249421c24ad7381e39d67981be2c326"},
-    {file = "frozenlist-1.4.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e41f3de4df3e80de75845d3e743b3f1c4c8613c3997a912dbf0229fc61a8b963"},
-    {file = "frozenlist-1.4.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6918d49b1f90821e93069682c06ffde41829c346c66b721e65a5c62b4bab0300"},
-    {file = "frozenlist-1.4.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0e5c8764c7829343d919cc2dfc587a8db01c4f70a4ebbc49abde5d4b158b007b"},
-    {file = "frozenlist-1.4.0-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:8d0edd6b1c7fb94922bf569c9b092ee187a83f03fb1a63076e7774b60f9481a8"},
-    {file = "frozenlist-1.4.0-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:e29cda763f752553fa14c68fb2195150bfab22b352572cb36c43c47bedba70eb"},
-    {file = "frozenlist-1.4.0-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:0c7c1b47859ee2cac3846fde1c1dc0f15da6cec5a0e5c72d101e0f83dcb67ff9"},
-    {file = "frozenlist-1.4.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:901289d524fdd571be1c7be054f48b1f88ce8dddcbdf1ec698b27d4b8b9e5d62"},
-    {file = "frozenlist-1.4.0-cp310-cp310-win32.whl", hash = "sha256:1a0848b52815006ea6596c395f87449f693dc419061cc21e970f139d466dc0a0"},
-    {file = "frozenlist-1.4.0-cp310-cp310-win_amd64.whl", hash = "sha256:b206646d176a007466358aa21d85cd8600a415c67c9bd15403336c331a10d956"},
-    {file = "frozenlist-1.4.0-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:de343e75f40e972bae1ef6090267f8260c1446a1695e77096db6cfa25e759a95"},
-    {file = "frozenlist-1.4.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:ad2a9eb6d9839ae241701d0918f54c51365a51407fd80f6b8289e2dfca977cc3"},
-    {file = "frozenlist-1.4.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:bd7bd3b3830247580de99c99ea2a01416dfc3c34471ca1298bccabf86d0ff4dc"},
-    {file = "frozenlist-1.4.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bdf1847068c362f16b353163391210269e4f0569a3c166bc6a9f74ccbfc7e839"},
-    {file = "frozenlist-1.4.0-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:38461d02d66de17455072c9ba981d35f1d2a73024bee7790ac2f9e361ef1cd0c"},
-    {file = "frozenlist-1.4.0-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d5a32087d720c608f42caed0ef36d2b3ea61a9d09ee59a5142d6070da9041b8f"},
-    {file = "frozenlist-1.4.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:dd65632acaf0d47608190a71bfe46b209719bf2beb59507db08ccdbe712f969b"},
-    {file = "frozenlist-1.4.0-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:261b9f5d17cac914531331ff1b1d452125bf5daa05faf73b71d935485b0c510b"},
-    {file = "frozenlist-1.4.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:b89ac9768b82205936771f8d2eb3ce88503b1556324c9f903e7156669f521472"},
-    {file = "frozenlist-1.4.0-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:008eb8b31b3ea6896da16c38c1b136cb9fec9e249e77f6211d479db79a4eaf01"},
-    {file = "frozenlist-1.4.0-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:e74b0506fa5aa5598ac6a975a12aa8928cbb58e1f5ac8360792ef15de1aa848f"},
-    {file = "frozenlist-1.4.0-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:490132667476f6781b4c9458298b0c1cddf237488abd228b0b3650e5ecba7467"},
-    {file = "frozenlist-1.4.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:76d4711f6f6d08551a7e9ef28c722f4a50dd0fc204c56b4bcd95c6cc05ce6fbb"},
-    {file = "frozenlist-1.4.0-cp311-cp311-win32.whl", hash = "sha256:a02eb8ab2b8f200179b5f62b59757685ae9987996ae549ccf30f983f40602431"},
-    {file = "frozenlist-1.4.0-cp311-cp311-win_amd64.whl", hash = "sha256:515e1abc578dd3b275d6a5114030b1330ba044ffba03f94091842852f806f1c1"},
-    {file = "frozenlist-1.4.0-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:f0ed05f5079c708fe74bf9027e95125334b6978bf07fd5ab923e9e55e5fbb9d3"},
-    {file = "frozenlist-1.4.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:ca265542ca427bf97aed183c1676e2a9c66942e822b14dc6e5f42e038f92a503"},
-    {file = "frozenlist-1.4.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:491e014f5c43656da08958808588cc6c016847b4360e327a62cb308c791bd2d9"},
-    {file = "frozenlist-1.4.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:17ae5cd0f333f94f2e03aaf140bb762c64783935cc764ff9c82dff626089bebf"},
-    {file = "frozenlist-1.4.0-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1e78fb68cf9c1a6aa4a9a12e960a5c9dfbdb89b3695197aa7064705662515de2"},
-    {file = "frozenlist-1.4.0-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d5655a942f5f5d2c9ed93d72148226d75369b4f6952680211972a33e59b1dfdc"},
-    {file = "frozenlist-1.4.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c11b0746f5d946fecf750428a95f3e9ebe792c1ee3b1e96eeba145dc631a9672"},
-    {file = "frozenlist-1.4.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e66d2a64d44d50d2543405fb183a21f76b3b5fd16f130f5c99187c3fb4e64919"},
-    {file = "frozenlist-1.4.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:88f7bc0fcca81f985f78dd0fa68d2c75abf8272b1f5c323ea4a01a4d7a614efc"},
-    {file = "frozenlist-1.4.0-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:5833593c25ac59ede40ed4de6d67eb42928cca97f26feea219f21d0ed0959b79"},
-    {file = "frozenlist-1.4.0-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:fec520865f42e5c7f050c2a79038897b1c7d1595e907a9e08e3353293ffc948e"},
-    {file = "frozenlist-1.4.0-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:b826d97e4276750beca7c8f0f1a4938892697a6bcd8ec8217b3312dad6982781"},
-    {file = "frozenlist-1.4.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:ceb6ec0a10c65540421e20ebd29083c50e6d1143278746a4ef6bcf6153171eb8"},
-    {file = "frozenlist-1.4.0-cp38-cp38-win32.whl", hash = "sha256:2b8bcf994563466db019fab287ff390fffbfdb4f905fc77bc1c1d604b1c689cc"},
-    {file = "frozenlist-1.4.0-cp38-cp38-win_amd64.whl", hash = "sha256:a6c8097e01886188e5be3e6b14e94ab365f384736aa1fca6a0b9e35bd4a30bc7"},
-    {file = "frozenlist-1.4.0-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:6c38721585f285203e4b4132a352eb3daa19121a035f3182e08e437cface44bf"},
-    {file = "frozenlist-1.4.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:a0c6da9aee33ff0b1a451e867da0c1f47408112b3391dd43133838339e410963"},
-    {file = "frozenlist-1.4.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:93ea75c050c5bb3d98016b4ba2497851eadf0ac154d88a67d7a6816206f6fa7f"},
-    {file = "frozenlist-1.4.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f61e2dc5ad442c52b4887f1fdc112f97caeff4d9e6ebe78879364ac59f1663e1"},
-    {file = "frozenlist-1.4.0-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:aa384489fefeb62321b238e64c07ef48398fe80f9e1e6afeff22e140e0850eef"},
-    {file = "frozenlist-1.4.0-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:10ff5faaa22786315ef57097a279b833ecab1a0bfb07d604c9cbb1c4cdc2ed87"},
-    {file = "frozenlist-1.4.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:007df07a6e3eb3e33e9a1fe6a9db7af152bbd8a185f9aaa6ece10a3529e3e1c6"},
-    {file = "frozenlist-1.4.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7f4f399d28478d1f604c2ff9119907af9726aed73680e5ed1ca634d377abb087"},
-    {file = "frozenlist-1.4.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:c5374b80521d3d3f2ec5572e05adc94601985cc526fb276d0c8574a6d749f1b3"},
-    {file = "frozenlist-1.4.0-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:ce31ae3e19f3c902de379cf1323d90c649425b86de7bbdf82871b8a2a0615f3d"},
-    {file = "frozenlist-1.4.0-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:7211ef110a9194b6042449431e08c4d80c0481e5891e58d429df5899690511c2"},
-    {file = "frozenlist-1.4.0-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:556de4430ce324c836789fa4560ca62d1591d2538b8ceb0b4f68fb7b2384a27a"},
-    {file = "frozenlist-1.4.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:7645a8e814a3ee34a89c4a372011dcd817964ce8cb273c8ed6119d706e9613e3"},
-    {file = "frozenlist-1.4.0-cp39-cp39-win32.whl", hash = "sha256:19488c57c12d4e8095a922f328df3f179c820c212940a498623ed39160bc3c2f"},
-    {file = "frozenlist-1.4.0-cp39-cp39-win_amd64.whl", hash = "sha256:6221d84d463fb110bdd7619b69cb43878a11d51cbb9394ae3105d082d5199167"},
-    {file = "frozenlist-1.4.0.tar.gz", hash = "sha256:09163bdf0b2907454042edb19f887c6d33806adc71fbd54afc14908bfdc22251"},
+    {file = "frozenlist-1.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:f9aa1878d1083b276b0196f2dfbe00c9b7e752475ed3b682025ff20c1c1f51ac"},
+    {file = "frozenlist-1.4.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:29acab3f66f0f24674b7dc4736477bcd4bc3ad4b896f5f45379a67bce8b96868"},
+    {file = "frozenlist-1.4.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:74fb4bee6880b529a0c6560885fce4dc95936920f9f20f53d99a213f7bf66776"},
+    {file = "frozenlist-1.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:590344787a90ae57d62511dd7c736ed56b428f04cd8c161fcc5e7232c130c69a"},
+    {file = "frozenlist-1.4.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:068b63f23b17df8569b7fdca5517edef76171cf3897eb68beb01341131fbd2ad"},
+    {file = "frozenlist-1.4.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5c849d495bf5154cd8da18a9eb15db127d4dba2968d88831aff6f0331ea9bd4c"},
+    {file = "frozenlist-1.4.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:9750cc7fe1ae3b1611bb8cfc3f9ec11d532244235d75901fb6b8e42ce9229dfe"},
+    {file = "frozenlist-1.4.1-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a9b2de4cf0cdd5bd2dee4c4f63a653c61d2408055ab77b151c1957f221cabf2a"},
+    {file = "frozenlist-1.4.1-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0633c8d5337cb5c77acbccc6357ac49a1770b8c487e5b3505c57b949b4b82e98"},
+    {file = "frozenlist-1.4.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:27657df69e8801be6c3638054e202a135c7f299267f1a55ed3a598934f6c0d75"},
+    {file = "frozenlist-1.4.1-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:f9a3ea26252bd92f570600098783d1371354d89d5f6b7dfd87359d669f2109b5"},
+    {file = "frozenlist-1.4.1-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:4f57dab5fe3407b6c0c1cc907ac98e8a189f9e418f3b6e54d65a718aaafe3950"},
+    {file = "frozenlist-1.4.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:e02a0e11cf6597299b9f3bbd3f93d79217cb90cfd1411aec33848b13f5c656cc"},
+    {file = "frozenlist-1.4.1-cp310-cp310-win32.whl", hash = "sha256:a828c57f00f729620a442881cc60e57cfcec6842ba38e1b19fd3e47ac0ff8dc1"},
+    {file = "frozenlist-1.4.1-cp310-cp310-win_amd64.whl", hash = "sha256:f56e2333dda1fe0f909e7cc59f021eba0d2307bc6f012a1ccf2beca6ba362439"},
+    {file = "frozenlist-1.4.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:a0cb6f11204443f27a1628b0e460f37fb30f624be6051d490fa7d7e26d4af3d0"},
+    {file = "frozenlist-1.4.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:b46c8ae3a8f1f41a0d2ef350c0b6e65822d80772fe46b653ab6b6274f61d4a49"},
+    {file = "frozenlist-1.4.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:fde5bd59ab5357e3853313127f4d3565fc7dad314a74d7b5d43c22c6a5ed2ced"},
+    {file = "frozenlist-1.4.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:722e1124aec435320ae01ee3ac7bec11a5d47f25d0ed6328f2273d287bc3abb0"},
+    {file = "frozenlist-1.4.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2471c201b70d58a0f0c1f91261542a03d9a5e088ed3dc6c160d614c01649c106"},
+    {file = "frozenlist-1.4.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:c757a9dd70d72b076d6f68efdbb9bc943665ae954dad2801b874c8c69e185068"},
+    {file = "frozenlist-1.4.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f146e0911cb2f1da549fc58fc7bcd2b836a44b79ef871980d605ec392ff6b0d2"},
+    {file = "frozenlist-1.4.1-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4f9c515e7914626b2a2e1e311794b4c35720a0be87af52b79ff8e1429fc25f19"},
+    {file = "frozenlist-1.4.1-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:c302220494f5c1ebeb0912ea782bcd5e2f8308037b3c7553fad0e48ebad6ad82"},
+    {file = "frozenlist-1.4.1-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:442acde1e068288a4ba7acfe05f5f343e19fac87bfc96d89eb886b0363e977ec"},
+    {file = "frozenlist-1.4.1-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:1b280e6507ea8a4fa0c0a7150b4e526a8d113989e28eaaef946cc77ffd7efc0a"},
+    {file = "frozenlist-1.4.1-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:fe1a06da377e3a1062ae5fe0926e12b84eceb8a50b350ddca72dc85015873f74"},
+    {file = "frozenlist-1.4.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:db9e724bebd621d9beca794f2a4ff1d26eed5965b004a97f1f1685a173b869c2"},
+    {file = "frozenlist-1.4.1-cp311-cp311-win32.whl", hash = "sha256:e774d53b1a477a67838a904131c4b0eef6b3d8a651f8b138b04f748fccfefe17"},
+    {file = "frozenlist-1.4.1-cp311-cp311-win_amd64.whl", hash = "sha256:fb3c2db03683b5767dedb5769b8a40ebb47d6f7f45b1b3e3b4b51ec8ad9d9825"},
+    {file = "frozenlist-1.4.1-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:1979bc0aeb89b33b588c51c54ab0161791149f2461ea7c7c946d95d5f93b56ae"},
+    {file = "frozenlist-1.4.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:cc7b01b3754ea68a62bd77ce6020afaffb44a590c2289089289363472d13aedb"},
+    {file = "frozenlist-1.4.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:c9c92be9fd329ac801cc420e08452b70e7aeab94ea4233a4804f0915c14eba9b"},
+    {file = "frozenlist-1.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5c3894db91f5a489fc8fa6a9991820f368f0b3cbdb9cd8849547ccfab3392d86"},
+    {file = "frozenlist-1.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ba60bb19387e13597fb059f32cd4d59445d7b18b69a745b8f8e5db0346f33480"},
+    {file = "frozenlist-1.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8aefbba5f69d42246543407ed2461db31006b0f76c4e32dfd6f42215a2c41d09"},
+    {file = "frozenlist-1.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:780d3a35680ced9ce682fbcf4cb9c2bad3136eeff760ab33707b71db84664e3a"},
+    {file = "frozenlist-1.4.1-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9acbb16f06fe7f52f441bb6f413ebae6c37baa6ef9edd49cdd567216da8600cd"},
+    {file = "frozenlist-1.4.1-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:23b701e65c7b36e4bf15546a89279bd4d8675faabc287d06bbcfac7d3c33e1e6"},
+    {file = "frozenlist-1.4.1-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:3e0153a805a98f5ada7e09826255ba99fb4f7524bb81bf6b47fb702666484ae1"},
+    {file = "frozenlist-1.4.1-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:dd9b1baec094d91bf36ec729445f7769d0d0cf6b64d04d86e45baf89e2b9059b"},
+    {file = "frozenlist-1.4.1-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:1a4471094e146b6790f61b98616ab8e44f72661879cc63fa1049d13ef711e71e"},
+    {file = "frozenlist-1.4.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:5667ed53d68d91920defdf4035d1cdaa3c3121dc0b113255124bcfada1cfa1b8"},
+    {file = "frozenlist-1.4.1-cp312-cp312-win32.whl", hash = "sha256:beee944ae828747fd7cb216a70f120767fc9f4f00bacae8543c14a6831673f89"},
+    {file = "frozenlist-1.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:64536573d0a2cb6e625cf309984e2d873979709f2cf22839bf2d61790b448ad5"},
+    {file = "frozenlist-1.4.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:20b51fa3f588ff2fe658663db52a41a4f7aa6c04f6201449c6c7c476bd255c0d"},
+    {file = "frozenlist-1.4.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:410478a0c562d1a5bcc2f7ea448359fcb050ed48b3c6f6f4f18c313a9bdb1826"},
+    {file = "frozenlist-1.4.1-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:c6321c9efe29975232da3bd0af0ad216800a47e93d763ce64f291917a381b8eb"},
+    {file = "frozenlist-1.4.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:48f6a4533887e189dae092f1cf981f2e3885175f7a0f33c91fb5b7b682b6bab6"},
+    {file = "frozenlist-1.4.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:6eb73fa5426ea69ee0e012fb59cdc76a15b1283d6e32e4f8dc4482ec67d1194d"},
+    {file = "frozenlist-1.4.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:fbeb989b5cc29e8daf7f976b421c220f1b8c731cbf22b9130d8815418ea45887"},
+    {file = "frozenlist-1.4.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:32453c1de775c889eb4e22f1197fe3bdfe457d16476ea407472b9442e6295f7a"},
+    {file = "frozenlist-1.4.1-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:693945278a31f2086d9bf3df0fe8254bbeaef1fe71e1351c3bd730aa7d31c41b"},
+    {file = "frozenlist-1.4.1-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:1d0ce09d36d53bbbe566fe296965b23b961764c0bcf3ce2fa45f463745c04701"},
+    {file = "frozenlist-1.4.1-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:3a670dc61eb0d0eb7080890c13de3066790f9049b47b0de04007090807c776b0"},
+    {file = "frozenlist-1.4.1-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:dca69045298ce5c11fd539682cff879cc1e664c245d1c64da929813e54241d11"},
+    {file = "frozenlist-1.4.1-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:a06339f38e9ed3a64e4c4e43aec7f59084033647f908e4259d279a52d3757d09"},
+    {file = "frozenlist-1.4.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:b7f2f9f912dca3934c1baec2e4585a674ef16fe00218d833856408c48d5beee7"},
+    {file = "frozenlist-1.4.1-cp38-cp38-win32.whl", hash = "sha256:e7004be74cbb7d9f34553a5ce5fb08be14fb33bc86f332fb71cbe5216362a497"},
+    {file = "frozenlist-1.4.1-cp38-cp38-win_amd64.whl", hash = "sha256:5a7d70357e7cee13f470c7883a063aae5fe209a493c57d86eb7f5a6f910fae09"},
+    {file = "frozenlist-1.4.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:bfa4a17e17ce9abf47a74ae02f32d014c5e9404b6d9ac7f729e01562bbee601e"},
+    {file = "frozenlist-1.4.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:b7e3ed87d4138356775346e6845cccbe66cd9e207f3cd11d2f0b9fd13681359d"},
+    {file = "frozenlist-1.4.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:c99169d4ff810155ca50b4da3b075cbde79752443117d89429595c2e8e37fed8"},
+    {file = "frozenlist-1.4.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:edb678da49d9f72c9f6c609fbe41a5dfb9a9282f9e6a2253d5a91e0fc382d7c0"},
+    {file = "frozenlist-1.4.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:6db4667b187a6742b33afbbaf05a7bc551ffcf1ced0000a571aedbb4aa42fc7b"},
+    {file = "frozenlist-1.4.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:55fdc093b5a3cb41d420884cdaf37a1e74c3c37a31f46e66286d9145d2063bd0"},
+    {file = "frozenlist-1.4.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:82e8211d69a4f4bc360ea22cd6555f8e61a1bd211d1d5d39d3d228b48c83a897"},
+    {file = "frozenlist-1.4.1-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:89aa2c2eeb20957be2d950b85974b30a01a762f3308cd02bb15e1ad632e22dc7"},
+    {file = "frozenlist-1.4.1-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:9d3e0c25a2350080e9319724dede4f31f43a6c9779be48021a7f4ebde8b2d742"},
+    {file = "frozenlist-1.4.1-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:7268252af60904bf52c26173cbadc3a071cece75f873705419c8681f24d3edea"},
+    {file = "frozenlist-1.4.1-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:0c250a29735d4f15321007fb02865f0e6b6a41a6b88f1f523ca1596ab5f50bd5"},
+    {file = "frozenlist-1.4.1-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:96ec70beabbd3b10e8bfe52616a13561e58fe84c0101dd031dc78f250d5128b9"},
+    {file = "frozenlist-1.4.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:23b2d7679b73fe0e5a4560b672a39f98dfc6f60df63823b0a9970525325b95f6"},
+    {file = "frozenlist-1.4.1-cp39-cp39-win32.whl", hash = "sha256:a7496bfe1da7fb1a4e1cc23bb67c58fab69311cc7d32b5a99c2007b4b2a0e932"},
+    {file = "frozenlist-1.4.1-cp39-cp39-win_amd64.whl", hash = "sha256:e6a20a581f9ce92d389a8c7d7c3dd47c81fd5d6e655c8dddf341e14aa48659d0"},
+    {file = "frozenlist-1.4.1-py3-none-any.whl", hash = "sha256:04ced3e6a46b4cfffe20f9ae482818e34eba9b5fb0ce4056e4cc9b6e212d09b7"},
+    {file = "frozenlist-1.4.1.tar.gz", hash = "sha256:c037a86e8513059a2613aaba4d817bb90b9d9b6b69aace3ce9c877e8c8ed402b"},
 ]
 
 [[package]]
 name = "geoip2"
-version = "4.7.0"
+version = "4.8.0"
 description = "MaxMind GeoIP2 API"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "geoip2-4.7.0-py2.py3-none-any.whl", hash = "sha256:078fcd4cce26ea029b1e3252a0f0ec20a1f42e7ab0f19b7be3864f20f4db2b51"},
-    {file = "geoip2-4.7.0.tar.gz", hash = "sha256:3bdde4994f6bc917eafab5b51e772d737b2ae00037a5b85001fb06dc68f779df"},
+    {file = "geoip2-4.8.0-py2.py3-none-any.whl", hash = "sha256:39b38ec703575355d10475c0e6aa981827a2b4b5471d308c4ecb5e79cbe366ce"},
+    {file = "geoip2-4.8.0.tar.gz", hash = "sha256:dd9cc180b7d41724240ea481d5d539149e65b234f64282b231b9170794a9ac35"},
 ]
 
 [package.dependencies]
 aiohttp = ">=3.6.2,<4.0.0"
-maxminddb = ">=2.3.0,<3.0.0"
+maxminddb = ">=2.5.1,<3.0.0"
 requests = ">=2.24.0,<3.0.0"
+setuptools = ">=60.0.0"
+
+[package.extras]
+test = ["mocket (>=3.11.1)"]
 
 [[package]]
 name = "gitdb"
@@ -1533,13 +1564,13 @@ test = ["black", "coverage[toml]", "ddt (>=1.1.1,!=1.4.3)", "mock", "mypy", "pre
 
 [[package]]
 name = "google-auth"
-version = "2.23.4"
+version = "2.25.2"
 description = "Google Authentication Library"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "google-auth-2.23.4.tar.gz", hash = "sha256:79905d6b1652187def79d491d6e23d0cbb3a21d3c7ba0dbaa9c8a01906b13ff3"},
-    {file = "google_auth-2.23.4-py2.py3-none-any.whl", hash = "sha256:d4bbc92fe4b8bfd2f3e8d88e5ba7085935da208ee38a134fc280e7ce682a05f2"},
+    {file = "google-auth-2.25.2.tar.gz", hash = "sha256:42f707937feb4f5e5a39e6c4f343a17300a459aaf03141457ba505812841cc40"},
+    {file = "google_auth-2.25.2-py2.py3-none-any.whl", hash = "sha256:473a8dfd0135f75bb79d878436e568f2695dce456764bf3a02b6f8c540b1d256"},
 ]
 
 [package.dependencies]
@@ -1646,13 +1677,13 @@ test = ["Cython (>=0.29.24,<0.30.0)"]
 
 [[package]]
 name = "humanize"
-version = "4.8.0"
+version = "4.9.0"
 description = "Python humanize utilities"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "humanize-4.8.0-py3-none-any.whl", hash = "sha256:8bc9e2bb9315e61ec06bf690151ae35aeb65651ab091266941edf97c90836404"},
-    {file = "humanize-4.8.0.tar.gz", hash = "sha256:9783373bf1eec713a770ecaa7c2d7a7902c98398009dfa3d8a2df91eec9311e8"},
+    {file = "humanize-4.9.0-py3-none-any.whl", hash = "sha256:ce284a76d5b1377fd8836733b983bfb0b76f1aa1c090de2566fcf008d7f6ab16"},
+    {file = "humanize-4.9.0.tar.gz", hash = "sha256:582a265c931c683a7e9b8ed9559089dea7edcf6cc95be39a3cbc2c5d5ac2bcfa"},
 ]
 
 [package.extras]
@@ -1674,31 +1705,31 @@ idna = ">=2.5"
 
 [[package]]
 name = "idna"
-version = "3.4"
+version = "3.6"
 description = "Internationalized Domain Names in Applications (IDNA)"
 optional = false
 python-versions = ">=3.5"
 files = [
-    {file = "idna-3.4-py3-none-any.whl", hash = "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2"},
-    {file = "idna-3.4.tar.gz", hash = "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4"},
+    {file = "idna-3.6-py3-none-any.whl", hash = "sha256:c05567e9c24a6b9faaa835c4821bad0590fbb9d5779e7caa6e1cc4978e7eb24f"},
+    {file = "idna-3.6.tar.gz", hash = "sha256:9ecdbbd083b06798ae1e86adcbfe8ab1479cf864e4ee30fe4e46a003d12491ca"},
 ]
 
 [[package]]
 name = "importlib-metadata"
-version = "6.8.0"
+version = "7.0.1"
 description = "Read metadata from Python packages"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "importlib_metadata-6.8.0-py3-none-any.whl", hash = "sha256:3ebb78df84a805d7698245025b975d9d67053cd94c79245ba4b3eb694abe68bb"},
-    {file = "importlib_metadata-6.8.0.tar.gz", hash = "sha256:dbace7892d8c0c4ac1ad096662232f831d4e64f4c4545bd53016a3e9d4654743"},
+    {file = "importlib_metadata-7.0.1-py3-none-any.whl", hash = "sha256:4805911c3a4ec7c3966410053e9ec6a1fecd629117df5adee56dfc9432a1081e"},
+    {file = "importlib_metadata-7.0.1.tar.gz", hash = "sha256:f238736bb06590ae52ac1fab06a3a9ef1d8dce2b7a35b5ab329371d6c8f5d2cc"},
 ]
 
 [package.dependencies]
 zipp = ">=0.5"
 
 [package.extras]
-docs = ["furo", "jaraco.packaging (>=9)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"]
+docs = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (<7.2.5)", "sphinx (>=3.5)", "sphinx-lint"]
 perf = ["ipython"]
 testing = ["flufl.flake8", "importlib-resources (>=1.3)", "packaging", "pyfakefs", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=2.2)", "pytest-mypy (>=0.9.1)", "pytest-perf (>=0.9.2)", "pytest-ruff"]
 
@@ -1741,20 +1772,17 @@ files = [
 
 [[package]]
 name = "isort"
-version = "5.12.0"
+version = "5.13.2"
 description = "A Python utility / library to sort Python imports."
 optional = false
 python-versions = ">=3.8.0"
 files = [
-    {file = "isort-5.12.0-py3-none-any.whl", hash = "sha256:f84c2818376e66cf843d497486ea8fed8700b340f308f076c6fb1229dff318b6"},
-    {file = "isort-5.12.0.tar.gz", hash = "sha256:8bef7dde241278824a6d83f44a544709b065191b95b6e50894bdc722fcba0504"},
+    {file = "isort-5.13.2-py3-none-any.whl", hash = "sha256:8ca5e72a8d85860d5a3fa69b8745237f2939afe12dbf656afbcb47fe72d947a6"},
+    {file = "isort-5.13.2.tar.gz", hash = "sha256:48fdfcb9face5d58a4f6dde2e72a1fb8dcaf8ab26f95ab49fab84c2ddefb0109"},
 ]
 
 [package.extras]
-colors = ["colorama (>=0.4.3)"]
-pipfile-deprecated-finder = ["pip-shims (>=0.5.2)", "pipreqs", "requirementslib"]
-plugins = ["setuptools"]
-requirements-deprecated-finder = ["pip-api", "pipreqs"]
+colors = ["colorama (>=0.4.6)"]
 
 [[package]]
 name = "jinja2"
@@ -1821,13 +1849,13 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339-
 
 [[package]]
 name = "jsonschema-specifications"
-version = "2023.11.1"
+version = "2023.12.1"
 description = "The JSON Schema meta-schemas and vocabularies, exposed as a Registry"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "jsonschema_specifications-2023.11.1-py3-none-any.whl", hash = "sha256:f596778ab612b3fd29f72ea0d990393d0540a5aab18bf0407a46632eab540779"},
-    {file = "jsonschema_specifications-2023.11.1.tar.gz", hash = "sha256:c9b234904ffe02f079bf91b14d79987faa685fd4b39c377a0996954c0090b9ca"},
+    {file = "jsonschema_specifications-2023.12.1-py3-none-any.whl", hash = "sha256:87e4fdf3a94858b8a2ba2778d9ba57d8a9cafca7c7489c46ba0d30a8bc6a9c3c"},
+    {file = "jsonschema_specifications-2023.12.1.tar.gz", hash = "sha256:48a76787b3e70f5ed53f1160d2b81f586e4ca6d1548c5de7085d1682674764cc"},
 ]
 
 [package.dependencies]
@@ -1907,110 +1935,214 @@ pyasn1 = ">=0.4.6"
 
 [[package]]
 name = "lxml"
-version = "4.9.3"
+version = "4.9.4"
 description = "Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API."
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, != 3.4.*"
 files = [
-    {file = "lxml-4.9.3-cp27-cp27m-macosx_11_0_x86_64.whl", hash = "sha256:b0a545b46b526d418eb91754565ba5b63b1c0b12f9bd2f808c852d9b4b2f9b5c"},
-    {file = "lxml-4.9.3-cp27-cp27m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:075b731ddd9e7f68ad24c635374211376aa05a281673ede86cbe1d1b3455279d"},
-    {file = "lxml-4.9.3-cp27-cp27m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:1e224d5755dba2f4a9498e150c43792392ac9b5380aa1b845f98a1618c94eeef"},
-    {file = "lxml-4.9.3-cp27-cp27m-win32.whl", hash = "sha256:2c74524e179f2ad6d2a4f7caf70e2d96639c0954c943ad601a9e146c76408ed7"},
-    {file = "lxml-4.9.3-cp27-cp27m-win_amd64.whl", hash = "sha256:4f1026bc732b6a7f96369f7bfe1a4f2290fb34dce00d8644bc3036fb351a4ca1"},
-    {file = "lxml-4.9.3-cp27-cp27mu-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:c0781a98ff5e6586926293e59480b64ddd46282953203c76ae15dbbbf302e8bb"},
-    {file = "lxml-4.9.3-cp27-cp27mu-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:cef2502e7e8a96fe5ad686d60b49e1ab03e438bd9123987994528febd569868e"},
-    {file = "lxml-4.9.3-cp310-cp310-macosx_11_0_x86_64.whl", hash = "sha256:b86164d2cff4d3aaa1f04a14685cbc072efd0b4f99ca5708b2ad1b9b5988a991"},
-    {file = "lxml-4.9.3-cp310-cp310-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:42871176e7896d5d45138f6d28751053c711ed4d48d8e30b498da155af39aebd"},
-    {file = "lxml-4.9.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:ae8b9c6deb1e634ba4f1930eb67ef6e6bf6a44b6eb5ad605642b2d6d5ed9ce3c"},
-    {file = "lxml-4.9.3-cp310-cp310-manylinux_2_28_aarch64.whl", hash = "sha256:411007c0d88188d9f621b11d252cce90c4a2d1a49db6c068e3c16422f306eab8"},
-    {file = "lxml-4.9.3-cp310-cp310-manylinux_2_28_x86_64.whl", hash = "sha256:cd47b4a0d41d2afa3e58e5bf1f62069255aa2fd6ff5ee41604418ca925911d76"},
-    {file = "lxml-4.9.3-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0e2cb47860da1f7e9a5256254b74ae331687b9672dfa780eed355c4c9c3dbd23"},
-    {file = "lxml-4.9.3-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:1247694b26342a7bf47c02e513d32225ededd18045264d40758abeb3c838a51f"},
-    {file = "lxml-4.9.3-cp310-cp310-win32.whl", hash = "sha256:cdb650fc86227eba20de1a29d4b2c1bfe139dc75a0669270033cb2ea3d391b85"},
-    {file = "lxml-4.9.3-cp310-cp310-win_amd64.whl", hash = "sha256:97047f0d25cd4bcae81f9ec9dc290ca3e15927c192df17331b53bebe0e3ff96d"},
-    {file = "lxml-4.9.3-cp311-cp311-macosx_11_0_universal2.whl", hash = "sha256:1f447ea5429b54f9582d4b955f5f1985f278ce5cf169f72eea8afd9502973dd5"},
-    {file = "lxml-4.9.3-cp311-cp311-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:57d6ba0ca2b0c462f339640d22882acc711de224d769edf29962b09f77129cbf"},
-    {file = "lxml-4.9.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:9767e79108424fb6c3edf8f81e6730666a50feb01a328f4a016464a5893f835a"},
-    {file = "lxml-4.9.3-cp311-cp311-manylinux_2_28_aarch64.whl", hash = "sha256:71c52db65e4b56b8ddc5bb89fb2e66c558ed9d1a74a45ceb7dcb20c191c3df2f"},
-    {file = "lxml-4.9.3-cp311-cp311-manylinux_2_28_x86_64.whl", hash = "sha256:d73d8ecf8ecf10a3bd007f2192725a34bd62898e8da27eb9d32a58084f93962b"},
-    {file = "lxml-4.9.3-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:0a3d3487f07c1d7f150894c238299934a2a074ef590b583103a45002035be120"},
-    {file = "lxml-4.9.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:9e28c51fa0ce5674be9f560c6761c1b441631901993f76700b1b30ca6c8378d6"},
-    {file = "lxml-4.9.3-cp311-cp311-win32.whl", hash = "sha256:0bfd0767c5c1de2551a120673b72e5d4b628737cb05414f03c3277bf9bed3305"},
-    {file = "lxml-4.9.3-cp311-cp311-win_amd64.whl", hash = "sha256:25f32acefac14ef7bd53e4218fe93b804ef6f6b92ffdb4322bb6d49d94cad2bc"},
-    {file = "lxml-4.9.3-cp312-cp312-macosx_11_0_universal2.whl", hash = "sha256:d3ff32724f98fbbbfa9f49d82852b159e9784d6094983d9a8b7f2ddaebb063d4"},
-    {file = "lxml-4.9.3-cp312-cp312-manylinux_2_28_aarch64.whl", hash = "sha256:48d6ed886b343d11493129e019da91d4039826794a3e3027321c56d9e71505be"},
-    {file = "lxml-4.9.3-cp312-cp312-manylinux_2_28_x86_64.whl", hash = "sha256:9a92d3faef50658dd2c5470af249985782bf754c4e18e15afb67d3ab06233f13"},
-    {file = "lxml-4.9.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:b4e4bc18382088514ebde9328da057775055940a1f2e18f6ad2d78aa0f3ec5b9"},
-    {file = "lxml-4.9.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:fc9b106a1bf918db68619fdcd6d5ad4f972fdd19c01d19bdb6bf63f3589a9ec5"},
-    {file = "lxml-4.9.3-cp312-cp312-win_amd64.whl", hash = "sha256:d37017287a7adb6ab77e1c5bee9bcf9660f90ff445042b790402a654d2ad81d8"},
-    {file = "lxml-4.9.3-cp35-cp35m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:56dc1f1ebccc656d1b3ed288f11e27172a01503fc016bcabdcbc0978b19352b7"},
-    {file = "lxml-4.9.3-cp35-cp35m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:578695735c5a3f51569810dfebd05dd6f888147a34f0f98d4bb27e92b76e05c2"},
-    {file = "lxml-4.9.3-cp35-cp35m-win32.whl", hash = "sha256:704f61ba8c1283c71b16135caf697557f5ecf3e74d9e453233e4771d68a1f42d"},
-    {file = "lxml-4.9.3-cp35-cp35m-win_amd64.whl", hash = "sha256:c41bfca0bd3532d53d16fd34d20806d5c2b1ace22a2f2e4c0008570bf2c58833"},
-    {file = "lxml-4.9.3-cp36-cp36m-macosx_11_0_x86_64.whl", hash = "sha256:64f479d719dc9f4c813ad9bb6b28f8390360660b73b2e4beb4cb0ae7104f1c12"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:dd708cf4ee4408cf46a48b108fb9427bfa00b9b85812a9262b5c668af2533ea5"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5c31c7462abdf8f2ac0577d9f05279727e698f97ecbb02f17939ea99ae8daa98"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:e3cd95e10c2610c360154afdc2f1480aea394f4a4f1ea0a5eacce49640c9b190"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_28_x86_64.whl", hash = "sha256:4930be26af26ac545c3dffb662521d4e6268352866956672231887d18f0eaab2"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:4aec80cde9197340bc353d2768e2a75f5f60bacda2bab72ab1dc499589b3878c"},
-    {file = "lxml-4.9.3-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:14e019fd83b831b2e61baed40cab76222139926b1fb5ed0e79225bc0cae14584"},
-    {file = "lxml-4.9.3-cp36-cp36m-musllinux_1_1_aarch64.whl", hash = "sha256:0c0850c8b02c298d3c7006b23e98249515ac57430e16a166873fc47a5d549287"},
-    {file = "lxml-4.9.3-cp36-cp36m-musllinux_1_1_x86_64.whl", hash = "sha256:aca086dc5f9ef98c512bac8efea4483eb84abbf926eaeedf7b91479feb092458"},
-    {file = "lxml-4.9.3-cp36-cp36m-win32.whl", hash = "sha256:50baa9c1c47efcaef189f31e3d00d697c6d4afda5c3cde0302d063492ff9b477"},
-    {file = "lxml-4.9.3-cp36-cp36m-win_amd64.whl", hash = "sha256:bef4e656f7d98aaa3486d2627e7d2df1157d7e88e7efd43a65aa5dd4714916cf"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:46f409a2d60f634fe550f7133ed30ad5321ae2e6630f13657fb9479506b00601"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:4c28a9144688aef80d6ea666c809b4b0e50010a2aca784c97f5e6bf143d9f129"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:141f1d1a9b663c679dc524af3ea1773e618907e96075262726c7612c02b149a4"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_28_x86_64.whl", hash = "sha256:53ace1c1fd5a74ef662f844a0413446c0629d151055340e9893da958a374f70d"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:17a753023436a18e27dd7769e798ce302963c236bc4114ceee5b25c18c52c693"},
-    {file = "lxml-4.9.3-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:7d298a1bd60c067ea75d9f684f5f3992c9d6766fadbc0bcedd39750bf344c2f4"},
-    {file = "lxml-4.9.3-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:081d32421db5df44c41b7f08a334a090a545c54ba977e47fd7cc2deece78809a"},
-    {file = "lxml-4.9.3-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:23eed6d7b1a3336ad92d8e39d4bfe09073c31bfe502f20ca5116b2a334f8ec02"},
-    {file = "lxml-4.9.3-cp37-cp37m-win32.whl", hash = "sha256:1509dd12b773c02acd154582088820893109f6ca27ef7291b003d0e81666109f"},
-    {file = "lxml-4.9.3-cp37-cp37m-win_amd64.whl", hash = "sha256:120fa9349a24c7043854c53cae8cec227e1f79195a7493e09e0c12e29f918e52"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:4d2d1edbca80b510443f51afd8496be95529db04a509bc8faee49c7b0fb6d2cc"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:8d7e43bd40f65f7d97ad8ef5c9b1778943d02f04febef12def25f7583d19baac"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:71d66ee82e7417828af6ecd7db817913cb0cf9d4e61aa0ac1fde0583d84358db"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_28_x86_64.whl", hash = "sha256:6fc3c450eaa0b56f815c7b62f2b7fba7266c4779adcf1cece9e6deb1de7305ce"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:65299ea57d82fb91c7f019300d24050c4ddeb7c5a190e076b5f48a2b43d19c42"},
-    {file = "lxml-4.9.3-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:eadfbbbfb41b44034a4c757fd5d70baccd43296fb894dba0295606a7cf3124aa"},
-    {file = "lxml-4.9.3-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:3e9bdd30efde2b9ccfa9cb5768ba04fe71b018a25ea093379c857c9dad262c40"},
-    {file = "lxml-4.9.3-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:fcdd00edfd0a3001e0181eab3e63bd5c74ad3e67152c84f93f13769a40e073a7"},
-    {file = "lxml-4.9.3-cp38-cp38-win32.whl", hash = "sha256:57aba1bbdf450b726d58b2aea5fe47c7875f5afb2c4a23784ed78f19a0462574"},
-    {file = "lxml-4.9.3-cp38-cp38-win_amd64.whl", hash = "sha256:92af161ecbdb2883c4593d5ed4815ea71b31fafd7fd05789b23100d081ecac96"},
-    {file = "lxml-4.9.3-cp39-cp39-macosx_11_0_x86_64.whl", hash = "sha256:9bb6ad405121241e99a86efff22d3ef469024ce22875a7ae045896ad23ba2340"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:8ed74706b26ad100433da4b9d807eae371efaa266ffc3e9191ea436087a9d6a7"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:fbf521479bcac1e25a663df882c46a641a9bff6b56dc8b0fafaebd2f66fb231b"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_28_aarch64.whl", hash = "sha256:303bf1edce6ced16bf67a18a1cf8339d0db79577eec5d9a6d4a80f0fb10aa2da"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_28_x86_64.whl", hash = "sha256:5515edd2a6d1a5a70bfcdee23b42ec33425e405c5b351478ab7dc9347228f96e"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:690dafd0b187ed38583a648076865d8c229661ed20e48f2335d68e2cf7dc829d"},
-    {file = "lxml-4.9.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:b6420a005548ad52154c8ceab4a1290ff78d757f9e5cbc68f8c77089acd3c432"},
-    {file = "lxml-4.9.3-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:bb3bb49c7a6ad9d981d734ef7c7193bc349ac338776a0360cc671eaee89bcf69"},
-    {file = "lxml-4.9.3-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:d27be7405547d1f958b60837dc4c1007da90b8b23f54ba1f8b728c78fdb19d50"},
-    {file = "lxml-4.9.3-cp39-cp39-win32.whl", hash = "sha256:8df133a2ea5e74eef5e8fc6f19b9e085f758768a16e9877a60aec455ed2609b2"},
-    {file = "lxml-4.9.3-cp39-cp39-win_amd64.whl", hash = "sha256:4dd9a263e845a72eacb60d12401e37c616438ea2e5442885f65082c276dfb2b2"},
-    {file = "lxml-4.9.3-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:6689a3d7fd13dc687e9102a27e98ef33730ac4fe37795d5036d18b4d527abd35"},
-    {file = "lxml-4.9.3-pp37-pypy37_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:f6bdac493b949141b733c5345b6ba8f87a226029cbabc7e9e121a413e49441e0"},
-    {file = "lxml-4.9.3-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:05186a0f1346ae12553d66df1cfce6f251589fea3ad3da4f3ef4e34b2d58c6a3"},
-    {file = "lxml-4.9.3-pp37-pypy37_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c2006f5c8d28dee289f7020f721354362fa304acbaaf9745751ac4006650254b"},
-    {file = "lxml-4.9.3-pp38-pypy38_pp73-macosx_11_0_x86_64.whl", hash = "sha256:5c245b783db29c4e4fbbbfc9c5a78be496c9fea25517f90606aa1f6b2b3d5f7b"},
-    {file = "lxml-4.9.3-pp38-pypy38_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:4fb960a632a49f2f089d522f70496640fdf1218f1243889da3822e0a9f5f3ba7"},
-    {file = "lxml-4.9.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:50670615eaf97227d5dc60de2dc99fb134a7130d310d783314e7724bf163f75d"},
-    {file = "lxml-4.9.3-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:9719fe17307a9e814580af1f5c6e05ca593b12fb7e44fe62450a5384dbf61b4b"},
-    {file = "lxml-4.9.3-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:3331bece23c9ee066e0fb3f96c61322b9e0f54d775fccefff4c38ca488de283a"},
-    {file = "lxml-4.9.3-pp39-pypy39_pp73-macosx_11_0_x86_64.whl", hash = "sha256:ed667f49b11360951e201453fc3967344d0d0263aa415e1619e85ae7fd17b4e0"},
-    {file = "lxml-4.9.3-pp39-pypy39_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:8b77946fd508cbf0fccd8e400a7f71d4ac0e1595812e66025bac475a8e811694"},
-    {file = "lxml-4.9.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:e4da8ca0c0c0aea88fd46be8e44bd49716772358d648cce45fe387f7b92374a7"},
-    {file = "lxml-4.9.3-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:fe4bda6bd4340caa6e5cf95e73f8fea5c4bfc55763dd42f1b50a94c1b4a2fbd4"},
-    {file = "lxml-4.9.3-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:f3df3db1d336b9356dd3112eae5f5c2b8b377f3bc826848567f10bfddfee77e9"},
-    {file = "lxml-4.9.3.tar.gz", hash = "sha256:48628bd53a426c9eb9bc066a923acaa0878d1e86129fd5359aee99285f4eed9c"},
+    {file = "lxml-4.9.4-cp27-cp27m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:e214025e23db238805a600f1f37bf9f9a15413c7bf5f9d6ae194f84980c78722"},
+    {file = "lxml-4.9.4-cp27-cp27m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:ec53a09aee61d45e7dbe7e91252ff0491b6b5fee3d85b2d45b173d8ab453efc1"},
+    {file = "lxml-4.9.4-cp27-cp27m-win32.whl", hash = "sha256:7d1d6c9e74c70ddf524e3c09d9dc0522aba9370708c2cb58680ea40174800013"},
+    {file = "lxml-4.9.4-cp27-cp27m-win_amd64.whl", hash = "sha256:cb53669442895763e61df5c995f0e8361b61662f26c1b04ee82899c2789c8f69"},
+    {file = "lxml-4.9.4-cp27-cp27mu-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:647bfe88b1997d7ae8d45dabc7c868d8cb0c8412a6e730a7651050b8c7289cf2"},
+    {file = "lxml-4.9.4-cp27-cp27mu-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:4d973729ce04784906a19108054e1fd476bc85279a403ea1a72fdb051c76fa48"},
+    {file = "lxml-4.9.4-cp310-cp310-macosx_11_0_x86_64.whl", hash = "sha256:056a17eaaf3da87a05523472ae84246f87ac2f29a53306466c22e60282e54ff8"},
+    {file = "lxml-4.9.4-cp310-cp310-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:aaa5c173a26960fe67daa69aa93d6d6a1cd714a6eb13802d4e4bd1d24a530644"},
+    {file = "lxml-4.9.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:647459b23594f370c1c01768edaa0ba0959afc39caeeb793b43158bb9bb6a663"},
+    {file = "lxml-4.9.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:bdd9abccd0927673cffe601d2c6cdad1c9321bf3437a2f507d6b037ef91ea307"},
+    {file = "lxml-4.9.4-cp310-cp310-manylinux_2_28_x86_64.whl", hash = "sha256:00e91573183ad273e242db5585b52670eddf92bacad095ce25c1e682da14ed91"},
+    {file = "lxml-4.9.4-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:a602ed9bd2c7d85bd58592c28e101bd9ff9c718fbde06545a70945ffd5d11868"},
+    {file = "lxml-4.9.4-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:de362ac8bc962408ad8fae28f3967ce1a262b5d63ab8cefb42662566737f1dc7"},
+    {file = "lxml-4.9.4-cp310-cp310-win32.whl", hash = "sha256:33714fcf5af4ff7e70a49731a7cc8fd9ce910b9ac194f66eaa18c3cc0a4c02be"},
+    {file = "lxml-4.9.4-cp310-cp310-win_amd64.whl", hash = "sha256:d3caa09e613ece43ac292fbed513a4bce170681a447d25ffcbc1b647d45a39c5"},
+    {file = "lxml-4.9.4-cp311-cp311-macosx_11_0_universal2.whl", hash = "sha256:359a8b09d712df27849e0bcb62c6a3404e780b274b0b7e4c39a88826d1926c28"},
+    {file = "lxml-4.9.4-cp311-cp311-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:43498ea734ccdfb92e1886dfedaebeb81178a241d39a79d5351ba2b671bff2b2"},
+    {file = "lxml-4.9.4-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:4855161013dfb2b762e02b3f4d4a21cc7c6aec13c69e3bffbf5022b3e708dd97"},
+    {file = "lxml-4.9.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:c71b5b860c5215fdbaa56f715bc218e45a98477f816b46cfde4a84d25b13274e"},
+    {file = "lxml-4.9.4-cp311-cp311-manylinux_2_28_aarch64.whl", hash = "sha256:9a2b5915c333e4364367140443b59f09feae42184459b913f0f41b9fed55794a"},
+    {file = "lxml-4.9.4-cp311-cp311-manylinux_2_28_x86_64.whl", hash = "sha256:d82411dbf4d3127b6cde7da0f9373e37ad3a43e89ef374965465928f01c2b979"},
+    {file = "lxml-4.9.4-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:273473d34462ae6e97c0f4e517bd1bf9588aa67a1d47d93f760a1282640e24ac"},
+    {file = "lxml-4.9.4-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:389d2b2e543b27962990ab529ac6720c3dded588cc6d0f6557eec153305a3622"},
+    {file = "lxml-4.9.4-cp311-cp311-win32.whl", hash = "sha256:8aecb5a7f6f7f8fe9cac0bcadd39efaca8bbf8d1bf242e9f175cbe4c925116c3"},
+    {file = "lxml-4.9.4-cp311-cp311-win_amd64.whl", hash = "sha256:c7721a3ef41591341388bb2265395ce522aba52f969d33dacd822da8f018aff8"},
+    {file = "lxml-4.9.4-cp312-cp312-macosx_11_0_universal2.whl", hash = "sha256:dbcb2dc07308453db428a95a4d03259bd8caea97d7f0776842299f2d00c72fc8"},
+    {file = "lxml-4.9.4-cp312-cp312-manylinux_2_28_aarch64.whl", hash = "sha256:01bf1df1db327e748dcb152d17389cf6d0a8c5d533ef9bab781e9d5037619229"},
+    {file = "lxml-4.9.4-cp312-cp312-manylinux_2_28_x86_64.whl", hash = "sha256:e8f9f93a23634cfafbad6e46ad7d09e0f4a25a2400e4a64b1b7b7c0fbaa06d9d"},
+    {file = "lxml-4.9.4-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:3f3f00a9061605725df1816f5713d10cd94636347ed651abdbc75828df302b20"},
+    {file = "lxml-4.9.4-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:953dd5481bd6252bd480d6ec431f61d7d87fdcbbb71b0d2bdcfc6ae00bb6fb10"},
+    {file = "lxml-4.9.4-cp312-cp312-win32.whl", hash = "sha256:266f655d1baff9c47b52f529b5f6bec33f66042f65f7c56adde3fcf2ed62ae8b"},
+    {file = "lxml-4.9.4-cp312-cp312-win_amd64.whl", hash = "sha256:f1faee2a831fe249e1bae9cbc68d3cd8a30f7e37851deee4d7962b17c410dd56"},
+    {file = "lxml-4.9.4-cp35-cp35m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:23d891e5bdc12e2e506e7d225d6aa929e0a0368c9916c1fddefab88166e98b20"},
+    {file = "lxml-4.9.4-cp35-cp35m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:e96a1788f24d03e8d61679f9881a883ecdf9c445a38f9ae3f3f193ab6c591c66"},
+    {file = "lxml-4.9.4-cp36-cp36m-macosx_11_0_x86_64.whl", hash = "sha256:5557461f83bb7cc718bc9ee1f7156d50e31747e5b38d79cf40f79ab1447afd2d"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:fdb325b7fba1e2c40b9b1db407f85642e32404131c08480dd652110fc908561b"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3d74d4a3c4b8f7a1f676cedf8e84bcc57705a6d7925e6daef7a1e54ae543a197"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:ac7674d1638df129d9cb4503d20ffc3922bd463c865ef3cb412f2c926108e9a4"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_28_x86_64.whl", hash = "sha256:ddd92e18b783aeb86ad2132d84a4b795fc5ec612e3545c1b687e7747e66e2b53"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:2bd9ac6e44f2db368ef8986f3989a4cad3de4cd55dbdda536e253000c801bcc7"},
+    {file = "lxml-4.9.4-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:bc354b1393dce46026ab13075f77b30e40b61b1a53e852e99d3cc5dd1af4bc85"},
+    {file = "lxml-4.9.4-cp36-cp36m-musllinux_1_1_aarch64.whl", hash = "sha256:f836f39678cb47c9541f04d8ed4545719dc31ad850bf1832d6b4171e30d65d23"},
+    {file = "lxml-4.9.4-cp36-cp36m-musllinux_1_1_x86_64.whl", hash = "sha256:9c131447768ed7bc05a02553d939e7f0e807e533441901dd504e217b76307745"},
+    {file = "lxml-4.9.4-cp36-cp36m-win32.whl", hash = "sha256:bafa65e3acae612a7799ada439bd202403414ebe23f52e5b17f6ffc2eb98c2be"},
+    {file = "lxml-4.9.4-cp36-cp36m-win_amd64.whl", hash = "sha256:6197c3f3c0b960ad033b9b7d611db11285bb461fc6b802c1dd50d04ad715c225"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:7b378847a09d6bd46047f5f3599cdc64fcb4cc5a5a2dd0a2af610361fbe77b16"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:1343df4e2e6e51182aad12162b23b0a4b3fd77f17527a78c53f0f23573663545"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:6dbdacf5752fbd78ccdb434698230c4f0f95df7dd956d5f205b5ed6911a1367c"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_28_x86_64.whl", hash = "sha256:506becdf2ecaebaf7f7995f776394fcc8bd8a78022772de66677c84fb02dd33d"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:ca8e44b5ba3edb682ea4e6185b49661fc22b230cf811b9c13963c9f982d1d964"},
+    {file = "lxml-4.9.4-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:9d9d5726474cbbef279fd709008f91a49c4f758bec9c062dfbba88eab00e3ff9"},
+    {file = "lxml-4.9.4-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:bbdd69e20fe2943b51e2841fc1e6a3c1de460d630f65bde12452d8c97209464d"},
+    {file = "lxml-4.9.4-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:8671622256a0859f5089cbe0ce4693c2af407bc053dcc99aadff7f5310b4aa02"},
+    {file = "lxml-4.9.4-cp37-cp37m-win32.whl", hash = "sha256:dd4fda67f5faaef4f9ee5383435048ee3e11ad996901225ad7615bc92245bc8e"},
+    {file = "lxml-4.9.4-cp37-cp37m-win_amd64.whl", hash = "sha256:6bee9c2e501d835f91460b2c904bc359f8433e96799f5c2ff20feebd9bb1e590"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:1f10f250430a4caf84115b1e0f23f3615566ca2369d1962f82bef40dd99cd81a"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:3b505f2bbff50d261176e67be24e8909e54b5d9d08b12d4946344066d66b3e43"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:1449f9451cd53e0fd0a7ec2ff5ede4686add13ac7a7bfa6988ff6d75cff3ebe2"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_28_x86_64.whl", hash = "sha256:4ece9cca4cd1c8ba889bfa67eae7f21d0d1a2e715b4d5045395113361e8c533d"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:59bb5979f9941c61e907ee571732219fa4774d5a18f3fa5ff2df963f5dfaa6bc"},
+    {file = "lxml-4.9.4-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:b1980dbcaad634fe78e710c8587383e6e3f61dbe146bcbfd13a9c8ab2d7b1192"},
+    {file = "lxml-4.9.4-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:9ae6c3363261021144121427b1552b29e7b59de9d6a75bf51e03bc072efb3c37"},
+    {file = "lxml-4.9.4-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:bcee502c649fa6351b44bb014b98c09cb00982a475a1912a9881ca28ab4f9cd9"},
+    {file = "lxml-4.9.4-cp38-cp38-win32.whl", hash = "sha256:a8edae5253efa75c2fc79a90068fe540b197d1c7ab5803b800fccfe240eed33c"},
+    {file = "lxml-4.9.4-cp38-cp38-win_amd64.whl", hash = "sha256:701847a7aaefef121c5c0d855b2affa5f9bd45196ef00266724a80e439220e46"},
+    {file = "lxml-4.9.4-cp39-cp39-macosx_11_0_x86_64.whl", hash = "sha256:f610d980e3fccf4394ab3806de6065682982f3d27c12d4ce3ee46a8183d64a6a"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:aa9b5abd07f71b081a33115d9758ef6077924082055005808f68feccb27616bd"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:365005e8b0718ea6d64b374423e870648ab47c3a905356ab6e5a5ff03962b9a9"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:16b9ec51cc2feab009e800f2c6327338d6ee4e752c76e95a35c4465e80390ccd"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_28_x86_64.whl", hash = "sha256:a905affe76f1802edcac554e3ccf68188bea16546071d7583fb1b693f9cf756b"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:fd814847901df6e8de13ce69b84c31fc9b3fb591224d6762d0b256d510cbf382"},
+    {file = "lxml-4.9.4-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:91bbf398ac8bb7d65a5a52127407c05f75a18d7015a270fdd94bbcb04e65d573"},
+    {file = "lxml-4.9.4-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:f99768232f036b4776ce419d3244a04fe83784bce871b16d2c2e984c7fcea847"},
+    {file = "lxml-4.9.4-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:bb5bd6212eb0edfd1e8f254585290ea1dadc3687dd8fd5e2fd9a87c31915cdab"},
+    {file = "lxml-4.9.4-cp39-cp39-win32.whl", hash = "sha256:88f7c383071981c74ec1998ba9b437659e4fd02a3c4a4d3efc16774eb108d0ec"},
+    {file = "lxml-4.9.4-cp39-cp39-win_amd64.whl", hash = "sha256:936e8880cc00f839aa4173f94466a8406a96ddce814651075f95837316369899"},
+    {file = "lxml-4.9.4-pp310-pypy310_pp73-macosx_11_0_x86_64.whl", hash = "sha256:f6c35b2f87c004270fa2e703b872fcc984d714d430b305145c39d53074e1ffe0"},
+    {file = "lxml-4.9.4-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:606d445feeb0856c2b424405236a01c71af7c97e5fe42fbc778634faef2b47e4"},
+    {file = "lxml-4.9.4-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:a1bdcbebd4e13446a14de4dd1825f1e778e099f17f79718b4aeaf2403624b0f7"},
+    {file = "lxml-4.9.4-pp37-pypy37_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:0a08c89b23117049ba171bf51d2f9c5f3abf507d65d016d6e0fa2f37e18c0fc5"},
+    {file = "lxml-4.9.4-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:232fd30903d3123be4c435fb5159938c6225ee8607b635a4d3fca847003134ba"},
+    {file = "lxml-4.9.4-pp37-pypy37_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:231142459d32779b209aa4b4d460b175cadd604fed856f25c1571a9d78114771"},
+    {file = "lxml-4.9.4-pp38-pypy38_pp73-macosx_11_0_x86_64.whl", hash = "sha256:520486f27f1d4ce9654154b4494cf9307b495527f3a2908ad4cb48e4f7ed7ef7"},
+    {file = "lxml-4.9.4-pp38-pypy38_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:562778586949be7e0d7435fcb24aca4810913771f845d99145a6cee64d5b67ca"},
+    {file = "lxml-4.9.4-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:a9e7c6d89c77bb2770c9491d988f26a4b161d05c8ca58f63fb1f1b6b9a74be45"},
+    {file = "lxml-4.9.4-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:786d6b57026e7e04d184313c1359ac3d68002c33e4b1042ca58c362f1d09ff58"},
+    {file = "lxml-4.9.4-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:95ae6c5a196e2f239150aa4a479967351df7f44800c93e5a975ec726fef005e2"},
+    {file = "lxml-4.9.4-pp39-pypy39_pp73-macosx_11_0_x86_64.whl", hash = "sha256:9b556596c49fa1232b0fff4b0e69b9d4083a502e60e404b44341e2f8fb7187f5"},
+    {file = "lxml-4.9.4-pp39-pypy39_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:cc02c06e9e320869d7d1bd323df6dd4281e78ac2e7f8526835d3d48c69060683"},
+    {file = "lxml-4.9.4-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:857d6565f9aa3464764c2cb6a2e3c2e75e1970e877c188f4aeae45954a314e0c"},
+    {file = "lxml-4.9.4-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c42ae7e010d7d6bc51875d768110c10e8a59494855c3d4c348b068f5fb81fdcd"},
+    {file = "lxml-4.9.4-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:f10250bb190fb0742e3e1958dd5c100524c2cc5096c67c8da51233f7448dc137"},
+    {file = "lxml-4.9.4.tar.gz", hash = "sha256:b1541e50b78e15fa06a2670157a1962ef06591d4c998b998047fff5e3236880e"},
 ]
 
 [package.extras]
 cssselect = ["cssselect (>=0.7)"]
 html5 = ["html5lib"]
 htmlsoup = ["BeautifulSoup4"]
-source = ["Cython (>=0.29.35)"]
+source = ["Cython (==0.29.37)"]
+
+[[package]]
+name = "lxml"
+version = "5.0.0"
+description = "Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API."
+optional = false
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, != 3.4.*"
+files = [
+    {file = "lxml-5.0.0-cp27-cp27m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:73bfab795d354aaf2f4eb7a5b0db513031734fd371047342d5803834ce19ec18"},
+    {file = "lxml-5.0.0-cp27-cp27m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:cb564bbe55ff0897d9cf1225041a44576d7ae87f06fd60163544c91de2623d3f"},
+    {file = "lxml-5.0.0-cp27-cp27mu-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:6a5501438dd521bb7e0dde5008c40c7bfcfaafaf86eccb3f9bd27509abb793da"},
+    {file = "lxml-5.0.0-cp27-cp27mu-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:7ba26a7dc929a1b3487d51bbcb0099afed2fc06e891b82845c8f37a2d7d7fbbd"},
+    {file = "lxml-5.0.0-cp310-cp310-macosx_11_0_x86_64.whl", hash = "sha256:9b59c429e1a2246da86ae237ffc3565efcdc71c281cd38ca8b44d5fb6a3b993a"},
+    {file = "lxml-5.0.0-cp310-cp310-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:3ffa066db40b0347e48334bd4465de768e295a3525b9a59831228b5f4f93162d"},
+    {file = "lxml-5.0.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:8ce8b468ab50f9e944719d1134709ec11fe0d2840891a6cae369e22141b1094c"},
+    {file = "lxml-5.0.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:583c0e15ae06adc81035346ae2abb2e748f0b5197e7740d8af31222db41bbf7b"},
+    {file = "lxml-5.0.0-cp310-cp310-manylinux_2_28_x86_64.whl", hash = "sha256:904d36165848b59c4e04ae5b969072e602bd987485076fca8ec42c6cd7a7aedc"},
+    {file = "lxml-5.0.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:ac21aace6712472e77ea9dfc38329f53830c4259ece54c786107105ebb069053"},
+    {file = "lxml-5.0.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:f92d73faa0b1a76d1932429d684b7ce95829e93c3eef3715ec9b98ab192c9d31"},
+    {file = "lxml-5.0.0-cp310-cp310-win32.whl", hash = "sha256:03290e2f714f2e7431c8430c08b48167f657da7bc689c6248e828ff3c66d5b1b"},
+    {file = "lxml-5.0.0-cp310-cp310-win_amd64.whl", hash = "sha256:3e6cbb68bf70081f036bfc018649cf4b46c4e7eaf7860a277cae92dee2a57f69"},
+    {file = "lxml-5.0.0-cp311-cp311-macosx_11_0_universal2.whl", hash = "sha256:5382612ba2424cea5d2c89e2c29077023d8de88f8d60d5ceff5f76334516df9e"},
+    {file = "lxml-5.0.0-cp311-cp311-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:07a900735bad9af7be3085480bf384f68ed5580ba465b39a098e6a882c060d6b"},
+    {file = "lxml-5.0.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:980ba47c8db4b9d870014c7040edb230825b79017a6a27aa54cdb6fcc02d8cc0"},
+    {file = "lxml-5.0.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:6507c58431dbd95b50654b3313c5ad54f90e54e5f2cdacf733de61eae478eec5"},
+    {file = "lxml-5.0.0-cp311-cp311-manylinux_2_28_aarch64.whl", hash = "sha256:4a45a278518e4308865c1e9dbb2c42ce84fb154efb03adeb16fdae3c1687c7c9"},
+    {file = "lxml-5.0.0-cp311-cp311-manylinux_2_28_x86_64.whl", hash = "sha256:59cea9ba1c675fbd6867ca1078fc717a113e7f5b7644943b74137b7cc55abebf"},
+    {file = "lxml-5.0.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:dd39ef87fd1f7bb5c4aa53454936e6135cbfe03fe3744e8218be193f9e4fef16"},
+    {file = "lxml-5.0.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:e6bb39d91bf932e7520cb5718ae3c2f498052aca53294d5d59fdd9068fe1a7f2"},
+    {file = "lxml-5.0.0-cp311-cp311-win32.whl", hash = "sha256:21af2c3862db6f4f486cddf73ec1157b40d5828876c47cd880edcbad8240ea1b"},
+    {file = "lxml-5.0.0-cp311-cp311-win_amd64.whl", hash = "sha256:c1249aa4eaced30b59ecf8b8cae0b1ccede04583c74ca7d10b6f8bbead908b2c"},
+    {file = "lxml-5.0.0-cp312-cp312-macosx_11_0_universal2.whl", hash = "sha256:f30e697b6215e759d0824768b2c5b0618d2dc19abe6c67eeed2b0460f52470d1"},
+    {file = "lxml-5.0.0-cp312-cp312-manylinux_2_28_aarch64.whl", hash = "sha256:d1bb64646480c36a4aa1b6a44a5b6e33d0fcbeab9f53f1b39072cd3bb2c6243a"},
+    {file = "lxml-5.0.0-cp312-cp312-manylinux_2_28_x86_64.whl", hash = "sha256:4e69c36c8618707a90ed3fb6f48a6cc9254ffcdbf7b259e439a5ae5fbf9c5206"},
+    {file = "lxml-5.0.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:9ca498f8554a09fbc3a2f8fc4b23261e07bc27bef99b3df98e2570688033f6fc"},
+    {file = "lxml-5.0.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:0326e9b8176ea77269fb39e7af4010906e73e9496a9f8eaf06d253b1b1231ceb"},
+    {file = "lxml-5.0.0-cp312-cp312-win32.whl", hash = "sha256:5fb988e15378d6e905ca8f60813950a0c56da9469d0e8e5d8fe785b282684ec5"},
+    {file = "lxml-5.0.0-cp312-cp312-win_amd64.whl", hash = "sha256:bb58e8f4b2cfe012cd312239b8d5139995fe8f5945c7c26d5fbbbb1ddb9acd47"},
+    {file = "lxml-5.0.0-cp35-cp35m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:81509dffd8aba3bdb43e90cbd218c9c068a1f4047d97bc9546b3ac9e3a4ae81d"},
+    {file = "lxml-5.0.0-cp35-cp35m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:e675a4b95208e74c34ac0751cc4bab9170e7728b61601fb0f4746892c2bb7e0b"},
+    {file = "lxml-5.0.0-cp36-cp36m-macosx_11_0_x86_64.whl", hash = "sha256:405e3760f83a8ba3bdb6e622ec79595cdc20db916ce37377bbcb95b5711fa4ca"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:f15844a1b93dcaa09c2b22e22a73384f3ae4502347c3881cfdd674e14ac04e21"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:88f559f8beb6b90e41a7faae4aca4c8173a4819874a9bf8e74c8d7c1d51f3162"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:e8c63f5c7d87e7044880b01851ac4e863c3349e6f6b6ab456fe218d9346e816d"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_28_x86_64.whl", hash = "sha256:0d277d4717756fe8816f0beeff229cb72f9dd02a43b70e1d3f07c8efadfb9fe1"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:c8954da15403db1acfc0544b3c3f963a6ef4e428283ab6555e3e298bbbff1cf6"},
+    {file = "lxml-5.0.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:aebd8fd378e074b22e79cad329dcccd243c40ff1cafaa512d19276c5bb9554e1"},
+    {file = "lxml-5.0.0-cp36-cp36m-musllinux_1_1_aarch64.whl", hash = "sha256:b6d4e148edee59c2ad38af15810dbcb8b5d7b13e5de3509d8cf3edfe74c0adca"},
+    {file = "lxml-5.0.0-cp36-cp36m-musllinux_1_1_x86_64.whl", hash = "sha256:70ab4e02f7aa5fb4131c8b222a111ce7676f3767e36084fba3a4e7338dc82dcd"},
+    {file = "lxml-5.0.0-cp36-cp36m-win32.whl", hash = "sha256:de1a8b54170024cf1c0c2718c82412bca42cd82e390556e3d8031af9541b416f"},
+    {file = "lxml-5.0.0-cp36-cp36m-win_amd64.whl", hash = "sha256:5b39f63edbe7e018c2ac1cf0259ee0dd2355274e8a3003d404699b040782e55e"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:77b73952534967a4497d9e4f26fbeebfba19950cbc66b7cc3a706214429d8106"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:8cc0a951e5616ac626f7036309c41fb9774adcd4aa7db0886463da1ce5b65edb"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:4b9d5b01900a760eb3acf6cef50aead4ef2fa79e7ddb927084244e41dfe37b65"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_28_x86_64.whl", hash = "sha256:173bcead3af5d87c7bca9a030675073ddaad8e0a9f0b04be07cd9390453e7226"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:44fa9afd632210f1eeda51cf284ed8dbab0c7ec8b008dd39ba02818e0e114e69"},
+    {file = "lxml-5.0.0-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:fef10f27d6318d2d7c88680e113511ddecf09ee4f9559b3623b73ee89fa8f6cc"},
+    {file = "lxml-5.0.0-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:3663542aee845129a981889c19b366beab0b1dadcf5ca164696aabfe1aa51667"},
+    {file = "lxml-5.0.0-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:7188495c1bf71bfda87d78ed50601e72d252119ce11710d6e71ff36e35fea5a0"},
+    {file = "lxml-5.0.0-cp37-cp37m-win32.whl", hash = "sha256:6a2de85deabf939b0af89e2e1ea46bfb1239545e2da6f8ac96522755a388025f"},
+    {file = "lxml-5.0.0-cp37-cp37m-win_amd64.whl", hash = "sha256:ea56825c1e23c9c8ea385a191dac75f9160477057285b88c88736d9305e6118f"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:3f908afd0477cace17f941d1b9cfa10b769fe1464770abe4cfb3d9f35378d0f8"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:52a9ab31853d3808e7cf0183b3a5f7e8ffd622ea4aee1deb5252dbeaefd5b40d"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:c7fe19abb3d3c55a9e65d289b12ad73b3a31a3f0bda3c539a890329ae9973bd6"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_28_x86_64.whl", hash = "sha256:1ef0793e1e2dd221fce7c142177008725680f7b9e4a184ab108d90d5d3ab69b7"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:581a78f299a9f5448b2c3aea904bfcd17c59bf83016d221d7f93f83633bb2ab2"},
+    {file = "lxml-5.0.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:affdd833f82334fdb10fc9a1c7b35cdb5a86d0b672b4e14dd542e1fe7bcea894"},
+    {file = "lxml-5.0.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:6bba06d8982be0f0f6432d289a8d104417a0ab9ed04114446c4ceb6d4a40c65d"},
+    {file = "lxml-5.0.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:80209b31dd3908bc5b014f540fd192c97ea52ab179713a730456c5baf7ce80c1"},
+    {file = "lxml-5.0.0-cp38-cp38-win32.whl", hash = "sha256:dac2733fe4e159b0aae0439db6813b7b1d23ff96d0b34c0107b87faf79208c4e"},
+    {file = "lxml-5.0.0-cp38-cp38-win_amd64.whl", hash = "sha256:ee60f33456ff34b2dd1d048a740a2572798356208e4c494301c931de3a0ab3a2"},
+    {file = "lxml-5.0.0-cp39-cp39-macosx_11_0_x86_64.whl", hash = "sha256:5eff173f0ff408bfa578cbdafd35a7e0ca94d1a9ffe09a8a48e0572d0904d486"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:78d6d8e5b54ed89dc0f0901eaaa579c384ad8d59fa43cc7fb06e9bb89115f8f4"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:71a7cee869578bc17b18050532bb2f0bc682a7b97dda77041741a1bd2febe6c7"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:7df433d08d4587dc3932f7fcfc3194519a6824824104854e76441fd3bc000d29"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_28_x86_64.whl", hash = "sha256:793be9b4945c2dfd69828fb5948d7d9569b78e0599e4a2e88d92affeb0ff3aa3"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:c7cfb6af73602c8d288581df8a225989d7e9d5aab0a174be0e19fcfa800b6797"},
+    {file = "lxml-5.0.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:bfdc4668ac56687a89ca3eca44231144a2e9d02ba3b877558db74ba20e2bd9fa"},
+    {file = "lxml-5.0.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:2992591e2294bb07faf7f5f6d5cb60710c046404f4bfce09fb488b85d2a8f58f"},
+    {file = "lxml-5.0.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:4786b0af7511ea614fd86407a52a7bc161aa5772d311d97df2591ed2351de768"},
+    {file = "lxml-5.0.0-cp39-cp39-win32.whl", hash = "sha256:016de3b29a262655fc3d2075dc1b2611f84f4c3d97a71d579c883d45e201eee4"},
+    {file = "lxml-5.0.0-cp39-cp39-win_amd64.whl", hash = "sha256:52c0acc2f29b0a204efc11a5ed911a74f50a25eb7d7d5069c2b1fd3b3346ce11"},
+    {file = "lxml-5.0.0-pp310-pypy310_pp73-macosx_11_0_x86_64.whl", hash = "sha256:96095bfc0c02072fc89afa67626013a253596ea5118b8a7f4daaae049dafa096"},
+    {file = "lxml-5.0.0-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:992029258ed719f130d5a9c443d142c32843046f1263f2c492862b2a853be570"},
+    {file = "lxml-5.0.0-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:db40e85cffd22f7d65dcce30e85af565a66401a6ed22fc0c56ed342cfa4ffc43"},
+    {file = "lxml-5.0.0-pp38-pypy38_pp73-macosx_11_0_x86_64.whl", hash = "sha256:cfa8a4cdc3765574b7fd0c7cfa5fbd1e2108014c9dfd299c679e5152bea9a55e"},
+    {file = "lxml-5.0.0-pp38-pypy38_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:049fef98d02513c34f5babd07569fc1cf1ed14c0f2fbff18fe72597f977ef3c2"},
+    {file = "lxml-5.0.0-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:a85136d0ee18a41c91cc3e2844c683be0e72e6dda4cb58da9e15fcaef3726af7"},
+    {file = "lxml-5.0.0-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:766868f729f3ab84125350f1a0ea2594d8b1628a608a574542a5aff7355b9941"},
+    {file = "lxml-5.0.0-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:99cad5c912f359e59e921689c04e54662cdd80835d80eeaa931e22612f515df7"},
+    {file = "lxml-5.0.0-pp39-pypy39_pp73-macosx_11_0_x86_64.whl", hash = "sha256:c90c593aa8dd57d5dab0ef6d7d64af894008971d98e6a41b320fdd75258fbc6e"},
+    {file = "lxml-5.0.0-pp39-pypy39_pp73-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_24_i686.whl", hash = "sha256:8134d5441d1ed6a682e3de3d7a98717a328dce619ee9c4c8b3b91f0cb0eb3e28"},
+    {file = "lxml-5.0.0-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:f298ac9149037d6a3d5c74991bded39ac46292520b9c7c182cb102486cc87677"},
+    {file = "lxml-5.0.0-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:894c5f71186b410679aaab5774543fcb9cbabe8893f0b31d11cf28a0740e80be"},
+    {file = "lxml-5.0.0-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:9cd3d6c2c67d4fdcd795e4945e2ba5434909c96640b4cc09453bd0dc7e8e1bac"},
+    {file = "lxml-5.0.0.zip", hash = "sha256:2219cbf790e701acf9a21a31ead75f983e73daf0eceb9da6990212e4d20ebefe"},
+]
+
+[package.extras]
+cssselect = ["cssselect (>=0.7)"]
+html5 = ["html5lib"]
+htmlsoup = ["BeautifulSoup4"]
+source = ["Cython (>=3.0.7)"]
 
 [[package]]
 name = "markdown-it-py"
@@ -2348,13 +2480,13 @@ files = [
 
 [[package]]
 name = "netaddr"
-version = "0.9.0"
+version = "0.10.0"
 description = "A network address manipulation library for Python"
 optional = false
 python-versions = "*"
 files = [
-    {file = "netaddr-0.9.0-py3-none-any.whl", hash = "sha256:5148b1055679d2a1ec070c521b7db82137887fabd6d7e37f5199b44f775c3bb1"},
-    {file = "netaddr-0.9.0.tar.gz", hash = "sha256:7b46fa9b1a2d71fd5de9e4a3784ef339700a53a08c8040f08baf5f1194da0128"},
+    {file = "netaddr-0.10.0-py2.py3-none-any.whl", hash = "sha256:8752f96c8fc24162edbf5b73d3e464b5d88e62869917582daa37b2695b65afb4"},
+    {file = "netaddr-0.10.0.tar.gz", hash = "sha256:4c30c54adf4ea4318b3c055ea3d8c7f6554a50aa2cd8aea4605a23caa0b0229e"},
 ]
 
 [[package]]
@@ -2410,13 +2542,13 @@ files = [
 
 [[package]]
 name = "paramiko"
-version = "3.3.1"
+version = "3.4.0"
 description = "SSH2 protocol library"
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "paramiko-3.3.1-py3-none-any.whl", hash = "sha256:b7bc5340a43de4287bbe22fe6de728aa2c22468b2a849615498dd944c2f275eb"},
-    {file = "paramiko-3.3.1.tar.gz", hash = "sha256:6a3777a961ac86dbef375c5f5b8d50014a1a96d0fd7f054a43bc880134b0ff77"},
+    {file = "paramiko-3.4.0-py3-none-any.whl", hash = "sha256:43f0b51115a896f9c00f59618023484cb3a14b98bbceab43394a39c6739b7ee7"},
+    {file = "paramiko-3.4.0.tar.gz", hash = "sha256:aac08f26a31dc4dffd92821527d1682d99d52f9ef6851968114a8728f3c274d3"},
 ]
 
 [package.dependencies]
@@ -2431,13 +2563,13 @@ invoke = ["invoke (>=2.0)"]
 
 [[package]]
 name = "pathspec"
-version = "0.11.2"
+version = "0.12.1"
 description = "Utility library for gitignore style pattern matching of file paths."
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "pathspec-0.11.2-py3-none-any.whl", hash = "sha256:1d6ed233af05e679efb96b1851550ea95bbb64b7c490b0f5aa52996c11e92a20"},
-    {file = "pathspec-0.11.2.tar.gz", hash = "sha256:e0d8d0ac2f12da61956eb2306b69f9469b42f4deb0f3cb6ed47b9cce9996ced3"},
+    {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"},
+    {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"},
 ]
 
 [[package]]
@@ -2453,13 +2585,13 @@ files = [
 
 [[package]]
 name = "pdoc"
-version = "14.1.0"
+version = "14.3.0"
 description = "API Documentation for Python Projects"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "pdoc-14.1.0-py3-none-any.whl", hash = "sha256:e8869dffe21296b3bd5545b28e7f07cae0656082aca43f8915323187e541b126"},
-    {file = "pdoc-14.1.0.tar.gz", hash = "sha256:3a0bd921a05c39a82b1505089eb6dc99d857b71b856aa60d1aca4d9086d0e18c"},
+    {file = "pdoc-14.3.0-py3-none-any.whl", hash = "sha256:9a8f9a48bda5a99c249367c2b99779dbdd9f4a56f905068c9c2d6868dbae6882"},
+    {file = "pdoc-14.3.0.tar.gz", hash = "sha256:40bf8f092fcd91560d5e6cebb7c21b65df699f90a468c8ea316235c3368d5449"},
 ]
 
 [package.dependencies]
@@ -2468,17 +2600,17 @@ MarkupSafe = "*"
 pygments = ">=2.12.0"
 
 [package.extras]
-dev = ["black", "hypothesis", "mypy", "pygments (>=2.14.0)", "pytest", "pytest-cov", "pytest-timeout", "ruff", "tox", "types-pygments"]
+dev = ["hypothesis", "mypy", "pdoc-pyo3-sample-library (==1.0.11)", "pygments (>=2.14.0)", "pytest", "pytest-cov", "pytest-timeout", "ruff", "tox", "types-pygments"]
 
 [[package]]
 name = "platformdirs"
-version = "4.0.0"
+version = "4.1.0"
 description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"."
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "platformdirs-4.0.0-py3-none-any.whl", hash = "sha256:118c954d7e949b35437270383a3f2531e99dd93cf7ce4dc8340d3356d30f173b"},
-    {file = "platformdirs-4.0.0.tar.gz", hash = "sha256:cb633b2bcf10c51af60beb0ab06d2f1d69064b43abf4c185ca6b28865f3f9731"},
+    {file = "platformdirs-4.1.0-py3-none-any.whl", hash = "sha256:11c8f37bcca40db96d8144522d925583bdb7a31f7b0e37e3ed4318400a8e2380"},
+    {file = "platformdirs-4.1.0.tar.gz", hash = "sha256:906d548203468492d432bcb294d4bc2fff751bf84971fbb2c10918cc206ee420"},
 ]
 
 [package.extras]
@@ -2502,13 +2634,13 @@ testing = ["pytest", "pytest-benchmark"]
 
 [[package]]
 name = "prometheus-client"
-version = "0.18.0"
+version = "0.19.0"
 description = "Python client for the Prometheus monitoring system."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "prometheus_client-0.18.0-py3-none-any.whl", hash = "sha256:8de3ae2755f890826f4b6479e5571d4f74ac17a81345fe69a6778fdb92579184"},
-    {file = "prometheus_client-0.18.0.tar.gz", hash = "sha256:35f7a8c22139e2bb7ca5a698e92d38145bc8dc74c1c0bf56f25cca886a764e17"},
+    {file = "prometheus_client-0.19.0-py3-none-any.whl", hash = "sha256:c88b1e6ecf6b41cd8fb5731c7ae919bf66df6ec6fafa555cd6c0e16ca169ae92"},
+    {file = "prometheus_client-0.19.0.tar.gz", hash = "sha256:4585b0d1223148c27a225b10dbec5ae9bc4c81a99a3fa80774fa6209935324e1"},
 ]
 
 [package.extras]
@@ -2516,13 +2648,13 @@ twisted = ["twisted"]
 
 [[package]]
 name = "prompt-toolkit"
-version = "3.0.41"
+version = "3.0.43"
 description = "Library for building powerful interactive command lines in Python"
 optional = false
 python-versions = ">=3.7.0"
 files = [
-    {file = "prompt_toolkit-3.0.41-py3-none-any.whl", hash = "sha256:f36fe301fafb7470e86aaf90f036eef600a3210be4decf461a5b1ca8403d3cb2"},
-    {file = "prompt_toolkit-3.0.41.tar.gz", hash = "sha256:941367d97fc815548822aa26c2a269fdc4eb21e9ec05fc5d447cf09bad5d75f0"},
+    {file = "prompt_toolkit-3.0.43-py3-none-any.whl", hash = "sha256:a11a29cb3bf0a28a387fe5122cdb649816a957cd9261dcedf8c9f1fef33eacf6"},
+    {file = "prompt_toolkit-3.0.43.tar.gz", hash = "sha256:3527b7af26106cbc65a040bcc84839a3566ec1b051bb0bfe953631e704b0ff7d"},
 ]
 
 [package.dependencies]
@@ -2530,47 +2662,47 @@ wcwidth = "*"
 
 [[package]]
 name = "psycopg"
-version = "3.1.13"
+version = "3.1.16"
 description = "PostgreSQL database adapter for Python"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "psycopg-3.1.13-py3-none-any.whl", hash = "sha256:1253010894cfb64e2da4556d4eff5f05e45cafee641f64e02453be849c8f7687"},
-    {file = "psycopg-3.1.13.tar.gz", hash = "sha256:e6d047ce16950651d6e26c7c19ca57cc42e1d4841b58729f691244baeee46e30"},
+    {file = "psycopg-3.1.16-py3-none-any.whl", hash = "sha256:0bfe9741f4fb1c8115cadd8fe832fa91ac277e81e0652ff7fa1400f0ef0f59ba"},
+    {file = "psycopg-3.1.16.tar.gz", hash = "sha256:a34d922fd7df3134595e71c3428ba6f1bd5f4968db74857fe95de12db2d6b763"},
 ]
 
 [package.dependencies]
-psycopg-c = {version = "3.1.13", optional = true, markers = "extra == \"c\""}
+psycopg-c = {version = "3.1.16", optional = true, markers = "implementation_name != \"pypy\" and extra == \"c\""}
 typing-extensions = ">=4.1"
 tzdata = {version = "*", markers = "sys_platform == \"win32\""}
 
 [package.extras]
-binary = ["psycopg-binary (==3.1.13)"]
-c = ["psycopg-c (==3.1.13)"]
-dev = ["black (>=23.1.0)", "dnspython (>=2.1)", "flake8 (>=4.0)", "mypy (>=1.4.1)", "types-setuptools (>=57.4)", "wheel (>=0.37)"]
+binary = ["psycopg-binary (==3.1.16)"]
+c = ["psycopg-c (==3.1.16)"]
+dev = ["black (>=23.1.0)", "codespell (>=2.2)", "dnspython (>=2.1)", "flake8 (>=4.0)", "mypy (>=1.4.1)", "types-setuptools (>=57.4)", "wheel (>=0.37)"]
 docs = ["Sphinx (>=5.0)", "furo (==2022.6.21)", "sphinx-autobuild (>=2021.3.14)", "sphinx-autodoc-typehints (>=1.12)"]
 pool = ["psycopg-pool"]
 test = ["anyio (>=3.6.2,<4.0)", "mypy (>=1.4.1)", "pproxy (>=2.7)", "pytest (>=6.2.5)", "pytest-cov (>=3.0)", "pytest-randomly (>=3.5)"]
 
 [[package]]
 name = "psycopg-c"
-version = "3.1.13"
+version = "3.1.16"
 description = "PostgreSQL database adapter for Python -- C optimisation distribution"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "psycopg-c-3.1.13.tar.gz", hash = "sha256:a7f39d29e5ba46cdc5ff6b40a1e418dba034efd2faf7369a8b6d20effbd2a19d"},
+    {file = "psycopg-c-3.1.16.tar.gz", hash = "sha256:24f9805e0c20742c72c7be1412e3a600de0980104ff1a264a49333996e6adba3"},
 ]
 
 [[package]]
 name = "pyasn1"
-version = "0.5.0"
+version = "0.5.1"
 description = "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)"
 optional = false
 python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,>=2.7"
 files = [
-    {file = "pyasn1-0.5.0-py2.py3-none-any.whl", hash = "sha256:87a2121042a1ac9358cabcaf1d07680ff97ee6404333bacca15f76aa8ad01a57"},
-    {file = "pyasn1-0.5.0.tar.gz", hash = "sha256:97b7290ca68e62a832558ec3976f15cbf911bf5d7c7039d8b861c2a0ece69fde"},
+    {file = "pyasn1-0.5.1-py2.py3-none-any.whl", hash = "sha256:4439847c58d40b1d0a573d07e3856e95333f1976294494c325775aeca506eb58"},
+    {file = "pyasn1-0.5.1.tar.gz", hash = "sha256:6d391a96e59b23130a5cfa74d6fd7f388dbbe26cc8f1edf39fdddf08d9d6676c"},
 ]
 
 [[package]]
@@ -2611,60 +2743,60 @@ files = [
 
 [[package]]
 name = "pycryptodome"
-version = "3.19.0"
+version = "3.19.1"
 description = "Cryptographic library for Python"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
 files = [
-    {file = "pycryptodome-3.19.0-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:3006c44c4946583b6de24fe0632091c2653d6256b99a02a3db71ca06472ea1e4"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-manylinux2010_i686.whl", hash = "sha256:7c760c8a0479a4042111a8dd2f067d3ae4573da286c53f13cf6f5c53a5c1f631"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:08ce3558af5106c632baf6d331d261f02367a6bc3733086ae43c0f988fe042db"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:45430dfaf1f421cf462c0dd824984378bef32b22669f2635cb809357dbaab405"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-musllinux_1_1_aarch64.whl", hash = "sha256:a9bcd5f3794879e91970f2bbd7d899780541d3ff439d8f2112441769c9f2ccea"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-win32.whl", hash = "sha256:190c53f51e988dceb60472baddce3f289fa52b0ec38fbe5fd20dd1d0f795c551"},
-    {file = "pycryptodome-3.19.0-cp27-cp27m-win_amd64.whl", hash = "sha256:22e0ae7c3a7f87dcdcf302db06ab76f20e83f09a6993c160b248d58274473bfa"},
-    {file = "pycryptodome-3.19.0-cp27-cp27mu-manylinux2010_i686.whl", hash = "sha256:7822f36d683f9ad7bc2145b2c2045014afdbbd1d9922a6d4ce1cbd6add79a01e"},
-    {file = "pycryptodome-3.19.0-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:05e33267394aad6db6595c0ce9d427fe21552f5425e116a925455e099fdf759a"},
-    {file = "pycryptodome-3.19.0-cp27-cp27mu-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:829b813b8ee00d9c8aba417621b94bc0b5efd18c928923802ad5ba4cf1ec709c"},
-    {file = "pycryptodome-3.19.0-cp27-cp27mu-musllinux_1_1_aarch64.whl", hash = "sha256:fc7a79590e2b5d08530175823a242de6790abc73638cc6dc9d2684e7be2f5e49"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-macosx_10_9_universal2.whl", hash = "sha256:542f99d5026ac5f0ef391ba0602f3d11beef8e65aae135fa5b762f5ebd9d3bfb"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-macosx_10_9_x86_64.whl", hash = "sha256:61bb3ccbf4bf32ad9af32da8badc24e888ae5231c617947e0f5401077f8b091f"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d49a6c715d8cceffedabb6adb7e0cbf41ae1a2ff4adaeec9432074a80627dea1"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e249a784cc98a29c77cea9df54284a44b40cafbfae57636dd2f8775b48af2434"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d033947e7fd3e2ba9a031cb2d267251620964705a013c5a461fa5233cc025270"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:84c3e4fffad0c4988aef0d5591be3cad4e10aa7db264c65fadbc633318d20bde"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-musllinux_1_1_i686.whl", hash = "sha256:139ae2c6161b9dd5d829c9645d781509a810ef50ea8b657e2257c25ca20efe33"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:5b1986c761258a5b4332a7f94a83f631c1ffca8747d75ab8395bf2e1b93283d9"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-win32.whl", hash = "sha256:536f676963662603f1f2e6ab01080c54d8cd20f34ec333dcb195306fa7826997"},
-    {file = "pycryptodome-3.19.0-cp35-abi3-win_amd64.whl", hash = "sha256:04dd31d3b33a6b22ac4d432b3274588917dcf850cc0c51c84eca1d8ed6933810"},
-    {file = "pycryptodome-3.19.0-pp27-pypy_73-manylinux2010_x86_64.whl", hash = "sha256:8999316e57abcbd8085c91bc0ef75292c8618f41ca6d2b6132250a863a77d1e7"},
-    {file = "pycryptodome-3.19.0-pp27-pypy_73-win32.whl", hash = "sha256:a0ab84755f4539db086db9ba9e9f3868d2e3610a3948cbd2a55e332ad83b01b0"},
-    {file = "pycryptodome-3.19.0-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:0101f647d11a1aae5a8ce4f5fad6644ae1b22bb65d05accc7d322943c69a74a6"},
-    {file = "pycryptodome-3.19.0-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8c1601e04d32087591d78e0b81e1e520e57a92796089864b20e5f18c9564b3fa"},
-    {file = "pycryptodome-3.19.0-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:506c686a1eee6c00df70010be3b8e9e78f406af4f21b23162bbb6e9bdf5427bc"},
-    {file = "pycryptodome-3.19.0-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:7919ccd096584b911f2a303c593280869ce1af9bf5d36214511f5e5a1bed8c34"},
-    {file = "pycryptodome-3.19.0-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:560591c0777f74a5da86718f70dfc8d781734cf559773b64072bbdda44b3fc3e"},
-    {file = "pycryptodome-3.19.0-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c1cc2f2ae451a676def1a73c1ae9120cd31af25db3f381893d45f75e77be2400"},
-    {file = "pycryptodome-3.19.0-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:17940dcf274fcae4a54ec6117a9ecfe52907ed5e2e438fe712fe7ca502672ed5"},
-    {file = "pycryptodome-3.19.0-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:d04f5f623a280fbd0ab1c1d8ecbd753193ab7154f09b6161b0f857a1a676c15f"},
-    {file = "pycryptodome-3.19.0.tar.gz", hash = "sha256:bc35d463222cdb4dbebd35e0784155c81e161b9284e567e7e933d722e533331e"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:694020d2ff985cd714381b9da949a21028c24b86f562526186f6af7c7547e986"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-manylinux2010_i686.whl", hash = "sha256:4464b0e8fd5508bff9baf18e6fd4c6548b1ac2ce9862d6965ff6a84ec9cb302a"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:420972f9c62978e852c74055d81c354079ce3c3a2213a92c9d7e37bbc63a26e2"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c1bc0c49d986a1491d66d2a56570f12e960b12508b7e71f2423f532e28857f36"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-musllinux_1_1_aarch64.whl", hash = "sha256:e038ab77fec0956d7aa989a3c647652937fc142ef41c9382c2ebd13c127d5b4a"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-win32.whl", hash = "sha256:a991f8ffe8dfe708f86690948ae46442eebdd0fff07dc1b605987939a34ec979"},
+    {file = "pycryptodome-3.19.1-cp27-cp27m-win_amd64.whl", hash = "sha256:2c16426ef49d9cba018be2340ea986837e1dfa25c2ea181787971654dd49aadd"},
+    {file = "pycryptodome-3.19.1-cp27-cp27mu-manylinux2010_i686.whl", hash = "sha256:6d0d2b97758ebf2f36c39060520447c26455acb3bcff309c28b1c816173a6ff5"},
+    {file = "pycryptodome-3.19.1-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:b8b80ff92049fd042177282917d994d344365ab7e8ec2bc03e853d93d2401786"},
+    {file = "pycryptodome-3.19.1-cp27-cp27mu-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cd4e7e8bf0fc1ada854688b9b309ee607e2aa85a8b44180f91021a4dd330a928"},
+    {file = "pycryptodome-3.19.1-cp27-cp27mu-musllinux_1_1_aarch64.whl", hash = "sha256:8cf5d3d6cf921fa81acd1f632f6cedcc03f5f68fc50c364cd39490ba01d17c49"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-macosx_10_9_universal2.whl", hash = "sha256:67939a3adbe637281c611596e44500ff309d547e932c449337649921b17b6297"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-macosx_10_9_x86_64.whl", hash = "sha256:11ddf6c9b52116b62223b6a9f4741bc4f62bb265392a4463282f7f34bb287180"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e3e6f89480616781d2a7f981472d0cdb09b9da9e8196f43c1234eff45c915766"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:27e1efcb68993b7ce5d1d047a46a601d41281bba9f1971e6be4aa27c69ab8065"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1c6273ca5a03b672e504995529b8bae56da0ebb691d8ef141c4aa68f60765700"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:b0bfe61506795877ff974f994397f0c862d037f6f1c0bfc3572195fc00833b96"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-musllinux_1_1_i686.whl", hash = "sha256:f34976c5c8eb79e14c7d970fb097482835be8d410a4220f86260695ede4c3e17"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:7c9e222d0976f68d0cf6409cfea896676ddc1d98485d601e9508f90f60e2b0a2"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-win32.whl", hash = "sha256:4805e053571140cb37cf153b5c72cd324bb1e3e837cbe590a19f69b6cf85fd03"},
+    {file = "pycryptodome-3.19.1-cp35-abi3-win_amd64.whl", hash = "sha256:a470237ee71a1efd63f9becebc0ad84b88ec28e6784a2047684b693f458f41b7"},
+    {file = "pycryptodome-3.19.1-pp27-pypy_73-manylinux2010_x86_64.whl", hash = "sha256:ed932eb6c2b1c4391e166e1a562c9d2f020bfff44a0e1b108f67af38b390ea89"},
+    {file = "pycryptodome-3.19.1-pp27-pypy_73-win32.whl", hash = "sha256:81e9d23c0316fc1b45d984a44881b220062336bbdc340aa9218e8d0656587934"},
+    {file = "pycryptodome-3.19.1-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:37e531bf896b70fe302f003d3be5a0a8697737a8d177967da7e23eff60d6483c"},
+    {file = "pycryptodome-3.19.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cd4e95b0eb4b28251c825fe7aa941fe077f993e5ca9b855665935b86fbb1cc08"},
+    {file = "pycryptodome-3.19.1-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c22c80246c3c880c6950d2a8addf156cee74ec0dc5757d01e8e7067a3c7da015"},
+    {file = "pycryptodome-3.19.1-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:e70f5c839c7798743a948efa2a65d1fe96bb397fe6d7f2bde93d869fe4f0ad69"},
+    {file = "pycryptodome-3.19.1-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:6c3df3613592ea6afaec900fd7189d23c8c28b75b550254f4bd33fe94acb84b9"},
+    {file = "pycryptodome-3.19.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:08b445799d571041765e7d5c9ca09c5d3866c2f22eeb0dd4394a4169285184f4"},
+    {file = "pycryptodome-3.19.1-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:954d156cd50130afd53f8d77f830fe6d5801bd23e97a69d358fed068f433fbfe"},
+    {file = "pycryptodome-3.19.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:b7efd46b0b4ac869046e814d83244aeab14ef787f4850644119b1c8b0ec2d637"},
+    {file = "pycryptodome-3.19.1.tar.gz", hash = "sha256:8ae0dd1bcfada451c35f9e29a3e5db385caabc190f98e4a80ad02a61098fb776"},
 ]
 
 [[package]]
 name = "pydantic"
-version = "2.5.1"
+version = "2.5.3"
 description = "Data validation using Python type hints"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "pydantic-2.5.1-py3-none-any.whl", hash = "sha256:dc5244a8939e0d9a68f1f1b5f550b2e1c879912033b1becbedb315accc75441b"},
-    {file = "pydantic-2.5.1.tar.gz", hash = "sha256:0b8be5413c06aadfbe56f6dc1d45c9ed25fd43264414c571135c97dd77c2bedb"},
+    {file = "pydantic-2.5.3-py3-none-any.whl", hash = "sha256:d0caf5954bee831b6bfe7e338c32b9e30c85dfe080c843680783ac2b631673b4"},
+    {file = "pydantic-2.5.3.tar.gz", hash = "sha256:b3ef57c62535b0941697cce638c08900d87fcb67e29cfa99e8a68f747f393f7a"},
 ]
 
 [package.dependencies]
 annotated-types = ">=0.4.0"
 email-validator = {version = ">=2.0.0", optional = true, markers = "extra == \"email\""}
-pydantic-core = "2.14.3"
+pydantic-core = "2.14.6"
 typing-extensions = ">=4.6.1"
 
 [package.extras]
@@ -2672,116 +2804,116 @@ email = ["email-validator (>=2.0.0)"]
 
 [[package]]
 name = "pydantic-core"
-version = "2.14.3"
+version = "2.14.6"
 description = ""
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "pydantic_core-2.14.3-cp310-cp310-macosx_10_7_x86_64.whl", hash = "sha256:ba44fad1d114539d6a1509966b20b74d2dec9a5b0ee12dd7fd0a1bb7b8785e5f"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:4a70d23eedd88a6484aa79a732a90e36701048a1509078d1b59578ef0ea2cdf5"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7cc24728a1a9cef497697e53b3d085fb4d3bc0ef1ef4d9b424d9cf808f52c146"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:ab4a2381005769a4af2ffddae74d769e8a4aae42e970596208ec6d615c6fb080"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:905a12bf088d6fa20e094f9a477bf84bd823651d8b8384f59bcd50eaa92e6a52"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:38aed5a1bbc3025859f56d6a32f6e53ca173283cb95348e03480f333b1091e7d"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1767bd3f6370458e60c1d3d7b1d9c2751cc1ad743434e8ec84625a610c8b9195"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:7cb0c397f29688a5bd2c0dbd44451bc44ebb9b22babc90f97db5ec3e5bb69977"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:9ff737f24b34ed26de62d481ef522f233d3c5927279f6b7229de9b0deb3f76b5"},
-    {file = "pydantic_core-2.14.3-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:a1a39fecb5f0b19faee9a8a8176c805ed78ce45d760259a4ff3d21a7daa4dfc1"},
-    {file = "pydantic_core-2.14.3-cp310-none-win32.whl", hash = "sha256:ccbf355b7276593c68fa824030e68cb29f630c50e20cb11ebb0ee450ae6b3d08"},
-    {file = "pydantic_core-2.14.3-cp310-none-win_amd64.whl", hash = "sha256:536e1f58419e1ec35f6d1310c88496f0d60e4f182cacb773d38076f66a60b149"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-macosx_10_7_x86_64.whl", hash = "sha256:f1f46700402312bdc31912f6fc17f5ecaaaa3bafe5487c48f07c800052736289"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:88ec906eb2d92420f5b074f59cf9e50b3bb44f3cb70e6512099fdd4d88c2f87c"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:056ea7cc3c92a7d2a14b5bc9c9fa14efa794d9f05b9794206d089d06d3433dc7"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:076edc972b68a66870cec41a4efdd72a6b655c4098a232314b02d2bfa3bfa157"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e71f666c3bf019f2490a47dddb44c3ccea2e69ac882f7495c68dc14d4065eac2"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f518eac285c9632be337323eef9824a856f2680f943a9b68ac41d5f5bad7df7c"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9dbab442a8d9ca918b4ed99db8d89d11b1f067a7dadb642476ad0889560dac79"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:0653fb9fc2fa6787f2fa08631314ab7fc8070307bd344bf9471d1b7207c24623"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:c54af5069da58ea643ad34ff32fd6bc4eebb8ae0fef9821cd8919063e0aeeaab"},
-    {file = "pydantic_core-2.14.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:cc956f78651778ec1ab105196e90e0e5f5275884793ab67c60938c75bcca3989"},
-    {file = "pydantic_core-2.14.3-cp311-none-win32.whl", hash = "sha256:5b73441a1159f1fb37353aaefb9e801ab35a07dd93cb8177504b25a317f4215a"},
-    {file = "pydantic_core-2.14.3-cp311-none-win_amd64.whl", hash = "sha256:7349f99f1ef8b940b309179733f2cad2e6037a29560f1b03fdc6aa6be0a8d03c"},
-    {file = "pydantic_core-2.14.3-cp311-none-win_arm64.whl", hash = "sha256:ec79dbe23702795944d2ae4c6925e35a075b88acd0d20acde7c77a817ebbce94"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-macosx_10_7_x86_64.whl", hash = "sha256:8f5624f0f67f2b9ecaa812e1dfd2e35b256487566585160c6c19268bf2ffeccc"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:6c2d118d1b6c9e2d577e215567eedbe11804c3aafa76d39ec1f8bc74e918fd07"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fe863491664c6720d65ae438d4efaa5eca766565a53adb53bf14bc3246c72fe0"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:136bc7247e97a921a020abbd6ef3169af97569869cd6eff41b6a15a73c44ea9b"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:aeafc7f5bbddc46213707266cadc94439bfa87ecf699444de8be044d6d6eb26f"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e16aaf788f1de5a85c8f8fcc9c1ca1dd7dd52b8ad30a7889ca31c7c7606615b8"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f8fc652c354d3362e2932a79d5ac4bbd7170757a41a62c4fe0f057d29f10bebb"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:f1b92e72babfd56585c75caf44f0b15258c58e6be23bc33f90885cebffde3400"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:75f3f534f33651b73f4d3a16d0254de096f43737d51e981478d580f4b006b427"},
-    {file = "pydantic_core-2.14.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:c9ffd823c46e05ef3eb28b821aa7bc501efa95ba8880b4a1380068e32c5bed47"},
-    {file = "pydantic_core-2.14.3-cp312-none-win32.whl", hash = "sha256:12e05a76b223577a4696c76d7a6b36a0ccc491ffb3c6a8cf92d8001d93ddfd63"},
-    {file = "pydantic_core-2.14.3-cp312-none-win_amd64.whl", hash = "sha256:1582f01eaf0537a696c846bea92082082b6bfc1103a88e777e983ea9fbdc2a0f"},
-    {file = "pydantic_core-2.14.3-cp312-none-win_arm64.whl", hash = "sha256:96fb679c7ca12a512d36d01c174a4fbfd912b5535cc722eb2c010c7b44eceb8e"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-macosx_10_7_x86_64.whl", hash = "sha256:71ed769b58d44e0bc2701aa59eb199b6665c16e8a5b8b4a84db01f71580ec448"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-macosx_11_0_arm64.whl", hash = "sha256:5402ee0f61e7798ea93a01b0489520f2abfd9b57b76b82c93714c4318c66ca06"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:eaab9dc009e22726c62fe3b850b797e7f0e7ba76d245284d1064081f512c7226"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:92486a04d54987054f8b4405a9af9d482e5100d6fe6374fc3303015983fc8bda"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:cf08b43d1d5d1678f295f0431a4a7e1707d4652576e1d0f8914b5e0213bfeee5"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8ca13480ce16daad0504be6ce893b0ee8ec34cd43b993b754198a89e2787f7e"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:44afa3c18d45053fe8d8228950ee4c8eaf3b5a7f3b64963fdeac19b8342c987f"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:56814b41486e2d712a8bc02a7b1f17b87fa30999d2323bbd13cf0e52296813a1"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:c3dc2920cc96f9aa40c6dc54256e436cc95c0a15562eb7bd579e1811593c377e"},
-    {file = "pydantic_core-2.14.3-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:e483b8b913fcd3b48badec54185c150cb7ab0e6487914b84dc7cde2365e0c892"},
-    {file = "pydantic_core-2.14.3-cp37-none-win32.whl", hash = "sha256:364dba61494e48f01ef50ae430e392f67ee1ee27e048daeda0e9d21c3ab2d609"},
-    {file = "pydantic_core-2.14.3-cp37-none-win_amd64.whl", hash = "sha256:a402ae1066be594701ac45661278dc4a466fb684258d1a2c434de54971b006ca"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-macosx_10_7_x86_64.whl", hash = "sha256:10904368261e4509c091cbcc067e5a88b070ed9a10f7ad78f3029c175487490f"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:260692420028319e201b8649b13ac0988974eeafaaef95d0dfbf7120c38dc000"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3c1bf1a7b05a65d3b37a9adea98e195e0081be6b17ca03a86f92aeb8b110f468"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:d7abd17a838a52140e3aeca271054e321226f52df7e0a9f0da8f91ea123afe98"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a5c51460ede609fbb4fa883a8fe16e749964ddb459966d0518991ec02eb8dfb9"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d06c78074646111fb01836585f1198367b17d57c9f427e07aaa9ff499003e58d"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:af452e69446fadf247f18ac5d153b1f7e61ef708f23ce85d8c52833748c58075"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:e3ad4968711fb379a67c8c755beb4dae8b721a83737737b7bcee27c05400b047"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:c5ea0153482e5b4d601c25465771c7267c99fddf5d3f3bdc238ef930e6d051cf"},
-    {file = "pydantic_core-2.14.3-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:96eb10ef8920990e703da348bb25fedb8b8653b5966e4e078e5be382b430f9e0"},
-    {file = "pydantic_core-2.14.3-cp38-none-win32.whl", hash = "sha256:ea1498ce4491236d1cffa0eee9ad0968b6ecb0c1cd711699c5677fc689905f00"},
-    {file = "pydantic_core-2.14.3-cp38-none-win_amd64.whl", hash = "sha256:2bc736725f9bd18a60eec0ed6ef9b06b9785454c8d0105f2be16e4d6274e63d0"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-macosx_10_7_x86_64.whl", hash = "sha256:1ea992659c03c3ea811d55fc0a997bec9dde863a617cc7b25cfde69ef32e55af"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:d2b53e1f851a2b406bbb5ac58e16c4a5496038eddd856cc900278fa0da97f3fc"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0c7f8e8a7cf8e81ca7d44bea4f181783630959d41b4b51d2f74bc50f348a090f"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:8d3b9c91eeb372a64ec6686c1402afd40cc20f61a0866850f7d989b6bf39a41a"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9ef3e2e407e4cad2df3c89488a761ed1f1c33f3b826a2ea9a411b0a7d1cccf1b"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f86f20a9d5bee1a6ede0f2757b917bac6908cde0f5ad9fcb3606db1e2968bcf5"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:61beaa79d392d44dc19d6f11ccd824d3cccb865c4372157c40b92533f8d76dd0"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:d41df8e10b094640a6b234851b624b76a41552f637b9fb34dc720b9fe4ef3be4"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:2c08ac60c3caa31f825b5dbac47e4875bd4954d8f559650ad9e0b225eaf8ed0c"},
-    {file = "pydantic_core-2.14.3-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:98d8b3932f1a369364606417ded5412c4ffb15bedbcf797c31317e55bd5d920e"},
-    {file = "pydantic_core-2.14.3-cp39-none-win32.whl", hash = "sha256:caa94726791e316f0f63049ee00dff3b34a629b0d099f3b594770f7d0d8f1f56"},
-    {file = "pydantic_core-2.14.3-cp39-none-win_amd64.whl", hash = "sha256:2494d20e4c22beac30150b4be3b8339bf2a02ab5580fa6553ca274bc08681a65"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-macosx_10_7_x86_64.whl", hash = "sha256:fe272a72c7ed29f84c42fedd2d06c2f9858dc0c00dae3b34ba15d6d8ae0fbaaf"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:7e63a56eb7fdee1587d62f753ccd6d5fa24fbeea57a40d9d8beaef679a24bdd6"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b7692f539a26265cece1e27e366df5b976a6db6b1f825a9e0466395b314ee48b"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:af46f0b7a1342b49f208fed31f5a83b8495bb14b652f621e0a6787d2f10f24ee"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:6e2f9d76c00e805d47f19c7a96a14e4135238a7551a18bfd89bb757993fd0933"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:de52ddfa6e10e892d00f747bf7135d7007302ad82e243cf16d89dd77b03b649d"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:38113856c7fad8c19be7ddd57df0c3e77b1b2336459cb03ee3903ce9d5e236ce"},
-    {file = "pydantic_core-2.14.3-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:354db020b1f8f11207b35360b92d95725621eb92656725c849a61e4b550f4acc"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-macosx_10_7_x86_64.whl", hash = "sha256:76fc18653a5c95e5301a52d1b5afb27c9adc77175bf00f73e94f501caf0e05ad"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2646f8270f932d79ba61102a15ea19a50ae0d43b314e22b3f8f4b5fabbfa6e38"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:37dad73a2f82975ed563d6a277fd9b50e5d9c79910c4aec787e2d63547202315"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:113752a55a8eaece2e4ac96bc8817f134c2c23477e477d085ba89e3aa0f4dc44"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:8488e973547e8fb1b4193fd9faf5236cf1b7cd5e9e6dc7ff6b4d9afdc4c720cb"},
-    {file = "pydantic_core-2.14.3-pp37-pypy37_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:3d1dde10bd9962b1434053239b1d5490fc31a2b02d8950a5f731bc584c7a5a0f"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-macosx_10_7_x86_64.whl", hash = "sha256:2c83892c7bf92b91d30faca53bb8ea21f9d7e39f0ae4008ef2c2f91116d0464a"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:849cff945284c577c5f621d2df76ca7b60f803cc8663ff01b778ad0af0e39bb9"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4aa89919fbd8a553cd7d03bf23d5bc5deee622e1b5db572121287f0e64979476"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bf15145b1f8056d12c67255cd3ce5d317cd4450d5ee747760d8d088d85d12a2d"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:4cc6bb11f4e8e5ed91d78b9880774fbc0856cb226151b0a93b549c2b26a00c19"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:832d16f248ca0cc96929139734ec32d21c67669dcf8a9f3f733c85054429c012"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:b02b5e1f54c3396c48b665050464803c23c685716eb5d82a1d81bf81b5230da4"},
-    {file = "pydantic_core-2.14.3-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:1f2d4516c32255782153e858f9a900ca6deadfb217fd3fb21bb2b60b4e04d04d"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-macosx_10_7_x86_64.whl", hash = "sha256:0a3e51c2be472b7867eb0c5d025b91400c2b73a0823b89d4303a9097e2ec6655"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:df33902464410a1f1a0411a235f0a34e7e129f12cb6340daca0f9d1390f5fe10"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:27828f0227b54804aac6fb077b6bb48e640b5435fdd7fbf0c274093a7b78b69c"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1e2979dc80246e18e348de51246d4c9b410186ffa3c50e77924bec436b1e36cb"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:b28996872b48baf829ee75fa06998b607c66a4847ac838e6fd7473a6b2ab68e7"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:ca55c9671bb637ce13d18ef352fd32ae7aba21b4402f300a63f1fb1fd18e0364"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:aecd5ed096b0e5d93fb0367fd8f417cef38ea30b786f2501f6c34eabd9062c38"},
-    {file = "pydantic_core-2.14.3-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:44aaf1a07ad0824e407dafc637a852e9a44d94664293bbe7d8ee549c356c8882"},
-    {file = "pydantic_core-2.14.3.tar.gz", hash = "sha256:3ad083df8fe342d4d8d00cc1d3c1a23f0dc84fce416eb301e69f1ddbbe124d3f"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-macosx_10_7_x86_64.whl", hash = "sha256:72f9a942d739f09cd42fffe5dc759928217649f070056f03c70df14f5770acf9"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:6a31d98c0d69776c2576dda4b77b8e0c69ad08e8b539c25c7d0ca0dc19a50d6c"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5aa90562bc079c6c290f0512b21768967f9968e4cfea84ea4ff5af5d917016e4"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:370ffecb5316ed23b667d99ce4debe53ea664b99cc37bfa2af47bc769056d534"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f85f3843bdb1fe80e8c206fe6eed7a1caeae897e496542cee499c374a85c6e08"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9862bf828112e19685b76ca499b379338fd4c5c269d897e218b2ae8fcb80139d"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:036137b5ad0cb0004c75b579445a1efccd072387a36c7f217bb8efd1afbe5245"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:92879bce89f91f4b2416eba4429c7b5ca22c45ef4a499c39f0c5c69257522c7c"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0c08de15d50fa190d577e8591f0329a643eeaed696d7771760295998aca6bc66"},
+    {file = "pydantic_core-2.14.6-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:36099c69f6b14fc2c49d7996cbf4f87ec4f0e66d1c74aa05228583225a07b590"},
+    {file = "pydantic_core-2.14.6-cp310-none-win32.whl", hash = "sha256:7be719e4d2ae6c314f72844ba9d69e38dff342bc360379f7c8537c48e23034b7"},
+    {file = "pydantic_core-2.14.6-cp310-none-win_amd64.whl", hash = "sha256:36fa402dcdc8ea7f1b0ddcf0df4254cc6b2e08f8cd80e7010d4c4ae6e86b2a87"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-macosx_10_7_x86_64.whl", hash = "sha256:dea7fcd62915fb150cdc373212141a30037e11b761fbced340e9db3379b892d4"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:ffff855100bc066ff2cd3aa4a60bc9534661816b110f0243e59503ec2df38421"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1b027c86c66b8627eb90e57aee1f526df77dc6d8b354ec498be9a757d513b92b"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:00b1087dabcee0b0ffd104f9f53d7d3eaddfaa314cdd6726143af6bc713aa27e"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:75ec284328b60a4e91010c1acade0c30584f28a1f345bc8f72fe8b9e46ec6a96"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7e1f4744eea1501404b20b0ac059ff7e3f96a97d3e3f48ce27a139e053bb370b"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b2602177668f89b38b9f84b7b3435d0a72511ddef45dc14446811759b82235a1"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:6c8edaea3089bf908dd27da8f5d9e395c5b4dc092dbcce9b65e7156099b4b937"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:478e9e7b360dfec451daafe286998d4a1eeaecf6d69c427b834ae771cad4b622"},
+    {file = "pydantic_core-2.14.6-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:b6ca36c12a5120bad343eef193cc0122928c5c7466121da7c20f41160ba00ba2"},
+    {file = "pydantic_core-2.14.6-cp311-none-win32.whl", hash = "sha256:2b8719037e570639e6b665a4050add43134d80b687288ba3ade18b22bbb29dd2"},
+    {file = "pydantic_core-2.14.6-cp311-none-win_amd64.whl", hash = "sha256:78ee52ecc088c61cce32b2d30a826f929e1708f7b9247dc3b921aec367dc1b23"},
+    {file = "pydantic_core-2.14.6-cp311-none-win_arm64.whl", hash = "sha256:a19b794f8fe6569472ff77602437ec4430f9b2b9ec7a1105cfd2232f9ba355e6"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-macosx_10_7_x86_64.whl", hash = "sha256:667aa2eac9cd0700af1ddb38b7b1ef246d8cf94c85637cbb03d7757ca4c3fdec"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:cdee837710ef6b56ebd20245b83799fce40b265b3b406e51e8ccc5b85b9099b7"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2c5bcf3414367e29f83fd66f7de64509a8fd2368b1edf4351e862910727d3e51"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:26a92ae76f75d1915806b77cf459811e772d8f71fd1e4339c99750f0e7f6324f"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a983cca5ed1dd9a35e9e42ebf9f278d344603bfcb174ff99a5815f953925140a"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:cb92f9061657287eded380d7dc455bbf115430b3aa4741bdc662d02977e7d0af"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e4ace1e220b078c8e48e82c081e35002038657e4b37d403ce940fa679e57113b"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:ef633add81832f4b56d3b4c9408b43d530dfca29e68fb1b797dcb861a2c734cd"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:7e90d6cc4aad2cc1f5e16ed56e46cebf4877c62403a311af20459c15da76fd91"},
+    {file = "pydantic_core-2.14.6-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:e8a5ac97ea521d7bde7621d86c30e86b798cdecd985723c4ed737a2aa9e77d0c"},
+    {file = "pydantic_core-2.14.6-cp312-none-win32.whl", hash = "sha256:f27207e8ca3e5e021e2402ba942e5b4c629718e665c81b8b306f3c8b1ddbb786"},
+    {file = "pydantic_core-2.14.6-cp312-none-win_amd64.whl", hash = "sha256:b3e5fe4538001bb82e2295b8d2a39356a84694c97cb73a566dc36328b9f83b40"},
+    {file = "pydantic_core-2.14.6-cp312-none-win_arm64.whl", hash = "sha256:64634ccf9d671c6be242a664a33c4acf12882670b09b3f163cd00a24cffbd74e"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-macosx_10_7_x86_64.whl", hash = "sha256:24368e31be2c88bd69340fbfe741b405302993242ccb476c5c3ff48aeee1afe0"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-macosx_11_0_arm64.whl", hash = "sha256:e33b0834f1cf779aa839975f9d8755a7c2420510c0fa1e9fa0497de77cd35d2c"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:6af4b3f52cc65f8a0bc8b1cd9676f8c21ef3e9132f21fed250f6958bd7223bed"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:d15687d7d7f40333bd8266f3814c591c2e2cd263fa2116e314f60d82086e353a"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:095b707bb287bfd534044166ab767bec70a9bba3175dcdc3371782175c14e43c"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:94fc0e6621e07d1e91c44e016cc0b189b48db053061cc22d6298a611de8071bb"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1ce830e480f6774608dedfd4a90c42aac4a7af0a711f1b52f807130c2e434c06"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:a306cdd2ad3a7d795d8e617a58c3a2ed0f76c8496fb7621b6cd514eb1532cae8"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:2f5fa187bde8524b1e37ba894db13aadd64faa884657473b03a019f625cee9a8"},
+    {file = "pydantic_core-2.14.6-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:438027a975cc213a47c5d70672e0d29776082155cfae540c4e225716586be75e"},
+    {file = "pydantic_core-2.14.6-cp37-none-win32.whl", hash = "sha256:f96ae96a060a8072ceff4cfde89d261837b4294a4f28b84a28765470d502ccc6"},
+    {file = "pydantic_core-2.14.6-cp37-none-win_amd64.whl", hash = "sha256:e646c0e282e960345314f42f2cea5e0b5f56938c093541ea6dbf11aec2862391"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-macosx_10_7_x86_64.whl", hash = "sha256:db453f2da3f59a348f514cfbfeb042393b68720787bbef2b4c6068ea362c8149"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:3860c62057acd95cc84044e758e47b18dcd8871a328ebc8ccdefd18b0d26a21b"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:36026d8f99c58d7044413e1b819a67ca0e0b8ebe0f25e775e6c3d1fabb3c38fb"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:8ed1af8692bd8d2a29d702f1a2e6065416d76897d726e45a1775b1444f5928a7"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:314ccc4264ce7d854941231cf71b592e30d8d368a71e50197c905874feacc8a8"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:982487f8931067a32e72d40ab6b47b1628a9c5d344be7f1a4e668fb462d2da42"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2dbe357bc4ddda078f79d2a36fc1dd0494a7f2fad83a0a684465b6f24b46fe80"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:2f6ffc6701a0eb28648c845f4945a194dc7ab3c651f535b81793251e1185ac3d"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:7f5025db12fc6de7bc1104d826d5aee1d172f9ba6ca936bf6474c2148ac336c1"},
+    {file = "pydantic_core-2.14.6-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:dab03ed811ed1c71d700ed08bde8431cf429bbe59e423394f0f4055f1ca0ea60"},
+    {file = "pydantic_core-2.14.6-cp38-none-win32.whl", hash = "sha256:dfcbebdb3c4b6f739a91769aea5ed615023f3c88cb70df812849aef634c25fbe"},
+    {file = "pydantic_core-2.14.6-cp38-none-win_amd64.whl", hash = "sha256:99b14dbea2fdb563d8b5a57c9badfcd72083f6006caf8e126b491519c7d64ca8"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-macosx_10_7_x86_64.whl", hash = "sha256:4ce8299b481bcb68e5c82002b96e411796b844d72b3e92a3fbedfe8e19813eab"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:b9a9d92f10772d2a181b5ca339dee066ab7d1c9a34ae2421b2a52556e719756f"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fd9e98b408384989ea4ab60206b8e100d8687da18b5c813c11e92fd8212a98e0"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:4f86f1f318e56f5cbb282fe61eb84767aee743ebe32c7c0834690ebea50c0a6b"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:86ce5fcfc3accf3a07a729779d0b86c5d0309a4764c897d86c11089be61da160"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3dcf1978be02153c6a31692d4fbcc2a3f1db9da36039ead23173bc256ee3b91b"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:eedf97be7bc3dbc8addcef4142f4b4164066df0c6f36397ae4aaed3eb187d8ab"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:d5f916acf8afbcab6bacbb376ba7dc61f845367901ecd5e328fc4d4aef2fcab0"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:8a14c192c1d724c3acbfb3f10a958c55a2638391319ce8078cb36c02283959b9"},
+    {file = "pydantic_core-2.14.6-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:0348b1dc6b76041516e8a854ff95b21c55f5a411c3297d2ca52f5528e49d8411"},
+    {file = "pydantic_core-2.14.6-cp39-none-win32.whl", hash = "sha256:de2a0645a923ba57c5527497daf8ec5df69c6eadf869e9cd46e86349146e5975"},
+    {file = "pydantic_core-2.14.6-cp39-none-win_amd64.whl", hash = "sha256:aca48506a9c20f68ee61c87f2008f81f8ee99f8d7f0104bff3c47e2d148f89d9"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-macosx_10_7_x86_64.whl", hash = "sha256:d5c28525c19f5bb1e09511669bb57353d22b94cf8b65f3a8d141c389a55dec95"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:78d0768ee59baa3de0f4adac9e3748b4b1fffc52143caebddfd5ea2961595277"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8b93785eadaef932e4fe9c6e12ba67beb1b3f1e5495631419c784ab87e975670"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a874f21f87c485310944b2b2734cd6d318765bcbb7515eead33af9641816506e"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:b89f4477d915ea43b4ceea6756f63f0288941b6443a2b28c69004fe07fde0d0d"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:172de779e2a153d36ee690dbc49c6db568d7b33b18dc56b69a7514aecbcf380d"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:dfcebb950aa7e667ec226a442722134539e77c575f6cfaa423f24371bb8d2e94"},
+    {file = "pydantic_core-2.14.6-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:55a23dcd98c858c0db44fc5c04fc7ed81c4b4d33c653a7c45ddaebf6563a2f66"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-macosx_10_7_x86_64.whl", hash = "sha256:4241204e4b36ab5ae466ecec5c4c16527a054c69f99bba20f6f75232a6a534e2"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e574de99d735b3fc8364cba9912c2bec2da78775eba95cbb225ef7dda6acea24"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1302a54f87b5cd8528e4d6d1bf2133b6aa7c6122ff8e9dc5220fbc1e07bffebd"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:f8e81e4b55930e5ffab4a68db1af431629cf2e4066dbdbfef65348b8ab804ea8"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:c99462ffc538717b3e60151dfaf91125f637e801f5ab008f81c402f1dff0cd0f"},
+    {file = "pydantic_core-2.14.6-pp37-pypy37_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:e4cf2d5829f6963a5483ec01578ee76d329eb5caf330ecd05b3edd697e7d768a"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-macosx_10_7_x86_64.whl", hash = "sha256:cf10b7d58ae4a1f07fccbf4a0a956d705356fea05fb4c70608bb6fa81d103cda"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:399ac0891c284fa8eb998bcfa323f2234858f5d2efca3950ae58c8f88830f145"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:9c6a5c79b28003543db3ba67d1df336f253a87d3112dac3a51b94f7d48e4c0e1"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:599c87d79cab2a6a2a9df4aefe0455e61e7d2aeede2f8577c1b7c0aec643ee8e"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:43e166ad47ba900f2542a80d83f9fc65fe99eb63ceec4debec160ae729824052"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:3a0b5db001b98e1c649dd55afa928e75aa4087e587b9524a4992316fa23c9fba"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:747265448cb57a9f37572a488a57d873fd96bf51e5bb7edb52cfb37124516da4"},
+    {file = "pydantic_core-2.14.6-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:7ebe3416785f65c28f4f9441e916bfc8a54179c8dea73c23023f7086fa601c5d"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-macosx_10_7_x86_64.whl", hash = "sha256:86c963186ca5e50d5c8287b1d1c9d3f8f024cbe343d048c5bd282aec2d8641f2"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:e0641b506486f0b4cd1500a2a65740243e8670a2549bb02bc4556a83af84ae03"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:71d72ca5eaaa8d38c8df16b7deb1a2da4f650c41b58bb142f3fb75d5ad4a611f"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:27e524624eace5c59af499cd97dc18bb201dc6a7a2da24bfc66ef151c69a5f2a"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:a3dde6cac75e0b0902778978d3b1646ca9f438654395a362cb21d9ad34b24acf"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:00646784f6cd993b1e1c0e7b0fdcbccc375d539db95555477771c27555e3c556"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:23598acb8ccaa3d1d875ef3b35cb6376535095e9405d91a3d57a8c7db5d29341"},
+    {file = "pydantic_core-2.14.6-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:7f41533d7e3cf9520065f610b41ac1c76bc2161415955fbcead4981b22c7611e"},
+    {file = "pydantic_core-2.14.6.tar.gz", hash = "sha256:1fd0c1d395372843fba13a51c28e3bb9d59bd7aebfeb17358ffaaa1e4dbbe948"},
 ]
 
 [package.dependencies]
@@ -2806,13 +2938,13 @@ pydantic = [
 
 [[package]]
 name = "pygments"
-version = "2.17.0"
+version = "2.17.2"
 description = "Pygments is a syntax highlighting package written in Python."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "pygments-2.17.0-py3-none-any.whl", hash = "sha256:cd0c46944b2551af02ecc15961050182ea120d3895000e2676160820f3421527"},
-    {file = "pygments-2.17.0.tar.gz", hash = "sha256:edaa0fa2453d055d0ac94449d1f73ec7bc52c5e318204da1377c1392978c4a8d"},
+    {file = "pygments-2.17.2-py3-none-any.whl", hash = "sha256:b27c2826c47d0f3219f29554824c30c5e8945175d888647acd804ddd04af846c"},
+    {file = "pygments-2.17.2.tar.gz", hash = "sha256:da46cec9fd2de5be3a8a784f434e4c4ab670b4ff54d605c4c2717e9d49c4c367"},
 ]
 
 [package.extras]
@@ -2838,20 +2970,20 @@ tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"]
 
 [[package]]
 name = "pylint"
-version = "3.0.2"
+version = "3.0.3"
 description = "python code static checker"
 optional = false
 python-versions = ">=3.8.0"
 files = [
-    {file = "pylint-3.0.2-py3-none-any.whl", hash = "sha256:60ed5f3a9ff8b61839ff0348b3624ceeb9e6c2a92c514d81c9cc273da3b6bcda"},
-    {file = "pylint-3.0.2.tar.gz", hash = "sha256:0d4c286ef6d2f66c8bfb527a7f8a629009e42c99707dec821a03e1b51a4c1496"},
+    {file = "pylint-3.0.3-py3-none-any.whl", hash = "sha256:7a1585285aefc5165db81083c3e06363a27448f6b467b3b0f30dbd0ac1f73810"},
+    {file = "pylint-3.0.3.tar.gz", hash = "sha256:58c2398b0301e049609a8429789ec6edf3aabe9b6c5fec916acd18639c16de8b"},
 ]
 
 [package.dependencies]
 astroid = ">=3.0.1,<=3.1.0-dev0"
 colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""}
 dill = {version = ">=0.3.7", markers = "python_version >= \"3.12\""}
-isort = ">=4.2.5,<6"
+isort = ">=4.2.5,<5.13.0 || >5.13.0,<6"
 mccabe = ">=0.6,<0.8"
 platformdirs = ">=2.2.0"
 tomlkit = ">=0.10.1"
@@ -2965,13 +3097,13 @@ files = [
 
 [[package]]
 name = "pytest"
-version = "7.4.3"
+version = "7.4.4"
 description = "pytest: simple powerful testing with Python"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "pytest-7.4.3-py3-none-any.whl", hash = "sha256:0d009c083ea859a71b76adf7c1d502e4bc170b80a8ef002da5806527b9591fac"},
-    {file = "pytest-7.4.3.tar.gz", hash = "sha256:d989d136982de4e3b29dabcc838ad581c64e8ed52c11fbe86ddebd9da0818cd5"},
+    {file = "pytest-7.4.4-py3-none-any.whl", hash = "sha256:b090cdf5ed60bf4c45261be03239c2c1c22df034fbffe691abe93cd80cea01d8"},
+    {file = "pytest-7.4.4.tar.gz", hash = "sha256:2cf0005922c6ace4a3e2ec8b4080eb0d9753fdc93107415332f50ce9e7994280"},
 ]
 
 [package.dependencies]
@@ -3181,13 +3313,13 @@ ocsp = ["cryptography (>=36.0.1)", "pyopenssl (==20.0.1)", "requests (>=2.26.0)"
 
 [[package]]
 name = "referencing"
-version = "0.31.0"
+version = "0.32.0"
 description = "JSON Referencing + Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "referencing-0.31.0-py3-none-any.whl", hash = "sha256:381b11e53dd93babb55696c71cf42aef2d36b8a150c49bf0bc301e36d536c882"},
-    {file = "referencing-0.31.0.tar.gz", hash = "sha256:cc28f2c88fbe7b961a7817a0abc034c09a1e36358f82fedb4ffdf29a25398863"},
+    {file = "referencing-0.32.0-py3-none-any.whl", hash = "sha256:bdcd3efb936f82ff86f993093f6da7435c7de69a3b3a5a06678a6050184bee99"},
+    {file = "referencing-0.32.0.tar.gz", hash = "sha256:689e64fe121843dcfd57b71933318ef1f91188ffb45367332700a86ac8fd6161"},
 ]
 
 [package.dependencies]
@@ -3272,110 +3404,110 @@ jupyter = ["ipywidgets (>=7.5.1,<9)"]
 
 [[package]]
 name = "rpds-py"
-version = "0.13.0"
+version = "0.16.2"
 description = "Python bindings to Rust's persistent data structures (rpds)"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "rpds_py-0.13.0-cp310-cp310-macosx_10_7_x86_64.whl", hash = "sha256:1758197cc8d7ff383c07405f188253535b4aa7fa745cbc54d221ae84b18e0702"},
-    {file = "rpds_py-0.13.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:715df74cbcef4387d623c917f295352127f4b3e0388038d68fa577b4e4c6e540"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c8a9cec0f49df9bac252d92f138c0d7708d98828e21fd57db78087d8f50b5656"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:5c2545bba02f68abdf398ef4990dc77592cc1e5d29438b35b3a3ca34d171fb4b"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:95375c44ffb9ea2bc25d67fb66e726ea266ff1572df50b9556fe28a5f3519cd7"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:54e513df45a8a9419e7952ffd26ac9a5b7b1df97fe72530421794b0de29f9d72"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a25f514a53927b6b4bd04a9a6a13b55209df54f548660eeed673336c0c946d14"},
-    {file = "rpds_py-0.13.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:c1a920fa679ec2758411d66bf68840b0a21317b9954ab0e973742d723bb67709"},
-    {file = "rpds_py-0.13.0-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:f9339d1404b87e6d8cb35e485945753be57a99ab9bb389f42629215b2f6bda0f"},
-    {file = "rpds_py-0.13.0-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:c99f9dda2c959f7bb69a7125e192c74fcafb7a534a95ccf49313ae3a04807804"},
-    {file = "rpds_py-0.13.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:bad6758df5f1042b35683bd1811d5432ac1b17700a5a2a51fdc293f7df5f7827"},
-    {file = "rpds_py-0.13.0-cp310-none-win32.whl", hash = "sha256:2a29ec68fa9655ce9501bc6ae074b166e8b45c2dfcd2d71d90d1a61758ed8c73"},
-    {file = "rpds_py-0.13.0-cp310-none-win_amd64.whl", hash = "sha256:244be953f13f148b0071d67a610f89cd72eb5013a147e517d6ca3f3f3b7e0380"},
-    {file = "rpds_py-0.13.0-cp311-cp311-macosx_10_7_x86_64.whl", hash = "sha256:240279ca0b2afd6d4710afce1c94bf9e75fc161290bf62c0feba64d64780d80b"},
-    {file = "rpds_py-0.13.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:25c9727da2dabc93664a18eda7a70feedf478f0c4c8294e4cdba7f60a479a246"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:981e46e1e5064f95460381bff4353783b4b5ce351c930e5b507ebe0278c61dac"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:6052bb47ea583646b8ff562acacb9a2ec5ec847267049cbae3919671929e94c6"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:87f591ff8cc834fa01ca5899ab5edcd7ee590492a9cdcf43424ac142e731ce3e"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:62772259b3381e2aabf274c74fd1e1ac03b0524de0a6593900684becfa8cfe4b"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b4de9d20fe68c16b4d97f551a09920745add0c86430262230528b83c2ed2fe90"},
-    {file = "rpds_py-0.13.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:b70a54fb628c1d6400e351674a31ba63d2912b8c5b707f99b408674a5d8b69ab"},
-    {file = "rpds_py-0.13.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:2063ab9cd1be7ef6b5ed0f408e2bdf32c060b6f40c097a468f32864731302636"},
-    {file = "rpds_py-0.13.0-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:84f7f3f18d29a1c645729634003d21d84028bd9c2fd78eba9d028998f46fa5aa"},
-    {file = "rpds_py-0.13.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:f7c7ddc8d1a64623068da5a15e28001fbd0f0aff754aae7a75a4be5042191638"},
-    {file = "rpds_py-0.13.0-cp311-none-win32.whl", hash = "sha256:8a33d2b6340261191bb59adb5a453fa6c7d99de85552bd4e8196411f0509c9bf"},
-    {file = "rpds_py-0.13.0-cp311-none-win_amd64.whl", hash = "sha256:8b9c1dd90461940315981499df62a627571c4f0992e8bafc5396d33916224cac"},
-    {file = "rpds_py-0.13.0-cp312-cp312-macosx_10_7_x86_64.whl", hash = "sha256:15a2d542de5cbfc6abddc4846d9412b59f8ee9c8dfa0b9c92a29321297c91745"},
-    {file = "rpds_py-0.13.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8dd69e01b29ff45a0062cad5c480d8aa9301c3ef09da471f86337a78eb2d3405"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:efdd02971a02f98492a72b25484f1f6125fb9f2166e48cc4c9bfa563349c851b"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:91ca9aaee7ccdfa66d800b5c4ec634fefca947721bab52d6ad2f6350969a3771"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:afcec1f5b09d0db70aeb2d90528a9164acb61841a3124e28f6ac0137f4c36cb4"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5c6824673f66c47f7ee759c21e973bfce3ceaf2c25cb940cb45b41105dc914e8"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:50b6d80925dfeb573fc5e38582fb9517c6912dc462cc858a11c8177b0837127a"},
-    {file = "rpds_py-0.13.0-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:3a1a38512925829784b5dc38591c757b80cfce115c72c594dc59567dab62b9c4"},
-    {file = "rpds_py-0.13.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:977c6123c359dcc70ce3161b781ab70b0d342de2666944b776617e01a0a7822a"},
-    {file = "rpds_py-0.13.0-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:c472409037e05ed87b99430f97a6b82130328bb977502813547e8ee6a3392502"},
-    {file = "rpds_py-0.13.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:28bb22019f4a783ea06a6b81437d5996551869e8a722ee8720b744f7684d97f4"},
-    {file = "rpds_py-0.13.0-cp312-none-win32.whl", hash = "sha256:46be9c0685cce2ea02151aa8308f2c1b78581be41a5dd239448a941a210ef5dd"},
-    {file = "rpds_py-0.13.0-cp312-none-win_amd64.whl", hash = "sha256:3c5b9ad4d3e05dfcf8629f0d534f92610e9805dbce2fcb9b3c801ddb886431d5"},
-    {file = "rpds_py-0.13.0-cp38-cp38-macosx_10_7_x86_64.whl", hash = "sha256:66eb5aa36e857f768c598d2082fafb733eaf53e06e1169c6b4de65636e04ffd0"},
-    {file = "rpds_py-0.13.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:c9f4c2b7d989426e9fe9b720211172cf10eb5f7aa16c63de2e5dc61457abcf35"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c1e37dfffe8959a492b7b331995f291847a41a035b4aad82d6060f38e8378a2b"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:8220321f2dccd9d66f72639185247cb7bbdd90753bf0b6bfca0fa31dba8af23c"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e8f1d466a9747213d3cf7e1afec849cc51edb70d5b4ae9a82eca0f172bfbb6d0"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9c4c4b4ff3de834ec5c1c690e5a18233ca78547d003eb83664668ccf09ef1398"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:525d19ef0a999229ef0f0a7687ab2c9a00d1b6a47a005006f4d8c4b8975fdcec"},
-    {file = "rpds_py-0.13.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:0982b59d014efb84a57128e7e69399fb29ad8f2da5b0a5bcbfd12e211c00492e"},
-    {file = "rpds_py-0.13.0-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:f714dd5b705f1c394d1b361d96486c4981055c434a7eafb1a3147ac75e34a3de"},
-    {file = "rpds_py-0.13.0-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:766b573a964389ef0d91a26bb31e1b59dbc5d06eff7707f3dfcec23d93080ba3"},
-    {file = "rpds_py-0.13.0-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:2ed65ad3fc5065d13e31e90794e0b52e405b63ae4fab1080caeaadc10a3439c5"},
-    {file = "rpds_py-0.13.0-cp38-none-win32.whl", hash = "sha256:9645f7fe10a68b2396d238250b4b264c2632d2eb6ce2cb90aa0fe08adee194be"},
-    {file = "rpds_py-0.13.0-cp38-none-win_amd64.whl", hash = "sha256:42d0ad129c102856a364ccc7d356faec017af86b3543a8539795f22b6cabad11"},
-    {file = "rpds_py-0.13.0-cp39-cp39-macosx_10_7_x86_64.whl", hash = "sha256:95c11647fac2a3515ea2614a79e14b7c75025724ad54c91c7db4a6ea5c25ef19"},
-    {file = "rpds_py-0.13.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:9435bf4832555c4f769c6be9401664357be33d5f5d8dc58f5c20fb8d21e2c45d"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:54b1d671a74395344239ee3adbcd8c496525f6a2b2e54c40fec69620a31a8dcb"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:13c8061115f1468de6ffdfb1d31b446e1bd814f1ff6e556862169aacb9fbbc5d"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a78861123b002725633871a2096c3a4313224aab3d11b953dced87cfba702418"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:97c1be5a018cdad54fa7e5f7d36b9ab45ef941a1d185987f18bdab0a42344012"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e33b17915c8e4fb2ea8b91bb4c46cba92242c63dd38b87e869ead5ba217e2970"},
-    {file = "rpds_py-0.13.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:153b6d8cf7ae4b9ffd09de6abeda661e351e3e06eaafd18a8c104ea00099b131"},
-    {file = "rpds_py-0.13.0-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:da2852201e8e00c86be82c43d6893e6c380ef648ae53f337ffd1eaa35e3dfb8a"},
-    {file = "rpds_py-0.13.0-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:a2383f400691fd7bd63347d4d75eb2fd525de9d901799a33a4e896c9885609f8"},
-    {file = "rpds_py-0.13.0-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:d5bf560634ea6e9a59ceb2181a6cd6195a03f48cef9a400eb15e197e18f14548"},
-    {file = "rpds_py-0.13.0-cp39-none-win32.whl", hash = "sha256:fdaef49055cc0c701fb17b9b34a38ef375e5cdb230b3722d4a12baf9b7cbc6d3"},
-    {file = "rpds_py-0.13.0-cp39-none-win_amd64.whl", hash = "sha256:26660c74a20fe249fad75ca00bbfcf60e57c3fdbde92971c88a20e07fea1de64"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-macosx_10_7_x86_64.whl", hash = "sha256:28324f2f0247d407daabf7ff357ad9f36126075c92a0cf5319396d96ff4e1248"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:b431c2c0ff1ea56048a2b066d99d0c2d151ae7625b20be159b7e699f3e80390b"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7472bd60a8293217444bdc6a46e516feb8d168da44d5f3fccea0336e88e3b79a"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:169063f346b8fd84f47d986c9c48e6094eb38b839c1287e7cb886b8a2b32195d"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:eef7ee7c70f8b8698be468d54f9f5e01804f3a1dd5657e8a96363dbd52b9b5ec"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:762013dd59df12380c5444f61ccbf9ae1297027cabbd7aa25891f724ebf8c8f7"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:152570689a27ae0be1d5f50b21dad38d450b9227d0974f23bd400400ea087e88"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:d70a93a40e55da117c511ddc514642bc7d59a95a99137168a5f3f2f876b47962"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:e6c6fed07d13b9e0fb689356c40c81f1aa92e3c9d91d8fd5816a0348ccd999f7"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-musllinux_1_2_i686.whl", hash = "sha256:cdded3cf9e36840b09ccef714d5fa74a03f4eb6cf81e694226ed9cb5e6f90de0"},
-    {file = "rpds_py-0.13.0-pp310-pypy310_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:e1f40faf406c52c7ae7d208b9140377c06397248978ccb03fbfbb30a0571e359"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-macosx_10_7_x86_64.whl", hash = "sha256:c10326e30c97a95b7e1d75e5200ef0b9827aa0f861e331e43b15dfdfd63e669b"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:afde37e3763c602d0385bce5c12f262e7b1dd2a0f323e239fa9d7b2d4d5d8509"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4084ab6840bd4d79eff3b5f497add847a7db31ce5a0c2d440c90b2d2b7011857"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:1c9c9cb48ab77ebfa47db25b753f594d4f44959cfe43b713439ca6e3c9329671"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:533d728ea5ad5253af3395102723ca8a77b62de47b2295155650c9a88fcdeec8"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1f22cab655b41033d430f20266bf563b35038a7f01c9a099b0ccfd30a7fb9247"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b9a0507342c37132813449393e6e6f351bbff376031cfff1ee6e616402ac7908"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:4eb1faf8e2ee9a2de3cb3ae4c8c355914cdc85f2cd7f27edf76444c9550ce1e7"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:a61a152d61e3ae26e0bbba7b2f568f6f25ca0abdeb6553eca7e7c45b59d9b1a9"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-musllinux_1_2_i686.whl", hash = "sha256:e499bf2200eb74774a6f85a7465e3bc5273fa8ef0055590d97a88c1e7ea02eea"},
-    {file = "rpds_py-0.13.0-pp38-pypy38_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:1e5becd0de924616ca9a12abeb6458568d1dc8fe5c670d5cdb738402a8a8429d"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-macosx_10_7_x86_64.whl", hash = "sha256:70cfe098d915f566eeebcb683f49f9404d2f948432891b6e075354336eda9dfb"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:2e73511e88368f93c24efe7c9a20b319eaa828bc7431f8a17713efb9e31a39fa"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c07cb9bcccd08f9bc2fd05bf586479df4272ea5a6a70fbcb59b018ed48a5a84d"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:8c4e84016ba225e09df20fed8befe8c68d14fbeff6078f4a0ff907ae2095e17e"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:6ad465e5a70580ca9c1944f43a9a71bca3a7b74554347fc96ca0479eca8981f9"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:189aebd44a07fa7b7966cf78b85bde8335b0b6c3b1c4ef5589f8c03176830107"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9f50ca0460f1f7a89ab9b8355d83ac993d5998ad4218e76654ecf8afe648d8aa"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:f6c225011467021879c0482316e42d8a28852fc29f0c15d2a435ff457cadccd4"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:1e63b32b856c0f08a56b76967d61b6ad811d8d330a8aebb9d21afadd82a296f6"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-musllinux_1_2_i686.whl", hash = "sha256:7e5fbe9800f09c56967fda88c4d9272955e781699a66102bd098f22511a3f260"},
-    {file = "rpds_py-0.13.0-pp39-pypy39_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:fea99967d4a978ce95dd52310bcb4a943b77c61725393bca631b0908047d6e2f"},
-    {file = "rpds_py-0.13.0.tar.gz", hash = "sha256:35cc91cbb0b775705e0feb3362490b8418c408e9e3c3b9cb3b02f6e495f03ee7"},
+    {file = "rpds_py-0.16.2-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:509b617ac787cd1149600e731db9274ebbef094503ca25158e6f23edaba1ca8f"},
+    {file = "rpds_py-0.16.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:413b9c17388bbd0d87a329d8e30c1a4c6e44e2bb25457f43725a8e6fe4161e9e"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2946b120718eba9af2b4dd103affc1164a87b9e9ebff8c3e4c05d7b7a7e274e2"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:35ae5ece284cf36464eb160880018cf6088a9ac5ddc72292a6092b6ef3f4da53"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3dc6a7620ba7639a3db6213da61312cb4aa9ac0ca6e00dc1cbbdc21c2aa6eb57"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8cb6fe8ecdfffa0e711a75c931fb39f4ba382b4b3ccedeca43f18693864fe850"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6dace7b26a13353e24613417ce2239491b40a6ad44e5776a18eaff7733488b44"},
+    {file = "rpds_py-0.16.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:1bdbc5fcb04a7309074de6b67fa9bc4b418ab3fc435fec1f2779a0eced688d04"},
+    {file = "rpds_py-0.16.2-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:f42e25c016927e2a6b1ce748112c3ab134261fc2ddc867e92d02006103e1b1b7"},
+    {file = "rpds_py-0.16.2-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:eab36eae3f3e8e24b05748ec9acc66286662f5d25c52ad70cadab544e034536b"},
+    {file = "rpds_py-0.16.2-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:0474df4ade9a3b4af96c3d36eb81856cb9462e4c6657d4caecfd840d2a13f3c9"},
+    {file = "rpds_py-0.16.2-cp310-none-win32.whl", hash = "sha256:84c5a4d1f9dd7e2d2c44097fb09fffe728629bad31eb56caf97719e55575aa82"},
+    {file = "rpds_py-0.16.2-cp310-none-win_amd64.whl", hash = "sha256:2bd82db36cd70b3628c0c57d81d2438e8dd4b7b32a6a9f25f24ab0e657cb6c4e"},
+    {file = "rpds_py-0.16.2-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:adc0c3d6fc6ae35fee3e4917628983f6ce630d513cbaad575b4517d47e81b4bb"},
+    {file = "rpds_py-0.16.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:ec23fcad480e77ede06cf4127a25fc440f7489922e17fc058f426b5256ee0edb"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:07aab64e2808c3ebac2a44f67e9dc0543812b715126dfd6fe4264df527556cb6"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:a4ebb8b20bd09c5ce7884c8f0388801100f5e75e7f733b1b6613c713371feefc"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a3d7e2ea25d3517c6d7e5a1cc3702cffa6bd18d9ef8d08d9af6717fc1c700eed"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f28ac0e8e7242d140f99402a903a2c596ab71550272ae9247ad78f9a932b5698"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:19f00f57fdd38db4bb5ad09f9ead1b535332dbf624200e9029a45f1f35527ebb"},
+    {file = "rpds_py-0.16.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:3da5a4c56953bdbf6d04447c3410309616c54433146ccdb4a277b9cb499bc10e"},
+    {file = "rpds_py-0.16.2-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:ec2e1cf025b2c0f48ec17ff3e642661da7ee332d326f2e6619366ce8e221f018"},
+    {file = "rpds_py-0.16.2-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e0441fb4fdd39a230477b2ca9be90868af64425bfe7b122b57e61e45737a653b"},
+    {file = "rpds_py-0.16.2-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:9f0350ef2fba5f34eb0c9000ea328e51b9572b403d2f7f3b19f24085f6f598e8"},
+    {file = "rpds_py-0.16.2-cp311-none-win32.whl", hash = "sha256:5a80e2f83391ad0808b4646732af2a7b67550b98f0cae056cb3b40622a83dbb3"},
+    {file = "rpds_py-0.16.2-cp311-none-win_amd64.whl", hash = "sha256:e04e56b4ca7a770593633556e8e9e46579d66ec2ada846b401252a2bdcf70a6d"},
+    {file = "rpds_py-0.16.2-cp312-cp312-macosx_10_12_x86_64.whl", hash = "sha256:5e6caa3809e50690bd92fa490f5c38caa86082c8c3315aa438bce43786d5e90d"},
+    {file = "rpds_py-0.16.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:2e53b9b25cac9065328901713a7e9e3b12e4f57ef4280b370fbbf6fef2052eef"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:af27423662f32d7501a00c5e7342f7dbd1e4a718aea7a239781357d15d437133"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:43d4dd5fb16eb3825742bad8339d454054261ab59fed2fbac84e1d84d5aae7ba"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e061de3b745fe611e23cd7318aec2c8b0e4153939c25c9202a5811ca911fd733"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3b811d182ad17ea294f2ec63c0621e7be92a1141e1012383461872cead87468f"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5552f328eaef1a75ff129d4d0c437bf44e43f9436d3996e8eab623ea0f5fcf73"},
+    {file = "rpds_py-0.16.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:dcbe1f8dd179e4d69b70b1f1d9bb6fd1e7e1bdc9c9aad345cdeb332e29d40748"},
+    {file = "rpds_py-0.16.2-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:8aad80645a011abae487d356e0ceb359f4938dfb6f7bcc410027ed7ae4f7bb8b"},
+    {file = "rpds_py-0.16.2-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:b6f5549d6ed1da9bfe3631ca9483ae906f21410be2445b73443fa9f017601c6f"},
+    {file = "rpds_py-0.16.2-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:d452817e0d9c749c431a1121d56a777bd7099b720b3d1c820f1725cb40928f58"},
+    {file = "rpds_py-0.16.2-cp312-none-win32.whl", hash = "sha256:888a97002e986eca10d8546e3c8b97da1d47ad8b69726dcfeb3e56348ebb28a3"},
+    {file = "rpds_py-0.16.2-cp312-none-win_amd64.whl", hash = "sha256:d8dda2a806dfa4a9b795950c4f5cc56d6d6159f7d68080aedaff3bdc9b5032f5"},
+    {file = "rpds_py-0.16.2-cp38-cp38-macosx_10_12_x86_64.whl", hash = "sha256:071980663c273bf3d388fe5c794c547e6f35ba3335477072c713a3176bf14a60"},
+    {file = "rpds_py-0.16.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:726ac36e8a3bb8daef2fd482534cabc5e17334052447008405daca7ca04a3108"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e9e557db6a177470316c82f023e5d571811c9a4422b5ea084c85da9aa3c035fc"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:90123853fc8b1747f80b0d354be3d122b4365a93e50fc3aacc9fb4c2488845d6"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a61f659665a39a4d17d699ab3593d7116d66e1e2e3f03ef3fb8f484e91908808"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:cc97f0640e91d7776530f06e6836c546c1c752a52de158720c4224c9e8053cad"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:44a54e99a2b9693a37ebf245937fd6e9228b4cbd64b9cc961e1f3391ec6c7391"},
+    {file = "rpds_py-0.16.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:bd4b677d929cf1f6bac07ad76e0f2d5de367e6373351c01a9c0a39f6b21b4a8b"},
+    {file = "rpds_py-0.16.2-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:5ef00873303d678aaf8b0627e111fd434925ca01c657dbb2641410f1cdaef261"},
+    {file = "rpds_py-0.16.2-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:349cb40897fd529ca15317c22c0eab67f5ac5178b5bd2c6adc86172045210acc"},
+    {file = "rpds_py-0.16.2-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:2ddef620e70eaffebed5932ce754d539c0930f676aae6212f8e16cd9743dd365"},
+    {file = "rpds_py-0.16.2-cp38-none-win32.whl", hash = "sha256:882ce6e25e585949c3d9f9abd29202367175e0aab3aba0c58c9abbb37d4982ff"},
+    {file = "rpds_py-0.16.2-cp38-none-win_amd64.whl", hash = "sha256:f4bd4578e44f26997e9e56c96dedc5f1af43cc9d16c4daa29c771a00b2a26851"},
+    {file = "rpds_py-0.16.2-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:69ac7ea9897ec201ce68b48582f3eb34a3f9924488a5432a93f177bf76a82a7e"},
+    {file = "rpds_py-0.16.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a9880b4656efe36ccad41edc66789e191e5ee19a1ea8811e0aed6f69851a82f4"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ee94cb58c0ba2c62ee108c2b7c9131b2c66a29e82746e8fa3aa1a1effbd3dcf1"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:24f7a2eb3866a9e91f4599851e0c8d39878a470044875c49bd528d2b9b88361c"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ca57468da2d9a660bcf8961637c85f2fbb2aa64d9bc3f9484e30c3f9f67b1dd7"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ccd4e400309e1f34a5095bf9249d371f0fd60f8a3a5c4a791cad7b99ce1fd38d"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80443fe2f7b3ea3934c5d75fb0e04a5dbb4a8e943e5ff2de0dec059202b70a8b"},
+    {file = "rpds_py-0.16.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:4d6a9f052e72d493efd92a77f861e45bab2f6be63e37fa8ecf0c6fd1a58fedb0"},
+    {file = "rpds_py-0.16.2-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:35953f4f2b3216421af86fd236b7c0c65935936a94ea83ddbd4904ba60757773"},
+    {file = "rpds_py-0.16.2-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:981d135c7cdaf6cd8eadae1c950de43b976de8f09d8e800feed307140d3d6d00"},
+    {file = "rpds_py-0.16.2-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:d0dd7ed2f16df2e129496e7fbe59a34bc2d7fc8db443a606644d069eb69cbd45"},
+    {file = "rpds_py-0.16.2-cp39-none-win32.whl", hash = "sha256:703d95c75a72e902544fda08e965885525e297578317989fd15a6ce58414b41d"},
+    {file = "rpds_py-0.16.2-cp39-none-win_amd64.whl", hash = "sha256:e93ec1b300acf89730cf27975ef574396bc04edecc358e9bd116fb387a123239"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:44627b6ca7308680a70766454db5249105fa6344853af6762eaad4158a2feebe"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:3f91df8e6dbb7360e176d1affd5fb0246d2b88d16aa5ebc7db94fd66b68b61da"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:6d904c5693e08bad240f16d79305edba78276be87061c872a4a15e2c301fa2c0"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:290a81cfbe4673285cdf140ec5cd1658ffbf63ab359f2b352ebe172e7cfa5bf0"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b634c5ec0103c5cbebc24ebac4872b045cccb9456fc59efdcf6fe39775365bd2"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a297a4d08cc67c7466c873c78039d87840fb50d05473db0ec1b7b03d179bf322"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b2e75e17bd0bb66ee34a707da677e47c14ee51ccef78ed6a263a4cc965a072a1"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:f1b9d9260e06ea017feb7172976ab261e011c1dc2f8883c7c274f6b2aabfe01a"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:162d7cd9cd311c1b0ff1c55a024b8f38bd8aad1876b648821da08adc40e95734"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-musllinux_1_2_i686.whl", hash = "sha256:9b32f742ce5b57201305f19c2ef7a184b52f6f9ba6871cc042c2a61f0d6b49b8"},
+    {file = "rpds_py-0.16.2-pp310-pypy310_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:ac08472f41ea77cd6a5dae36ae7d4ed3951d6602833af87532b556c1b4601d63"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:495a14b72bbe217f2695dcd9b5ab14d4f8066a00f5d209ed94f0aca307f85f6e"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-macosx_11_0_arm64.whl", hash = "sha256:8d6b6937ae9eac6d6c0ca3c42774d89fa311f55adff3970fb364b34abde6ed3d"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:6a61226465bda9283686db8f17d02569a98e4b13c637be5a26d44aa1f1e361c2"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:5cf6af100ffb5c195beec11ffaa8cf8523057f123afa2944e6571d54da84cdc9"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:6df15846ee3fb2e6397fe25d7ca6624af9f89587f3f259d177b556fed6bebe2c"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1be2f033df1b8be8c3167ba3c29d5dca425592ee31e35eac52050623afba5772"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:96f957d6ab25a78b9e7fc9749d754b98eac825a112b4e666525ce89afcbd9ed5"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:088396c7c70e59872f67462fcac3ecbded5233385797021976a09ebd55961dfe"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:4c46ad6356e1561f2a54f08367d1d2e70a0a1bb2db2282d2c1972c1d38eafc3b"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-musllinux_1_2_i686.whl", hash = "sha256:47713dc4fce213f5c74ca8a1f6a59b622fc1b90868deb8e8e4d993e421b4b39d"},
+    {file = "rpds_py-0.16.2-pp38-pypy38_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:f811771019f063bbd0aa7bb72c8a934bc13ebacb4672d712fc1639cfd314cccc"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:f19afcfc0dd0dca35694df441e9b0f95bc231b512f51bded3c3d8ca32153ec19"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:a4b682c5775d6a3d21e314c10124599976809455ee67020e8e72df1769b87bc3"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c647ca87fc0ebe808a41de912e9a1bfef9acb85257e5d63691364ac16b81c1f0"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:302bd4983bbd47063e452c38be66153760112f6d3635c7eeefc094299fa400a9"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:bf721ede3eb7b829e4a9b8142bd55db0bdc82902720548a703f7e601ee13bdc3"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:358dafc89ce3894c7f486c615ba914609f38277ef67f566abc4c854d23b997fa"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cad0f59ee3dc35526039f4bc23642d52d5f6616b5f687d846bfc6d0d6d486db0"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:cffa76b385dfe1e38527662a302b19ffb0e7f5cf7dd5e89186d2c94a22dd9d0c"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:83640a5d7cd3bff694747d50436b8b541b5b9b9782b0c8c1688931d6ee1a1f2d"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-musllinux_1_2_i686.whl", hash = "sha256:ed99b4f7179d2111702020fd7d156e88acd533f5a7d3971353e568b6051d5c97"},
+    {file = "rpds_py-0.16.2-pp39-pypy39_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:4022b9dc620e14f30201a8a73898a873c8e910cb642bcd2f3411123bc527f6ac"},
+    {file = "rpds_py-0.16.2.tar.gz", hash = "sha256:781ef8bfc091b19960fc0142a23aedadafa826bc32b433fdfe6fd7f964d7ef44"},
 ]
 
 [[package]]
@@ -3394,39 +3526,39 @@ pyasn1 = ">=0.1.3"
 
 [[package]]
 name = "ruff"
-version = "0.1.6"
+version = "0.1.9"
 description = "An extremely fast Python linter and code formatter, written in Rust."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "ruff-0.1.6-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:88b8cdf6abf98130991cbc9f6438f35f6e8d41a02622cc5ee130a02a0ed28703"},
-    {file = "ruff-0.1.6-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:5c549ed437680b6105a1299d2cd30e4964211606eeb48a0ff7a93ef70b902248"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1cf5f701062e294f2167e66d11b092bba7af6a057668ed618a9253e1e90cfd76"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:05991ee20d4ac4bb78385360c684e4b417edd971030ab12a4fbd075ff535050e"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:87455a0c1f739b3c069e2f4c43b66479a54dea0276dd5d4d67b091265f6fd1dc"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:683aa5bdda5a48cb8266fcde8eea2a6af4e5700a392c56ea5fb5f0d4bfdc0240"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:137852105586dcbf80c1717facb6781555c4e99f520c9c827bd414fac67ddfb6"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:bd98138a98d48a1c36c394fd6b84cd943ac92a08278aa8ac8c0fdefcf7138f35"},
-    {file = "ruff-0.1.6-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3a0cd909d25f227ac5c36d4e7e681577275fb74ba3b11d288aff7ec47e3ae745"},
-    {file = "ruff-0.1.6-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:e8fd1c62a47aa88a02707b5dd20c5ff20d035d634aa74826b42a1da77861b5ff"},
-    {file = "ruff-0.1.6-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:fd89b45d374935829134a082617954120d7a1470a9f0ec0e7f3ead983edc48cc"},
-    {file = "ruff-0.1.6-py3-none-musllinux_1_2_i686.whl", hash = "sha256:491262006e92f825b145cd1e52948073c56560243b55fb3b4ecb142f6f0e9543"},
-    {file = "ruff-0.1.6-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:ea284789861b8b5ca9d5443591a92a397ac183d4351882ab52f6296b4fdd5462"},
-    {file = "ruff-0.1.6-py3-none-win32.whl", hash = "sha256:1610e14750826dfc207ccbcdd7331b6bd285607d4181df9c1c6ae26646d6848a"},
-    {file = "ruff-0.1.6-py3-none-win_amd64.whl", hash = "sha256:4558b3e178145491e9bc3b2ee3c4b42f19d19384eaa5c59d10acf6e8f8b57e33"},
-    {file = "ruff-0.1.6-py3-none-win_arm64.whl", hash = "sha256:03910e81df0d8db0e30050725a5802441c2022ea3ae4fe0609b76081731accbc"},
-    {file = "ruff-0.1.6.tar.gz", hash = "sha256:1b09f29b16c6ead5ea6b097ef2764b42372aebe363722f1605ecbcd2b9207184"},
+    {file = "ruff-0.1.9-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:e6a212f436122ac73df851f0cf006e0c6612fe6f9c864ed17ebefce0eff6a5fd"},
+    {file = "ruff-0.1.9-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:28d920e319783d5303333630dae46ecc80b7ba294aeffedf946a02ac0b7cc3db"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:104aa9b5e12cb755d9dce698ab1b97726b83012487af415a4512fedd38b1459e"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:1e63bf5a4a91971082a4768a0aba9383c12392d0d6f1e2be2248c1f9054a20da"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4d0738917c203246f3e275b37006faa3aa96c828b284ebfe3e99a8cb413c8c4b"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:69dac82d63a50df2ab0906d97a01549f814b16bc806deeac4f064ff95c47ddf5"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2aec598fb65084e41a9c5d4b95726173768a62055aafb07b4eff976bac72a592"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:744dfe4b35470fa3820d5fe45758aace6269c578f7ddc43d447868cfe5078bcb"},
+    {file = "ruff-0.1.9-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:479ca4250cab30f9218b2e563adc362bd6ae6343df7c7b5a7865300a5156d5a6"},
+    {file = "ruff-0.1.9-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:aa8344310f1ae79af9ccd6e4b32749e93cddc078f9b5ccd0e45bd76a6d2e8bb6"},
+    {file = "ruff-0.1.9-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:837c739729394df98f342319f5136f33c65286b28b6b70a87c28f59354ec939b"},
+    {file = "ruff-0.1.9-py3-none-musllinux_1_2_i686.whl", hash = "sha256:e6837202c2859b9f22e43cb01992373c2dbfeae5c0c91ad691a4a2e725392464"},
+    {file = "ruff-0.1.9-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:331aae2cd4a0554667ac683243b151c74bd60e78fb08c3c2a4ac05ee1e606a39"},
+    {file = "ruff-0.1.9-py3-none-win32.whl", hash = "sha256:8151425a60878e66f23ad47da39265fc2fad42aed06fb0a01130e967a7a064f4"},
+    {file = "ruff-0.1.9-py3-none-win_amd64.whl", hash = "sha256:c497d769164df522fdaf54c6eba93f397342fe4ca2123a2e014a5b8fc7df81c7"},
+    {file = "ruff-0.1.9-py3-none-win_arm64.whl", hash = "sha256:0e17f53bcbb4fff8292dfd84cf72d767b5e146f009cccd40c2fad27641f8a7a9"},
+    {file = "ruff-0.1.9.tar.gz", hash = "sha256:b041dee2734719ddbb4518f762c982f2e912e7f28b8ee4fe1dee0b15d1b6e800"},
 ]
 
 [[package]]
 name = "selenium"
-version = "4.15.2"
+version = "4.16.0"
 description = ""
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "selenium-4.15.2-py3-none-any.whl", hash = "sha256:9e82cd1ac647fb73cf0d4a6e280284102aaa3c9d94f0fa6e6cc4b5db6a30afbf"},
-    {file = "selenium-4.15.2.tar.gz", hash = "sha256:22eab5a1724c73d51b240a69ca702997b717eee4ba1f6065bf5d6b44dba01d48"},
+    {file = "selenium-4.16.0-py3-none-any.whl", hash = "sha256:aec71f4e6ed6cb3ec25c9c1b5ed56ae31b6da0a7f17474c7566d303f84e6219f"},
+    {file = "selenium-4.16.0.tar.gz", hash = "sha256:b2e987a445306151f7be0e6dfe2aa72a479c2ac6a91b9d5ef2d6dd4e49ad0435"},
 ]
 
 [package.dependencies]
@@ -3437,13 +3569,13 @@ urllib3 = {version = ">=1.26,<3", extras = ["socks"]}
 
 [[package]]
 name = "sentry-sdk"
-version = "1.36.0"
+version = "1.39.1"
 description = "Python client for Sentry (https://sentry.io)"
 optional = false
 python-versions = "*"
 files = [
-    {file = "sentry-sdk-1.36.0.tar.gz", hash = "sha256:f32dd16547f2f45e1c71a96fd4a48925e629541f7ddfe3d5d25ef7d5e94eb3c8"},
-    {file = "sentry_sdk-1.36.0-py2.py3-none-any.whl", hash = "sha256:25d574f94fdf72199e331c2401fdac60d01b5be8f32822174c51c3ff0fc2f8cb"},
+    {file = "sentry-sdk-1.39.1.tar.gz", hash = "sha256:320a55cdf9da9097a0bead239c35b7e61f53660ef9878861824fd6d9b2eaf3b5"},
+    {file = "sentry_sdk-1.39.1-py2.py3-none-any.whl", hash = "sha256:81b5b9ffdd1a374e9eb0c053b5d2012155db9cbe76393a8585677b753bd5fdc1"},
 ]
 
 [package.dependencies]
@@ -3506,17 +3638,17 @@ tests = ["coverage[toml] (>=5.0.2)", "pytest"]
 
 [[package]]
 name = "setuptools"
-version = "68.2.2"
+version = "69.0.3"
 description = "Easily download, build, install, upgrade, and uninstall Python packages"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "setuptools-68.2.2-py3-none-any.whl", hash = "sha256:b454a35605876da60632df1a60f736524eb73cc47bbc9f3f1ef1b644de74fd2a"},
-    {file = "setuptools-68.2.2.tar.gz", hash = "sha256:4ac1475276d2f1c48684874089fefcd83bd7162ddaafb81fac866ba0db282a87"},
+    {file = "setuptools-69.0.3-py3-none-any.whl", hash = "sha256:385eb4edd9c9d5c17540511303e39a147ce2fc04bc55289c322b9e5904fe2c05"},
+    {file = "setuptools-69.0.3.tar.gz", hash = "sha256:be1af57fc409f93647f2e8e4573a142ed38724b8cdd389706a867bb4efcf1e78"},
 ]
 
 [package.extras]
-docs = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-hoverxref (<2)", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier"]
+docs = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "rst.linker (>=1.9)", "sphinx (<7.2.5)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier"]
 testing = ["build[virtualenv]", "filelock (>=3.4.0)", "flake8-2020", "ini2toml[lite] (>=0.9)", "jaraco.develop (>=7.21)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.2.0)", "pip (>=19.1)", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=2.2)", "pytest-mypy (>=0.9.1)", "pytest-perf", "pytest-ruff", "pytest-timeout", "pytest-xdist", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel"]
 testing-integration = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.2.0)", "packaging (>=23.1)", "pytest", "pytest-enabler", "pytest-xdist", "tomli", "virtualenv (>=13.0.0)", "wheel"]
 
@@ -3596,18 +3728,18 @@ pbr = ">=2.0.0,<2.1.0 || >2.1.0"
 
 [[package]]
 name = "structlog"
-version = "23.2.0"
+version = "23.3.0"
 description = "Structured Logging for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "structlog-23.2.0-py3-none-any.whl", hash = "sha256:16a167e87b9fa7fae9a972d5d12805ef90e04857a93eba479d4be3801a6a1482"},
-    {file = "structlog-23.2.0.tar.gz", hash = "sha256:334666b94707f89dbc4c81a22a8ccd34449f0201d5b1ee097a030b577fa8c858"},
+    {file = "structlog-23.3.0-py3-none-any.whl", hash = "sha256:d6922a88ceabef5b13b9eda9c4043624924f60edbb00397f4d193bd754cde60a"},
+    {file = "structlog-23.3.0.tar.gz", hash = "sha256:24b42b914ac6bc4a4e6f716e82ac70d7fb1e8c3b1035a765591953bfc37101a5"},
 ]
 
 [package.extras]
 dev = ["structlog[tests,typing]"]
-docs = ["furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-mermaid", "twisted"]
+docs = ["furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-mermaid", "sphinxext-opengraph", "twisted"]
 tests = ["freezegun (>=0.2.8)", "pretend", "pytest (>=6.0)", "pytest-asyncio (>=0.17)", "simplejson"]
 typing = ["mypy (>=1.4)", "rich", "twisted"]
 
@@ -3640,33 +3772,33 @@ files = [
 
 [[package]]
 name = "tornado"
-version = "6.3.3"
+version = "6.4"
 description = "Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed."
 optional = false
 python-versions = ">= 3.8"
 files = [
-    {file = "tornado-6.3.3-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d"},
-    {file = "tornado-6.3.3-cp38-abi3-macosx_10_9_x86_64.whl", hash = "sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a"},
-    {file = "tornado-6.3.3-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f"},
-    {file = "tornado-6.3.3-cp38-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a"},
-    {file = "tornado-6.3.3-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2"},
-    {file = "tornado-6.3.3-cp38-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0"},
-    {file = "tornado-6.3.3-cp38-abi3-musllinux_1_1_i686.whl", hash = "sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16"},
-    {file = "tornado-6.3.3-cp38-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17"},
-    {file = "tornado-6.3.3-cp38-abi3-win32.whl", hash = "sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3"},
-    {file = "tornado-6.3.3-cp38-abi3-win_amd64.whl", hash = "sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5"},
-    {file = "tornado-6.3.3.tar.gz", hash = "sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe"},
+    {file = "tornado-6.4-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:02ccefc7d8211e5a7f9e8bc3f9e5b0ad6262ba2fbb683a6443ecc804e5224ce0"},
+    {file = "tornado-6.4-cp38-abi3-macosx_10_9_x86_64.whl", hash = "sha256:27787de946a9cffd63ce5814c33f734c627a87072ec7eed71f7fc4417bb16263"},
+    {file = "tornado-6.4-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f7894c581ecdcf91666a0912f18ce5e757213999e183ebfc2c3fdbf4d5bd764e"},
+    {file = "tornado-6.4-cp38-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e43bc2e5370a6a8e413e1e1cd0c91bedc5bd62a74a532371042a18ef19e10579"},
+    {file = "tornado-6.4-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f0251554cdd50b4b44362f73ad5ba7126fc5b2c2895cc62b14a1c2d7ea32f212"},
+    {file = "tornado-6.4-cp38-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:fd03192e287fbd0899dd8f81c6fb9cbbc69194d2074b38f384cb6fa72b80e9c2"},
+    {file = "tornado-6.4-cp38-abi3-musllinux_1_1_i686.whl", hash = "sha256:88b84956273fbd73420e6d4b8d5ccbe913c65d31351b4c004ae362eba06e1f78"},
+    {file = "tornado-6.4-cp38-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:71ddfc23a0e03ef2df1c1397d859868d158c8276a0603b96cf86892bff58149f"},
+    {file = "tornado-6.4-cp38-abi3-win32.whl", hash = "sha256:6f8a6c77900f5ae93d8b4ae1196472d0ccc2775cc1dfdc9e7727889145c45052"},
+    {file = "tornado-6.4-cp38-abi3-win_amd64.whl", hash = "sha256:10aeaa8006333433da48dec9fe417877f8bcc21f48dda8d661ae79da357b2a63"},
+    {file = "tornado-6.4.tar.gz", hash = "sha256:72291fa6e6bc84e626589f1c29d90a5a6d593ef5ae68052ee2ef000dfd273dee"},
 ]
 
 [[package]]
 name = "trio"
-version = "0.23.1"
+version = "0.23.2"
 description = "A friendly Python library for async concurrency and I/O"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "trio-0.23.1-py3-none-any.whl", hash = "sha256:bb4abb3f4af23f96679e7c8cdabb8b234520f2498550d2cf63ebfd95f2ce27fe"},
-    {file = "trio-0.23.1.tar.gz", hash = "sha256:16f89f7dcc8f7b9dcdec1fcd863e0c039af6d0f9a22f8dfd56f75d75ec73fd48"},
+    {file = "trio-0.23.2-py3-none-any.whl", hash = "sha256:5a0b566fa5d50cf231cfd6b08f3b03aa4179ff004b8f3144059587039e2b26d3"},
+    {file = "trio-0.23.2.tar.gz", hash = "sha256:da1d35b9a2b17eb32cae2e763b16551f9aa6703634735024e32f325c9285069e"},
 ]
 
 [package.dependencies]
@@ -3694,13 +3826,13 @@ wsproto = ">=0.14"
 
 [[package]]
 name = "twilio"
-version = "8.10.2"
+version = "8.11.0"
 description = "Twilio API client and TwiML generator"
 optional = false
 python-versions = ">=3.7.0"
 files = [
-    {file = "twilio-8.10.2-py2.py3-none-any.whl", hash = "sha256:40f8bd012f6fb970adfc46d40d39162b46a337be8f1aacec83af8a450363626f"},
-    {file = "twilio-8.10.2.tar.gz", hash = "sha256:083449b27eea4fe66f690da8dada3f533d954a0704a74858ea788cf28be69019"},
+    {file = "twilio-8.11.0-py2.py3-none-any.whl", hash = "sha256:90fd47f220e597163020d3755a81aed76fd217e116ab36fd241d9bf48d1a0a18"},
+    {file = "twilio-8.11.0.tar.gz", hash = "sha256:792509da936c4f47d9fa7071d5f1f3bdc9314aaf96225bac4f0ef28f8688a95b"},
 ]
 
 [package.dependencies]
@@ -3794,24 +3926,24 @@ twisted = ["twisted (>=20.3.0)", "zope.interface (>=5.2.0)"]
 
 [[package]]
 name = "typing-extensions"
-version = "4.8.0"
+version = "4.9.0"
 description = "Backported and Experimental Type Hints for Python 3.8+"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "typing_extensions-4.8.0-py3-none-any.whl", hash = "sha256:8f92fc8806f9a6b641eaa5318da32b44d401efaac0f6678c9bc448ba3605faa0"},
-    {file = "typing_extensions-4.8.0.tar.gz", hash = "sha256:df8e4339e9cb77357558cbdbceca33c303714cf861d1eef15e1070055ae8b7ef"},
+    {file = "typing_extensions-4.9.0-py3-none-any.whl", hash = "sha256:af72aea155e91adfc61c3ae9e0e342dbc0cba726d6cba4b6c72c1f34e47291cd"},
+    {file = "typing_extensions-4.9.0.tar.gz", hash = "sha256:23478f88c37f27d76ac8aee6c905017a143b0b1b886c3c9f66bc2fd94f9f5783"},
 ]
 
 [[package]]
 name = "tzdata"
-version = "2023.3"
+version = "2023.4"
 description = "Provider of IANA time zone data"
 optional = false
 python-versions = ">=2"
 files = [
-    {file = "tzdata-2023.3-py2.py3-none-any.whl", hash = "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda"},
-    {file = "tzdata-2023.3.tar.gz", hash = "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a"},
+    {file = "tzdata-2023.4-py2.py3-none-any.whl", hash = "sha256:aa3ace4329eeacda5b7beb7ea08ece826c28d761cda36e747cfbf97996d39bf3"},
+    {file = "tzdata-2023.4.tar.gz", hash = "sha256:dd54c94f294765522c77399649b4fefd95522479a664a0cec87f41bebc6148c9"},
 ]
 
 [[package]]
@@ -3857,13 +3989,13 @@ zstd = ["zstandard (>=0.18.0)"]
 
 [[package]]
 name = "uvicorn"
-version = "0.24.0.post1"
+version = "0.25.0"
 description = "The lightning-fast ASGI server."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "uvicorn-0.24.0.post1-py3-none-any.whl", hash = "sha256:7c84fea70c619d4a710153482c0d230929af7bcf76c7bfa6de151f0a3a80121e"},
-    {file = "uvicorn-0.24.0.post1.tar.gz", hash = "sha256:09c8e5a79dc466bdf28dead50093957db184de356fcdc48697bad3bde4c2588e"},
+    {file = "uvicorn-0.25.0-py3-none-any.whl", hash = "sha256:ce107f5d9bd02b4636001a77a4e74aab5e1e2b146868ebbad565237145af444c"},
+    {file = "uvicorn-0.25.0.tar.gz", hash = "sha256:6dddbad1d7ee0f5140aba5ec138ddc9612c5109399903828b4874c9937f009c2"},
 ]
 
 [package.dependencies]
@@ -4063,13 +4195,13 @@ anyio = ">=3.0.0"
 
 [[package]]
 name = "wcwidth"
-version = "0.2.10"
+version = "0.2.12"
 description = "Measures the displayed width of unicode strings in a terminal"
 optional = false
 python-versions = "*"
 files = [
-    {file = "wcwidth-0.2.10-py2.py3-none-any.whl", hash = "sha256:aec5179002dd0f0d40c456026e74a729661c9d468e1ed64405e3a6c2176ca36f"},
-    {file = "wcwidth-0.2.10.tar.gz", hash = "sha256:390c7454101092a6a5e43baad8f83de615463af459201709556b6e4b1c861f97"},
+    {file = "wcwidth-0.2.12-py2.py3-none-any.whl", hash = "sha256:f26ec43d96c8cbfed76a5075dac87680124fa84e0855195a6184da9c187f133c"},
+    {file = "wcwidth-0.2.12.tar.gz", hash = "sha256:f01c104efdf57971bcb756f054dd58ddec5204dd15fa31d6503ea57947d97c02"},
 ]
 
 [[package]]
@@ -4092,13 +4224,13 @@ pyOpenSSL = ">=23.2.0"
 
 [[package]]
 name = "websocket-client"
-version = "1.6.4"
+version = "1.7.0"
 description = "WebSocket client for Python with low level API options"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "websocket-client-1.6.4.tar.gz", hash = "sha256:b3324019b3c28572086c4a319f91d1dcd44e6e11cd340232978c684a7650d0df"},
-    {file = "websocket_client-1.6.4-py3-none-any.whl", hash = "sha256:084072e0a7f5f347ef2ac3d8698a5e0b4ffbfcab607628cadabc650fc9a83a24"},
+    {file = "websocket-client-1.7.0.tar.gz", hash = "sha256:10e511ea3a8c744631d3bd77e61eb17ed09304c413ad42cf6ddfa4c7787e8fe6"},
+    {file = "websocket_client-1.7.0-py3-none-any.whl", hash = "sha256:f4c3d22fec12a2461427a29957ff07d35098ee2d976d3ba244e688b8b4057588"},
 ]
 
 [package.extras]
@@ -4228,85 +4360,101 @@ lxml = ">=3.8"
 
 [[package]]
 name = "yarl"
-version = "1.9.2"
+version = "1.9.4"
 description = "Yet another URL library"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "yarl-1.9.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:8c2ad583743d16ddbdf6bb14b5cd76bf43b0d0006e918809d5d4ddf7bde8dd82"},
-    {file = "yarl-1.9.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:82aa6264b36c50acfb2424ad5ca537a2060ab6de158a5bd2a72a032cc75b9eb8"},
-    {file = "yarl-1.9.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c0c77533b5ed4bcc38e943178ccae29b9bcf48ffd1063f5821192f23a1bd27b9"},
-    {file = "yarl-1.9.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ee4afac41415d52d53a9833ebae7e32b344be72835bbb589018c9e938045a560"},
-    {file = "yarl-1.9.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9bf345c3a4f5ba7f766430f97f9cc1320786f19584acc7086491f45524a551ac"},
-    {file = "yarl-1.9.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2a96c19c52ff442a808c105901d0bdfd2e28575b3d5f82e2f5fd67e20dc5f4ea"},
-    {file = "yarl-1.9.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:891c0e3ec5ec881541f6c5113d8df0315ce5440e244a716b95f2525b7b9f3608"},
-    {file = "yarl-1.9.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c3a53ba34a636a256d767c086ceb111358876e1fb6b50dfc4d3f4951d40133d5"},
-    {file = "yarl-1.9.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:566185e8ebc0898b11f8026447eacd02e46226716229cea8db37496c8cdd26e0"},
-    {file = "yarl-1.9.2-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:2b0738fb871812722a0ac2154be1f049c6223b9f6f22eec352996b69775b36d4"},
-    {file = "yarl-1.9.2-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:32f1d071b3f362c80f1a7d322bfd7b2d11e33d2adf395cc1dd4df36c9c243095"},
-    {file = "yarl-1.9.2-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:e9fdc7ac0d42bc3ea78818557fab03af6181e076a2944f43c38684b4b6bed8e3"},
-    {file = "yarl-1.9.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:56ff08ab5df8429901ebdc5d15941b59f6253393cb5da07b4170beefcf1b2528"},
-    {file = "yarl-1.9.2-cp310-cp310-win32.whl", hash = "sha256:8ea48e0a2f931064469bdabca50c2f578b565fc446f302a79ba6cc0ee7f384d3"},
-    {file = "yarl-1.9.2-cp310-cp310-win_amd64.whl", hash = "sha256:50f33040f3836e912ed16d212f6cc1efb3231a8a60526a407aeb66c1c1956dde"},
-    {file = "yarl-1.9.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:646d663eb2232d7909e6601f1a9107e66f9791f290a1b3dc7057818fe44fc2b6"},
-    {file = "yarl-1.9.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:aff634b15beff8902d1f918012fc2a42e0dbae6f469fce134c8a0dc51ca423bb"},
-    {file = "yarl-1.9.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:a83503934c6273806aed765035716216cc9ab4e0364f7f066227e1aaea90b8d0"},
-    {file = "yarl-1.9.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b25322201585c69abc7b0e89e72790469f7dad90d26754717f3310bfe30331c2"},
-    {file = "yarl-1.9.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:22a94666751778629f1ec4280b08eb11815783c63f52092a5953faf73be24191"},
-    {file = "yarl-1.9.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8ec53a0ea2a80c5cd1ab397925f94bff59222aa3cf9c6da938ce05c9ec20428d"},
-    {file = "yarl-1.9.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:159d81f22d7a43e6eabc36d7194cb53f2f15f498dbbfa8edc8a3239350f59fe7"},
-    {file = "yarl-1.9.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:832b7e711027c114d79dffb92576acd1bd2decc467dec60e1cac96912602d0e6"},
-    {file = "yarl-1.9.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:95d2ecefbcf4e744ea952d073c6922e72ee650ffc79028eb1e320e732898d7e8"},
-    {file = "yarl-1.9.2-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:d4e2c6d555e77b37288eaf45b8f60f0737c9efa3452c6c44626a5455aeb250b9"},
-    {file = "yarl-1.9.2-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:783185c75c12a017cc345015ea359cc801c3b29a2966c2655cd12b233bf5a2be"},
-    {file = "yarl-1.9.2-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:b8cc1863402472f16c600e3e93d542b7e7542a540f95c30afd472e8e549fc3f7"},
-    {file = "yarl-1.9.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:822b30a0f22e588b32d3120f6d41e4ed021806418b4c9f0bc3048b8c8cb3f92a"},
-    {file = "yarl-1.9.2-cp311-cp311-win32.whl", hash = "sha256:a60347f234c2212a9f0361955007fcf4033a75bf600a33c88a0a8e91af77c0e8"},
-    {file = "yarl-1.9.2-cp311-cp311-win_amd64.whl", hash = "sha256:be6b3fdec5c62f2a67cb3f8c6dbf56bbf3f61c0f046f84645cd1ca73532ea051"},
-    {file = "yarl-1.9.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:38a3928ae37558bc1b559f67410df446d1fbfa87318b124bf5032c31e3447b74"},
-    {file = "yarl-1.9.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ac9bb4c5ce3975aeac288cfcb5061ce60e0d14d92209e780c93954076c7c4367"},
-    {file = "yarl-1.9.2-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3da8a678ca8b96c8606bbb8bfacd99a12ad5dd288bc6f7979baddd62f71c63ef"},
-    {file = "yarl-1.9.2-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:13414591ff516e04fcdee8dc051c13fd3db13b673c7a4cb1350e6b2ad9639ad3"},
-    {file = "yarl-1.9.2-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bf74d08542c3a9ea97bb8f343d4fcbd4d8f91bba5ec9d5d7f792dbe727f88938"},
-    {file = "yarl-1.9.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6e7221580dc1db478464cfeef9b03b95c5852cc22894e418562997df0d074ccc"},
-    {file = "yarl-1.9.2-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:494053246b119b041960ddcd20fd76224149cfea8ed8777b687358727911dd33"},
-    {file = "yarl-1.9.2-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:52a25809fcbecfc63ac9ba0c0fb586f90837f5425edfd1ec9f3372b119585e45"},
-    {file = "yarl-1.9.2-cp37-cp37m-musllinux_1_1_ppc64le.whl", hash = "sha256:e65610c5792870d45d7b68c677681376fcf9cc1c289f23e8e8b39c1485384185"},
-    {file = "yarl-1.9.2-cp37-cp37m-musllinux_1_1_s390x.whl", hash = "sha256:1b1bba902cba32cdec51fca038fd53f8beee88b77efc373968d1ed021024cc04"},
-    {file = "yarl-1.9.2-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:662e6016409828ee910f5d9602a2729a8a57d74b163c89a837de3fea050c7582"},
-    {file = "yarl-1.9.2-cp37-cp37m-win32.whl", hash = "sha256:f364d3480bffd3aa566e886587eaca7c8c04d74f6e8933f3f2c996b7f09bee1b"},
-    {file = "yarl-1.9.2-cp37-cp37m-win_amd64.whl", hash = "sha256:6a5883464143ab3ae9ba68daae8e7c5c95b969462bbe42e2464d60e7e2698368"},
-    {file = "yarl-1.9.2-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:5610f80cf43b6202e2c33ba3ec2ee0a2884f8f423c8f4f62906731d876ef4fac"},
-    {file = "yarl-1.9.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:b9a4e67ad7b646cd6f0938c7ebfd60e481b7410f574c560e455e938d2da8e0f4"},
-    {file = "yarl-1.9.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:83fcc480d7549ccebe9415d96d9263e2d4226798c37ebd18c930fce43dfb9574"},
-    {file = "yarl-1.9.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5fcd436ea16fee7d4207c045b1e340020e58a2597301cfbcfdbe5abd2356c2fb"},
-    {file = "yarl-1.9.2-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:84e0b1599334b1e1478db01b756e55937d4614f8654311eb26012091be109d59"},
-    {file = "yarl-1.9.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3458a24e4ea3fd8930e934c129b676c27452e4ebda80fbe47b56d8c6c7a63a9e"},
-    {file = "yarl-1.9.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:838162460b3a08987546e881a2bfa573960bb559dfa739e7800ceeec92e64417"},
-    {file = "yarl-1.9.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f4e2d08f07a3d7d3e12549052eb5ad3eab1c349c53ac51c209a0e5991bbada78"},
-    {file = "yarl-1.9.2-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:de119f56f3c5f0e2fb4dee508531a32b069a5f2c6e827b272d1e0ff5ac040333"},
-    {file = "yarl-1.9.2-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:149ddea5abf329752ea5051b61bd6c1d979e13fbf122d3a1f9f0c8be6cb6f63c"},
-    {file = "yarl-1.9.2-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:674ca19cbee4a82c9f54e0d1eee28116e63bc6fd1e96c43031d11cbab8b2afd5"},
-    {file = "yarl-1.9.2-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:9b3152f2f5677b997ae6c804b73da05a39daa6a9e85a512e0e6823d81cdad7cc"},
-    {file = "yarl-1.9.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:5415d5a4b080dc9612b1b63cba008db84e908b95848369aa1da3686ae27b6d2b"},
-    {file = "yarl-1.9.2-cp38-cp38-win32.whl", hash = "sha256:f7a3d8146575e08c29ed1cd287068e6d02f1c7bdff8970db96683b9591b86ee7"},
-    {file = "yarl-1.9.2-cp38-cp38-win_amd64.whl", hash = "sha256:63c48f6cef34e6319a74c727376e95626f84ea091f92c0250a98e53e62c77c72"},
-    {file = "yarl-1.9.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:75df5ef94c3fdc393c6b19d80e6ef1ecc9ae2f4263c09cacb178d871c02a5ba9"},
-    {file = "yarl-1.9.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:c027a6e96ef77d401d8d5a5c8d6bc478e8042f1e448272e8d9752cb0aff8b5c8"},
-    {file = "yarl-1.9.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:f3b078dbe227f79be488ffcfc7a9edb3409d018e0952cf13f15fd6512847f3f7"},
-    {file = "yarl-1.9.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:59723a029760079b7d991a401386390c4be5bfec1e7dd83e25a6a0881859e716"},
-    {file = "yarl-1.9.2-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b03917871bf859a81ccb180c9a2e6c1e04d2f6a51d953e6a5cdd70c93d4e5a2a"},
-    {file = "yarl-1.9.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:c1012fa63eb6c032f3ce5d2171c267992ae0c00b9e164efe4d73db818465fac3"},
-    {file = "yarl-1.9.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a74dcbfe780e62f4b5a062714576f16c2f3493a0394e555ab141bf0d746bb955"},
-    {file = "yarl-1.9.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:8c56986609b057b4839968ba901944af91b8e92f1725d1a2d77cbac6972b9ed1"},
-    {file = "yarl-1.9.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:2c315df3293cd521033533d242d15eab26583360b58f7ee5d9565f15fee1bef4"},
-    {file = "yarl-1.9.2-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:b7232f8dfbd225d57340e441d8caf8652a6acd06b389ea2d3222b8bc89cbfca6"},
-    {file = "yarl-1.9.2-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:53338749febd28935d55b41bf0bcc79d634881195a39f6b2f767870b72514caf"},
-    {file = "yarl-1.9.2-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:066c163aec9d3d073dc9ffe5dd3ad05069bcb03fcaab8d221290ba99f9f69ee3"},
-    {file = "yarl-1.9.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:8288d7cd28f8119b07dd49b7230d6b4562f9b61ee9a4ab02221060d21136be80"},
-    {file = "yarl-1.9.2-cp39-cp39-win32.whl", hash = "sha256:b124e2a6d223b65ba8768d5706d103280914d61f5cae3afbc50fc3dfcc016623"},
-    {file = "yarl-1.9.2-cp39-cp39-win_amd64.whl", hash = "sha256:61016e7d582bc46a5378ffdd02cd0314fb8ba52f40f9cf4d9a5e7dbef88dee18"},
-    {file = "yarl-1.9.2.tar.gz", hash = "sha256:04ab9d4b9f587c06d801c2abfe9317b77cdf996c65a90d5e84ecc45010823571"},
+    {file = "yarl-1.9.4-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:a8c1df72eb746f4136fe9a2e72b0c9dc1da1cbd23b5372f94b5820ff8ae30e0e"},
+    {file = "yarl-1.9.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a3a6ed1d525bfb91b3fc9b690c5a21bb52de28c018530ad85093cc488bee2dd2"},
+    {file = "yarl-1.9.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c38c9ddb6103ceae4e4498f9c08fac9b590c5c71b0370f98714768e22ac6fa66"},
+    {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d9e09c9d74f4566e905a0b8fa668c58109f7624db96a2171f21747abc7524234"},
+    {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b8477c1ee4bd47c57d49621a062121c3023609f7a13b8a46953eb6c9716ca392"},
+    {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d5ff2c858f5f6a42c2a8e751100f237c5e869cbde669a724f2062d4c4ef93551"},
+    {file = "yarl-1.9.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:357495293086c5b6d34ca9616a43d329317feab7917518bc97a08f9e55648455"},
+    {file = "yarl-1.9.4-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:54525ae423d7b7a8ee81ba189f131054defdb122cde31ff17477951464c1691c"},
+    {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:801e9264d19643548651b9db361ce3287176671fb0117f96b5ac0ee1c3530d53"},
+    {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:e516dc8baf7b380e6c1c26792610230f37147bb754d6426462ab115a02944385"},
+    {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:7d5aaac37d19b2904bb9dfe12cdb08c8443e7ba7d2852894ad448d4b8f442863"},
+    {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:54beabb809ffcacbd9d28ac57b0db46e42a6e341a030293fb3185c409e626b8b"},
+    {file = "yarl-1.9.4-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:bac8d525a8dbc2a1507ec731d2867025d11ceadcb4dd421423a5d42c56818541"},
+    {file = "yarl-1.9.4-cp310-cp310-win32.whl", hash = "sha256:7855426dfbddac81896b6e533ebefc0af2f132d4a47340cee6d22cac7190022d"},
+    {file = "yarl-1.9.4-cp310-cp310-win_amd64.whl", hash = "sha256:848cd2a1df56ddbffeb375535fb62c9d1645dde33ca4d51341378b3f5954429b"},
+    {file = "yarl-1.9.4-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:35a2b9396879ce32754bd457d31a51ff0a9d426fd9e0e3c33394bf4b9036b099"},
+    {file = "yarl-1.9.4-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:4c7d56b293cc071e82532f70adcbd8b61909eec973ae9d2d1f9b233f3d943f2c"},
+    {file = "yarl-1.9.4-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:d8a1c6c0be645c745a081c192e747c5de06e944a0d21245f4cf7c05e457c36e0"},
+    {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4b3c1ffe10069f655ea2d731808e76e0f452fc6c749bea04781daf18e6039525"},
+    {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:549d19c84c55d11687ddbd47eeb348a89df9cb30e1993f1b128f4685cd0ebbf8"},
+    {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a7409f968456111140c1c95301cadf071bd30a81cbd7ab829169fb9e3d72eae9"},
+    {file = "yarl-1.9.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e23a6d84d9d1738dbc6e38167776107e63307dfc8ad108e580548d1f2c587f42"},
+    {file = "yarl-1.9.4-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d8b889777de69897406c9fb0b76cdf2fd0f31267861ae7501d93003d55f54fbe"},
+    {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:03caa9507d3d3c83bca08650678e25364e1843b484f19986a527630ca376ecce"},
+    {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:4e9035df8d0880b2f1c7f5031f33f69e071dfe72ee9310cfc76f7b605958ceb9"},
+    {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:c0ec0ed476f77db9fb29bca17f0a8fcc7bc97ad4c6c1d8959c507decb22e8572"},
+    {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:ee04010f26d5102399bd17f8df8bc38dc7ccd7701dc77f4a68c5b8d733406958"},
+    {file = "yarl-1.9.4-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:49a180c2e0743d5d6e0b4d1a9e5f633c62eca3f8a86ba5dd3c471060e352ca98"},
+    {file = "yarl-1.9.4-cp311-cp311-win32.whl", hash = "sha256:81eb57278deb6098a5b62e88ad8281b2ba09f2f1147c4767522353eaa6260b31"},
+    {file = "yarl-1.9.4-cp311-cp311-win_amd64.whl", hash = "sha256:d1d2532b340b692880261c15aee4dc94dd22ca5d61b9db9a8a361953d36410b1"},
+    {file = "yarl-1.9.4-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:0d2454f0aef65ea81037759be5ca9947539667eecebca092733b2eb43c965a81"},
+    {file = "yarl-1.9.4-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:44d8ffbb9c06e5a7f529f38f53eda23e50d1ed33c6c869e01481d3fafa6b8142"},
+    {file = "yarl-1.9.4-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:aaaea1e536f98754a6e5c56091baa1b6ce2f2700cc4a00b0d49eca8dea471074"},
+    {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3777ce5536d17989c91696db1d459574e9a9bd37660ea7ee4d3344579bb6f129"},
+    {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9fc5fc1eeb029757349ad26bbc5880557389a03fa6ada41703db5e068881e5f2"},
+    {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ea65804b5dc88dacd4a40279af0cdadcfe74b3e5b4c897aa0d81cf86927fee78"},
+    {file = "yarl-1.9.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:aa102d6d280a5455ad6a0f9e6d769989638718e938a6a0a2ff3f4a7ff8c62cc4"},
+    {file = "yarl-1.9.4-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:09efe4615ada057ba2d30df871d2f668af661e971dfeedf0c159927d48bbeff0"},
+    {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:008d3e808d03ef28542372d01057fd09168419cdc8f848efe2804f894ae03e51"},
+    {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:6f5cb257bc2ec58f437da2b37a8cd48f666db96d47b8a3115c29f316313654ff"},
+    {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:992f18e0ea248ee03b5a6e8b3b4738850ae7dbb172cc41c966462801cbf62cf7"},
+    {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:0e9d124c191d5b881060a9e5060627694c3bdd1fe24c5eecc8d5d7d0eb6faabc"},
+    {file = "yarl-1.9.4-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:3986b6f41ad22988e53d5778f91855dc0399b043fc8946d4f2e68af22ee9ff10"},
+    {file = "yarl-1.9.4-cp312-cp312-win32.whl", hash = "sha256:4b21516d181cd77ebd06ce160ef8cc2a5e9ad35fb1c5930882baff5ac865eee7"},
+    {file = "yarl-1.9.4-cp312-cp312-win_amd64.whl", hash = "sha256:a9bd00dc3bc395a662900f33f74feb3e757429e545d831eef5bb280252631984"},
+    {file = "yarl-1.9.4-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:63b20738b5aac74e239622d2fe30df4fca4942a86e31bf47a81a0e94c14df94f"},
+    {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7d7f7de27b8944f1fee2c26a88b4dabc2409d2fea7a9ed3df79b67277644e17"},
+    {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c74018551e31269d56fab81a728f683667e7c28c04e807ba08f8c9e3bba32f14"},
+    {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ca06675212f94e7a610e85ca36948bb8fc023e458dd6c63ef71abfd482481aa5"},
+    {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5aef935237d60a51a62b86249839b51345f47564208c6ee615ed2a40878dccdd"},
+    {file = "yarl-1.9.4-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2b134fd795e2322b7684155b7855cc99409d10b2e408056db2b93b51a52accc7"},
+    {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:d25039a474c4c72a5ad4b52495056f843a7ff07b632c1b92ea9043a3d9950f6e"},
+    {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:f7d6b36dd2e029b6bcb8a13cf19664c7b8e19ab3a58e0fefbb5b8461447ed5ec"},
+    {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_ppc64le.whl", hash = "sha256:957b4774373cf6f709359e5c8c4a0af9f6d7875db657adb0feaf8d6cb3c3964c"},
+    {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_s390x.whl", hash = "sha256:d7eeb6d22331e2fd42fce928a81c697c9ee2d51400bd1a28803965883e13cead"},
+    {file = "yarl-1.9.4-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:6a962e04b8f91f8c4e5917e518d17958e3bdee71fd1d8b88cdce74dd0ebbf434"},
+    {file = "yarl-1.9.4-cp37-cp37m-win32.whl", hash = "sha256:f3bc6af6e2b8f92eced34ef6a96ffb248e863af20ef4fde9448cc8c9b858b749"},
+    {file = "yarl-1.9.4-cp37-cp37m-win_amd64.whl", hash = "sha256:ad4d7a90a92e528aadf4965d685c17dacff3df282db1121136c382dc0b6014d2"},
+    {file = "yarl-1.9.4-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ec61d826d80fc293ed46c9dd26995921e3a82146feacd952ef0757236fc137be"},
+    {file = "yarl-1.9.4-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:8be9e837ea9113676e5754b43b940b50cce76d9ed7d2461df1af39a8ee674d9f"},
+    {file = "yarl-1.9.4-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:bef596fdaa8f26e3d66af846bbe77057237cb6e8efff8cd7cc8dff9a62278bbf"},
+    {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2d47552b6e52c3319fede1b60b3de120fe83bde9b7bddad11a69fb0af7db32f1"},
+    {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:84fc30f71689d7fc9168b92788abc977dc8cefa806909565fc2951d02f6b7d57"},
+    {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4aa9741085f635934f3a2583e16fcf62ba835719a8b2b28fb2917bb0537c1dfa"},
+    {file = "yarl-1.9.4-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:206a55215e6d05dbc6c98ce598a59e6fbd0c493e2de4ea6cc2f4934d5a18d130"},
+    {file = "yarl-1.9.4-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:07574b007ee20e5c375a8fe4a0789fad26db905f9813be0f9fef5a68080de559"},
+    {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:5a2e2433eb9344a163aced6a5f6c9222c0786e5a9e9cac2c89f0b28433f56e23"},
+    {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:6ad6d10ed9b67a382b45f29ea028f92d25bc0bc1daf6c5b801b90b5aa70fb9ec"},
+    {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:6fe79f998a4052d79e1c30eeb7d6c1c1056ad33300f682465e1b4e9b5a188b78"},
+    {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:a825ec844298c791fd28ed14ed1bffc56a98d15b8c58a20e0e08c1f5f2bea1be"},
+    {file = "yarl-1.9.4-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:8619d6915b3b0b34420cf9b2bb6d81ef59d984cb0fde7544e9ece32b4b3043c3"},
+    {file = "yarl-1.9.4-cp38-cp38-win32.whl", hash = "sha256:686a0c2f85f83463272ddffd4deb5e591c98aac1897d65e92319f729c320eece"},
+    {file = "yarl-1.9.4-cp38-cp38-win_amd64.whl", hash = "sha256:a00862fb23195b6b8322f7d781b0dc1d82cb3bcac346d1e38689370cc1cc398b"},
+    {file = "yarl-1.9.4-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:604f31d97fa493083ea21bd9b92c419012531c4e17ea6da0f65cacdcf5d0bd27"},
+    {file = "yarl-1.9.4-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:8a854227cf581330ffa2c4824d96e52ee621dd571078a252c25e3a3b3d94a1b1"},
+    {file = "yarl-1.9.4-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:ba6f52cbc7809cd8d74604cce9c14868306ae4aa0282016b641c661f981a6e91"},
+    {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a6327976c7c2f4ee6816eff196e25385ccc02cb81427952414a64811037bbc8b"},
+    {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8397a3817d7dcdd14bb266283cd1d6fc7264a48c186b986f32e86d86d35fbac5"},
+    {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e0381b4ce23ff92f8170080c97678040fc5b08da85e9e292292aba67fdac6c34"},
+    {file = "yarl-1.9.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:23d32a2594cb5d565d358a92e151315d1b2268bc10f4610d098f96b147370136"},
+    {file = "yarl-1.9.4-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ddb2a5c08a4eaaba605340fdee8fc08e406c56617566d9643ad8bf6852778fc7"},
+    {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:26a1dc6285e03f3cc9e839a2da83bcbf31dcb0d004c72d0730e755b33466c30e"},
+    {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:18580f672e44ce1238b82f7fb87d727c4a131f3a9d33a5e0e82b793362bf18b4"},
+    {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:29e0f83f37610f173eb7e7b5562dd71467993495e568e708d99e9d1944f561ec"},
+    {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:1f23e4fe1e8794f74b6027d7cf19dc25f8b63af1483d91d595d4a07eca1fb26c"},
+    {file = "yarl-1.9.4-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:db8e58b9d79200c76956cefd14d5c90af54416ff5353c5bfd7cbe58818e26ef0"},
+    {file = "yarl-1.9.4-cp39-cp39-win32.whl", hash = "sha256:c7224cab95645c7ab53791022ae77a4509472613e839dab722a72abe5a684575"},
+    {file = "yarl-1.9.4-cp39-cp39-win_amd64.whl", hash = "sha256:824d6c50492add5da9374875ce72db7a0733b29c2394890aef23d533106e2b15"},
+    {file = "yarl-1.9.4-py3-none-any.whl", hash = "sha256:928cecb0ef9d5a7946eb6ff58417ad2fe9375762382f1bf5c55e61645f2c43ad"},
+    {file = "yarl-1.9.4.tar.gz", hash = "sha256:566db86717cf8080b99b58b083b773a908ae40f06681e87e589a976faf8246bf"},
 ]
 
 [package.dependencies]
@@ -4394,4 +4542,4 @@ files = [
 [metadata]
 lock-version = "2.0"
 python-versions = "~3.12"
-content-hash = "d0fe6ae1be389f8a5ca5112aa90555e2ce0a4f336f07a1da9c43dd521e9d9340"
+content-hash = "9d28b9e79139895839ffcba88e2eaad0f842a15888f3f6f8c0ac8879616ac850"
diff --git a/pyproject.toml b/pyproject.toml
index 519dfee67..d26428045 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -17,12 +17,12 @@ pythonPlatform = "All"
 
 [tool.black]
 line-length = 100
-target-version = ['py311']
+target-version = ['py312']
 exclude = 'node_modules'
 
 [tool.ruff]
 line-length = 100
-target-version = "py311"
+target-version = "py312"
 exclude = ["**/migrations/**", "**/node_modules/**"]
 
 [tool.isort]
@@ -113,7 +113,7 @@ filterwarnings = [
 
 [tool.poetry]
 name = "authentik"
-version = "2023.10.4"
+version = "2023.10.5"
 description = ""
 authors = ["authentik Team <hello@goauthentik.io>"]
 
@@ -145,7 +145,12 @@ geoip2 = "*"
 gunicorn = "*"
 kubernetes = "*"
 ldap3 = "*"
-lxml = "*"
+lxml = [
+    # 5.0.0 works with libxml2 2.11.x, which is standard on brew
+    { version = "5.0.0", platform = "darwin" },
+    # 4.9.x works with previous libxml2 versions, which is what we get on linux
+    { version = "4.9.4", platform = "linux" },
+]
 opencontainers = { extras = ["reggie"], version = "*" }
 packaging = "*"
 paramiko = "*"
diff --git a/rac.Dockerfile b/rac.Dockerfile
new file mode 100644
index 000000000..ba69bd367
--- /dev/null
+++ b/rac.Dockerfile
@@ -0,0 +1,38 @@
+# syntax=docker/dockerfile:1
+
+# Stage 1: Build
+FROM docker.io/golang:1.21.5-bookworm AS builder
+
+WORKDIR /go/src/goauthentik.io
+
+RUN --mount=type=bind,target=/go/src/goauthentik.io/go.mod,src=./go.mod \
+    --mount=type=bind,target=/go/src/goauthentik.io/go.sum,src=./go.sum \
+    --mount=type=bind,target=/go/src/goauthentik.io/gen-go-api,src=./gen-go-api \
+    --mount=type=cache,target=/go/pkg/mod \
+    go mod download
+
+ENV CGO_ENABLED=0
+COPY . .
+RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \
+    --mount=type=cache,id=go-build-$TARGETARCH$TARGETVARIANT,sharing=locked,target=/root/.cache/go-build \
+    go build -o /go/rac ./cmd/rac
+
+# Stage 2: Run
+FROM ghcr.io/beryju/guacd:1.5.3
+
+ARG GIT_BUILD_HASH
+ENV GIT_BUILD_HASH=$GIT_BUILD_HASH
+
+LABEL org.opencontainers.image.url https://goauthentik.io
+LABEL org.opencontainers.image.description goauthentik.io RAC outpost, see https://goauthentik.io for more info.
+LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik
+LABEL org.opencontainers.image.version ${VERSION}
+LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH}
+
+COPY --from=builder /go/rac /
+
+HEALTHCHECK --interval=5s --retries=20 --start-period=3s CMD [ "/rac", "healthcheck" ]
+
+USER 1000
+
+ENTRYPOINT ["/rac"]
diff --git a/schema.yml b/schema.yml
index d36ee5d28..ed6a46fed 100644
--- a/schema.yml
+++ b/schema.yml
@@ -1,7 +1,7 @@
 openapi: 3.0.3
 info:
   title: authentik
-  version: 2023.10.4
+  version: 2023.10.5
   description: Making authentication simple.
   contact:
     email: hello@goauthentik.io
@@ -13953,6 +13953,279 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
+  /propertymappings/rac/:
+    get:
+      operationId: propertymappings_rac_list
+      description: RACPropertyMapping Viewset
+      parameters:
+      - in: query
+        name: managed
+        schema:
+          type: string
+      - in: query
+        name: name
+        schema:
+          type: string
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - name: search
+        required: false
+        in: query
+        description: A search term.
+        schema:
+          type: string
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedRACPropertyMappingList'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: propertymappings_rac_create
+      description: RACPropertyMapping Viewset
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RACPropertyMappingRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACPropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /propertymappings/rac/{pm_uuid}/:
+    get:
+      operationId: propertymappings_rac_retrieve
+      description: RACPropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACPropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: propertymappings_rac_update
+      description: RACPropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RACPropertyMappingRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACPropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: propertymappings_rac_partial_update
+      description: RACPropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedRACPropertyMappingRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACPropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: propertymappings_rac_destroy
+      description: RACPropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /propertymappings/rac/{pm_uuid}/used_by/:
+    get:
+      operationId: propertymappings_rac_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
   /propertymappings/saml/:
     get:
       operationId: propertymappings_saml_list
@@ -16060,6 +16333,274 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
+  /providers/rac/:
+    get:
+      operationId: providers_rac_list
+      description: RACProvider Viewset
+      parameters:
+      - in: query
+        name: application__isnull
+        schema:
+          type: boolean
+      - in: query
+        name: name__iexact
+        schema:
+          type: string
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - name: search
+        required: false
+        in: query
+        description: A search term.
+        schema:
+          type: string
+      tags:
+      - providers
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedRACProviderList'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: providers_rac_create
+      description: RACProvider Viewset
+      tags:
+      - providers
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RACProviderRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACProvider'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /providers/rac/{id}/:
+    get:
+      operationId: providers_rac_retrieve
+      description: RACProvider Viewset
+      parameters:
+      - in: path
+        name: id
+        schema:
+          type: integer
+        description: A unique integer value identifying this RAC Provider.
+        required: true
+      tags:
+      - providers
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACProvider'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: providers_rac_update
+      description: RACProvider Viewset
+      parameters:
+      - in: path
+        name: id
+        schema:
+          type: integer
+        description: A unique integer value identifying this RAC Provider.
+        required: true
+      tags:
+      - providers
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RACProviderRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACProvider'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: providers_rac_partial_update
+      description: RACProvider Viewset
+      parameters:
+      - in: path
+        name: id
+        schema:
+          type: integer
+        description: A unique integer value identifying this RAC Provider.
+        required: true
+      tags:
+      - providers
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedRACProviderRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RACProvider'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: providers_rac_destroy
+      description: RACProvider Viewset
+      parameters:
+      - in: path
+        name: id
+        schema:
+          type: integer
+        description: A unique integer value identifying this RAC Provider.
+        required: true
+      tags:
+      - providers
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /providers/rac/{id}/used_by/:
+    get:
+      operationId: providers_rac_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: id
+        schema:
+          type: integer
+        description: A unique integer value identifying this RAC Provider.
+        required: true
+      tags:
+      - providers
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
   /providers/radius/:
     get:
       operationId: providers_radius_list
@@ -17079,7 +17620,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Task'
+                $ref: '#/components/schemas/SCIMSyncStatus'
           description: ''
         '404':
           description: Task not found
@@ -17131,6 +17672,277 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
+  /rac/endpoints/:
+    get:
+      operationId: rac_endpoints_list
+      description: List accessible endpoints
+      parameters:
+      - in: query
+        name: name
+        schema:
+          type: string
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - in: query
+        name: provider
+        schema:
+          type: integer
+      - in: query
+        name: search
+        schema:
+          type: string
+      - in: query
+        name: superuser_full_list
+        schema:
+          type: boolean
+      tags:
+      - rac
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedEndpointList'
+          description: ''
+        '400':
+          description: Bad request
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: rac_endpoints_create
+      description: Endpoint Viewset
+      tags:
+      - rac
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/EndpointRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Endpoint'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /rac/endpoints/{pbm_uuid}/:
+    get:
+      operationId: rac_endpoints_retrieve
+      description: Endpoint Viewset
+      parameters:
+      - in: path
+        name: pbm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Endpoint.
+        required: true
+      tags:
+      - rac
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Endpoint'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: rac_endpoints_update
+      description: Endpoint Viewset
+      parameters:
+      - in: path
+        name: pbm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Endpoint.
+        required: true
+      tags:
+      - rac
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/EndpointRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Endpoint'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: rac_endpoints_partial_update
+      description: Endpoint Viewset
+      parameters:
+      - in: path
+        name: pbm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Endpoint.
+        required: true
+      tags:
+      - rac
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedEndpointRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Endpoint'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: rac_endpoints_destroy
+      description: Endpoint Viewset
+      parameters:
+      - in: path
+        name: pbm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Endpoint.
+        required: true
+      tags:
+      - rac
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /rac/endpoints/{pbm_uuid}/used_by/:
+    get:
+      operationId: rac_endpoints_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: pbm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this RAC Endpoint.
+        required: true
+      tags:
+      - rac
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
   /rbac/permissions/:
     get:
       operationId: rbac_permissions_list
@@ -17279,6 +18091,9 @@ paths:
           - authentik_providers_oauth2.refreshtoken
           - authentik_providers_oauth2.scopemapping
           - authentik_providers_proxy.proxyprovider
+          - authentik_providers_rac.endpoint
+          - authentik_providers_rac.racpropertymapping
+          - authentik_providers_rac.racprovider
           - authentik_providers_radius.radiusprovider
           - authentik_providers_saml.samlpropertymapping
           - authentik_providers_saml.samlprovider
@@ -17396,6 +18211,9 @@ paths:
           * `authentik_core.application` - Application
           * `authentik_core.token` - Token
           * `authentik_enterprise.license` - License
+          * `authentik_providers_rac.racprovider` - RAC Provider
+          * `authentik_providers_rac.endpoint` - RAC Endpoint
+          * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
         required: true
       - in: query
         name: object_pk
@@ -17567,6 +18385,9 @@ paths:
           - authentik_providers_oauth2.refreshtoken
           - authentik_providers_oauth2.scopemapping
           - authentik_providers_proxy.proxyprovider
+          - authentik_providers_rac.endpoint
+          - authentik_providers_rac.racpropertymapping
+          - authentik_providers_rac.racprovider
           - authentik_providers_radius.radiusprovider
           - authentik_providers_saml.samlpropertymapping
           - authentik_providers_saml.samlprovider
@@ -17684,6 +18505,9 @@ paths:
           * `authentik_core.application` - Application
           * `authentik_core.token` - Token
           * `authentik_enterprise.license` - License
+          * `authentik_providers_rac.racprovider` - RAC Provider
+          * `authentik_providers_rac.endpoint` - RAC Endpoint
+          * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
         required: true
       - in: query
         name: object_pk
@@ -18334,6 +19158,7 @@ paths:
           - tr
           - tt
           - udm
+          - ug
           - uk
           - ur
           - uz
@@ -26954,10 +27779,42 @@ paths:
       operationId: stages_user_login_list
       description: UserLoginStage Viewset
       parameters:
+      - in: query
+        name: geoip_binding
+        schema:
+          type: string
+          enum:
+          - bind_continent
+          - bind_continent_country
+          - bind_continent_country_city
+          - no_binding
+        description: |-
+          Bind sessions created by this stage to the configured GeoIP location
+
+          * `no_binding` - No Binding
+          * `bind_continent` - Bind Continent
+          * `bind_continent_country` - Bind Continent Country
+          * `bind_continent_country_city` - Bind Continent Country City
       - in: query
         name: name
         schema:
           type: string
+      - in: query
+        name: network_binding
+        schema:
+          type: string
+          enum:
+          - bind_asn
+          - bind_asn_network
+          - bind_asn_network_ip
+          - no_binding
+        description: |-
+          Bind sessions created by this stage to the configured network
+
+          * `no_binding` - No Binding
+          * `bind_asn` - Bind Asn
+          * `bind_asn_network` - Bind Asn Network
+          * `bind_asn_network_ip` - Bind Asn Network Ip
       - name: ordering
         required: false
         in: query
@@ -27913,6 +28770,7 @@ components:
       - authentik.blueprints
       - authentik.core
       - authentik.enterprise
+      - authentik.enterprise.providers.rac
       type: string
       description: |-
         * `authentik.admin` - authentik Admin
@@ -27964,6 +28822,7 @@ components:
         * `authentik.blueprints` - authentik Blueprints
         * `authentik.core` - authentik Core
         * `authentik.enterprise` - authentik Enterprise
+        * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
     AppleChallengeResponseRequest:
       type: object
       description: Pseudo class for plex response
@@ -28109,6 +28968,14 @@ components:
       required:
       - name
       - slug
+    AuthModeEnum:
+      enum:
+      - static
+      - prompt
+      type: string
+      description: |-
+        * `static` - Static
+        * `prompt` - Prompt
     AuthTypeEnum:
       enum:
       - basic
@@ -28279,7 +29146,7 @@ components:
           readOnly: true
         geo_ip:
           type: object
-          description: Get parsed user agent
+          description: Get GeoIP Data
           properties:
             continent:
               type: string
@@ -28301,6 +29168,24 @@ components:
           - long
           nullable: true
           readOnly: true
+        asn:
+          type: object
+          description: Get ASN Data
+          properties:
+            asn:
+              type: integer
+            as_org:
+              type: string
+              nullable: true
+            network:
+              type: string
+              nullable: true
+          required:
+          - as_org
+          - asn
+          - network
+          nullable: true
+          readOnly: true
         user:
           type: integer
         last_ip:
@@ -28315,6 +29200,7 @@ components:
           type: string
           format: date-time
       required:
+      - asn
       - current
       - geo_ip
       - last_ip
@@ -28327,12 +29213,14 @@ components:
       - require_authenticated
       - require_unauthenticated
       - require_superuser
+      - require_outpost
       type: string
       description: |-
         * `none` - None
         * `require_authenticated` - Require Authenticated
         * `require_unauthenticated` - Require Unauthenticated
         * `require_superuser` - Require Superuser
+        * `require_outpost` - Require Outpost
     AuthenticatorAttachmentEnum:
       enum:
       - platform
@@ -29205,9 +30093,7 @@ components:
         path:
           type: string
           default: ''
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         last_applied:
           type: string
           format: date-time
@@ -29227,8 +30113,6 @@ components:
             type: string
           readOnly: true
         metadata:
-          type: object
-          additionalProperties: {}
           readOnly: true
         content:
           type: string
@@ -29250,9 +30134,7 @@ components:
         path:
           type: string
           default: ''
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         enabled:
           type: boolean
         content:
@@ -29286,6 +30168,7 @@ components:
       enum:
       - can_save_media
       - can_geo_ip
+      - can_asn
       - can_impersonate
       - can_debug
       - is_enterprise
@@ -29293,6 +30176,7 @@ components:
       description: |-
         * `can_save_media` - Can Save Media
         * `can_geo_ip` - Can Geo Ip
+        * `can_asn` - Can Asn
         * `can_impersonate` - Can Impersonate
         * `can_debug` - Can Debug
         * `is_enterprise` - Is Enterprise
@@ -29772,10 +30656,24 @@ components:
         cancel_url:
           type: string
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/ContextualFlowInfoLayoutEnum'
       required:
       - cancel_url
       - layout
+    ContextualFlowInfoLayoutEnum:
+      enum:
+      - stacked
+      - content_left
+      - content_right
+      - sidebar_left
+      - sidebar_right
+      type: string
+      description: |-
+        * `stacked` - STACKED
+        * `content_left` - CONTENT_LEFT
+        * `content_right` - CONTENT_RIGHT
+        * `sidebar_left` - SIDEBAR_LEFT
+        * `sidebar_right` - SIDEBAR_RIGHT
     Coordinate:
       type: object
       description: Coordinates for diagrams
@@ -30447,6 +31345,87 @@ components:
           description: Activate users upon completion of stage.
       required:
       - name
+    Endpoint:
+      type: object
+      description: Endpoint Serializer
+      properties:
+        pk:
+          type: string
+          format: uuid
+          readOnly: true
+          title: Pbm uuid
+        name:
+          type: string
+        provider:
+          type: integer
+        provider_obj:
+          allOf:
+          - $ref: '#/components/schemas/RACProvider'
+          readOnly: true
+        protocol:
+          $ref: '#/components/schemas/ProtocolEnum'
+        host:
+          type: string
+        settings: {}
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        auth_mode:
+          $ref: '#/components/schemas/AuthModeEnum'
+        launch_url:
+          type: string
+          nullable: true
+          description: |-
+            Build actual launch URL (the provider itself does not have one, just
+            individual endpoints)
+          readOnly: true
+        maximum_connections:
+          type: integer
+          maximum: 2147483647
+          minimum: -2147483648
+      required:
+      - auth_mode
+      - host
+      - launch_url
+      - name
+      - pk
+      - protocol
+      - provider
+      - provider_obj
+    EndpointRequest:
+      type: object
+      description: Endpoint Serializer
+      properties:
+        name:
+          type: string
+          minLength: 1
+        provider:
+          type: integer
+        protocol:
+          $ref: '#/components/schemas/ProtocolEnum'
+        host:
+          type: string
+          minLength: 1
+        settings: {}
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        auth_mode:
+          $ref: '#/components/schemas/AuthModeEnum'
+        maximum_connections:
+          type: integer
+          maximum: 2147483647
+          minimum: -2147483648
+      required:
+      - auth_mode
+      - host
+      - name
+      - protocol
+      - provider
     ErrorDetail:
       type: object
       description: Serializer for rest_framework's error messages
@@ -30493,16 +31472,12 @@ components:
           format: uuid
           readOnly: true
           title: Event uuid
-        user:
-          type: object
-          additionalProperties: {}
+        user: {}
         action:
           $ref: '#/components/schemas/EventActions'
         app:
           type: string
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         client_ip:
           type: string
           nullable: true
@@ -30513,9 +31488,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant:
-          type: object
-          additionalProperties: {}
+        tenant: {}
       required:
       - action
       - app
@@ -30709,6 +31682,7 @@ components:
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
+            * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
         model:
           allOf:
           - $ref: '#/components/schemas/ModelEnum'
@@ -30790,6 +31764,9 @@ components:
             * `authentik_core.application` - Application
             * `authentik_core.token` - Token
             * `authentik_enterprise.license` - License
+            * `authentik_providers_rac.racprovider` - RAC Provider
+            * `authentik_providers_rac.endpoint` - RAC Endpoint
+            * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
       required:
       - bound_to
       - component
@@ -30905,6 +31882,7 @@ components:
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
+            * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
         model:
           allOf:
           - $ref: '#/components/schemas/ModelEnum'
@@ -30986,23 +31964,22 @@ components:
             * `authentik_core.application` - Application
             * `authentik_core.token` - Token
             * `authentik_enterprise.license` - License
+            * `authentik_providers_rac.racprovider` - RAC Provider
+            * `authentik_providers_rac.endpoint` - RAC Endpoint
+            * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
       required:
       - name
     EventRequest:
       type: object
       description: Event Serializer
       properties:
-        user:
-          type: object
-          additionalProperties: {}
+        user: {}
         action:
           $ref: '#/components/schemas/EventActions'
         app:
           type: string
           minLength: 1
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         client_ip:
           type: string
           nullable: true
@@ -31010,9 +31987,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant:
-          type: object
-          additionalProperties: {}
+        tenant: {}
       required:
       - action
       - app
@@ -31311,7 +32286,7 @@ components:
           description: Get export URL for flow
           readOnly: true
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/FlowLayoutEnum'
         denied_action:
           allOf:
           - $ref: '#/components/schemas/DeniedActionEnum'
@@ -31331,6 +32306,7 @@ components:
             * `require_authenticated` - Require Authenticated
             * `require_unauthenticated` - Require Unauthenticated
             * `require_superuser` - Require Superuser
+            * `require_outpost` - Require Outpost
       required:
       - background
       - cache_count
@@ -31498,6 +32474,20 @@ components:
       - next_planned_stage
       - plan_context
       - session_id
+    FlowLayoutEnum:
+      enum:
+      - stacked
+      - content_left
+      - content_right
+      - sidebar_left
+      - sidebar_right
+      type: string
+      description: |-
+        * `stacked` - Stacked
+        * `content_left` - Content Left
+        * `content_right` - Content Right
+        * `sidebar_left` - Sidebar Left
+        * `sidebar_right` - Sidebar Right
     FlowRequest:
       type: object
       description: Flow Serializer
@@ -31535,7 +32525,7 @@ components:
           description: Enable compatibility mode, increases compatibility with password
             managers on mobile devices.
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/FlowLayoutEnum'
         denied_action:
           allOf:
           - $ref: '#/components/schemas/DeniedActionEnum'
@@ -31555,6 +32545,7 @@ components:
             * `require_authenticated` - Require Authenticated
             * `require_unauthenticated` - Require Unauthenticated
             * `require_superuser` - Require Superuser
+            * `require_outpost` - Require Outpost
       required:
       - designation
       - name
@@ -31613,7 +32604,7 @@ components:
           description: Get export URL for flow
           readOnly: true
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/FlowLayoutEnum'
         denied_action:
           allOf:
           - $ref: '#/components/schemas/DeniedActionEnum'
@@ -31669,7 +32660,7 @@ components:
           description: Enable compatibility mode, increases compatibility with password
             managers on mobile devices.
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/FlowLayoutEnum'
         denied_action:
           allOf:
           - $ref: '#/components/schemas/DeniedActionEnum'
@@ -31793,6 +32784,18 @@ components:
           type: string
       required:
       - detail
+    GeoipBindingEnum:
+      enum:
+      - no_binding
+      - bind_continent
+      - bind_continent_country
+      - bind_continent_country_city
+      type: string
+      description: |-
+        * `no_binding` - No Binding
+        * `bind_continent` - Bind Continent
+        * `bind_continent_country` - Bind Continent Country
+        * `bind_continent_country_city` - Bind Continent Country City
     Group:
       type: object
       description: Group Serializer
@@ -32361,8 +33364,6 @@ components:
           description: Return internal model name
           readOnly: true
         kubeconfig:
-          type: object
-          additionalProperties: {}
           description: Paste your kubeconfig here. authentik will automatically use
             the currently selected context.
         verify_ssl:
@@ -32387,8 +33388,6 @@ components:
           description: If enabled, use the local connection. Required Docker socket/Kubernetes
             Integration
         kubeconfig:
-          type: object
-          additionalProperties: {}
           description: Paste your kubeconfig here. authentik will automatically use
             the currently selected context.
         verify_ssl:
@@ -33053,20 +34052,6 @@ components:
       required:
       - is_running
       - tasks
-    LayoutEnum:
-      enum:
-      - stacked
-      - content_left
-      - content_right
-      - sidebar_left
-      - sidebar_right
-      type: string
-      description: |-
-        * `stacked` - STACKED
-        * `content_left` - CONTENT_LEFT
-        * `content_right` - CONTENT_RIGHT
-        * `sidebar_left` - SIDEBAR_LEFT
-        * `sidebar_right` - SIDEBAR_RIGHT
     License:
       type: object
       description: License Serializer
@@ -33297,6 +34282,9 @@ components:
       - authentik_core.application
       - authentik_core.token
       - authentik_enterprise.license
+      - authentik_providers_rac.racprovider
+      - authentik_providers_rac.endpoint
+      - authentik_providers_rac.racpropertymapping
       type: string
       description: |-
         * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
@@ -33373,6 +34361,9 @@ components:
         * `authentik_core.application` - Application
         * `authentik_core.token` - Token
         * `authentik_enterprise.license` - License
+        * `authentik_providers_rac.racprovider` - RAC Provider
+        * `authentik_providers_rac.endpoint` - RAC Endpoint
+        * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
     NameIdPolicyEnum:
       enum:
       - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
@@ -33387,6 +34378,18 @@ components:
         * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
         * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
         * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
+    NetworkBindingEnum:
+      enum:
+      - no_binding
+      - bind_asn
+      - bind_asn_network
+      - bind_asn_network_ip
+      type: string
+      description: |-
+        * `no_binding` - No Binding
+        * `bind_asn` - Bind Asn
+        * `bind_asn_network` - Bind Asn Network
+        * `bind_asn_network_ip` - Bind Asn Network Ip
     NotConfiguredActionEnum:
       enum:
       - skip
@@ -34052,9 +35055,7 @@ components:
           type: string
         oidc_jwks_url:
           type: string
-        oidc_jwks:
-          type: object
-          additionalProperties: {}
+        oidc_jwks: {}
       required:
       - callback_url
       - component
@@ -34151,9 +35152,7 @@ components:
           type: string
         oidc_jwks_url:
           type: string
-        oidc_jwks:
-          type: object
-          additionalProperties: {}
+        oidc_jwks: {}
       required:
       - consumer_key
       - consumer_secret
@@ -34351,11 +35350,13 @@ components:
       - proxy
       - ldap
       - radius
+      - rac
       type: string
       description: |-
         * `proxy` - Proxy
         * `ldap` - Ldap
         * `radius` - Radius
+        * `rac` - Rac
     PaginatedApplicationList:
       type: object
       properties:
@@ -34572,6 +35573,18 @@ components:
       required:
       - pagination
       - results
+    PaginatedEndpointList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/Endpoint'
+      required:
+      - pagination
+      - results
     PaginatedEventList:
       type: object
       properties:
@@ -35040,6 +36053,30 @@ components:
       required:
       - pagination
       - results
+    PaginatedRACPropertyMappingList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/RACPropertyMapping'
+      required:
+      - pagination
+      - results
+    PaginatedRACProviderList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/RACProvider'
+      required:
+      - pagination
+      - results
     PaginatedRadiusOutpostConfigList:
       type: object
       properties:
@@ -36042,9 +37079,7 @@ components:
         path:
           type: string
           default: ''
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         enabled:
           type: boolean
         content:
@@ -36249,6 +37284,32 @@ components:
         activate_user_on_success:
           type: boolean
           description: Activate users upon completion of stage.
+    PatchedEndpointRequest:
+      type: object
+      description: Endpoint Serializer
+      properties:
+        name:
+          type: string
+          minLength: 1
+        provider:
+          type: integer
+        protocol:
+          $ref: '#/components/schemas/ProtocolEnum'
+        host:
+          type: string
+          minLength: 1
+        settings: {}
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        auth_mode:
+          $ref: '#/components/schemas/AuthModeEnum'
+        maximum_connections:
+          type: integer
+          maximum: 2147483647
+          minimum: -2147483648
     PatchedEventMatcherPolicyRequest:
       type: object
       description: Event Matcher Policy Serializer
@@ -36356,6 +37417,7 @@ components:
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
+            * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
         model:
           allOf:
           - $ref: '#/components/schemas/ModelEnum'
@@ -36437,21 +37499,20 @@ components:
             * `authentik_core.application` - Application
             * `authentik_core.token` - Token
             * `authentik_enterprise.license` - License
+            * `authentik_providers_rac.racprovider` - RAC Provider
+            * `authentik_providers_rac.endpoint` - RAC Endpoint
+            * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
     PatchedEventRequest:
       type: object
       description: Event Serializer
       properties:
-        user:
-          type: object
-          additionalProperties: {}
+        user: {}
         action:
           $ref: '#/components/schemas/EventActions'
         app:
           type: string
           minLength: 1
-        context:
-          type: object
-          additionalProperties: {}
+        context: {}
         client_ip:
           type: string
           nullable: true
@@ -36459,9 +37520,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant:
-          type: object
-          additionalProperties: {}
+        tenant: {}
     PatchedExpressionPolicyRequest:
       type: object
       description: Group Membership Policy Serializer
@@ -36513,7 +37572,7 @@ components:
           description: Enable compatibility mode, increases compatibility with password
             managers on mobile devices.
         layout:
-          $ref: '#/components/schemas/LayoutEnum'
+          $ref: '#/components/schemas/FlowLayoutEnum'
         denied_action:
           allOf:
           - $ref: '#/components/schemas/DeniedActionEnum'
@@ -36533,6 +37592,7 @@ components:
             * `require_authenticated` - Require Authenticated
             * `require_unauthenticated` - Require Unauthenticated
             * `require_superuser` - Require Superuser
+            * `require_outpost` - Require Outpost
     PatchedFlowStageBindingRequest:
       type: object
       description: FlowStageBinding Serializer
@@ -36703,8 +37763,6 @@ components:
           description: If enabled, use the local connection. Required Docker socket/Kubernetes
             Integration
         kubeconfig:
-          type: object
-          additionalProperties: {}
           description: Paste your kubeconfig here. authentik will automatically use
             the currently selected context.
         verify_ssl:
@@ -37165,9 +38223,7 @@ components:
           type: string
         oidc_jwks_url:
           type: string
-        oidc_jwks:
-          type: object
-          additionalProperties: {}
+        oidc_jwks: {}
     PatchedOutpostRequest:
       type: object
       description: Outpost Serializer
@@ -37572,6 +38628,55 @@ components:
           minLength: 1
           description: 'Tokens not valid on or after current time + this value (Format:
             hours=1;minutes=2;seconds=3).'
+    PatchedRACPropertyMappingRequest:
+      type: object
+      description: RACPropertyMapping Serializer
+      properties:
+        managed:
+          type: string
+          nullable: true
+          minLength: 1
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+          minLength: 1
+        expression:
+          type: string
+        static_settings:
+          type: object
+          additionalProperties: {}
+    PatchedRACProviderRequest:
+      type: object
+      description: RACProvider Serializer
+      properties:
+        name:
+          type: string
+          minLength: 1
+        authentication_flow:
+          type: string
+          format: uuid
+          nullable: true
+          description: Flow used for authentication when the associated application
+            is accessed by an un-authenticated user.
+        authorization_flow:
+          type: string
+          format: uuid
+          description: Flow used when authorizing this provider.
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        settings: {}
+        connection_expiry:
+          type: string
+          minLength: 1
+          description: 'Determines how long a session lasts. Default of 0 means that
+            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
     PatchedRadiusProviderRequest:
       type: object
       description: RadiusProvider Serializer
@@ -38011,9 +39116,7 @@ components:
           format: uuid
           nullable: true
           description: Web Certificate used by the authentik Core webserver.
-        attributes:
-          type: object
-          additionalProperties: {}
+        attributes: {}
     PatchedTokenRequest:
       type: object
       description: Token Serializer
@@ -38079,6 +39182,26 @@ components:
           description: 'Offset the session will be extended by when the user picks
             the remember me option. Default of 0 means that the remember me option
             will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
+        network_binding:
+          allOf:
+          - $ref: '#/components/schemas/NetworkBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured network
+
+            * `no_binding` - No Binding
+            * `bind_asn` - Bind Asn
+            * `bind_asn_network` - Bind Asn Network
+            * `bind_asn_network_ip` - Bind Asn Network Ip
+        geoip_binding:
+          allOf:
+          - $ref: '#/components/schemas/GeoipBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured GeoIP location
+
+            * `no_binding` - No Binding
+            * `bind_continent` - Bind Continent
+            * `bind_continent_country` - Bind Continent Country
+            * `bind_continent_country_city` - Bind Continent Country City
     PatchedUserLogoutStageRequest:
       type: object
       description: UserLogoutStage Serializer
@@ -38989,6 +40112,16 @@ components:
       required:
       - result
       - successful
+    ProtocolEnum:
+      enum:
+      - rdp
+      - vnc
+      - ssh
+      type: string
+      description: |-
+        * `rdp` - Rdp
+        * `vnc` - Vnc
+        * `ssh` - Ssh
     Provider:
       type: object
       description: Provider Serializer
@@ -39071,6 +40204,7 @@ components:
       - authentik_providers_ldap.ldapprovider
       - authentik_providers_oauth2.oauth2provider
       - authentik_providers_proxy.proxyprovider
+      - authentik_providers_rac.racprovider
       - authentik_providers_radius.radiusprovider
       - authentik_providers_saml.samlprovider
       - authentik_providers_scim.scimprovider
@@ -39079,6 +40213,7 @@ components:
         * `authentik_providers_ldap.ldapprovider` - authentik_providers_ldap.ldapprovider
         * `authentik_providers_oauth2.oauth2provider` - authentik_providers_oauth2.oauth2provider
         * `authentik_providers_proxy.proxyprovider` - authentik_providers_proxy.proxyprovider
+        * `authentik_providers_rac.racprovider` - authentik_providers_rac.racprovider
         * `authentik_providers_radius.radiusprovider` - authentik_providers_radius.radiusprovider
         * `authentik_providers_saml.samlprovider` - authentik_providers_saml.samlprovider
         * `authentik_providers_scim.scimprovider` - authentik_providers_scim.scimprovider
@@ -39110,13 +40245,13 @@ components:
     ProviderTypeEnum:
       enum:
       - apple
+      - openidconnect
       - azuread
       - discord
       - facebook
       - github
       - google
       - mailcow
-      - openidconnect
       - okta
       - patreon
       - reddit
@@ -39125,13 +40260,13 @@ components:
       type: string
       description: |-
         * `apple` - Apple
+        * `openidconnect` - OpenID Connect
         * `azuread` - Azure AD
         * `discord` - Discord
         * `facebook` - Facebook
         * `github` - GitHub
         * `google` - Google
         * `mailcow` - Mailcow
-        * `openidconnect` - OpenID Connect
         * `okta` - Okta
         * `patreon` - Patreon
         * `reddit` - Reddit
@@ -39486,6 +40621,189 @@ components:
       - authorization_flow
       - external_host
       - name
+    RACPropertyMapping:
+      type: object
+      description: RACPropertyMapping Serializer
+      properties:
+        pk:
+          type: string
+          format: uuid
+          readOnly: true
+          title: Pm uuid
+        managed:
+          type: string
+          nullable: true
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+        expression:
+          type: string
+        component:
+          type: string
+          description: Get object's component so that we know how to edit the object
+          readOnly: true
+        verbose_name:
+          type: string
+          description: Return object's verbose_name
+          readOnly: true
+        verbose_name_plural:
+          type: string
+          description: Return object's plural verbose_name
+          readOnly: true
+        meta_model_name:
+          type: string
+          description: Return internal model name
+          readOnly: true
+        static_settings:
+          type: object
+          additionalProperties: {}
+      required:
+      - component
+      - meta_model_name
+      - name
+      - pk
+      - static_settings
+      - verbose_name
+      - verbose_name_plural
+    RACPropertyMappingRequest:
+      type: object
+      description: RACPropertyMapping Serializer
+      properties:
+        managed:
+          type: string
+          nullable: true
+          minLength: 1
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+          minLength: 1
+        expression:
+          type: string
+        static_settings:
+          type: object
+          additionalProperties: {}
+      required:
+      - name
+      - static_settings
+    RACProvider:
+      type: object
+      description: RACProvider Serializer
+      properties:
+        pk:
+          type: integer
+          readOnly: true
+          title: ID
+        name:
+          type: string
+        authentication_flow:
+          type: string
+          format: uuid
+          nullable: true
+          description: Flow used for authentication when the associated application
+            is accessed by an un-authenticated user.
+        authorization_flow:
+          type: string
+          format: uuid
+          description: Flow used when authorizing this provider.
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        component:
+          type: string
+          description: Get object component so that we know how to edit the object
+          readOnly: true
+        assigned_application_slug:
+          type: string
+          description: Internal application name, used in URLs.
+          readOnly: true
+        assigned_application_name:
+          type: string
+          description: Application's display Name.
+          readOnly: true
+        assigned_backchannel_application_slug:
+          type: string
+          description: Internal application name, used in URLs.
+          readOnly: true
+        assigned_backchannel_application_name:
+          type: string
+          description: Application's display Name.
+          readOnly: true
+        verbose_name:
+          type: string
+          description: Return object's verbose_name
+          readOnly: true
+        verbose_name_plural:
+          type: string
+          description: Return object's plural verbose_name
+          readOnly: true
+        meta_model_name:
+          type: string
+          description: Return internal model name
+          readOnly: true
+        settings: {}
+        outpost_set:
+          type: array
+          items:
+            type: string
+          readOnly: true
+        connection_expiry:
+          type: string
+          description: 'Determines how long a session lasts. Default of 0 means that
+            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
+      required:
+      - assigned_application_name
+      - assigned_application_slug
+      - assigned_backchannel_application_name
+      - assigned_backchannel_application_slug
+      - authorization_flow
+      - component
+      - meta_model_name
+      - name
+      - outpost_set
+      - pk
+      - verbose_name
+      - verbose_name_plural
+    RACProviderRequest:
+      type: object
+      description: RACProvider Serializer
+      properties:
+        name:
+          type: string
+          minLength: 1
+        authentication_flow:
+          type: string
+          format: uuid
+          nullable: true
+          description: Flow used for authentication when the associated application
+            is accessed by an un-authenticated user.
+        authorization_flow:
+          type: string
+          format: uuid
+          description: Flow used when authorizing this provider.
+        property_mappings:
+          type: array
+          items:
+            type: string
+            format: uuid
+        settings: {}
+        connection_expiry:
+          type: string
+          minLength: 1
+          description: 'Determines how long a session lasts. Default of 0 means that
+            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
+      required:
+      - authorization_flow
+      - name
     RadiusOutpostConfig:
       type: object
       description: RadiusProvider Serializer
@@ -39686,9 +41004,8 @@ components:
           type: string
         ip:
           type: string
-        ip_geo_data:
-          type: object
-          additionalProperties: {}
+        ip_geo_data: {}
+        ip_asn_data: {}
         score:
           type: integer
           maximum: 9223372036854775807
@@ -40645,6 +41962,21 @@ components:
       - name
       - token
       - url
+    SCIMSyncStatus:
+      type: object
+      description: SCIM Provider sync status
+      properties:
+        is_running:
+          type: boolean
+          readOnly: true
+        tasks:
+          type: array
+          items:
+            $ref: '#/components/schemas/Task'
+          readOnly: true
+      required:
+      - is_running
+      - tasks
     SMSDevice:
       type: object
       description: Serializer for sms authenticator devices
@@ -41415,9 +42747,7 @@ components:
           format: uuid
           nullable: true
           description: Web Certificate used by the authentik Core webserver.
-        attributes:
-          type: object
-          additionalProperties: {}
+        attributes: {}
       required:
       - domain
       - tenant_uuid
@@ -41474,9 +42804,7 @@ components:
           format: uuid
           nullable: true
           description: Web Certificate used by the authentik Core webserver.
-        attributes:
-          type: object
-          additionalProperties: {}
+        attributes: {}
       required:
       - domain
     Token:
@@ -41642,6 +42970,9 @@ components:
           type: string
         model_name:
           type: string
+        requires_enterprise:
+          type: boolean
+          default: false
       required:
       - component
       - description
@@ -42041,6 +43372,26 @@ components:
           description: 'Offset the session will be extended by when the user picks
             the remember me option. Default of 0 means that the remember me option
             will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
+        network_binding:
+          allOf:
+          - $ref: '#/components/schemas/NetworkBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured network
+
+            * `no_binding` - No Binding
+            * `bind_asn` - Bind Asn
+            * `bind_asn_network` - Bind Asn Network
+            * `bind_asn_network_ip` - Bind Asn Network Ip
+        geoip_binding:
+          allOf:
+          - $ref: '#/components/schemas/GeoipBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured GeoIP location
+
+            * `no_binding` - No Binding
+            * `bind_continent` - Bind Continent
+            * `bind_continent_country` - Bind Continent Country
+            * `bind_continent_country_city` - Bind Continent Country City
       required:
       - component
       - meta_model_name
@@ -42073,6 +43424,26 @@ components:
           description: 'Offset the session will be extended by when the user picks
             the remember me option. Default of 0 means that the remember me option
             will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
+        network_binding:
+          allOf:
+          - $ref: '#/components/schemas/NetworkBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured network
+
+            * `no_binding` - No Binding
+            * `bind_asn` - Bind Asn
+            * `bind_asn_network` - Bind Asn Network
+            * `bind_asn_network_ip` - Bind Asn Network Ip
+        geoip_binding:
+          allOf:
+          - $ref: '#/components/schemas/GeoipBindingEnum'
+          description: |-
+            Bind sessions created by this stage to the configured GeoIP location
+
+            * `no_binding` - No Binding
+            * `bind_continent` - Bind Continent
+            * `bind_continent_country` - Bind Continent Country
+            * `bind_continent_country_city` - Bind Continent Country City
       required:
       - name
     UserLogoutStage:
@@ -42659,6 +44030,7 @@ components:
       - $ref: '#/components/schemas/LDAPProviderRequest'
       - $ref: '#/components/schemas/OAuth2ProviderRequest'
       - $ref: '#/components/schemas/ProxyProviderRequest'
+      - $ref: '#/components/schemas/RACProviderRequest'
       - $ref: '#/components/schemas/RadiusProviderRequest'
       - $ref: '#/components/schemas/SAMLProviderRequest'
       - $ref: '#/components/schemas/SCIMProviderRequest'
@@ -42668,6 +44040,7 @@ components:
           authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
           authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
           authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
+          authentik_providers_rac.racprovider: '#/components/schemas/RACProviderRequest'
           authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
           authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
           authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
diff --git a/scripts/generate_config.py b/scripts/generate_config.py
index 187eb3ba5..965e3e15e 100644
--- a/scripts/generate_config.py
+++ b/scripts/generate_config.py
@@ -17,7 +17,12 @@ with open("local.env.yml", "w", encoding="utf-8") as _config:
             },
             "blueprints_dir": "./blueprints",
             "cert_discovery_dir": "./certs",
-            "geoip": "tests/GeoLite2-City-Test.mmdb",
+            "events": {
+                "processors": {
+                    "geoip": "tests/GeoLite2-City-Test.mmdb",
+                    "asn": "tests/GeoLite2-ASN-Test.mmdb",
+                }
+            },
         },
         _config,
         default_flow_style=False,
diff --git a/tests/GeoLite2-ASN-Test.mmdb b/tests/GeoLite2-ASN-Test.mmdb
new file mode 100644
index 000000000..3e5033144
Binary files /dev/null and b/tests/GeoLite2-ASN-Test.mmdb differ
diff --git a/tests/e2e/test_provider_ldap.py b/tests/e2e/test_provider_ldap.py
index aa12587ab..aad5e7826 100644
--- a/tests/e2e/test_provider_ldap.py
+++ b/tests/e2e/test_provider_ldap.py
@@ -1,8 +1,6 @@
 """LDAP and Outpost e2e tests"""
 from dataclasses import asdict
-from sys import platform
 from time import sleep
-from unittest.case import skipUnless
 
 from docker.client import DockerClient, from_env
 from docker.models.containers import Container
@@ -14,13 +12,13 @@ from authentik.blueprints.tests import apply_blueprint, reconcile_app
 from authentik.core.models import Application, User
 from authentik.events.models import Event, EventAction
 from authentik.flows.models import Flow
+from authentik.lib.generators import generate_id
 from authentik.outposts.apps import MANAGED_OUTPOST
 from authentik.outposts.models import Outpost, OutpostConfig, OutpostType
 from authentik.providers.ldap.models import APIAccessMode, LDAPProvider
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderLDAP(SeleniumTestCase):
     """LDAP and Outpost e2e tests"""
 
@@ -37,7 +35,10 @@ class TestProviderLDAP(SeleniumTestCase):
         container = client.containers.run(
             image=self.get_container_image("ghcr.io/goauthentik/dev-ldap"),
             detach=True,
-            network_mode="host",
+            ports={
+                "3389": "3389",
+                "6636": "6636",
+            },
             environment={
                 "AUTHENTIK_HOST": self.live_server_url,
                 "AUTHENTIK_TOKEN": outpost.token.key,
@@ -51,15 +52,15 @@ class TestProviderLDAP(SeleniumTestCase):
         self.user.save()
 
         ldap: LDAPProvider = LDAPProvider.objects.create(
-            name="ldap_provider",
+            name=generate_id(),
             authorization_flow=Flow.objects.get(slug="default-authentication-flow"),
             search_group=self.user.ak_groups.first(),
             search_mode=APIAccessMode.CACHED,
         )
         # we need to create an application to actually access the ldap
-        Application.objects.create(name="ldap", slug="ldap", provider=ldap)
+        Application.objects.create(name=generate_id(), slug=generate_id(), provider=ldap)
         outpost: Outpost = Outpost.objects.create(
-            name="ldap_outpost",
+            name=generate_id(),
             type=OutpostType.LDAP,
             _config=asdict(OutpostConfig(log_level="debug")),
         )
diff --git a/tests/e2e/test_provider_oauth2_github.py b/tests/e2e/test_provider_oauth2_github.py
index 7df12137b..5095421a8 100644
--- a/tests/e2e/test_provider_oauth2_github.py
+++ b/tests/e2e/test_provider_oauth2_github.py
@@ -1,8 +1,6 @@
 """test OAuth Provider flow"""
-from sys import platform
 from time import sleep
 from typing import Any, Optional
-from unittest.case import skipUnless
 
 from docker.types import Healthcheck
 from selenium.webdriver.common.by import By
@@ -18,7 +16,6 @@ from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderOAuth2Github(SeleniumTestCase):
     """test OAuth Provider flow"""
 
@@ -32,7 +29,9 @@ class TestProviderOAuth2Github(SeleniumTestCase):
         return {
             "image": "grafana/grafana:7.1.0",
             "detach": True,
-            "network_mode": "host",
+            "ports": {
+                "3000": "3000",
+            },
             "auto_remove": True,
             "healthcheck": Healthcheck(
                 test=["CMD", "wget", "--spider", "http://localhost:3000"],
@@ -75,7 +74,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             slug="default-provider-authorization-implicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_id=self.client_id,
             client_secret=self.client_secret,
             client_type=ClientTypes.CONFIDENTIAL,
@@ -83,8 +82,8 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             authorization_flow=authorization_flow,
         )
         Application.objects.create(
-            name="Grafana",
-            slug="grafana",
+            name=generate_id(),
+            slug=generate_id(),
             provider=provider,
         )
 
@@ -130,7 +129,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             slug="default-provider-authorization-explicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_id=self.client_id,
             client_secret=self.client_secret,
             client_type=ClientTypes.CONFIDENTIAL,
@@ -138,8 +137,8 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             authorization_flow=authorization_flow,
         )
         app = Application.objects.create(
-            name="Grafana",
-            slug="grafana",
+            name=generate_id(),
+            slug=generate_id(),
             provider=provider,
         )
 
@@ -201,7 +200,7 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             slug="default-provider-authorization-explicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_id=self.client_id,
             client_secret=self.client_secret,
             client_type=ClientTypes.CONFIDENTIAL,
@@ -209,8 +208,8 @@ class TestProviderOAuth2Github(SeleniumTestCase):
             authorization_flow=authorization_flow,
         )
         app = Application.objects.create(
-            name="Grafana",
-            slug="grafana",
+            name=generate_id(),
+            slug=generate_id(),
             provider=provider,
         )
 
diff --git a/tests/e2e/test_provider_oauth2_grafana.py b/tests/e2e/test_provider_oauth2_grafana.py
index fdb75e1b9..fa8f12d1d 100644
--- a/tests/e2e/test_provider_oauth2_grafana.py
+++ b/tests/e2e/test_provider_oauth2_grafana.py
@@ -1,8 +1,6 @@
 """test OAuth2 OpenID Provider flow"""
-from sys import platform
 from time import sleep
 from typing import Any, Optional
-from unittest.case import skipUnless
 
 from docker.types import Healthcheck
 from selenium.webdriver.common.by import By
@@ -16,6 +14,7 @@ from authentik.lib.generators import generate_id, generate_key
 from authentik.policies.expression.models import ExpressionPolicy
 from authentik.policies.models import PolicyBinding
 from authentik.providers.oauth2.constants import (
+    SCOPE_OFFLINE_ACCESS,
     SCOPE_OPENID,
     SCOPE_OPENID_EMAIL,
     SCOPE_OPENID_PROFILE,
@@ -24,7 +23,6 @@ from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, Scope
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderOAuth2OAuth(SeleniumTestCase):
     """test OAuth with OAuth Provider flow"""
 
@@ -38,13 +36,15 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         return {
             "image": "grafana/grafana:7.1.0",
             "detach": True,
-            "network_mode": "host",
             "auto_remove": True,
             "healthcheck": Healthcheck(
                 test=["CMD", "wget", "--spider", "http://localhost:3000"],
                 interval=5 * 1_000 * 1_000_000,
                 start_period=1 * 1_000 * 1_000_000,
             ),
+            "ports": {
+                "3000": "3000",
+            },
             "environment": {
                 "GF_AUTH_GENERIC_OAUTH_ENABLED": "true",
                 "GF_AUTH_GENERIC_OAUTH_CLIENT_ID": self.client_id,
@@ -81,7 +81,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
             slug="default-provider-authorization-implicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_type=ClientTypes.CONFIDENTIAL,
             client_id=self.client_id,
             client_secret=self.client_secret,
@@ -91,12 +91,17 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
         Application.objects.create(
-            name="Grafana",
+            name=generate_id(),
             slug=self.app_slug,
             provider=provider,
         )
@@ -114,12 +119,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
-    @apply_blueprint(
-        "system/providers-oauth2.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_consent_implied(self):
         """test OpenID Provider flow (default authorization flow with implied consent)"""
@@ -129,7 +130,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
             slug="default-provider-authorization-implicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_type=ClientTypes.CONFIDENTIAL,
             client_id=self.client_id,
             client_secret=self.client_secret,
@@ -139,11 +140,16 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         Application.objects.create(
-            name="Grafana",
+            name=generate_id(),
             slug=self.app_slug,
             provider=provider,
         )
@@ -175,12 +181,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
-    @apply_blueprint(
-        "system/providers-oauth2.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_logout(self):
         """test OpenID Provider flow with logout"""
@@ -190,7 +192,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
             slug="default-provider-authorization-implicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             client_type=ClientTypes.CONFIDENTIAL,
             client_id=self.client_id,
             client_secret=self.client_secret,
@@ -200,12 +202,17 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
         Application.objects.create(
-            name="Grafana",
+            name=generate_id(),
             slug=self.app_slug,
             provider=provider,
         )
@@ -245,12 +252,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
-    @apply_blueprint(
-        "system/providers-oauth2.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_consent_explicit(self):
         """test OpenID Provider flow (default authorization flow with explicit consent)"""
@@ -260,7 +263,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
             slug="default-provider-authorization-explicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             authorization_flow=authorization_flow,
             client_type=ClientTypes.CONFIDENTIAL,
             client_id=self.client_id,
@@ -270,12 +273,17 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
         app = Application.objects.create(
-            name="Grafana",
+            name=generate_id(),
             slug=self.app_slug,
             provider=provider,
         )
@@ -324,12 +332,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
-    @apply_blueprint(
-        "system/providers-oauth2.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_denied(self):
         """test OpenID Provider flow (default authorization with access deny)"""
@@ -339,7 +343,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
             slug="default-provider-authorization-explicit-consent"
         )
         provider = OAuth2Provider.objects.create(
-            name="grafana",
+            name=generate_id(),
             authorization_flow=authorization_flow,
             client_type=ClientTypes.CONFIDENTIAL,
             client_id=self.client_id,
@@ -349,12 +353,17 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
         app = Application.objects.create(
-            name="Grafana",
+            name=generate_id(),
             slug=self.app_slug,
             provider=provider,
         )
diff --git a/tests/e2e/test_provider_oidc.py b/tests/e2e/test_provider_oidc.py
index 23cbd1412..c14a498a6 100644
--- a/tests/e2e/test_provider_oidc.py
+++ b/tests/e2e/test_provider_oidc.py
@@ -1,8 +1,6 @@
 """test OAuth2 OpenID Provider flow"""
 from json import loads
-from sys import platform
 from time import sleep
-from unittest.case import skipUnless
 
 from docker import DockerClient, from_env
 from docker.models.containers import Container
@@ -17,6 +15,7 @@ from authentik.lib.generators import generate_id, generate_key
 from authentik.policies.expression.models import ExpressionPolicy
 from authentik.policies.models import PolicyBinding
 from authentik.providers.oauth2.constants import (
+    SCOPE_OFFLINE_ACCESS,
     SCOPE_OPENID,
     SCOPE_OPENID_EMAIL,
     SCOPE_OPENID_PROFILE,
@@ -25,24 +24,25 @@ from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, Scope
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderOAuth2OIDC(SeleniumTestCase):
     """test OAuth with OpenID Provider flow"""
 
     def setUp(self):
         self.client_id = generate_id()
         self.client_secret = generate_key()
-        self.application_slug = "test"
+        self.application_slug = generate_id()
         super().setUp()
 
     def setup_client(self) -> Container:
-        """Setup client saml-sp container which we test SAML against"""
+        """Setup client oidc-test-client container which we test OIDC against"""
         sleep(1)
         client: DockerClient = from_env()
         container = client.containers.run(
-            image="ghcr.io/beryju/oidc-test-client:1.3",
+            image="ghcr.io/beryju/oidc-test-client:2.1",
             detach=True,
-            network_mode="host",
+            ports={
+                "9009": "9009",
+            },
             environment={
                 "OIDC_CLIENT_ID": self.client_id,
                 "OIDC_CLIENT_SECRET": self.client_secret,
@@ -57,9 +57,7 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
     @reconcile_app("authentik_crypto")
     def test_redirect_uri_error(self):
         """test OpenID Provider flow (invalid redirect URI, check error message)"""
@@ -79,10 +77,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
-        provider.save()
         Application.objects.create(
             name=self.application_slug,
             slug=self.application_slug,
@@ -102,13 +104,12 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
-    @reconcile_app("authentik_crypto")
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
     @apply_blueprint("system/providers-oauth2.yaml")
+    @reconcile_app("authentik_crypto")
     def test_authorization_consent_implied(self):
-        """test OpenID Provider flow (default authorization flow with implied consent)"""
+        """test OpenID Provider flow (default authorization flow with implied consent)
+        (due to offline_access a consent will still be triggered)"""
         sleep(1)
         # Bootstrap all needed objects
         authorization_flow = Flow.objects.get(
@@ -125,11 +126,15 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
-        provider.save()
-        Application.objects.create(
+        app = Application.objects.create(
             name=self.application_slug,
             slug=self.application_slug,
             provider=provider,
@@ -138,6 +143,20 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
 
         self.driver.get("http://localhost:9009")
         self.login()
+        self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "ak-flow-executor")))
+
+        flow_executor = self.get_shadow_root("ak-flow-executor")
+        consent_stage = self.get_shadow_root("ak-stage-consent", flow_executor)
+
+        self.assertIn(
+            app.name,
+            consent_stage.find_element(By.CSS_SELECTOR, "#header-text").text,
+        )
+        consent_stage.find_element(
+            By.CSS_SELECTOR,
+            "[type=submit]",
+        ).click()
+
         self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "pre")))
         self.wait.until(ec.text_to_be_present_in_element((By.CSS_SELECTOR, "pre"), "{"))
         body = loads(self.driver.find_element(By.CSS_SELECTOR, "pre").text)
@@ -156,11 +175,9 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
-    @reconcile_app("authentik_crypto")
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
     @apply_blueprint("system/providers-oauth2.yaml")
+    @reconcile_app("authentik_crypto")
     def test_authorization_consent_explicit(self):
         """test OpenID Provider flow (default authorization flow with explicit consent)"""
         sleep(1)
@@ -179,10 +196,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
-        provider.save()
         app = Application.objects.create(
             name=self.application_slug,
             slug=self.application_slug,
@@ -225,9 +246,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_denied(self):
         """test OpenID Provider flow (default authorization with access deny)"""
@@ -247,10 +267,14 @@ class TestProviderOAuth2OIDC(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
-        provider.save()
         app = Application.objects.create(
             name=self.application_slug,
             slug=self.application_slug,
diff --git a/tests/e2e/test_provider_oidc_implicit.py b/tests/e2e/test_provider_oidc_implicit.py
index e952d4e18..37dff0aa3 100644
--- a/tests/e2e/test_provider_oidc_implicit.py
+++ b/tests/e2e/test_provider_oidc_implicit.py
@@ -1,8 +1,6 @@
 """test OAuth2 OpenID Provider flow"""
 from json import loads
-from sys import platform
 from time import sleep
-from unittest.case import skipUnless
 
 from docker import DockerClient, from_env
 from docker.models.containers import Container
@@ -17,6 +15,7 @@ from authentik.lib.generators import generate_id, generate_key
 from authentik.policies.expression.models import ExpressionPolicy
 from authentik.policies.models import PolicyBinding
 from authentik.providers.oauth2.constants import (
+    SCOPE_OFFLINE_ACCESS,
     SCOPE_OPENID,
     SCOPE_OPENID_EMAIL,
     SCOPE_OPENID_PROFILE,
@@ -25,7 +24,6 @@ from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, Scope
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
     """test OAuth with OpenID Provider flow"""
 
@@ -36,13 +34,15 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         super().setUp()
 
     def setup_client(self) -> Container:
-        """Setup client saml-sp container which we test SAML against"""
+        """Setup client oidc-test-client container which we test OIDC against"""
         sleep(1)
         client: DockerClient = from_env()
         container = client.containers.run(
-            image="ghcr.io/beryju/oidc-test-client:1.3",
+            image="ghcr.io/beryju/oidc-test-client:2.1",
             detach=True,
-            network_mode="host",
+            ports={
+                "9009": "9009",
+            },
             environment={
                 "OIDC_CLIENT_ID": self.client_id,
                 "OIDC_CLIENT_SECRET": self.client_secret,
@@ -57,9 +57,8 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_redirect_uri_error(self):
         """test OpenID Provider flow (invalid redirect URI, check error message)"""
@@ -79,7 +78,12 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
@@ -102,11 +106,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-implicit-consent.yaml",
-    )
-    @reconcile_app("authentik_crypto")
+    @apply_blueprint("default/flow-default-provider-authorization-implicit-consent.yaml")
     @apply_blueprint("system/providers-oauth2.yaml")
+    @reconcile_app("authentik_crypto")
     def test_authorization_consent_implied(self):
         """test OpenID Provider flow (default authorization flow with implied consent)"""
         sleep(1)
@@ -125,7 +127,12 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
@@ -151,11 +158,9 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
-    @reconcile_app("authentik_crypto")
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
     @apply_blueprint("system/providers-oauth2.yaml")
+    @reconcile_app("authentik_crypto")
     def test_authorization_consent_explicit(self):
         """test OpenID Provider flow (default authorization flow with explicit consent)"""
         sleep(1)
@@ -174,7 +179,12 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
@@ -216,9 +226,8 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         "default/flow-default-authentication-flow.yaml",
         "default/flow-default-invalidation-flow.yaml",
     )
-    @apply_blueprint(
-        "default/flow-default-provider-authorization-explicit-consent.yaml",
-    )
+    @apply_blueprint("default/flow-default-provider-authorization-explicit-consent.yaml")
+    @apply_blueprint("system/providers-oauth2.yaml")
     @reconcile_app("authentik_crypto")
     def test_authorization_denied(self):
         """test OpenID Provider flow (default authorization with access deny)"""
@@ -238,7 +247,12 @@ class TestProviderOAuth2OIDCImplicit(SeleniumTestCase):
         )
         provider.property_mappings.set(
             ScopeMapping.objects.filter(
-                scope_name__in=[SCOPE_OPENID, SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE]
+                scope_name__in=[
+                    SCOPE_OPENID,
+                    SCOPE_OPENID_EMAIL,
+                    SCOPE_OPENID_PROFILE,
+                    SCOPE_OFFLINE_ACCESS,
+                ]
             )
         )
         provider.save()
diff --git a/tests/e2e/test_provider_proxy.py b/tests/e2e/test_provider_proxy.py
index c8484c205..e91e80666 100644
--- a/tests/e2e/test_provider_proxy.py
+++ b/tests/e2e/test_provider_proxy.py
@@ -21,7 +21,6 @@ from authentik.providers.proxy.models import ProxyProvider
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderProxy(SeleniumTestCase):
     """Proxy and Outpost e2e tests"""
 
@@ -36,7 +35,9 @@ class TestProviderProxy(SeleniumTestCase):
         return {
             "image": "traefik/whoami:latest",
             "detach": True,
-            "network_mode": "host",
+            "ports": {
+                "80": "80",
+            },
             "auto_remove": True,
         }
 
@@ -46,7 +47,9 @@ class TestProviderProxy(SeleniumTestCase):
         container = client.containers.run(
             image=self.get_container_image("ghcr.io/goauthentik/dev-proxy"),
             detach=True,
-            network_mode="host",
+            ports={
+                "9000": "9000",
+            },
             environment={
                 "AUTHENTIK_HOST": self.live_server_url,
                 "AUTHENTIK_TOKEN": outpost.token.key,
@@ -78,7 +81,7 @@ class TestProviderProxy(SeleniumTestCase):
             authorization_flow=Flow.objects.get(
                 slug="default-provider-authorization-implicit-consent"
             ),
-            internal_host="http://localhost",
+            internal_host=f"http://{self.host}",
             external_host="http://localhost:9000",
         )
         # Ensure OAuth2 Params are set
@@ -145,7 +148,7 @@ class TestProviderProxy(SeleniumTestCase):
             authorization_flow=Flow.objects.get(
                 slug="default-provider-authorization-implicit-consent"
             ),
-            internal_host="http://localhost",
+            internal_host=f"http://{self.host}",
             external_host="http://localhost:9000",
             basic_auth_enabled=True,
             basic_auth_user_attribute="basic-username",
diff --git a/tests/e2e/test_provider_radius.py b/tests/e2e/test_provider_radius.py
index e711e5103..b4856e034 100644
--- a/tests/e2e/test_provider_radius.py
+++ b/tests/e2e/test_provider_radius.py
@@ -1,8 +1,6 @@
 """Radius e2e tests"""
 from dataclasses import asdict
-from sys import platform
 from time import sleep
-from unittest.case import skipUnless
 
 from docker.client import DockerClient, from_env
 from docker.models.containers import Container
@@ -19,7 +17,6 @@ from authentik.providers.radius.models import RadiusProvider
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderRadius(SeleniumTestCase):
     """Radius Outpost e2e tests"""
 
@@ -40,7 +37,7 @@ class TestProviderRadius(SeleniumTestCase):
         container = client.containers.run(
             image=self.get_container_image("ghcr.io/goauthentik/dev-radius"),
             detach=True,
-            network_mode="host",
+            ports={"1812/udp": "1812/udp"},
             environment={
                 "AUTHENTIK_HOST": self.live_server_url,
                 "AUTHENTIK_TOKEN": outpost.token.key,
diff --git a/tests/e2e/test_provider_saml.py b/tests/e2e/test_provider_saml.py
index 9252ab0c0..eefb2c45e 100644
--- a/tests/e2e/test_provider_saml.py
+++ b/tests/e2e/test_provider_saml.py
@@ -1,8 +1,6 @@
 """test SAML Provider flow"""
 from json import loads
-from sys import platform
 from time import sleep
-from unittest.case import skipUnless
 
 from docker import DockerClient, from_env
 from docker.models.containers import Container
@@ -20,7 +18,6 @@ from authentik.sources.saml.processors.constants import SAML_BINDING_POST
 from tests.e2e.utils import SeleniumTestCase, retry
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestProviderSAML(SeleniumTestCase):
     """test SAML Provider flow"""
 
@@ -41,7 +38,9 @@ class TestProviderSAML(SeleniumTestCase):
         container = client.containers.run(
             image="ghcr.io/beryju/saml-test-sp:1.1",
             detach=True,
-            network_mode="host",
+            ports={
+                "9009": "9009",
+            },
             environment={
                 "SP_ENTITY_ID": provider.issuer,
                 "SP_SSO_BINDING": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
diff --git a/tests/e2e/test_source_oauth_oauth1.py b/tests/e2e/test_source_oauth_oauth1.py
new file mode 100644
index 000000000..97152321f
--- /dev/null
+++ b/tests/e2e/test_source_oauth_oauth1.py
@@ -0,0 +1,141 @@
+"""test OAuth Source"""
+from time import sleep
+from typing import Any, Optional
+
+from selenium.webdriver.common.by import By
+from selenium.webdriver.common.keys import Keys
+from selenium.webdriver.support import expected_conditions as ec
+from selenium.webdriver.support.wait import WebDriverWait
+
+from authentik.blueprints.tests import apply_blueprint
+from authentik.core.models import User
+from authentik.flows.models import Flow
+from authentik.lib.generators import generate_id, generate_key
+from authentik.sources.oauth.models import OAuthSource
+from authentik.sources.oauth.types.registry import SourceType, registry
+from authentik.sources.oauth.views.callback import OAuthCallback
+from authentik.stages.identification.models import IdentificationStage
+from tests.e2e.utils import SeleniumTestCase, retry
+
+
+class OAuth1Callback(OAuthCallback):
+    """OAuth1 Callback with custom getters"""
+
+    def get_user_id(self, info: dict[str, str]) -> str:
+        return info.get("id")
+
+    def get_user_enroll_context(
+        self,
+        info: dict[str, Any],
+    ) -> dict[str, Any]:
+        return {
+            "username": info.get("screen_name"),
+            "email": info.get("email"),
+            "name": info.get("name"),
+        }
+
+
+@registry.register()
+class OAUth1Type(SourceType):
+    """OAuth1 Type definition"""
+
+    callback_view = OAuth1Callback
+    verbose_name = "OAuth1"
+    name = "oauth1"
+
+    request_token_url = "http://localhost:5001/oauth/request_token"  # nosec
+    access_token_url = "http://localhost:5001/oauth/access_token"  # nosec
+    authorization_url = "http://localhost:5001/oauth/authorize"
+    profile_url = "http://localhost:5001/api/me"
+    urls_customizable = False
+
+
+class TestSourceOAuth1(SeleniumTestCase):
+    """Test OAuth1 Source"""
+
+    def setUp(self) -> None:
+        self.client_id = generate_id()
+        self.client_secret = generate_key()
+        self.source_slug = generate_id()
+        super().setUp()
+
+    def get_container_specs(self) -> Optional[dict[str, Any]]:
+        return {
+            "image": "ghcr.io/beryju/oauth1-test-server:v1.1",
+            "detach": True,
+            "ports": {"5000": "5001"},
+            "auto_remove": True,
+            "environment": {
+                "OAUTH1_CLIENT_ID": self.client_id,
+                "OAUTH1_CLIENT_SECRET": self.client_secret,
+                "OAUTH1_REDIRECT_URI": self.url(
+                    "authentik_sources_oauth:oauth-client-callback",
+                    source_slug=self.source_slug,
+                ),
+            },
+        }
+
+    def create_objects(self):
+        """Create required objects"""
+        # Bootstrap all needed objects
+        authentication_flow = Flow.objects.get(slug="default-source-authentication")
+        enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
+
+        source = OAuthSource.objects.create(  # nosec
+            name=generate_id(),
+            slug=self.source_slug,
+            authentication_flow=authentication_flow,
+            enrollment_flow=enrollment_flow,
+            provider_type="oauth1",
+            consumer_key=self.client_id,
+            consumer_secret=self.client_secret,
+        )
+        ident_stage = IdentificationStage.objects.first()
+        ident_stage.sources.set([source])
+        ident_stage.save()
+
+    @retry()
+    @apply_blueprint(
+        "default/flow-default-authentication-flow.yaml",
+        "default/flow-default-invalidation-flow.yaml",
+    )
+    @apply_blueprint(
+        "default/flow-default-source-authentication.yaml",
+        "default/flow-default-source-enrollment.yaml",
+        "default/flow-default-source-pre-authentication.yaml",
+    )
+    def test_oauth_enroll(self):
+        """test OAuth Source With With OIDC"""
+        self.create_objects()
+        self.driver.get(self.live_server_url)
+
+        flow_executor = self.get_shadow_root("ak-flow-executor")
+        identification_stage = self.get_shadow_root("ak-stage-identification", flow_executor)
+        wait = WebDriverWait(identification_stage, self.wait_timeout)
+
+        wait.until(
+            ec.presence_of_element_located(
+                (By.CSS_SELECTOR, ".pf-c-login__main-footer-links-item > button")
+            )
+        )
+        identification_stage.find_element(
+            By.CSS_SELECTOR, ".pf-c-login__main-footer-links-item > button"
+        ).click()
+
+        # Now we should be at the IDP, wait for the login field
+        self.wait.until(ec.presence_of_element_located((By.NAME, "username")))
+        self.driver.find_element(By.NAME, "username").send_keys("example-user")
+        self.driver.find_element(By.NAME, "username").send_keys(Keys.ENTER)
+        sleep(2)
+
+        # Wait until we're logged in
+        self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "[name='confirm']")))
+        self.driver.find_element(By.CSS_SELECTOR, "[name='confirm']").click()
+
+        # Wait until we've loaded the user info page
+        sleep(2)
+        # Wait until we've logged in
+        self.wait_for_url(self.if_user_url("/library"))
+        self.driver.get(self.if_user_url("/settings"))
+
+        self.assert_user(User(username="example-user", name="test name", email="foo@example.com"))
diff --git a/tests/e2e/test_source_oauth.py b/tests/e2e/test_source_oauth_oauth2.py
similarity index 62%
rename from tests/e2e/test_source_oauth.py
rename to tests/e2e/test_source_oauth_oauth2.py
index c7f0fd881..17a26279e 100644
--- a/tests/e2e/test_source_oauth.py
+++ b/tests/e2e/test_source_oauth_oauth2.py
@@ -1,9 +1,7 @@
 """test OAuth Source"""
 from pathlib import Path
-from sys import platform
 from time import sleep
 from typing import Any, Optional
-from unittest.case import skipUnless
 
 from docker.models.containers import Container
 from docker.types import Healthcheck
@@ -18,47 +16,12 @@ from authentik.core.models import User
 from authentik.flows.models import Flow
 from authentik.lib.generators import generate_id, generate_key
 from authentik.sources.oauth.models import OAuthSource
-from authentik.sources.oauth.types.registry import SourceType, registry
-from authentik.sources.oauth.views.callback import OAuthCallback
 from authentik.stages.identification.models import IdentificationStage
 from tests.e2e.utils import SeleniumTestCase, retry
 
 CONFIG_PATH = "/tmp/dex.yml"  # nosec
 
 
-class OAuth1Callback(OAuthCallback):
-    """OAuth1 Callback with custom getters"""
-
-    def get_user_id(self, info: dict[str, str]) -> str:
-        return info.get("id")
-
-    def get_user_enroll_context(
-        self,
-        info: dict[str, Any],
-    ) -> dict[str, Any]:
-        return {
-            "username": info.get("screen_name"),
-            "email": info.get("email"),
-            "name": info.get("name"),
-        }
-
-
-@registry.register()
-class OAUth1Type(SourceType):
-    """OAuth1 Type definition"""
-
-    callback_view = OAuth1Callback
-    name = "OAuth1"
-    slug = "oauth1"
-
-    request_token_url = "http://localhost:5000/oauth/request_token"  # nosec
-    access_token_url = "http://localhost:5000/oauth/access_token"  # nosec
-    authorization_url = "http://localhost:5000/oauth/authorize"
-    profile_url = "http://localhost:5000/api/me"
-    urls_customizable = False
-
-
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestSourceOAuth2(SeleniumTestCase):
     """test OAuth Source flow"""
 
@@ -66,6 +29,7 @@ class TestSourceOAuth2(SeleniumTestCase):
 
     def setUp(self):
         self.client_secret = generate_key()
+        self.slug = generate_id()
         self.prepare_dex_config()
         super().setUp()
 
@@ -83,7 +47,7 @@ class TestSourceOAuth2(SeleniumTestCase):
                     "redirectURIs": [
                         self.url(
                             "authentik_sources_oauth:oauth-client-callback",
-                            source_slug="dex",
+                            source_slug=self.slug,
                         )
                     ],
                     "secret": self.client_secret,
@@ -108,7 +72,7 @@ class TestSourceOAuth2(SeleniumTestCase):
         return {
             "image": "ghcr.io/dexidp/dex:v2.28.1",
             "detach": True,
-            "network_mode": "host",
+            "ports": {"5556": "5556"},
             "auto_remove": True,
             "command": "dex serve /config.yml",
             "healthcheck": Healthcheck(
@@ -126,8 +90,8 @@ class TestSourceOAuth2(SeleniumTestCase):
         enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
 
         source = OAuthSource.objects.create(  # nosec
-            name="dex",
-            slug="dex",
+            name=generate_id(),
+            slug=self.slug,
             authentication_flow=authentication_flow,
             enrollment_flow=enrollment_flow,
             provider_type="openidconnect",
@@ -229,95 +193,3 @@ class TestSourceOAuth2(SeleniumTestCase):
         self.driver.get(self.if_user_url("/settings"))
 
         self.assert_user(User(username="foo", name="admin", email="admin@example.com"))
-
-
-@skipUnless(platform.startswith("linux"), "requires local docker")
-class TestSourceOAuth1(SeleniumTestCase):
-    """Test OAuth1 Source"""
-
-    def setUp(self) -> None:
-        self.client_id = generate_id()
-        self.client_secret = generate_key()
-        self.source_slug = "oauth1-test"
-        super().setUp()
-
-    def get_container_specs(self) -> Optional[dict[str, Any]]:
-        return {
-            "image": "ghcr.io/beryju/oauth1-test-server:v1.1",
-            "detach": True,
-            "network_mode": "host",
-            "auto_remove": True,
-            "environment": {
-                "OAUTH1_CLIENT_ID": self.client_id,
-                "OAUTH1_CLIENT_SECRET": self.client_secret,
-                "OAUTH1_REDIRECT_URI": self.url(
-                    "authentik_sources_oauth:oauth-client-callback",
-                    source_slug=self.source_slug,
-                ),
-            },
-        }
-
-    def create_objects(self):
-        """Create required objects"""
-        # Bootstrap all needed objects
-        authentication_flow = Flow.objects.get(slug="default-source-authentication")
-        enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
-
-        source = OAuthSource.objects.create(  # nosec
-            name="oauth1",
-            slug=self.source_slug,
-            authentication_flow=authentication_flow,
-            enrollment_flow=enrollment_flow,
-            provider_type="oauth1",
-            consumer_key=self.client_id,
-            consumer_secret=self.client_secret,
-        )
-        ident_stage = IdentificationStage.objects.first()
-        ident_stage.sources.set([source])
-        ident_stage.save()
-
-    @retry()
-    @apply_blueprint(
-        "default/flow-default-authentication-flow.yaml",
-        "default/flow-default-invalidation-flow.yaml",
-    )
-    @apply_blueprint(
-        "default/flow-default-source-authentication.yaml",
-        "default/flow-default-source-enrollment.yaml",
-        "default/flow-default-source-pre-authentication.yaml",
-    )
-    def test_oauth_enroll(self):
-        """test OAuth Source With With OIDC"""
-        self.create_objects()
-        self.driver.get(self.live_server_url)
-
-        flow_executor = self.get_shadow_root("ak-flow-executor")
-        identification_stage = self.get_shadow_root("ak-stage-identification", flow_executor)
-        wait = WebDriverWait(identification_stage, self.wait_timeout)
-
-        wait.until(
-            ec.presence_of_element_located(
-                (By.CSS_SELECTOR, ".pf-c-login__main-footer-links-item > button")
-            )
-        )
-        identification_stage.find_element(
-            By.CSS_SELECTOR, ".pf-c-login__main-footer-links-item > button"
-        ).click()
-
-        # Now we should be at the IDP, wait for the login field
-        self.wait.until(ec.presence_of_element_located((By.NAME, "username")))
-        self.driver.find_element(By.NAME, "username").send_keys("example-user")
-        self.driver.find_element(By.NAME, "username").send_keys(Keys.ENTER)
-        sleep(2)
-
-        # Wait until we're logged in
-        self.wait.until(ec.presence_of_element_located((By.CSS_SELECTOR, "[name='confirm']")))
-        self.driver.find_element(By.CSS_SELECTOR, "[name='confirm']").click()
-
-        # Wait until we've loaded the user info page
-        sleep(2)
-        # Wait until we've logged in
-        self.wait_for_url(self.if_user_url("/library"))
-        self.driver.get(self.if_user_url("/settings"))
-
-        self.assert_user(User(username="example-user", name="test name", email="foo@example.com"))
diff --git a/tests/e2e/test_source_saml.py b/tests/e2e/test_source_saml.py
index 0921335b7..2051b56a1 100644
--- a/tests/e2e/test_source_saml.py
+++ b/tests/e2e/test_source_saml.py
@@ -1,8 +1,6 @@
 """test SAML Source"""
-from sys import platform
 from time import sleep
 from typing import Any, Optional
-from unittest.case import skipUnless
 
 from docker.types import Healthcheck
 from guardian.utils import get_anonymous_user
@@ -15,6 +13,7 @@ from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import User
 from authentik.crypto.models import CertificateKeyPair
 from authentik.flows.models import Flow
+from authentik.lib.generators import generate_id
 from authentik.sources.saml.models import SAMLBindingTypes, SAMLSource
 from authentik.stages.identification.models import IdentificationStage
 from tests.e2e.utils import SeleniumTestCase, retry
@@ -71,15 +70,18 @@ Sm75WXsflOxuTn08LbgGc4s=
 -----END PRIVATE KEY-----"""
 
 
-@skipUnless(platform.startswith("linux"), "requires local docker")
 class TestSourceSAML(SeleniumTestCase):
     """test SAML Source flow"""
 
+    def setUp(self):
+        self.slug = generate_id()
+        super().setUp()
+
     def get_container_specs(self) -> Optional[dict[str, Any]]:
         return {
             "image": "kristophjunge/test-saml-idp:1.15",
             "detach": True,
-            "network_mode": "host",
+            "ports": {"8080": "8080"},
             "auto_remove": True,
             "healthcheck": Healthcheck(
                 test=["CMD", "curl", "http://localhost:8080"],
@@ -89,7 +91,7 @@ class TestSourceSAML(SeleniumTestCase):
             "environment": {
                 "SIMPLESAMLPHP_SP_ENTITY_ID": "entity-id",
                 "SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE": (
-                    f"{self.live_server_url}/source/saml/saml-idp-test/acs/"
+                    self.url("authentik_sources_saml:acs", source_slug=self.slug)
                 ),
             },
         }
@@ -111,19 +113,19 @@ class TestSourceSAML(SeleniumTestCase):
         enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
         pre_authentication_flow = Flow.objects.get(slug="default-source-pre-authentication")
         keypair = CertificateKeyPair.objects.create(
-            name="test-idp-cert",
+            name=generate_id(),
             certificate_data=IDP_CERT,
             key_data=IDP_KEY,
         )
 
         source = SAMLSource.objects.create(
-            name="saml-idp-test",
-            slug="saml-idp-test",
+            name=generate_id(),
+            slug=self.slug,
             authentication_flow=authentication_flow,
             enrollment_flow=enrollment_flow,
             pre_authentication_flow=pre_authentication_flow,
             issuer="entity-id",
-            sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php",
+            sso_url=f"http://{self.host}:8080/simplesaml/saml2/idp/SSOService.php",
             binding_type=SAMLBindingTypes.REDIRECT,
             signing_kp=keypair,
         )
@@ -181,19 +183,19 @@ class TestSourceSAML(SeleniumTestCase):
         enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
         pre_authentication_flow = Flow.objects.get(slug="default-source-pre-authentication")
         keypair = CertificateKeyPair.objects.create(
-            name="test-idp-cert",
+            name=generate_id(),
             certificate_data=IDP_CERT,
             key_data=IDP_KEY,
         )
 
         source = SAMLSource.objects.create(
-            name="saml-idp-test",
-            slug="saml-idp-test",
+            name=generate_id(),
+            slug=self.slug,
             authentication_flow=authentication_flow,
             enrollment_flow=enrollment_flow,
             pre_authentication_flow=pre_authentication_flow,
             issuer="entity-id",
-            sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php",
+            sso_url=f"http://{self.host}:8080/simplesaml/saml2/idp/SSOService.php",
             binding_type=SAMLBindingTypes.POST,
             signing_kp=keypair,
         )
@@ -264,19 +266,19 @@ class TestSourceSAML(SeleniumTestCase):
         enrollment_flow = Flow.objects.get(slug="default-source-enrollment")
         pre_authentication_flow = Flow.objects.get(slug="default-source-pre-authentication")
         keypair = CertificateKeyPair.objects.create(
-            name="test-idp-cert",
+            name=generate_id(),
             certificate_data=IDP_CERT,
             key_data=IDP_KEY,
         )
 
         source = SAMLSource.objects.create(
-            name="saml-idp-test",
-            slug="saml-idp-test",
+            name=generate_id(),
+            slug=self.slug,
             authentication_flow=authentication_flow,
             enrollment_flow=enrollment_flow,
             pre_authentication_flow=pre_authentication_flow,
             issuer="entity-id",
-            sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php",
+            sso_url=f"http://{self.host}:8080/simplesaml/saml2/idp/SSOService.php",
             binding_type=SAMLBindingTypes.POST_AUTO,
             signing_kp=keypair,
         )
diff --git a/tests/e2e/utils.py b/tests/e2e/utils.py
index 7092ac4e9..a7a813448 100644
--- a/tests/e2e/utils.py
+++ b/tests/e2e/utils.py
@@ -1,6 +1,7 @@
 """authentik e2e testing utilities"""
 import json
 import os
+import socket
 from functools import lru_cache, wraps
 from os import environ
 from sys import stderr
@@ -43,6 +44,13 @@ def get_docker_tag() -> str:
     return f"gh-{branch_name}"
 
 
+def get_local_ip() -> str:
+    """Get the local machine's IP"""
+    hostname = socket.gethostname()
+    ip_addr = socket.gethostbyname(hostname)
+    return ip_addr
+
+
 class DockerTestCase:
     """Mixin for dealing with containers"""
 
@@ -63,6 +71,7 @@ class DockerTestCase:
 class SeleniumTestCase(DockerTestCase, StaticLiveServerTestCase):
     """StaticLiveServerTestCase which automatically creates a Webdriver instance"""
 
+    host = get_local_ip()
     container: Optional[Container] = None
     wait_timeout: int
     user: User
diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json
index c528b4a15..25720ba07 100644
--- a/tests/wdio/package-lock.json
+++ b/tests/wdio/package-lock.json
@@ -7,20 +7,20 @@
             "name": "@goauthentik/web-tests",
             "devDependencies": {
                 "@trivago/prettier-plugin-sort-imports": "^4.3.0",
-                "@typescript-eslint/eslint-plugin": "^6.13.2",
-                "@typescript-eslint/parser": "^6.13.2",
-                "@wdio/cli": "^8.26.1",
-                "@wdio/local-runner": "^8.26.1",
-                "@wdio/mocha-framework": "^8.24.12",
-                "@wdio/spec-reporter": "^8.24.12",
-                "eslint": "^8.55.0",
+                "@typescript-eslint/eslint-plugin": "^6.18.0",
+                "@typescript-eslint/parser": "^6.18.0",
+                "@wdio/cli": "^8.27.1",
+                "@wdio/local-runner": "^8.27.0",
+                "@wdio/mocha-framework": "^8.27.0",
+                "@wdio/spec-reporter": "^8.27.0",
+                "eslint": "^8.56.0",
                 "eslint-config-google": "^0.14.0",
                 "eslint-plugin-sonarjs": "^0.23.0",
                 "npm-run-all": "^4.1.5",
                 "prettier": "^3.1.1",
                 "ts-node": "^10.9.2",
                 "typescript": "^5.3.3",
-                "wdio-wait-for": "^3.0.9"
+                "wdio-wait-for": "^3.0.10"
             },
             "engines": {
                 "node": ">=20"
@@ -382,9 +382,9 @@
             }
         },
         "node_modules/@eslint/js": {
-            "version": "8.55.0",
-            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.55.0.tgz",
-            "integrity": "sha512-qQfo2mxH5yVom1kacMtZZJFVdW+E70mqHMJvVg6WTLo+VBuQJ4TojZlfWBjK0ve5BdEeNAVxOsl/nvNMpJOaJA==",
+            "version": "8.56.0",
+            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
+            "integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
             "dev": true,
             "engines": {
                 "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -946,16 +946,16 @@
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.13.2.tgz",
-            "integrity": "sha512-3+9OGAWHhk4O1LlcwLBONbdXsAhLjyCFogJY/cWy2lxdVJ2JrcTF2pTGMaLl2AE7U1l31n8Py4a8bx5DLf/0dQ==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.18.0.tgz",
+            "integrity": "sha512-3lqEvQUdCozi6d1mddWqd+kf8KxmGq2Plzx36BlkjuQe3rSTm/O98cLf0A4uDO+a5N1KD2SeEEl6fW97YHY+6w==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/regexpp": "^4.5.1",
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/type-utils": "6.13.2",
-                "@typescript-eslint/utils": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/type-utils": "6.18.0",
+                "@typescript-eslint/utils": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4",
                 "graphemer": "^1.4.0",
                 "ignore": "^5.2.4",
@@ -981,15 +981,15 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.13.2.tgz",
-            "integrity": "sha512-MUkcC+7Wt/QOGeVlM8aGGJZy1XV5YKjTpq9jK6r6/iLsGXhBVaGP5N0UYvFsu9BFlSpwY9kMretzdBH01rkRXg==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.18.0.tgz",
+            "integrity": "sha512-v6uR68SFvqhNQT41frCMCQpsP+5vySy6IdgjlzUWoo7ALCnpaWYcz/Ij2k4L8cEsL0wkvOviCMpjmtRtHNOKzA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/typescript-estree": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/typescript-estree": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4"
             },
             "engines": {
@@ -1009,13 +1009,13 @@
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.13.2.tgz",
-            "integrity": "sha512-CXQA0xo7z6x13FeDYCgBkjWzNqzBn8RXaE3QVQVIUm74fWJLkJkaHmHdKStrxQllGh6Q4eUGyNpMe0b1hMkXFA==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.18.0.tgz",
+            "integrity": "sha512-o/UoDT2NgOJ2VfHpfr+KBY2ErWvCySNUIX/X7O9g8Zzt/tXdpfEU43qbNk8LVuWUT2E0ptzTWXh79i74PP0twA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2"
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0"
             },
             "engines": {
                 "node": "^16.0.0 || >=18.0.0"
@@ -1026,13 +1026,13 @@
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.13.2.tgz",
-            "integrity": "sha512-Qr6ssS1GFongzH2qfnWKkAQmMUyZSyOr0W54nZNU1MDfo+U4Mv3XveeLZzadc/yq8iYhQZHYT+eoXJqnACM1tw==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.18.0.tgz",
+            "integrity": "sha512-ZeMtrXnGmTcHciJN1+u2CigWEEXgy1ufoxtWcHORt5kGvpjjIlK9MUhzHm4RM8iVy6dqSaZA/6PVkX6+r+ChjQ==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/typescript-estree": "6.13.2",
-                "@typescript-eslint/utils": "6.13.2",
+                "@typescript-eslint/typescript-estree": "6.18.0",
+                "@typescript-eslint/utils": "6.18.0",
                 "debug": "^4.3.4",
                 "ts-api-utils": "^1.0.1"
             },
@@ -1053,9 +1053,9 @@
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.13.2.tgz",
-            "integrity": "sha512-7sxbQ+EMRubQc3wTfTsycgYpSujyVbI1xw+3UMRUcrhSy+pN09y/lWzeKDbvhoqcRbHdc+APLs/PWYi/cisLPg==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.18.0.tgz",
+            "integrity": "sha512-/RFVIccwkwSdW/1zeMx3hADShWbgBxBnV/qSrex6607isYjj05t36P6LyONgqdUrNLl5TYU8NIKdHUYpFvExkA==",
             "dev": true,
             "engines": {
                 "node": "^16.0.0 || >=18.0.0"
@@ -1066,16 +1066,17 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.13.2.tgz",
-            "integrity": "sha512-SuD8YLQv6WHnOEtKv8D6HZUzOub855cfPnPMKvdM/Bh1plv1f7Q/0iFUDLKKlxHcEstQnaUU4QZskgQq74t+3w==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.18.0.tgz",
+            "integrity": "sha512-klNvl+Ql4NsBNGB4W9TZ2Od03lm7aGvTbs0wYaFYsplVPhr+oeXjlPZCDI4U9jgJIDK38W1FKhacCFzCC+nbIg==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4",
                 "globby": "^11.1.0",
                 "is-glob": "^4.0.3",
+                "minimatch": "9.0.3",
                 "semver": "^7.5.4",
                 "ts-api-utils": "^1.0.1"
             },
@@ -1092,18 +1093,42 @@
                 }
             }
         },
+        "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
+            "version": "2.0.1",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
+            "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
+            "dev": true,
+            "dependencies": {
+                "balanced-match": "^1.0.0"
+            }
+        },
+        "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
+            "version": "9.0.3",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
+            "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
+            "dev": true,
+            "dependencies": {
+                "brace-expansion": "^2.0.1"
+            },
+            "engines": {
+                "node": ">=16 || 14 >=14.17"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/isaacs"
+            }
+        },
         "node_modules/@typescript-eslint/utils": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.13.2.tgz",
-            "integrity": "sha512-b9Ptq4eAZUym4idijCRzl61oPCwwREcfDI8xGk751Vhzig5fFZR9CyzDz4Sp/nxSLBYxUPyh4QdIDqWykFhNmQ==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.18.0.tgz",
+            "integrity": "sha512-wiKKCbUeDPGaYEYQh1S580dGxJ/V9HI7K5sbGAVklyf+o5g3O+adnS4UNJajplF4e7z2q0uVBaTdT/yLb4XAVA==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.4.0",
                 "@types/json-schema": "^7.0.12",
                 "@types/semver": "^7.5.0",
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/typescript-estree": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/typescript-estree": "6.18.0",
                 "semver": "^7.5.4"
             },
             "engines": {
@@ -1118,12 +1143,12 @@
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.13.2.tgz",
-            "integrity": "sha512-OGznFs0eAQXJsp+xSd6k/O1UbFi/K/L7WjqeRoFE7vadjAF9y0uppXhYNQNEqygjou782maGClOoZwPqF0Drlw==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.18.0.tgz",
+            "integrity": "sha512-1wetAlSZpewRDb2h9p/Q8kRjdGuqdTAQbkJIOUMLug2LBLG+QOjiWoSj6/3B/hA9/tVTFFdtiKvAYoYnSRW/RA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
+                "@typescript-eslint/types": "6.18.0",
                 "eslint-visitor-keys": "^3.4.1"
             },
             "engines": {
@@ -1141,18 +1166,18 @@
             "dev": true
         },
         "node_modules/@wdio/cli": {
-            "version": "8.26.1",
-            "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.26.1.tgz",
-            "integrity": "sha512-KZ3MVyH4N6j0Gdy6RL6Wv0uf5OeggFe0WRpOwZFjjQpYVEV8IEuB4kDcw8ld7f3kp9YYQGabMAkGrO6tnz5T8w==",
+            "version": "8.27.1",
+            "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.27.1.tgz",
+            "integrity": "sha512-RY9o4h0iN6UGpU31X5c9mu/TK2FlHtKtDaRJYunm5ycZvGahQcN+naYpea1ftDr4IpI2gGGlHxvEeHkJF7urDQ==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.1",
-                "@wdio/config": "8.24.12",
-                "@wdio/globals": "8.26.1",
+                "@wdio/config": "8.27.0",
+                "@wdio/globals": "8.27.0",
                 "@wdio/logger": "8.24.12",
                 "@wdio/protocols": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "async-exit-hook": "^2.0.1",
                 "chalk": "^5.2.0",
                 "chokidar": "^3.5.3",
@@ -1167,7 +1192,7 @@
                 "lodash.union": "^4.6.0",
                 "read-pkg-up": "^10.0.0",
                 "recursive-readdir": "^2.2.3",
-                "webdriverio": "8.26.1",
+                "webdriverio": "8.27.0",
                 "yargs": "^17.7.2"
             },
             "bin": {
@@ -1190,14 +1215,14 @@
             }
         },
         "node_modules/@wdio/config": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.24.12.tgz",
-            "integrity": "sha512-3HW7qG1rIHzOIybV6oHR1CqLghsN0G3Xzs90ZciGL8dYhtcLtYCHwuWmBw4mkaB5xViU4AmZDuj7ChiG8Cr6Qw==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.27.0.tgz",
+            "integrity": "sha512-zYM5daeiBVVAbQj0ASymAt0RUsocLVIwKiUHNa8gg/1GsZnztGjetXExSp1gXlxtMVM5xWUSKjh6ceFK79gWDQ==",
             "dev": true,
             "dependencies": {
                 "@wdio/logger": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "decamelize": "^6.0.0",
                 "deepmerge-ts": "^5.0.0",
                 "glob": "^10.2.2",
@@ -1208,29 +1233,29 @@
             }
         },
         "node_modules/@wdio/globals": {
-            "version": "8.26.1",
-            "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.26.1.tgz",
-            "integrity": "sha512-hNJ4mvSHzvAzDcBisaNgwRzJ2sLN4B/fno6VZcskgfYlg7UyWpVHigyxaddP2e1OeoxLL9pc2hKCtwgDr4UozA==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.27.0.tgz",
+            "integrity": "sha512-HUPOIsrmxfF0LhU68lVsNGQGZkW/bWOvcCd8WxeaggTAH9JyxasxxfwzeCceAuhAvwtlwoMXITOpjAXO2mj38Q==",
             "dev": true,
             "engines": {
                 "node": "^16.13 || >=18"
             },
             "optionalDependencies": {
                 "expect-webdriverio": "^4.6.1",
-                "webdriverio": "8.26.1"
+                "webdriverio": "8.27.0"
             }
         },
         "node_modules/@wdio/local-runner": {
-            "version": "8.26.1",
-            "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.26.1.tgz",
-            "integrity": "sha512-n7iiB/mKt7u6bd3uJTgqOTaN2r/EUVQpBMsrXyv5XidYEr9QHuq2OOE3biswdxSez24p0zZGU35fu6oUwz5J1Q==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.27.0.tgz",
+            "integrity": "sha512-nxS17mhoLkXP20eoPMkz7tbMFMOQejSw0hZfkEvuDCNhJokr8ugp6IjYXL9f7yV9IB9UDGHox8WGY4ArSrOeBA==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.24.12",
                 "@wdio/repl": "8.24.12",
-                "@wdio/runner": "8.26.1",
-                "@wdio/types": "8.24.12",
+                "@wdio/runner": "8.27.0",
+                "@wdio/types": "8.27.0",
                 "async-exit-hook": "^2.0.1",
                 "split2": "^4.1.0",
                 "stream-buffers": "^3.0.2"
@@ -1267,16 +1292,16 @@
             }
         },
         "node_modules/@wdio/mocha-framework": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.24.12.tgz",
-            "integrity": "sha512-SHN7CYZnDkVUNYxLp8iMV92xcmU/4gq5dqA0pRrK4m5nIU7BoL0flm0kA+ydYUQyNedQh2ru1V63uNyTOyCKAg==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.27.0.tgz",
+            "integrity": "sha512-NaFUPv90ks1XlZy0qdUaJ5/ilBtiCCgTIxaPexshJiaVDT5cV+Igjag/O80HIcvqknOZpdKAR0I1ArQzhJrmcA==",
             "dev": true,
             "dependencies": {
                 "@types/mocha": "^10.0.0",
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "mocha": "^10.0.0"
             },
             "engines": {
@@ -1302,14 +1327,14 @@
             }
         },
         "node_modules/@wdio/reporter": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.24.12.tgz",
-            "integrity": "sha512-FtLzDTBXdgxXf4T9HJQ2bNpYYSKEw//jojFm9XzB4fPwzPeFY3HC+dbePucVW1SSLrVzVxqIOyHiwCLqQ/4cQw==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.27.0.tgz",
+            "integrity": "sha512-kBwsrHbsblmXfHSWlaOKXjPRPeT29WSKTUoCmzuTcCkhvbjY4TrEB0p04cpaM7uNqdIZTxHng54gZVaG/nZPiw==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.24.12",
-                "@wdio/types": "8.24.12",
+                "@wdio/types": "8.27.0",
                 "diff": "^5.0.0",
                 "object-inspect": "^1.12.0"
             },
@@ -1318,35 +1343,35 @@
             }
         },
         "node_modules/@wdio/runner": {
-            "version": "8.26.1",
-            "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.26.1.tgz",
-            "integrity": "sha512-Uhz82HD53LvfW6hLwd/cX+vYVZpiKtAr7ipTxaLt5VPEIwcDlrVz1hoVkVMGyfvkAuHxDKLZx16bigfMg+5eTQ==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.27.0.tgz",
+            "integrity": "sha512-da332r2d1QXdRhMhsDxMObcqLZS0l/u14pHICNTvEHp+72gOttbjUDvdMHPQY6Ae5ul7AVVQ05qpmz9CX7TzOg==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
-                "@wdio/config": "8.24.12",
-                "@wdio/globals": "8.26.1",
+                "@wdio/config": "8.27.0",
+                "@wdio/globals": "8.27.0",
                 "@wdio/logger": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "deepmerge-ts": "^5.0.0",
                 "expect-webdriverio": "^4.6.1",
                 "gaze": "^1.1.2",
-                "webdriver": "8.24.12",
-                "webdriverio": "8.26.1"
+                "webdriver": "8.27.0",
+                "webdriverio": "8.27.0"
             },
             "engines": {
                 "node": "^16.13 || >=18"
             }
         },
         "node_modules/@wdio/spec-reporter": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.24.12.tgz",
-            "integrity": "sha512-Ng3ErWK8eESamCYwIr2Uv49+46RvmT8FnmGaJ6irJoAp101K8zENEs1pyqYHJReucN+ka/wM87blfc2k8NEHCA==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.27.0.tgz",
+            "integrity": "sha512-EOXLBIr4oLzSDp/BQ86IqCulSF0jwEAj2EiMeY6dh9WXzBBtoR8WnoX/27xFoZ8GU2zetWC3EVnLJ0Ex8Up1mA==",
             "dev": true,
             "dependencies": {
-                "@wdio/reporter": "8.24.12",
-                "@wdio/types": "8.24.12",
+                "@wdio/reporter": "8.27.0",
+                "@wdio/types": "8.27.0",
                 "chalk": "^5.1.2",
                 "easy-table": "^1.2.0",
                 "pretty-ms": "^7.0.0"
@@ -1368,9 +1393,9 @@
             }
         },
         "node_modules/@wdio/types": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.24.12.tgz",
-            "integrity": "sha512-SaD3OacDiW06DvSgAQ7sDBbpiI9qZRg7eoVYeBg3uSGVtUq84vTETRhhV7D6xTC00IqZu+mmN2TY5/q+7Gqy7w==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.27.0.tgz",
+            "integrity": "sha512-LbP9FKh8r0uW9/dKhTIUCC1Su8PsP9TmzGKXkWt6/IMacgJiB/zW3u1CgyaLw9lG0UiQORHGoeJX9zB2HZAh4w==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0"
@@ -1380,14 +1405,14 @@
             }
         },
         "node_modules/@wdio/utils": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.24.12.tgz",
-            "integrity": "sha512-uzwZyBVgqz0Wz1KL3aOUaQsxT8TNkzxti4NNTSMrU256qAPqc/n75rB7V73QASapCMpy70mZZTsuPgQYYj4ytQ==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.27.0.tgz",
+            "integrity": "sha512-4BY+JBQssVn003P5lA289uDMie3LtGinHze5btkcW9timB6VaU+EeZS4eKTPC0pziizLhteVvXYxv3YTpeeRfA==",
             "dev": true,
             "dependencies": {
                 "@puppeteer/browsers": "^1.6.0",
                 "@wdio/logger": "8.24.12",
-                "@wdio/types": "8.24.12",
+                "@wdio/types": "8.27.0",
                 "decamelize": "^6.0.0",
                 "deepmerge-ts": "^5.1.0",
                 "edgedriver": "^5.3.5",
@@ -2456,9 +2481,9 @@
             }
         },
         "node_modules/devtools-protocol": {
-            "version": "0.0.1233178",
-            "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.1233178.tgz",
-            "integrity": "sha512-jmMfyaqlzddwmDaSR1AQ+5ek+f7rupZdxKuPdkRcoxrZoF70Idg/4dTgXA08TLPmwAwB54gh49Wm2l/gRM0eUg==",
+            "version": "0.0.1237913",
+            "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.1237913.tgz",
+            "integrity": "sha512-Pxtmz2ZIqBkpU82HaIdsvCQBG94yTC4xajrEsWx9p38QKEfBCJktSazsHkrjf9j3dVVNPhg5LR21F6KWeXpjiQ==",
             "dev": true
         },
         "node_modules/diff": {
@@ -2806,15 +2831,15 @@
             }
         },
         "node_modules/eslint": {
-            "version": "8.55.0",
-            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.55.0.tgz",
-            "integrity": "sha512-iyUUAM0PCKj5QpwGfmCAG9XXbZCWsqP/eWAWrG/W0umvjuLRBECwSFdt+rCntju0xEH7teIABPwXpahftIaTdA==",
+            "version": "8.56.0",
+            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
+            "integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.2.0",
                 "@eslint-community/regexpp": "^4.6.1",
                 "@eslint/eslintrc": "^2.1.4",
-                "@eslint/js": "8.55.0",
+                "@eslint/js": "8.56.0",
                 "@humanwhocodes/config-array": "^0.11.13",
                 "@humanwhocodes/module-importer": "^1.0.1",
                 "@nodelib/fs.walk": "^1.2.8",
@@ -3887,6 +3912,43 @@
                 "url": "https://github.com/sponsors/ljharb"
             }
         },
+        "node_modules/got": {
+            "version": "12.6.1",
+            "resolved": "https://registry.npmjs.org/got/-/got-12.6.1.tgz",
+            "integrity": "sha512-mThBblvlAF1d4O5oqyvN+ZxLAYwIJK7bpMxgYqPD9okW0C3qm5FFn7k811QrcuEBwaogR3ngOFoCfs6mRv7teQ==",
+            "dev": true,
+            "dependencies": {
+                "@sindresorhus/is": "^5.2.0",
+                "@szmarczak/http-timer": "^5.0.1",
+                "cacheable-lookup": "^7.0.0",
+                "cacheable-request": "^10.2.8",
+                "decompress-response": "^6.0.0",
+                "form-data-encoder": "^2.1.2",
+                "get-stream": "^6.0.1",
+                "http2-wrapper": "^2.1.10",
+                "lowercase-keys": "^3.0.0",
+                "p-cancelable": "^3.0.0",
+                "responselike": "^3.0.0"
+            },
+            "engines": {
+                "node": ">=14.16"
+            },
+            "funding": {
+                "url": "https://github.com/sindresorhus/got?sponsor=1"
+            }
+        },
+        "node_modules/got/node_modules/get-stream": {
+            "version": "6.0.1",
+            "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz",
+            "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==",
+            "dev": true,
+            "engines": {
+                "node": ">=10"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
         "node_modules/graceful-fs": {
             "version": "4.2.11",
             "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
@@ -8440,9 +8502,9 @@
             }
         },
         "node_modules/wdio-wait-for": {
-            "version": "3.0.9",
-            "resolved": "https://registry.npmjs.org/wdio-wait-for/-/wdio-wait-for-3.0.9.tgz",
-            "integrity": "sha512-f7SZ916X9DpN1ZpY82wbwS0UwpRl8fOmT3v5TIfSn/XNLwDS1qZiGndayd5sNKhzYZFlDQDIIcfOcZDr7YBMcA==",
+            "version": "3.0.10",
+            "resolved": "https://registry.npmjs.org/wdio-wait-for/-/wdio-wait-for-3.0.10.tgz",
+            "integrity": "sha512-YMWfI0BYgEviGDB9+rDUuHDZNVk8pHeae0cvaqk3Wx/2LijwJi4xkRP01uYC/hM7RBB7QJFBmjrXczVSqtJOGw==",
             "dev": true,
             "engines": {
                 "node": "^16.13 || >=18"
@@ -8458,18 +8520,18 @@
             }
         },
         "node_modules/webdriver": {
-            "version": "8.24.12",
-            "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.24.12.tgz",
-            "integrity": "sha512-03DQIClHoaAqTsmDkxGwo4HwHfkn9LzJ1wfNyUerzKg8DnyXeiT6ILqj6EXLfsvh5zddU2vhYGLFXSerPgkuOQ==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.27.0.tgz",
+            "integrity": "sha512-n1IA+rR3u84XxU9swiKUM06BkEC0GDimfZkBML57cny+utQOUbdM/mBpqCUnkWX/RBz/p2EfHdKNyOs3/REaog==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@types/ws": "^8.5.3",
-                "@wdio/config": "8.24.12",
+                "@wdio/config": "8.27.0",
                 "@wdio/logger": "8.24.12",
                 "@wdio/protocols": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "deepmerge-ts": "^5.1.0",
                 "got": "^12.6.1",
                 "ky": "^0.33.0",
@@ -8479,61 +8541,24 @@
                 "node": "^16.13 || >=18"
             }
         },
-        "node_modules/webdriver/node_modules/get-stream": {
-            "version": "6.0.1",
-            "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz",
-            "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==",
-            "dev": true,
-            "engines": {
-                "node": ">=10"
-            },
-            "funding": {
-                "url": "https://github.com/sponsors/sindresorhus"
-            }
-        },
-        "node_modules/webdriver/node_modules/got": {
-            "version": "12.6.1",
-            "resolved": "https://registry.npmjs.org/got/-/got-12.6.1.tgz",
-            "integrity": "sha512-mThBblvlAF1d4O5oqyvN+ZxLAYwIJK7bpMxgYqPD9okW0C3qm5FFn7k811QrcuEBwaogR3ngOFoCfs6mRv7teQ==",
-            "dev": true,
-            "dependencies": {
-                "@sindresorhus/is": "^5.2.0",
-                "@szmarczak/http-timer": "^5.0.1",
-                "cacheable-lookup": "^7.0.0",
-                "cacheable-request": "^10.2.8",
-                "decompress-response": "^6.0.0",
-                "form-data-encoder": "^2.1.2",
-                "get-stream": "^6.0.1",
-                "http2-wrapper": "^2.1.10",
-                "lowercase-keys": "^3.0.0",
-                "p-cancelable": "^3.0.0",
-                "responselike": "^3.0.0"
-            },
-            "engines": {
-                "node": ">=14.16"
-            },
-            "funding": {
-                "url": "https://github.com/sindresorhus/got?sponsor=1"
-            }
-        },
         "node_modules/webdriverio": {
-            "version": "8.26.1",
-            "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.26.1.tgz",
-            "integrity": "sha512-KnM92UPqk7FmPJpZf3krHrqn0ydjSdyAMn+i4uENxLBqm1OyQ12gSKtIatt8FOP9/C+UrFXATSOd+jRkU2xMkw==",
+            "version": "8.27.0",
+            "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.27.0.tgz",
+            "integrity": "sha512-Qh5VCiBjEmxnmXcL1QEFoDzFqTtaWKrXriuU5G0yHKCModGAt2G7IHTkAok3CpmkVJfZpEvY630aP1MvgDtFhw==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
-                "@wdio/config": "8.24.12",
+                "@wdio/config": "8.27.0",
                 "@wdio/logger": "8.24.12",
                 "@wdio/protocols": "8.24.12",
                 "@wdio/repl": "8.24.12",
-                "@wdio/types": "8.24.12",
-                "@wdio/utils": "8.24.12",
+                "@wdio/types": "8.27.0",
+                "@wdio/utils": "8.27.0",
                 "archiver": "^6.0.0",
                 "aria-query": "^5.0.0",
                 "css-shorthand-properties": "^1.1.1",
                 "css-value": "^0.0.1",
-                "devtools-protocol": "^0.0.1233178",
+                "devtools-protocol": "^0.0.1237913",
                 "grapheme-splitter": "^1.0.2",
                 "import-meta-resolve": "^4.0.0",
                 "is-plain-obj": "^4.1.0",
@@ -8545,7 +8570,7 @@
                 "resq": "^1.9.1",
                 "rgb2hex": "0.2.5",
                 "serialize-error": "^11.0.1",
-                "webdriver": "8.24.12"
+                "webdriver": "8.27.0"
             },
             "engines": {
                 "node": "^16.13 || >=18"
diff --git a/tests/wdio/package.json b/tests/wdio/package.json
index 589ae6332..477652a15 100644
--- a/tests/wdio/package.json
+++ b/tests/wdio/package.json
@@ -4,20 +4,20 @@
     "type": "module",
     "devDependencies": {
         "@trivago/prettier-plugin-sort-imports": "^4.3.0",
-        "@typescript-eslint/eslint-plugin": "^6.13.2",
-        "@typescript-eslint/parser": "^6.13.2",
-        "@wdio/cli": "^8.26.1",
-        "@wdio/local-runner": "^8.26.1",
-        "@wdio/mocha-framework": "^8.24.12",
-        "@wdio/spec-reporter": "^8.24.12",
-        "eslint": "^8.55.0",
+        "@typescript-eslint/eslint-plugin": "^6.18.0",
+        "@typescript-eslint/parser": "^6.18.0",
+        "@wdio/cli": "^8.27.1",
+        "@wdio/local-runner": "^8.27.0",
+        "@wdio/mocha-framework": "^8.27.0",
+        "@wdio/spec-reporter": "^8.27.0",
+        "eslint": "^8.56.0",
         "eslint-config-google": "^0.14.0",
         "eslint-plugin-sonarjs": "^0.23.0",
         "npm-run-all": "^4.1.5",
         "prettier": "^3.1.1",
         "ts-node": "^10.9.2",
         "typescript": "^5.3.3",
-        "wdio-wait-for": "^3.0.9"
+        "wdio-wait-for": "^3.0.10"
     },
     "scripts": {
         "wdio": "wdio run ./wdio.conf.ts",
diff --git a/web/.storybook/css-import-maps.ts b/web/.storybook/css-import-maps.ts
new file mode 100644
index 000000000..13b55284e
--- /dev/null
+++ b/web/.storybook/css-import-maps.ts
@@ -0,0 +1,129 @@
+// THIS IS A GENERATED FILE.  DO NOT EDIT BY HAND.
+//
+// This file is generated by the build-storybook-import-maps script in the UI's base directory.
+// This is a *hack* to work around an inconsistency in the way rollup, vite, and storybook
+// import CSS modules.
+//
+// Sometime around 2030 or so, the Javascript community may finally get its collective act together
+// and we'll have one unified way of doing this.  I can only hope.
+
+export const cssImportMaps = {
+    'import AKGlobal from "@goauthentik/common/styles/authentik.css";':
+        'import AKGlobal from "@goauthentik/common/styles/authentik.css?inline";',
+    'import PFAlert from "@patternfly/patternfly/components/Alert/alert.css";':
+        'import PFAlert from "@patternfly/patternfly/components/Alert/alert.css?inline";',
+    'import PFAlertGroup from "@patternfly/patternfly/components/AlertGroup/alert-group.css";':
+        'import PFAlertGroup from "@patternfly/patternfly/components/AlertGroup/alert-group.css?inline";',
+    'import PFAvatar from "@patternfly/patternfly/components/Avatar/avatar.css";':
+        'import PFAvatar from "@patternfly/patternfly/components/Avatar/avatar.css?inline";',
+    'import PFBackdrop from "@patternfly/patternfly/components/Backdrop/backdrop.css";':
+        'import PFBackdrop from "@patternfly/patternfly/components/Backdrop/backdrop.css?inline";',
+    'import PFBackgroundImage from "@patternfly/patternfly/components/BackgroundImage/background-image.css";':
+        'import PFBackgroundImage from "@patternfly/patternfly/components/BackgroundImage/background-image.css?inline";',
+    'import PFBanner from "@patternfly/patternfly/components/Banner/banner.css";':
+        'import PFBanner from "@patternfly/patternfly/components/Banner/banner.css?inline";',
+    'import PFBase from "@patternfly/patternfly/patternfly-base.css";':
+        'import PFBase from "@patternfly/patternfly/patternfly-base.css?inline";',
+    'import PFBrand from "@patternfly/patternfly/components/Brand/brand.css";':
+        'import PFBrand from "@patternfly/patternfly/components/Brand/brand.css?inline";',
+    'import PFBullseye from "@patternfly/patternfly/layouts/Bullseye/bullseye.css";':
+        'import PFBullseye from "@patternfly/patternfly/layouts/Bullseye/bullseye.css?inline";',
+    'import PFButton from "@patternfly/patternfly/components/Button/button.css";':
+        'import PFButton from "@patternfly/patternfly/components/Button/button.css?inline";',
+    'import PFCard from "@patternfly/patternfly/components/Card/card.css";':
+        'import PFCard from "@patternfly/patternfly/components/Card/card.css?inline";',
+    'import PFCheck from "@patternfly/patternfly/components/Check/check.css";':
+        'import PFCheck from "@patternfly/patternfly/components/Check/check.css?inline";',
+    'import PFChip from "@patternfly/patternfly/components/Chip/chip.css";':
+        'import PFChip from "@patternfly/patternfly/components/Chip/chip.css?inline";',
+    'import PFChipGroup from "@patternfly/patternfly/components/ChipGroup/chip-group.css";':
+        'import PFChipGroup from "@patternfly/patternfly/components/ChipGroup/chip-group.css?inline";',
+    'import PFContent from "@patternfly/patternfly/components/Content/content.css";':
+        'import PFContent from "@patternfly/patternfly/components/Content/content.css?inline";',
+    'import PFDataList from "@patternfly/patternfly/components/DataList/data-list.css";':
+        'import PFDataList from "@patternfly/patternfly/components/DataList/data-list.css?inline";',
+    'import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";':
+        'import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css?inline";',
+    'import PFDisplay from "@patternfly/patternfly/utilities/Display/display.css";':
+        'import PFDisplay from "@patternfly/patternfly/utilities/Display/display.css?inline";',
+    'import PFDrawer from "@patternfly/patternfly/components/Drawer/drawer.css";':
+        'import PFDrawer from "@patternfly/patternfly/components/Drawer/drawer.css?inline";',
+    'import PFDropdown from "@patternfly/patternfly/components/Dropdown/dropdown.css";':
+        'import PFDropdown from "@patternfly/patternfly/components/Dropdown/dropdown.css?inline";',
+    'import PFEmptyState from "@patternfly/patternfly/components/EmptyState/empty-state.css";':
+        'import PFEmptyState from "@patternfly/patternfly/components/EmptyState/empty-state.css?inline";',
+    'import PFExpandableSection from "@patternfly/patternfly/components/ExpandableSection/expandable-section.css";':
+        'import PFExpandableSection from "@patternfly/patternfly/components/ExpandableSection/expandable-section.css?inline";',
+    'import PFFAIcons from "@patternfly/patternfly/base/patternfly-fa-icons.css";':
+        'import PFFAIcons from "@patternfly/patternfly/base/patternfly-fa-icons.css?inline";',
+    'import PFFlex from "@patternfly/patternfly/layouts/Flex/flex.css";':
+        'import PFFlex from "@patternfly/patternfly/layouts/Flex/flex.css?inline";',
+    'import PFForm from "@patternfly/patternfly/components/Form/form.css";':
+        'import PFForm from "@patternfly/patternfly/components/Form/form.css?inline";',
+    'import PFFormControl from "@patternfly/patternfly/components/FormControl/form-control.css";':
+        'import PFFormControl from "@patternfly/patternfly/components/FormControl/form-control.css?inline";',
+    'import PFGallery from "@patternfly/patternfly/layouts/Gallery/gallery.css";':
+        'import PFGallery from "@patternfly/patternfly/layouts/Gallery/gallery.css?inline";',
+    'import PFGlobal from "@patternfly/patternfly/patternfly-base.css";':
+        'import PFGlobal from "@patternfly/patternfly/patternfly-base.css?inline";',
+    'import PFGrid from "@patternfly/patternfly/layouts/Grid/grid.css";':
+        'import PFGrid from "@patternfly/patternfly/layouts/Grid/grid.css?inline";',
+    'import PFHint from "@patternfly/patternfly/components/Hint/hint.css";':
+        'import PFHint from "@patternfly/patternfly/components/Hint/hint.css?inline";',
+    'import PFInputGroup from "@patternfly/patternfly/components/InputGroup/input-group.css";':
+        'import PFInputGroup from "@patternfly/patternfly/components/InputGroup/input-group.css?inline";',
+    'import PFLabel from "@patternfly/patternfly/components/Label/label.css";':
+        'import PFLabel from "@patternfly/patternfly/components/Label/label.css?inline";',
+    'import PFList from "@patternfly/patternfly/components/List/list.css";':
+        'import PFList from "@patternfly/patternfly/components/List/list.css?inline";',
+    'import PFLogin from "@patternfly/patternfly/components/Login/login.css";':
+        'import PFLogin from "@patternfly/patternfly/components/Login/login.css?inline";',
+    'import PFModalBox from "@patternfly/patternfly/components/ModalBox/modal-box.css";':
+        'import PFModalBox from "@patternfly/patternfly/components/ModalBox/modal-box.css?inline";',
+    'import PFNav from "@patternfly/patternfly/components/Nav/nav.css";':
+        'import PFNav from "@patternfly/patternfly/components/Nav/nav.css?inline";',
+    'import PFNotificationBadge from "@patternfly/patternfly/components/NotificationBadge/notification-badge.css";':
+        'import PFNotificationBadge from "@patternfly/patternfly/components/NotificationBadge/notification-badge.css?inline";',
+    'import PFNotificationDrawer from "@patternfly/patternfly/components/NotificationDrawer/notification-drawer.css";':
+        'import PFNotificationDrawer from "@patternfly/patternfly/components/NotificationDrawer/notification-drawer.css?inline";',
+    'import PFPage from "@patternfly/patternfly/components/Page/page.css";':
+        'import PFPage from "@patternfly/patternfly/components/Page/page.css?inline";',
+    'import PFPagination from "@patternfly/patternfly/components/Pagination/pagination.css";':
+        'import PFPagination from "@patternfly/patternfly/components/Pagination/pagination.css?inline";',
+    'import PFProgressStepper from "@patternfly/patternfly/components/ProgressStepper/progress-stepper.css";':
+        'import PFProgressStepper from "@patternfly/patternfly/components/ProgressStepper/progress-stepper.css?inline";',
+    'import PFRadio from "@patternfly/patternfly/components/Radio/radio.css";':
+        'import PFRadio from "@patternfly/patternfly/components/Radio/radio.css?inline";',
+    'import PFSelect from "@patternfly/patternfly/components/Select/select.css";':
+        'import PFSelect from "@patternfly/patternfly/components/Select/select.css?inline";',
+    'import PFSidebar from "@patternfly/patternfly/components/Sidebar/sidebar.css";':
+        'import PFSidebar from "@patternfly/patternfly/components/Sidebar/sidebar.css?inline";',
+    'import PFSizing from "@patternfly/patternfly/utilities/Sizing/sizing.css";':
+        'import PFSizing from "@patternfly/patternfly/utilities/Sizing/sizing.css?inline";',
+    'import PFSpacing from "@patternfly/patternfly/utilities/Spacing/spacing.css";':
+        'import PFSpacing from "@patternfly/patternfly/utilities/Spacing/spacing.css?inline";',
+    'import PFSpinner from "@patternfly/patternfly/components/Spinner/spinner.css";':
+        'import PFSpinner from "@patternfly/patternfly/components/Spinner/spinner.css?inline";',
+    'import PFStack from "@patternfly/patternfly/layouts/Stack/stack.css";':
+        'import PFStack from "@patternfly/patternfly/layouts/Stack/stack.css?inline";',
+    'import PFSwitch from "@patternfly/patternfly/components/Switch/switch.css";':
+        'import PFSwitch from "@patternfly/patternfly/components/Switch/switch.css?inline";',
+    'import PFTable from "@patternfly/patternfly/components/Table/table.css";':
+        'import PFTable from "@patternfly/patternfly/components/Table/table.css?inline";',
+    'import PFTabs from "@patternfly/patternfly/components/Tabs/tabs.css";':
+        'import PFTabs from "@patternfly/patternfly/components/Tabs/tabs.css?inline";',
+    'import PFTitle from "@patternfly/patternfly/components/Title/title.css";':
+        'import PFTitle from "@patternfly/patternfly/components/Title/title.css?inline";',
+    'import PFToggleGroup from "@patternfly/patternfly/components/ToggleGroup/toggle-group.css";':
+        'import PFToggleGroup from "@patternfly/patternfly/components/ToggleGroup/toggle-group.css?inline";',
+    'import PFToolbar from "@patternfly/patternfly/components/Toolbar/toolbar.css";':
+        'import PFToolbar from "@patternfly/patternfly/components/Toolbar/toolbar.css?inline";',
+    'import PFTreeView from "@patternfly/patternfly/components/TreeView/tree-view.css";':
+        'import PFTreeView from "@patternfly/patternfly/components/TreeView/tree-view.css?inline";',
+    'import PFWizard from "@patternfly/patternfly/components/Wizard/wizard.css";':
+        'import PFWizard from "@patternfly/patternfly/components/Wizard/wizard.css?inline";',
+    'import ThemeDark from "@goauthentik/common/styles/theme-dark.css";':
+        'import ThemeDark from "@goauthentik/common/styles/theme-dark.css?inline";',
+    'import styles from "./LibraryPageImpl.css";':
+        'import styles from "./LibraryPageImpl.css?inline";',
+};
diff --git a/web/.storybook/main.ts b/web/.storybook/main.ts
index e6583e476..c3f042282 100644
--- a/web/.storybook/main.ts
+++ b/web/.storybook/main.ts
@@ -1,9 +1,12 @@
 import replace from "@rollup/plugin-replace";
 import type { StorybookConfig } from "@storybook/web-components-vite";
 import { cwd } from "process";
+import modify from "rollup-plugin-modify";
 import postcssLit from "rollup-plugin-postcss-lit";
 import tsconfigPaths from "vite-tsconfig-paths";
 
+import { cssImportMaps } from "./css-import-maps";
+
 export const isProdBuild = process.env.NODE_ENV === "production";
 export const apiBasePath = process.env.AK_API_BASE_PATH || "";
 
@@ -27,9 +30,7 @@ const config: StorybookConfig = {
         return {
             ...config,
             plugins: [
-                ...config.plugins,
-                postcssLit(),
-                tsconfigPaths(),
+                modify(cssImportMaps),
                 replace({
                     "process.env.NODE_ENV": JSON.stringify(
                         isProdBuild ? "production" : "development",
@@ -38,6 +39,9 @@ const config: StorybookConfig = {
                     "process.env.AK_API_BASE_PATH": JSON.stringify(apiBasePath),
                     "preventAssignment": true,
                 }),
+                ...config.plugins,
+                postcssLit(),
+                tsconfigPaths(),
             ],
         };
     },
diff --git a/web/lit-localize.json b/web/lit-localize.json
index 19a901a91..3c9564de8 100644
--- a/web/lit-localize.json
+++ b/web/lit-localize.json
@@ -3,15 +3,18 @@
     "sourceLocale": "en",
     "targetLocales": [
         "en",
-        "pseudo-LOCALE",
-        "fr",
-        "tr",
+        "de",
         "es",
+        "fr",
+        "ko",
+        "nl",
         "pl",
-        "zh_TW",
+        "tr",
         "zh-Hans",
         "zh-Hant",
-        "de"
+        "zh-CN",
+        "zh_TW",
+        "pseudo-LOCALE"
     ],
     "tsConfig": "./tsconfig.json",
     "output": {
diff --git a/web/package-lock.json b/web/package-lock.json
index d1caf97bc..64006c368 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -15,27 +15,27 @@
                 "@codemirror/lang-xml": "^6.0.2",
                 "@codemirror/legacy-modes": "^6.3.3",
                 "@codemirror/theme-one-dark": "^6.1.2",
-                "@esbuild/linux-arm64": "^0.19.9",
                 "@formatjs/intl-listformat": "^7.5.3",
                 "@fortawesome/fontawesome-free": "^6.5.1",
-                "@goauthentik/api": "^2023.10.4-1701882394",
+                "@goauthentik/api": "^2023.10.5-1704382057",
                 "@lit-labs/context": "^0.4.0",
                 "@lit-labs/task": "^3.1.0",
                 "@lit/localize": "^0.11.4",
                 "@open-wc/lit-helpers": "^0.6.0",
                 "@patternfly/elements": "^2.4.0",
                 "@patternfly/patternfly": "^4.224.2",
-                "@sentry/browser": "^7.86.0",
-                "@sentry/tracing": "^7.86.0",
+                "@sentry/browser": "^7.92.0",
+                "@sentry/tracing": "^7.92.0",
                 "@webcomponents/webcomponentsjs": "^2.8.0",
                 "base64-js": "^1.5.1",
                 "chart.js": "^4.4.1",
                 "chartjs-adapter-moment": "^1.0.1",
                 "codemirror": "^6.0.1",
                 "construct-style-sheets-polyfill": "^3.1.0",
-                "core-js": "^3.34.0",
+                "core-js": "^3.35.0",
                 "country-flag-icons": "^1.5.9",
                 "fuse.js": "^7.0.0",
+                "guacamole-common-js": "^1.5.0",
                 "lit": "^2.8.0",
                 "mermaid": "^10.6.1",
                 "rapidoc": "^9.3.4",
@@ -44,13 +44,13 @@
                 "yaml": "^2.3.4"
             },
             "devDependencies": {
-                "@babel/core": "^7.23.5",
+                "@babel/core": "^7.23.7",
                 "@babel/plugin-proposal-class-properties": "^7.18.6",
-                "@babel/plugin-proposal-decorators": "^7.23.5",
+                "@babel/plugin-proposal-decorators": "^7.23.7",
                 "@babel/plugin-transform-private-methods": "^7.23.3",
                 "@babel/plugin-transform-private-property-in-object": "^7.23.4",
-                "@babel/plugin-transform-runtime": "^7.23.4",
-                "@babel/preset-env": "^7.23.5",
+                "@babel/plugin-transform-runtime": "^7.23.7",
+                "@babel/preset-env": "^7.23.7",
                 "@babel/preset-typescript": "^7.23.3",
                 "@hcaptcha/types": "^1.0.3",
                 "@jackfranklin/rollup-plugin-markdown": "^0.4.0",
@@ -62,54 +62,56 @@
                 "@rollup/plugin-replace": "^5.0.5",
                 "@rollup/plugin-terser": "^0.4.4",
                 "@rollup/plugin-typescript": "^11.1.5",
-                "@storybook/addon-essentials": "^7.6.4",
-                "@storybook/addon-links": "^7.6.4",
-                "@storybook/api": "^7.6.4",
+                "@storybook/addon-essentials": "^7.6.7",
+                "@storybook/addon-links": "^7.6.7",
+                "@storybook/api": "^7.6.7",
                 "@storybook/blocks": "^7.6.4",
-                "@storybook/manager-api": "^7.6.4",
-                "@storybook/web-components": "^7.6.4",
-                "@storybook/web-components-vite": "^7.6.4",
+                "@storybook/manager-api": "^7.6.7",
+                "@storybook/web-components": "^7.6.7",
+                "@storybook/web-components-vite": "^7.6.7",
                 "@trivago/prettier-plugin-sort-imports": "^4.3.0",
                 "@types/chart.js": "^2.9.41",
                 "@types/codemirror": "5.60.15",
                 "@types/grecaptcha": "^3.0.7",
-                "@typescript-eslint/eslint-plugin": "^6.13.2",
-                "@typescript-eslint/parser": "^6.13.2",
+                "@types/guacamole-common-js": "1.5.2",
+                "@typescript-eslint/eslint-plugin": "^6.18.0",
+                "@typescript-eslint/parser": "^6.18.0",
                 "babel-plugin-macros": "^3.1.0",
                 "babel-plugin-tsconfig-paths": "^1.0.3",
                 "cross-env": "^7.0.3",
-                "eslint": "^8.55.0",
+                "eslint": "^8.56.0",
                 "eslint-config-google": "^0.14.0",
                 "eslint-plugin-custom-elements": "0.0.8",
-                "eslint-plugin-lit": "^1.10.1",
+                "eslint-plugin-lit": "^1.11.0",
                 "eslint-plugin-sonarjs": "^0.23.0",
                 "eslint-plugin-storybook": "^0.6.15",
-                "lit-analyzer": "^2.0.1",
+                "lit-analyzer": "^2.0.2",
                 "npm-run-all": "^4.1.5",
                 "prettier": "^3.1.1",
                 "pseudolocale": "^2.0.0",
-                "pyright": "^1.1.338",
+                "pyright": "=1.1.338",
                 "react": "^18.2.0",
                 "react-dom": "^18.2.0",
-                "rollup": "^4.7.0",
+                "rollup": "^4.9.4",
                 "rollup-plugin-copy": "^3.5.0",
                 "rollup-plugin-cssimport": "^1.0.3",
+                "rollup-plugin-modify": "^3.0.0",
                 "rollup-plugin-postcss-lit": "^2.1.0",
-                "storybook": "^7.6.4",
+                "storybook": "^7.6.7",
                 "storybook-addon-mock": "^4.3.0",
                 "ts-lit-plugin": "^2.0.1",
                 "tslib": "^2.6.2",
-                "turnstile-types": "^1.1.3",
+                "turnstile-types": "^1.2.0",
                 "typescript": "^5.3.3",
-                "vite-tsconfig-paths": "^4.2.2"
+                "vite-tsconfig-paths": "^4.2.3"
             },
             "engines": {
                 "node": ">=20"
             },
             "optionalDependencies": {
-                "@esbuild/darwin-arm64": "^0.19.9",
+                "@esbuild/darwin-arm64": "^0.19.11",
                 "@esbuild/linux-amd64": "^0.18.11",
-                "@esbuild/linux-arm64": "^0.19.9"
+                "@esbuild/linux-arm64": "^0.19.11"
             }
         },
         "node_modules/@aashutoshrathi/word-wrap": {
@@ -177,21 +179,21 @@
             }
         },
         "node_modules/@babel/core": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.23.5.tgz",
-            "integrity": "sha512-Cwc2XjUrG4ilcfOw4wBAK+enbdgwAcAJCfGUItPBKR7Mjw4aEfAFYrLxeRp4jWgtNIKn3n2AlBOfwwafl+42/g==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.23.7.tgz",
+            "integrity": "sha512-+UpDgowcmqe36d4NwqvKsyPMlOLNGMsfMmQ5WGCu+siCe3t3dfe9njrzGfdN4qq+bcNUt0+Vw6haRxBOycs4dw==",
             "dev": true,
             "dependencies": {
                 "@ampproject/remapping": "^2.2.0",
                 "@babel/code-frame": "^7.23.5",
-                "@babel/generator": "^7.23.5",
-                "@babel/helper-compilation-targets": "^7.22.15",
+                "@babel/generator": "^7.23.6",
+                "@babel/helper-compilation-targets": "^7.23.6",
                 "@babel/helper-module-transforms": "^7.23.3",
-                "@babel/helpers": "^7.23.5",
-                "@babel/parser": "^7.23.5",
+                "@babel/helpers": "^7.23.7",
+                "@babel/parser": "^7.23.6",
                 "@babel/template": "^7.22.15",
-                "@babel/traverse": "^7.23.5",
-                "@babel/types": "^7.23.5",
+                "@babel/traverse": "^7.23.7",
+                "@babel/types": "^7.23.6",
                 "convert-source-map": "^2.0.0",
                 "debug": "^4.1.0",
                 "gensync": "^1.0.0-beta.2",
@@ -207,20 +209,20 @@
             }
         },
         "node_modules/@babel/core/node_modules/@babel/traverse": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.5.tgz",
-            "integrity": "sha512-czx7Xy5a6sapWWRx61m1Ke1Ra4vczu1mCTtJam5zRTBOonfdJ+S/B6HYmGYu3fJtr8GGET3si6IhgWVBhJ/m8w==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.7.tgz",
+            "integrity": "sha512-tY3mM8rH9jM0YHFGyfC0/xf+SB5eKUu7HPj7/k3fpi9dAlsMc5YbQvDi0Sh2QTPXqMhyaAtzAr807TIyfQrmyg==",
             "dev": true,
             "dependencies": {
                 "@babel/code-frame": "^7.23.5",
-                "@babel/generator": "^7.23.5",
+                "@babel/generator": "^7.23.6",
                 "@babel/helper-environment-visitor": "^7.22.20",
                 "@babel/helper-function-name": "^7.23.0",
                 "@babel/helper-hoist-variables": "^7.22.5",
                 "@babel/helper-split-export-declaration": "^7.22.6",
-                "@babel/parser": "^7.23.5",
-                "@babel/types": "^7.23.5",
-                "debug": "^4.1.0",
+                "@babel/parser": "^7.23.6",
+                "@babel/types": "^7.23.6",
+                "debug": "^4.3.1",
                 "globals": "^11.1.0"
             },
             "engines": {
@@ -234,12 +236,12 @@
             "dev": true
         },
         "node_modules/@babel/generator": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.5.tgz",
-            "integrity": "sha512-BPssCHrBD+0YrxviOa3QzpqwhNIXKEtOa2jQrm4FlmkC2apYgRnQcmPWiGZDlGxiNtltnUFolMe8497Esry+jA==",
+            "version": "7.23.6",
+            "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.6.tgz",
+            "integrity": "sha512-qrSfCYxYQB5owCmGLbl8XRpX1ytXlpueOb0N0UmQwA073KZxejgQTzAmJezxvpwQD9uGtK2shHdi55QT+MbjIw==",
             "dev": true,
             "dependencies": {
-                "@babel/types": "^7.23.5",
+                "@babel/types": "^7.23.6",
                 "@jridgewell/gen-mapping": "^0.3.2",
                 "@jridgewell/trace-mapping": "^0.3.17",
                 "jsesc": "^2.5.1"
@@ -273,14 +275,14 @@
             }
         },
         "node_modules/@babel/helper-compilation-targets": {
-            "version": "7.22.15",
-            "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.15.tgz",
-            "integrity": "sha512-y6EEzULok0Qvz8yyLkCvVX+02ic+By2UdOhylwUOvOn9dvYc9mKICJuuU1n1XBI02YWsNsnrY1kc6DVbjcXbtw==",
+            "version": "7.23.6",
+            "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz",
+            "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==",
             "dev": true,
             "dependencies": {
-                "@babel/compat-data": "^7.22.9",
-                "@babel/helper-validator-option": "^7.22.15",
-                "browserslist": "^4.21.9",
+                "@babel/compat-data": "^7.23.5",
+                "@babel/helper-validator-option": "^7.23.5",
+                "browserslist": "^4.22.2",
                 "lru-cache": "^5.1.1",
                 "semver": "^6.3.1"
             },
@@ -289,9 +291,9 @@
             }
         },
         "node_modules/@babel/helper-create-class-features-plugin": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.5.tgz",
-            "integrity": "sha512-QELlRWxSpgdwdJzSJn4WAhKC+hvw/AtHbbrIoncKHkhKKR/luAlKkgBDcri1EzWAo8f8VvYVryEHN4tax/V67A==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.7.tgz",
+            "integrity": "sha512-xCoqR/8+BoNnXOY7RVSgv6X+o7pmT5q1d+gGcRlXYkI+9B31glE4jeejhKVpA04O1AtzOt7OSQ6VYKP5FcRl9g==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-annotate-as-pure": "^7.22.5",
@@ -329,9 +331,9 @@
             }
         },
         "node_modules/@babel/helper-define-polyfill-provider": {
-            "version": "0.4.3",
-            "resolved": "https://registry.npmjs.org/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.4.3.tgz",
-            "integrity": "sha512-WBrLmuPP47n7PNwsZ57pqam6G/RGo1vw/87b0Blc53tZNGZ4x7YvZ6HgQe2vo1W/FR20OgjeZuGXzudPiXHFug==",
+            "version": "0.4.4",
+            "resolved": "https://registry.npmjs.org/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.4.4.tgz",
+            "integrity": "sha512-QcJMILQCu2jm5TFPGA3lCpJJTeEP+mqeXooG/NZbg/h5FTFi6V0+99ahlRsW8/kRLyb24LZVCCiclDedhLKcBA==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-compilation-targets": "^7.22.6",
@@ -554,34 +556,34 @@
             }
         },
         "node_modules/@babel/helpers": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.5.tgz",
-            "integrity": "sha512-oO7us8FzTEsG3U6ag9MfdF1iA/7Z6dz+MtFhifZk8C8o453rGJFFWUP1t+ULM9TUIAzC9uxXEiXjOiVMyd7QPg==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.7.tgz",
+            "integrity": "sha512-6AMnjCoC8wjqBzDHkuqpa7jAKwvMo4dC+lr/TFBz+ucfulO1XMpDnwWPGBNwClOKZ8h6xn5N81W/R5OrcKtCbQ==",
             "dev": true,
             "dependencies": {
                 "@babel/template": "^7.22.15",
-                "@babel/traverse": "^7.23.5",
-                "@babel/types": "^7.23.5"
+                "@babel/traverse": "^7.23.7",
+                "@babel/types": "^7.23.6"
             },
             "engines": {
                 "node": ">=6.9.0"
             }
         },
         "node_modules/@babel/helpers/node_modules/@babel/traverse": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.5.tgz",
-            "integrity": "sha512-czx7Xy5a6sapWWRx61m1Ke1Ra4vczu1mCTtJam5zRTBOonfdJ+S/B6HYmGYu3fJtr8GGET3si6IhgWVBhJ/m8w==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.7.tgz",
+            "integrity": "sha512-tY3mM8rH9jM0YHFGyfC0/xf+SB5eKUu7HPj7/k3fpi9dAlsMc5YbQvDi0Sh2QTPXqMhyaAtzAr807TIyfQrmyg==",
             "dev": true,
             "dependencies": {
                 "@babel/code-frame": "^7.23.5",
-                "@babel/generator": "^7.23.5",
+                "@babel/generator": "^7.23.6",
                 "@babel/helper-environment-visitor": "^7.22.20",
                 "@babel/helper-function-name": "^7.23.0",
                 "@babel/helper-hoist-variables": "^7.22.5",
                 "@babel/helper-split-export-declaration": "^7.22.6",
-                "@babel/parser": "^7.23.5",
-                "@babel/types": "^7.23.5",
-                "debug": "^4.1.0",
+                "@babel/parser": "^7.23.6",
+                "@babel/types": "^7.23.6",
+                "debug": "^4.3.1",
                 "globals": "^11.1.0"
             },
             "engines": {
@@ -603,9 +605,9 @@
             }
         },
         "node_modules/@babel/parser": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.5.tgz",
-            "integrity": "sha512-hOOqoiNXrmGdFbhgCzu6GiURxUgM27Xwd/aPuu8RfHEZPBzL1Z54okAHAQjXfcQNwvrlkAmAp4SlRTZ45vlthQ==",
+            "version": "7.23.6",
+            "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.6.tgz",
+            "integrity": "sha512-Z2uID7YJ7oNvAI20O9X0bblw7Qqs8Q2hFy0R9tAfnfLkp5MW0UH9eUvnDSnFwKZ0AvgS1ucqR4KzvVHgnke1VQ==",
             "dev": true,
             "bin": {
                 "parser": "bin/babel-parser.js"
@@ -647,9 +649,9 @@
             }
         },
         "node_modules/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": {
-            "version": "7.23.3",
-            "resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly/-/plugin-bugfix-v8-static-class-fields-redefine-readonly-7.23.3.tgz",
-            "integrity": "sha512-XaJak1qcityzrX0/IU5nKHb34VaibwP3saKqG6a/tppelgllOH13LUann4ZCIBcVOeE6H18K4Vx9QKkVww3z/w==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly/-/plugin-bugfix-v8-static-class-fields-redefine-readonly-7.23.7.tgz",
+            "integrity": "sha512-LlRT7HgaifEpQA1ZgLVOIJZZFVPWN5iReq/7/JixwBtwcoeVGDBD53ZV28rrsLYOZs1Y/EHhA8N/Z6aazHR8cw==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-environment-visitor": "^7.22.20",
@@ -680,15 +682,13 @@
             }
         },
         "node_modules/@babel/plugin-proposal-decorators": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.23.5.tgz",
-            "integrity": "sha512-6IsY8jOeWibsengGlWIezp7cuZEFzNlAghFpzh9wiZwhQ42/hRcPnY/QV9HJoKTlujupinSlnQPiEy/u2C1ZfQ==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.23.7.tgz",
+            "integrity": "sha512-b1s5JyeMvqj7d9m9KhJNHKc18gEJiSyVzVX3bwbiPalQBQpuvfPh6lA9F7Kk/dWH0TIiXRpB9yicwijY6buPng==",
             "dev": true,
             "dependencies": {
-                "@babel/helper-create-class-features-plugin": "^7.23.5",
+                "@babel/helper-create-class-features-plugin": "^7.23.7",
                 "@babel/helper-plugin-utils": "^7.22.5",
-                "@babel/helper-replace-supers": "^7.22.20",
-                "@babel/helper-split-export-declaration": "^7.22.6",
                 "@babel/plugin-syntax-decorators": "^7.23.3"
             },
             "engines": {
@@ -1021,9 +1021,9 @@
             }
         },
         "node_modules/@babel/plugin-transform-async-generator-functions": {
-            "version": "7.23.4",
-            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.23.4.tgz",
-            "integrity": "sha512-efdkfPhHYTtn0G6n2ddrESE91fgXxjlqLsnUtPWnJs4a4mZIbUaK7ffqKIIUKXSHwcDvaCVX6GXkaJJFqtX7jw==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.23.7.tgz",
+            "integrity": "sha512-PdxEpL71bJp1byMG0va5gwQcXHxuEYC/BgI/e88mGTtohbZN28O5Yit0Plkkm/dBzCF/BxmbNcses1RH1T+urA==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-environment-visitor": "^7.22.20",
@@ -1268,12 +1268,13 @@
             }
         },
         "node_modules/@babel/plugin-transform-for-of": {
-            "version": "7.23.3",
-            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.23.3.tgz",
-            "integrity": "sha512-X8jSm8X1CMwxmK878qsUGJRmbysKNbdpTv/O1/v0LuY/ZkZrng5WYiekYSdg9m09OTmDDUWeEDsTE+17WYbAZw==",
+            "version": "7.23.6",
+            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.23.6.tgz",
+            "integrity": "sha512-aYH4ytZ0qSuBbpfhuofbg/e96oQ7U2w1Aw/UQmKT+1l39uEhUPoFS3fHevDc1G0OvewyDudfMKY1OulczHzWIw==",
             "dev": true,
             "dependencies": {
-                "@babel/helper-plugin-utils": "^7.22.5"
+                "@babel/helper-plugin-utils": "^7.22.5",
+                "@babel/helper-skip-transparent-expression-wrappers": "^7.22.5"
             },
             "engines": {
                 "node": ">=6.9.0"
@@ -1655,16 +1656,16 @@
             }
         },
         "node_modules/@babel/plugin-transform-runtime": {
-            "version": "7.23.4",
-            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.23.4.tgz",
-            "integrity": "sha512-ITwqpb6V4btwUG0YJR82o2QvmWrLgDnx/p2A3CTPYGaRgULkDiC0DRA2C4jlRB9uXGUEfaSS/IGHfVW+ohzYDw==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.23.7.tgz",
+            "integrity": "sha512-fa0hnfmiXc9fq/weK34MUV0drz2pOL/vfKWvN7Qw127hiUPabFCUMgAbYWcchRzMJit4o5ARsK/s+5h0249pLw==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-module-imports": "^7.22.15",
                 "@babel/helper-plugin-utils": "^7.22.5",
-                "babel-plugin-polyfill-corejs2": "^0.4.6",
-                "babel-plugin-polyfill-corejs3": "^0.8.5",
-                "babel-plugin-polyfill-regenerator": "^0.5.3",
+                "babel-plugin-polyfill-corejs2": "^0.4.7",
+                "babel-plugin-polyfill-corejs3": "^0.8.7",
+                "babel-plugin-polyfill-regenerator": "^0.5.4",
                 "semver": "^6.3.1"
             },
             "engines": {
@@ -1832,18 +1833,18 @@
             }
         },
         "node_modules/@babel/preset-env": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.23.5.tgz",
-            "integrity": "sha512-0d/uxVD6tFGWXGDSfyMD1p2otoaKmu6+GD+NfAx0tMaH+dxORnp7T9TaVQ6mKyya7iBtCIVxHjWT7MuzzM9z+A==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.23.7.tgz",
+            "integrity": "sha512-SY27X/GtTz/L4UryMNJ6p4fH4nsgWbz84y9FE0bQeWJP6O5BhgVCt53CotQKHCOeXJel8VyhlhujhlltKms/CA==",
             "dev": true,
             "dependencies": {
                 "@babel/compat-data": "^7.23.5",
-                "@babel/helper-compilation-targets": "^7.22.15",
+                "@babel/helper-compilation-targets": "^7.23.6",
                 "@babel/helper-plugin-utils": "^7.22.5",
                 "@babel/helper-validator-option": "^7.23.5",
                 "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": "^7.23.3",
                 "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": "^7.23.3",
-                "@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": "^7.23.3",
+                "@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": "^7.23.7",
                 "@babel/plugin-proposal-private-property-in-object": "7.21.0-placeholder-for-preset-env.2",
                 "@babel/plugin-syntax-async-generators": "^7.8.4",
                 "@babel/plugin-syntax-class-properties": "^7.12.13",
@@ -1864,7 +1865,7 @@
                 "@babel/plugin-syntax-top-level-await": "^7.14.5",
                 "@babel/plugin-syntax-unicode-sets-regex": "^7.18.6",
                 "@babel/plugin-transform-arrow-functions": "^7.23.3",
-                "@babel/plugin-transform-async-generator-functions": "^7.23.4",
+                "@babel/plugin-transform-async-generator-functions": "^7.23.7",
                 "@babel/plugin-transform-async-to-generator": "^7.23.3",
                 "@babel/plugin-transform-block-scoped-functions": "^7.23.3",
                 "@babel/plugin-transform-block-scoping": "^7.23.4",
@@ -1878,7 +1879,7 @@
                 "@babel/plugin-transform-dynamic-import": "^7.23.4",
                 "@babel/plugin-transform-exponentiation-operator": "^7.23.3",
                 "@babel/plugin-transform-export-namespace-from": "^7.23.4",
-                "@babel/plugin-transform-for-of": "^7.23.3",
+                "@babel/plugin-transform-for-of": "^7.23.6",
                 "@babel/plugin-transform-function-name": "^7.23.3",
                 "@babel/plugin-transform-json-strings": "^7.23.4",
                 "@babel/plugin-transform-literals": "^7.23.3",
@@ -1912,9 +1913,9 @@
                 "@babel/plugin-transform-unicode-regex": "^7.23.3",
                 "@babel/plugin-transform-unicode-sets-regex": "^7.23.3",
                 "@babel/preset-modules": "0.1.6-no-external-plugins",
-                "babel-plugin-polyfill-corejs2": "^0.4.6",
-                "babel-plugin-polyfill-corejs3": "^0.8.5",
-                "babel-plugin-polyfill-regenerator": "^0.5.3",
+                "babel-plugin-polyfill-corejs2": "^0.4.7",
+                "babel-plugin-polyfill-corejs3": "^0.8.7",
+                "babel-plugin-polyfill-regenerator": "^0.5.4",
                 "core-js-compat": "^3.31.0",
                 "semver": "^6.3.1"
             },
@@ -1976,15 +1977,15 @@
             }
         },
         "node_modules/@babel/register": {
-            "version": "7.22.15",
-            "resolved": "https://registry.npmjs.org/@babel/register/-/register-7.22.15.tgz",
-            "integrity": "sha512-V3Q3EqoQdn65RCgTLwauZaTfd1ShhwPmbBv+1dkZV/HpCGMKVyn6oFcRlI7RaKqiDQjX2Qd3AuoEguBgdjIKlg==",
+            "version": "7.23.7",
+            "resolved": "https://registry.npmjs.org/@babel/register/-/register-7.23.7.tgz",
+            "integrity": "sha512-EjJeB6+kvpk+Y5DAkEAmbOBEFkh9OASx0huoEkqYTFxAZHzOAX2Oh5uwAUuL2rUddqfM0SA+KPXV2TbzoZ2kvQ==",
             "dev": true,
             "dependencies": {
                 "clone-deep": "^4.0.1",
                 "find-cache-dir": "^2.0.0",
                 "make-dir": "^2.1.0",
-                "pirates": "^4.0.5",
+                "pirates": "^4.0.6",
                 "source-map-support": "^0.5.16"
             },
             "engines": {
@@ -2178,9 +2179,9 @@
             }
         },
         "node_modules/@babel/types": {
-            "version": "7.23.5",
-            "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.5.tgz",
-            "integrity": "sha512-ON5kSOJwVO6xXVRTvOI0eOnWe7VdUcIpsovGo9U/Br4Ie4UVFQTboO2cYnDhAGU6Fp+UxSiT+pMft0SMHfuq6w==",
+            "version": "7.23.6",
+            "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.6.tgz",
+            "integrity": "sha512-+uarb83brBzPKN38NX1MkB6vb6+mwvR6amUulqAE7ccQw1pEl+bCia9TbdG1lsnFP7lZySvUn37CHyXQdfTwzg==",
             "dev": true,
             "dependencies": {
                 "@babel/helper-string-parser": "^7.23.4",
@@ -2432,9 +2433,9 @@
             }
         },
         "node_modules/@esbuild/darwin-arm64": {
-            "version": "0.19.9",
-            "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.9.tgz",
-            "integrity": "sha512-KBJ9S0AFyLVx2E5D8W0vExqRW01WqRtczUZ8NRu+Pi+87opZn5tL4Y0xT0mA4FtHctd0ZgwNoN639fUUGlNIWw==",
+            "version": "0.19.11",
+            "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.11.tgz",
+            "integrity": "sha512-ETp87DRWuSt9KdDVkqSoKoLFHYTrkyz2+65fj9nfXsaV3bMhTCjtQfw3y+um88vGRKRiF7erPrh/ZuIdLUIVxQ==",
             "cpu": [
                 "arm64"
             ],
@@ -2511,9 +2512,9 @@
             }
         },
         "node_modules/@esbuild/linux-arm64": {
-            "version": "0.19.9",
-            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.9.tgz",
-            "integrity": "sha512-PiPblfe1BjK7WDAKR1Cr9O7VVPqVNpwFcPWgfn4xu0eMemzRp442hXyzF/fSwgrufI66FpHOEJk0yYdPInsmyQ==",
+            "version": "0.19.11",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.11.tgz",
+            "integrity": "sha512-LneLg3ypEeveBSMuoa0kwMpCGmpu8XQUh+mL8XXwoYZ6Be2qBnVtcDI5azSvh7vioMDhoJFZzp9GWp9IWpYoUg==",
             "cpu": [
                 "arm64"
             ],
@@ -2826,9 +2827,9 @@
             }
         },
         "node_modules/@eslint/js": {
-            "version": "8.55.0",
-            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.55.0.tgz",
-            "integrity": "sha512-qQfo2mxH5yVom1kacMtZZJFVdW+E70mqHMJvVg6WTLo+VBuQJ4TojZlfWBjK0ve5BdEeNAVxOsl/nvNMpJOaJA==",
+            "version": "8.56.0",
+            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
+            "integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
             "dev": true,
             "engines": {
                 "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -2912,9 +2913,9 @@
             }
         },
         "node_modules/@goauthentik/api": {
-            "version": "2023.10.4-1701882394",
-            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.10.4-1701882394.tgz",
-            "integrity": "sha512-rYfJRl4IGQN6OGdWy6f+yMuNRPgmPjkPTI+6V1otR5NwgKrvZeEzy/8Vx1tEkz3CIix8rgZCmu3SmJVsep0ggQ=="
+            "version": "2023.10.5-1704382057",
+            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.10.5-1704382057.tgz",
+            "integrity": "sha512-nzmAQgTrFXiOwKDeHhq1gAfIMRilAcDPmNvjhqoQc3GQfWs5GG2lAGzIewWyxsfxNABsg+I0BYTPxN7ffD6tXw=="
         },
         "node_modules/@hcaptcha/types": {
             "version": "1.0.3",
@@ -4581,9 +4582,9 @@
             }
         },
         "node_modules/@rollup/rollup-android-arm-eabi": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.7.0.tgz",
-            "integrity": "sha512-rGku10pL1StFlFvXX5pEv88KdGW6DHUghsxyP/aRYb9eH+74jTGJ3U0S/rtlsQ4yYq1Hcc7AMkoJOb1xu29Fxw==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.9.4.tgz",
+            "integrity": "sha512-ub/SN3yWqIv5CWiAZPHVS1DloyZsJbtXmX4HxUTIpS0BHm9pW5iYBo2mIZi+hE3AeiTzHz33blwSnhdUo+9NpA==",
             "cpu": [
                 "arm"
             ],
@@ -4594,9 +4595,9 @@
             ]
         },
         "node_modules/@rollup/rollup-android-arm64": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.7.0.tgz",
-            "integrity": "sha512-/EBw0cuJ/KVHiU2qyVYUhogXz7W2vXxBzeE9xtVIMC+RyitlY2vvaoysMUqASpkUtoNIHlnKTu/l7mXOPgnKOA==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.9.4.tgz",
+            "integrity": "sha512-ehcBrOR5XTl0W0t2WxfTyHCR/3Cq2jfb+I4W+Ch8Y9b5G+vbAecVv0Fx/J1QKktOrgUYsIKxWAKgIpvw56IFNA==",
             "cpu": [
                 "arm64"
             ],
@@ -4607,9 +4608,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-arm64": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.7.0.tgz",
-            "integrity": "sha512-4VXG1bgvClJdbEYYjQ85RkOtwN8sqI3uCxH0HC5w9fKdqzRzgG39K7GAehATGS8jghA7zNoS5CjSKkDEqWmNZg==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.9.4.tgz",
+            "integrity": "sha512-1fzh1lWExwSTWy8vJPnNbNM02WZDS8AW3McEOb7wW+nPChLKf3WG2aG7fhaUmfX5FKw9zhsF5+MBwArGyNM7NA==",
             "cpu": [
                 "arm64"
             ],
@@ -4620,9 +4621,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-x64": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.7.0.tgz",
-            "integrity": "sha512-/ImhO+T/RWJ96hUbxiCn2yWI0/MeQZV/aeukQQfhxiSXuZJfyqtdHPUPrc84jxCfXTxbJLmg4q+GBETeb61aNw==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.9.4.tgz",
+            "integrity": "sha512-Gc6cukkF38RcYQ6uPdiXi70JB0f29CwcQ7+r4QpfNpQFVHXRd0DfWFidoGxjSx1DwOETM97JPz1RXL5ISSB0pA==",
             "cpu": [
                 "x64"
             ],
@@ -4633,9 +4634,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.7.0.tgz",
-            "integrity": "sha512-zhye8POvTyUXlKbfPBVqoHy3t43gIgffY+7qBFqFxNqVtltQLtWeHNAbrMnXiLIfYmxcoL/feuLDote2tx+Qbg==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.9.4.tgz",
+            "integrity": "sha512-g21RTeFzoTl8GxosHbnQZ0/JkuFIB13C3T7Y0HtKzOXmoHhewLbVTFBQZu+z5m9STH6FZ7L/oPgU4Nm5ErN2fw==",
             "cpu": [
                 "arm"
             ],
@@ -4646,9 +4647,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-gnu": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.7.0.tgz",
-            "integrity": "sha512-RAdr3OJnUum6Vs83cQmKjxdTg31zJnLLTkjhcFt0auxM6jw00GD6IPFF42uasYPr/wGC6TRm7FsQiJyk0qIEfg==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.9.4.tgz",
+            "integrity": "sha512-TVYVWD/SYwWzGGnbfTkrNpdE4HON46orgMNHCivlXmlsSGQOx/OHHYiQcMIOx38/GWgwr/po2LBn7wypkWw/Mg==",
             "cpu": [
                 "arm64"
             ],
@@ -4659,9 +4660,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-musl": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.7.0.tgz",
-            "integrity": "sha512-nhWwYsiJwZGq7SyR3afS3EekEOsEAlrNMpPC4ZDKn5ooYSEjDLe9W/xGvoIV8/F/+HNIY6jY8lIdXjjxfxopXw==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.9.4.tgz",
+            "integrity": "sha512-XcKvuendwizYYhFxpvQ3xVpzje2HHImzg33wL9zvxtj77HvPStbSGI9czrdbfrf8DGMcNNReH9pVZv8qejAQ5A==",
             "cpu": [
                 "arm64"
             ],
@@ -4672,9 +4673,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.7.0.tgz",
-            "integrity": "sha512-rlfy5RnQG1aop1BL/gjdH42M2geMUyVQqd52GJVirqYc787A/XVvl3kQ5NG/43KXgOgE9HXgCaEH05kzQ+hLoA==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.9.4.tgz",
+            "integrity": "sha512-LFHS/8Q+I9YA0yVETyjonMJ3UA+DczeBd/MqNEzsGSTdNvSJa1OJZcSH8GiXLvcizgp9AlHs2walqRcqzjOi3A==",
             "cpu": [
                 "riscv64"
             ],
@@ -4685,9 +4686,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-gnu": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.7.0.tgz",
-            "integrity": "sha512-cCkoGlGWfBobdDtiiypxf79q6k3/iRVGu1HVLbD92gWV5WZbmuWJCgRM4x2N6i7ljGn1cGytPn9ZAfS8UwF6vg==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.9.4.tgz",
+            "integrity": "sha512-dIYgo+j1+yfy81i0YVU5KnQrIJZE8ERomx17ReU4GREjGtDW4X+nvkBak2xAUpyqLs4eleDSj3RrV72fQos7zw==",
             "cpu": [
                 "x64"
             ],
@@ -4698,9 +4699,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-musl": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.7.0.tgz",
-            "integrity": "sha512-R2oBf2p/Arc1m+tWmiWbpHBjEcJnHVnv6bsypu4tcKdrYTpDfl1UT9qTyfkIL1iiii5D4WHxUHCg5X0pzqmxFg==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.9.4.tgz",
+            "integrity": "sha512-RoaYxjdHQ5TPjaPrLsfKqR3pakMr3JGqZ+jZM0zP2IkDtsGa4CqYaWSfQmZVgFUCgLrTnzX+cnHS3nfl+kB6ZQ==",
             "cpu": [
                 "x64"
             ],
@@ -4711,9 +4712,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-arm64-msvc": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.7.0.tgz",
-            "integrity": "sha512-CPtgaQL1aaPc80m8SCVEoxFGHxKYIt3zQYC3AccL/SqqiWXblo3pgToHuBwR8eCP2Toa+X1WmTR/QKFMykws7g==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.9.4.tgz",
+            "integrity": "sha512-T8Q3XHV+Jjf5e49B4EAaLKV74BbX7/qYBRQ8Wop/+TyyU0k+vSjiLVSHNWdVd1goMjZcbhDmYZUYW5RFqkBNHQ==",
             "cpu": [
                 "arm64"
             ],
@@ -4724,9 +4725,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-ia32-msvc": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.7.0.tgz",
-            "integrity": "sha512-pmioUlttNh9GXF5x2CzNa7Z8kmRTyhEzzAC+2WOOapjewMbl+3tGuAnxbwc5JyG8Jsz2+hf/QD/n5VjimOZ63g==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.9.4.tgz",
+            "integrity": "sha512-z+JQ7JirDUHAsMecVydnBPWLwJjbppU+7LZjffGf+Jvrxq+dVjIE7By163Sc9DKc3ADSU50qPVw0KonBS+a+HQ==",
             "cpu": [
                 "ia32"
             ],
@@ -4737,9 +4738,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-msvc": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.7.0.tgz",
-            "integrity": "sha512-SeZzC2QhhdBQUm3U0c8+c/P6UlRyBcLL2Xp5KX7z46WXZxzR8RJSIWL9wSUeBTgxog5LTPJuPj0WOT9lvrtP7Q==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.9.4.tgz",
+            "integrity": "sha512-LfdGXCV9rdEify1oxlN9eamvDSjv9md9ZVMAbNHA87xqIfFCxImxan9qZ8+Un54iK2nnqPlbnSi4R54ONtbWBw==",
             "cpu": [
                 "x64"
             ],
@@ -4750,98 +4751,98 @@
             ]
         },
         "node_modules/@sentry-internal/feedback": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.86.0.tgz",
-            "integrity": "sha512-6rl0JYjmAKnhm4/fuFaROh4Ht8oi9f6ZeIcViCuGJcrGICZJJY0s+R77XJI78rNa82PYFrSCcnWXcGji4T8E7g==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry-internal/feedback/-/feedback-7.92.0.tgz",
+            "integrity": "sha512-/jEALRtVqboxB9kcK2tag8QCO6XANTlGBb9RV3oeGXJe0DDNJXRq6wVZbfgztXJRrfgx4XVDcNt1pRVoGGG++g==",
             "dependencies": {
-                "@sentry/core": "7.86.0",
-                "@sentry/types": "7.86.0",
-                "@sentry/utils": "7.86.0"
+                "@sentry/core": "7.92.0",
+                "@sentry/types": "7.92.0",
+                "@sentry/utils": "7.92.0"
             },
             "engines": {
                 "node": ">=12"
             }
         },
         "node_modules/@sentry-internal/tracing": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.86.0.tgz",
-            "integrity": "sha512-b4dUsNWlPWRwakGwR7bhOkqiFlqQszH1hhVFwrm/8s3kqEBZ+E4CeIfCvuHBHQ1cM/fx55xpXX/BU163cy+3iQ==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.92.0.tgz",
+            "integrity": "sha512-ur55vPcUUUWFUX4eVLNP71ohswK7ZZpleNZw9Y1GfLqyI+0ILQUwjtzqItJrdClvVsdRZJMRmDV40Hp9Lbb9mA==",
             "dependencies": {
-                "@sentry/core": "7.86.0",
-                "@sentry/types": "7.86.0",
-                "@sentry/utils": "7.86.0"
+                "@sentry/core": "7.92.0",
+                "@sentry/types": "7.92.0",
+                "@sentry/utils": "7.92.0"
             },
             "engines": {
                 "node": ">=8"
             }
         },
         "node_modules/@sentry/browser": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.86.0.tgz",
-            "integrity": "sha512-nfYWpVOmug+W7KJO7/xhA1JScMZcYHcoOVHLsUFm4znx51U4qZEk+zZDM11Q2Nw6MuDyEYg6bsH1QCwaoC6nLw==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.92.0.tgz",
+            "integrity": "sha512-loMr02/zQ38u8aQhYLtIBg0i5n3ps2e3GUXrt3CdsJQdkRYfa62gcrE7SzvoEpMVHTk7VOI4fWGht8cWw/1k3A==",
             "dependencies": {
-                "@sentry-internal/feedback": "7.86.0",
-                "@sentry-internal/tracing": "7.86.0",
-                "@sentry/core": "7.86.0",
-                "@sentry/replay": "7.86.0",
-                "@sentry/types": "7.86.0",
-                "@sentry/utils": "7.86.0"
+                "@sentry-internal/feedback": "7.92.0",
+                "@sentry-internal/tracing": "7.92.0",
+                "@sentry/core": "7.92.0",
+                "@sentry/replay": "7.92.0",
+                "@sentry/types": "7.92.0",
+                "@sentry/utils": "7.92.0"
             },
             "engines": {
                 "node": ">=8"
             }
         },
         "node_modules/@sentry/core": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.86.0.tgz",
-            "integrity": "sha512-SbLvqd1bRYzhDS42u7GMnmbDMfth/zRiLElQWbLK/shmuZzTcfQSwNNdF4Yj+VfjOkqPFgGmICHSHVUc9dh01g==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.92.0.tgz",
+            "integrity": "sha512-1Tly7YB2I1byI5xb0Cwrxs56Rhww+6mQ7m9P7rTmdC3/ijOzbEoohtYIUPwcooCEarpbEJe/tAayRx6BrH2UbQ==",
             "dependencies": {
-                "@sentry/types": "7.86.0",
-                "@sentry/utils": "7.86.0"
+                "@sentry/types": "7.92.0",
+                "@sentry/utils": "7.92.0"
             },
             "engines": {
                 "node": ">=8"
             }
         },
         "node_modules/@sentry/replay": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.86.0.tgz",
-            "integrity": "sha512-YYZO8bfQSx1H87Te/zzyHPLHvExWiYwUfMWW68yGX+PPZIIzxaM81/iCQHkoucxlvuPCOtxCgf7RSMbsnqEa8g==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.92.0.tgz",
+            "integrity": "sha512-G1t9Uvc9cR8VpNkElwvHIMGzykjIKikb10n0tfVd3e+rBPMCCjCPWOduwG6jZYxcvCjTpqmJh6NSLXxL/Mt4JA==",
             "dependencies": {
-                "@sentry-internal/tracing": "7.86.0",
-                "@sentry/core": "7.86.0",
-                "@sentry/types": "7.86.0",
-                "@sentry/utils": "7.86.0"
+                "@sentry-internal/tracing": "7.92.0",
+                "@sentry/core": "7.92.0",
+                "@sentry/types": "7.92.0",
+                "@sentry/utils": "7.92.0"
             },
             "engines": {
                 "node": ">=12"
             }
         },
         "node_modules/@sentry/tracing": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.86.0.tgz",
-            "integrity": "sha512-WPqgmbLm6ntpIoTZd1L/RHIVEDMmvVjIDxKeXGiJeXHZG2VMtgwoxuZAFluVFaD0Sr20Nhj+ZS7HvKOWTxrjjA==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.92.0.tgz",
+            "integrity": "sha512-1+TFFPVEdax4dNi68gin6MENiyGe9mOuNXfjulrP5eCzUEByus5HAxeDI/LLQ1hArfn048AzwSwKUsS2fO5sbg==",
             "dependencies": {
-                "@sentry-internal/tracing": "7.86.0"
+                "@sentry-internal/tracing": "7.92.0"
             },
             "engines": {
                 "node": ">=8"
             }
         },
         "node_modules/@sentry/types": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.86.0.tgz",
-            "integrity": "sha512-pGAt0+bMfWgo0KG2epthfNV4Wae03tURpoxNjGo5Fr4cXxvLTSijSAQ6rmmO4bXBJ7+rErEjX30g30o/eEdP9g==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.92.0.tgz",
+            "integrity": "sha512-APmSOuZuoRGpbPpPeYIbMSplPjiWNLZRQa73QiXuTflW4Tu/ItDlU8hOa2+A6JKVkJCuD2EN6yUrxDGSMyNXeg==",
             "engines": {
                 "node": ">=8"
             }
         },
         "node_modules/@sentry/utils": {
-            "version": "7.86.0",
-            "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.86.0.tgz",
-            "integrity": "sha512-6PejFtw9VTFFy5vu0ks+U7Ozkqz+eMt+HN8AZKBKErYzX5/xs0kpkOcSRpu3ETdTYcZf8VAmLVgFgE2BE+3WuQ==",
+            "version": "7.92.0",
+            "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.92.0.tgz",
+            "integrity": "sha512-3nEfrQ1z28b/2zgFGANPh5yMVtgwXmrasZxTvKbrAj+KWJpjrJHrIR84r9W277J44NMeZ5RhRW2uoDmuBslPnA==",
             "dependencies": {
-                "@sentry/types": "7.86.0"
+                "@sentry/types": "7.92.0"
             },
             "engines": {
                 "node": ">=8"
@@ -4854,12 +4855,12 @@
             "dev": true
         },
         "node_modules/@storybook/addon-actions": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-actions/-/addon-actions-7.6.4.tgz",
-            "integrity": "sha512-91UD5KPDik74VKVioPMcbwwvDXN/non8p1wArYAHCHCmd/Pts5MJRiFueSdfomSpNjUtjtn6eSXtwpIL3XVOfQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-actions/-/addon-actions-7.6.7.tgz",
+            "integrity": "sha512-+6EZvhIeKEqG/RNsU3R5DxOrd60BL5GEvmzE2w60s2eKaNNxtyilDjiO1g4z2s2zDNyr7JL/Ft03pJ0Jgo0lew==",
             "dev": true,
             "dependencies": {
-                "@storybook/core-events": "7.6.4",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/global": "^5.0.0",
                 "@types/uuid": "^9.0.1",
                 "dequal": "^2.0.2",
@@ -4871,23 +4872,10 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/addon-actions/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/addon-backgrounds": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-backgrounds/-/addon-backgrounds-7.6.4.tgz",
-            "integrity": "sha512-gNy3kIkHSr+Lg/jVDHwbZjIe1po5SDGZNVe39vrJwnqGz8T1clWes9WHCL6zk/uaCDA3yUna2Nt/KlOFAWDSoQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-backgrounds/-/addon-backgrounds-7.6.7.tgz",
+            "integrity": "sha512-55sBy1YUqponAVe+qL16qtWxdf63vHEnIoqFyHEwGpk7K9IhFA1BmdSpFr5VnWEwXeJXKj30db78frh2LUdk3Q==",
             "dev": true,
             "dependencies": {
                 "@storybook/global": "^5.0.0",
@@ -4900,12 +4888,12 @@
             }
         },
         "node_modules/@storybook/addon-controls": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-controls/-/addon-controls-7.6.4.tgz",
-            "integrity": "sha512-k4AtZfazmD/nL3JAtLGAB7raPhkhUo0jWnaZWrahd9h1Fm13mBU/RW+JzTRhCw3Mp2HPERD7NI5Qcd2fUP6WDA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-controls/-/addon-controls-7.6.7.tgz",
+            "integrity": "sha512-DJ3gfvcdCgqi7AQxu83vx0AEUKiuJrNcSATfWV3Jqi8dH6fYO2yqpemHEeWOEy+DAHxIOaqLKwb1QjIBj+vSRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/blocks": "7.6.4",
+                "@storybook/blocks": "7.6.7",
                 "lodash": "^4.17.21",
                 "ts-dedent": "^2.0.0"
             },
@@ -4915,26 +4903,26 @@
             }
         },
         "node_modules/@storybook/addon-docs": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-docs/-/addon-docs-7.6.4.tgz",
-            "integrity": "sha512-PbFMbvC9sK3sGdMhwmagXs9TqopTp9FySji+L8O7W9SHRC6wSmdwoWWPWybkOYxr/z/wXi7EM0azSAX7yQxLbw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-docs/-/addon-docs-7.6.7.tgz",
+            "integrity": "sha512-2dfajNhweofJ3LxjGO83UE5sBMvKtJB0Agj7q8mMtK/9PUCUcbvsFSyZnO/s6X1zAjSn5ZrirbSoTXU4IqxwSA==",
             "dev": true,
             "dependencies": {
                 "@jest/transform": "^29.3.1",
                 "@mdx-js/react": "^2.1.5",
-                "@storybook/blocks": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/components": "7.6.4",
-                "@storybook/csf-plugin": "7.6.4",
-                "@storybook/csf-tools": "7.6.4",
+                "@storybook/blocks": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/components": "7.6.7",
+                "@storybook/csf-plugin": "7.6.7",
+                "@storybook/csf-tools": "7.6.7",
                 "@storybook/global": "^5.0.0",
                 "@storybook/mdx2-csf": "^1.0.0",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/postinstall": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/react-dom-shim": "7.6.4",
-                "@storybook/theming": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/postinstall": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/react-dom-shim": "7.6.7",
+                "@storybook/theming": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "fs-extra": "^11.1.0",
                 "remark-external-links": "^8.0.0",
                 "remark-slug": "^6.0.0",
@@ -4949,44 +4937,18 @@
                 "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
             }
         },
-        "node_modules/@storybook/addon-docs/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/addon-docs/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/addon-docs/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -5001,26 +4963,6 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/addon-docs/node_modules/@storybook/theming": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.6.4.tgz",
-            "integrity": "sha512-Z/dcC5EpkIXelYCkt9ojnX6D7qGOng8YHxV/OWlVE9TrEGYVGPOEfwQryR0RhmGpDha1TYESLYrsDb4A8nJ1EA==",
-            "dev": true,
-            "dependencies": {
-                "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/global": "^5.0.0",
-                "memoizerific": "^1.11.3"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            },
-            "peerDependencies": {
-                "react": "^16.8.0 || ^17.0.0 || ^18.0.0",
-                "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
-            }
-        },
         "node_modules/@storybook/addon-docs/node_modules/fs-extra": {
             "version": "11.2.0",
             "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz",
@@ -5036,24 +4978,24 @@
             }
         },
         "node_modules/@storybook/addon-essentials": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-essentials/-/addon-essentials-7.6.4.tgz",
-            "integrity": "sha512-J+zPmP4pbuuFxQ3pjLRYQRnxEtp7jF3xRXGFO8brVnEqtqoxwJ6j3euUrRLe0rpGAU3AD7dYfaaFjd3xkENgTw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-essentials/-/addon-essentials-7.6.7.tgz",
+            "integrity": "sha512-nNLMrpIvc04z4XCA+kval/44eKAFJlUJeeL2pxwP7F/PSzjWe5BXv1bQHOiw8inRO5II0PzqwWnVCI9jsj7K5A==",
             "dev": true,
             "dependencies": {
-                "@storybook/addon-actions": "7.6.4",
-                "@storybook/addon-backgrounds": "7.6.4",
-                "@storybook/addon-controls": "7.6.4",
-                "@storybook/addon-docs": "7.6.4",
-                "@storybook/addon-highlight": "7.6.4",
-                "@storybook/addon-measure": "7.6.4",
-                "@storybook/addon-outline": "7.6.4",
-                "@storybook/addon-toolbars": "7.6.4",
-                "@storybook/addon-viewport": "7.6.4",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/manager-api": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
+                "@storybook/addon-actions": "7.6.7",
+                "@storybook/addon-backgrounds": "7.6.7",
+                "@storybook/addon-controls": "7.6.7",
+                "@storybook/addon-docs": "7.6.7",
+                "@storybook/addon-highlight": "7.6.7",
+                "@storybook/addon-measure": "7.6.7",
+                "@storybook/addon-outline": "7.6.7",
+                "@storybook/addon-toolbars": "7.6.7",
+                "@storybook/addon-viewport": "7.6.7",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/manager-api": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
                 "ts-dedent": "^2.0.0"
             },
             "funding": {
@@ -5065,44 +5007,18 @@
                 "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
             }
         },
-        "node_modules/@storybook/addon-essentials/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/addon-essentials/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/addon-essentials/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -5118,9 +5034,9 @@
             }
         },
         "node_modules/@storybook/addon-highlight": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-highlight/-/addon-highlight-7.6.4.tgz",
-            "integrity": "sha512-0kvjDzquoPwWWU61QYmEtcSGWXufnV7Z/bfBTYh132uxvV/X9YzDFcXXrxGL7sBJkK32gNUUBDuiTOxs5NxyOQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-highlight/-/addon-highlight-7.6.7.tgz",
+            "integrity": "sha512-2F/tJdn45d4zrvf/cmE1vsczl99wK8+I+kkj0G7jLsrJR0w1zTgbgjy6T9j86HBTBvWcnysNFNIRWPAOh5Wdbw==",
             "dev": true,
             "dependencies": {
                 "@storybook/global": "^5.0.0"
@@ -5131,9 +5047,9 @@
             }
         },
         "node_modules/@storybook/addon-links": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-links/-/addon-links-7.6.4.tgz",
-            "integrity": "sha512-TEhxYdMhJO28gD84ej1FCwLv9oLuCPt77bRXip9ndaNPRTdHYdWv6IP94dhbuDi8eHux7Z4A/mllciFuDFrnCw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-links/-/addon-links-7.6.7.tgz",
+            "integrity": "sha512-O5LekPslkAIDtXC/TCIyg/3c0htBxDYwb/s+NrZUPTNWJsngxvTAwp6aIk6aVSeSCFUMWvBFcVsuV3hv+ndK6w==",
             "dev": true,
             "dependencies": {
                 "@storybook/csf": "^0.1.2",
@@ -5154,9 +5070,9 @@
             }
         },
         "node_modules/@storybook/addon-measure": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-measure/-/addon-measure-7.6.4.tgz",
-            "integrity": "sha512-73wsJ8PALsgWniR3MA/cmxcFuU6cRruWdIyYzOMgM8ife2Jm3xSkV7cTTXAqXt2H9Uuki4PGnuMHWWFLpPeyVA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-measure/-/addon-measure-7.6.7.tgz",
+            "integrity": "sha512-t1RnnNO4Xzgnsxu63FlZwsCTF0+9jKxr44NiJAUOxW9ppbCvs/JfSDOOvcDRtPWyjgnyzexNUUctMfxvLrU01A==",
             "dev": true,
             "dependencies": {
                 "@storybook/global": "^5.0.0",
@@ -5168,9 +5084,9 @@
             }
         },
         "node_modules/@storybook/addon-outline": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-outline/-/addon-outline-7.6.4.tgz",
-            "integrity": "sha512-CFxGASRse/qeFocetDKFNeWZ3Aa2wapVtRciDNa4Zx7k1wCnTjEsPIm54waOuCaNVcrvO+nJUAZG5WyiorQvcg==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-outline/-/addon-outline-7.6.7.tgz",
+            "integrity": "sha512-gu2y46ijjMkXlxy1f8Cctgjw5b5y8vSIqNAYlrs5/Qy+hJAWyU6lj2PFGOCCUG4L+F45fAjwWAin6qz43+WnRQ==",
             "dev": true,
             "dependencies": {
                 "@storybook/global": "^5.0.0",
@@ -5182,9 +5098,9 @@
             }
         },
         "node_modules/@storybook/addon-toolbars": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-toolbars/-/addon-toolbars-7.6.4.tgz",
-            "integrity": "sha512-ENMQJgU4sRCLLDVXYfa+P3cQVV9PC0ZxwVAKeM3NPYPNH/ODoryGNtq+Q68LwHlM4ObCE2oc9MzaQqPxloFcCw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-toolbars/-/addon-toolbars-7.6.7.tgz",
+            "integrity": "sha512-vT+YMzw8yVwndhJglI0XtELfXWq1M0HEy5ST3XPzbjmsJ54LgTf1b29UMkh0E/05qBQNFCcbT9B/tLxqWezxlg==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -5192,9 +5108,9 @@
             }
         },
         "node_modules/@storybook/addon-viewport": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/addon-viewport/-/addon-viewport-7.6.4.tgz",
-            "integrity": "sha512-SoTcHIoqybhYD28v7QExF1EZnl7FfxuP74VDhtze5LyMd2CbqmVnUfwewLCz/3IvCNce0GqdNyg1m6QJ7Eq1uw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/addon-viewport/-/addon-viewport-7.6.7.tgz",
+            "integrity": "sha512-Q/BKjJaKzl4RWxH45K2iIXwkicj4ReVAUIpIyd7dPBb/Bx+hEDYZxR5dDg82AMkZdA71x5ttMnuDSuVpmWAE6g==",
             "dev": true,
             "dependencies": {
                 "memoizerific": "^1.11.3"
@@ -5387,26 +5303,13 @@
             "dev": true
         },
         "node_modules/@storybook/api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/api/-/api-7.6.4.tgz",
-            "integrity": "sha512-iY/ZejLmVHctT6WcCiVCXBY84g/wMP7Amb+J3xTBM6jZHAJoHpM3ZeYlR5eZu4QfbGZh608TQDTmdQ7irDo3ZA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/api/-/api-7.6.7.tgz",
+            "integrity": "sha512-07cvtF10/KJ3dX/GdTsvpFbRwHNQnDziWAtR0J80Eno3niNzEdF/Dr/Ot35hGGrsnV29Snvnd6O2nF2HByOOpg==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/manager-api": "7.6.4"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/api/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/manager-api": "7.6.7"
             },
             "funding": {
                 "type": "opencollective",
@@ -5414,22 +5317,22 @@
             }
         },
         "node_modules/@storybook/blocks": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/blocks/-/blocks-7.6.4.tgz",
-            "integrity": "sha512-iXinXXhTUBtReREP1Jifpu35DnGg7FidehjvCM8sM4E4aymfb8czdg9DdvG46T2UFUPUct36nnjIdMLWOya8Bw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/blocks/-/blocks-7.6.7.tgz",
+            "integrity": "sha512-+QEvGQ0he/YvFS3lsZORJWxhQIyqcCDWsxbJxJiByePd+Z4my3q8xwtPhHW0TKRL0xUgNE/GnTfMMqJfevTuSw==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/components": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/components": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
-                "@storybook/docs-tools": "7.6.4",
+                "@storybook/docs-tools": "7.6.7",
                 "@storybook/global": "^5.0.0",
-                "@storybook/manager-api": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/theming": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/manager-api": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/theming": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/lodash": "^4.14.167",
                 "color-convert": "^2.0.1",
                 "dequal": "^2.0.2",
@@ -5452,44 +5355,18 @@
                 "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
             }
         },
-        "node_modules/@storybook/blocks/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/blocks/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/blocks/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -5504,36 +5381,16 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/blocks/node_modules/@storybook/theming": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.6.4.tgz",
-            "integrity": "sha512-Z/dcC5EpkIXelYCkt9ojnX6D7qGOng8YHxV/OWlVE9TrEGYVGPOEfwQryR0RhmGpDha1TYESLYrsDb4A8nJ1EA==",
-            "dev": true,
-            "dependencies": {
-                "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/global": "^5.0.0",
-                "memoizerific": "^1.11.3"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            },
-            "peerDependencies": {
-                "react": "^16.8.0 || ^17.0.0 || ^18.0.0",
-                "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
-            }
-        },
         "node_modules/@storybook/builder-manager": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/builder-manager/-/builder-manager-7.6.4.tgz",
-            "integrity": "sha512-k5+D3fXw7LdMOWd5tF7cIq8L3irrdW6/vmcEHLaJj1EXZ+DvsNCH9xSsLS+6zfrUcxug4oSfRqvF87w6Oz3DtA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/builder-manager/-/builder-manager-7.6.7.tgz",
+            "integrity": "sha512-6HYpj6+g/qbDMvImVz/G/aANbkhppyBa1ozfHxLK7tRD79YvozCWmj2Z9umRekPv9VIeMxnI5EEzJXOsoMX5DQ==",
             "dev": true,
             "dependencies": {
                 "@fal-works/esbuild-plugin-global-externals": "^2.1.2",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/manager": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/manager": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
                 "@types/ejs": "^3.1.1",
                 "@types/find-cache-dir": "^3.2.1",
                 "@yarnpkg/esbuild-plugin-pnp": "^3.0.0-rc.10",
@@ -5567,19 +5424,19 @@
             }
         },
         "node_modules/@storybook/builder-vite": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/builder-vite/-/builder-vite-7.6.4.tgz",
-            "integrity": "sha512-eqb3mLUfuXd4a7+46cWevQ9qH81FvHy1lrAbZGwp4bQ/Tj0YF8Ej7lKBbg7zoIwiu2zDci+BbMiaDOY1kPtILw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/builder-vite/-/builder-vite-7.6.7.tgz",
+            "integrity": "sha512-Sv+0ROFU9k+mkvIPsPHC0lkKDzBeMpvfO9uFRl1RDSsXBfcPPZKNo5YK7U7fOhesH0BILzurGA+U/aaITMSZ9g==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/csf-plugin": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/preview": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/csf-plugin": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/preview": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/find-cache-dir": "^3.2.1",
                 "browser-assert": "^1.2.1",
                 "es-module-lexer": "^0.9.3",
@@ -5611,44 +5468,18 @@
                 }
             }
         },
-        "node_modules/@storybook/builder-vite/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/builder-vite/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/builder-vite/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -5694,13 +5525,13 @@
             }
         },
         "node_modules/@storybook/channels": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/channels/-/channels-7.6.4.tgz",
-            "integrity": "sha512-Z4PY09/Czl70ap4ObmZ4bgin+EQhPaA3HdrEDNwpnH7A9ttfEO5u5KThytIjMq6kApCCihmEPDaYltoVrfYJJA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/channels/-/channels-7.6.7.tgz",
+            "integrity": "sha512-u1hURhfQHHtZyRIDUENRCp+CRRm7IQfcjQaoWI06XCevQPuhVEtFUfXHjG+J74aA/JuuTLFUtqwNm1zGqbXTAQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/global": "^5.0.0",
                 "qs": "^6.10.0",
                 "telejson": "^7.2.0",
@@ -5711,50 +5542,24 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/channels/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/channels/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/cli": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/cli/-/cli-7.6.4.tgz",
-            "integrity": "sha512-GqvaFdkkBMJOdnrVe82XY0V3b+qFMhRNyVoTv2nqB87iMUXZHqh4Pu4LqwaJBsBpuNregvCvVOPe9LGgoOzy4A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/cli/-/cli-7.6.7.tgz",
+            "integrity": "sha512-DwDWzkifBH17ry+n+d+u52Sv69dZQ+04ETJdDDzghcyAcKnFzrRNukj4tJ21cm+ZAU/r0fKR9d4Qpbogca9fAg==",
             "dev": true,
             "dependencies": {
                 "@babel/core": "^7.23.2",
                 "@babel/preset-env": "^7.23.2",
                 "@babel/types": "^7.23.0",
                 "@ndelangen/get-tarball": "^3.0.7",
-                "@storybook/codemod": "7.6.4",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/core-events": "7.6.4",
-                "@storybook/core-server": "7.6.4",
-                "@storybook/csf-tools": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/telemetry": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/codemod": "7.6.7",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/core-events": "7.6.7",
+                "@storybook/core-server": "7.6.7",
+                "@storybook/csf-tools": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/telemetry": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/semver": "^7.3.4",
                 "@yarnpkg/fslib": "2.10.3",
                 "@yarnpkg/libzip": "2.3.0",
@@ -5794,19 +5599,6 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/cli/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/cli/node_modules/ansi-styles": {
             "version": "4.3.0",
             "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
@@ -5931,11 +5723,10 @@
             "dev": true
         },
         "node_modules/@storybook/client-logger": {
-            "version": "7.4.1",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.4.1.tgz",
-            "integrity": "sha512-2j0DQlKlPNY8XAaEZv+mUYEUm4dOWg6/Q92UNbvYPRK5qbXUvbMiQco5nmvg4LvMT6y99LhRSW2xrwEx5xKAKw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.7.tgz",
+            "integrity": "sha512-A16zpWgsa0gSdXMR9P3bWVdC9u/1B1oG4H7Z1+JhNzgnL3CdyOYO0qFSiAtNBso4nOjIAJVb6/AoBzdRhmSVQg==",
             "dev": true,
-            "peer": true,
             "dependencies": {
                 "@storybook/global": "^5.0.0"
             },
@@ -5945,18 +5736,18 @@
             }
         },
         "node_modules/@storybook/codemod": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/codemod/-/codemod-7.6.4.tgz",
-            "integrity": "sha512-q4rZVOfozxzbDRH/LzuFDoIGBdXs+orAm18fi6iAx8PeMHe8J/MOXKccNV1zdkm/h7mTQowuRo45KwJHw8vX+g==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/codemod/-/codemod-7.6.7.tgz",
+            "integrity": "sha512-an2pD5OHqO7CE8Wb7JxjrDnpQgeoxB22MyOs8PPJ9Rvclhpjg+Ku9RogoObYm//zR4g406l7Ec8mTltUkVCEOA==",
             "dev": true,
             "dependencies": {
                 "@babel/core": "^7.23.2",
                 "@babel/preset-env": "^7.23.2",
                 "@babel/types": "^7.23.0",
                 "@storybook/csf": "^0.1.2",
-                "@storybook/csf-tools": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/csf-tools": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/cross-spawn": "^6.0.2",
                 "cross-spawn": "^7.0.3",
                 "globby": "^11.0.2",
@@ -5986,18 +5777,18 @@
             }
         },
         "node_modules/@storybook/components": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/components/-/components-7.6.4.tgz",
-            "integrity": "sha512-K5RvEObJAnX+SbGJbkM1qrZEk+VR2cUhRCSrFnlfMwsn8/60T3qoH7U8bCXf8krDgbquhMwqev5WzDB+T1VV8g==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/components/-/components-7.6.7.tgz",
+            "integrity": "sha512-1HN4p+MCI4Tx9VGZayZyqbW7SB7mXQLnS5fUbTE1gXaMYHpzFvcrRNROeV1LZPClJX6qx1jgE5ngZojhxGuxMA==",
             "dev": true,
             "dependencies": {
                 "@radix-ui/react-select": "^1.2.2",
                 "@radix-ui/react-toolbar": "^1.0.4",
-                "@storybook/client-logger": "7.6.4",
+                "@storybook/client-logger": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/theming": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/theming": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "memoizerific": "^1.11.3",
                 "use-resize-observer": "^9.1.0",
                 "util-deprecate": "^1.0.2"
@@ -6011,73 +5802,14 @@
                 "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
             }
         },
-        "node_modules/@storybook/components/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/components/node_modules/@storybook/theming": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.6.4.tgz",
-            "integrity": "sha512-Z/dcC5EpkIXelYCkt9ojnX6D7qGOng8YHxV/OWlVE9TrEGYVGPOEfwQryR0RhmGpDha1TYESLYrsDb4A8nJ1EA==",
-            "dev": true,
-            "dependencies": {
-                "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/global": "^5.0.0",
-                "memoizerific": "^1.11.3"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            },
-            "peerDependencies": {
-                "react": "^16.8.0 || ^17.0.0 || ^18.0.0",
-                "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
-            }
-        },
         "node_modules/@storybook/core-client": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-client/-/core-client-7.6.4.tgz",
-            "integrity": "sha512-0msqdGd+VYD1dRgAJ2StTu4d543Wveb7LVVujX3PwD/QCxmCaVUHuAoZrekM/H7jZLw546ZIbLZo0xWrADAUMw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/core-client/-/core-client-7.6.7.tgz",
+            "integrity": "sha512-ZQivyEzYsZok8vRj5Qan7LbiMUnO89rueWzTnZs4IS6JIaQtjoPI1rGVq+h6qOCM6tki478hic8FS+zwGQ6q+w==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/preview-api": "7.6.4"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/core-client/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/core-client/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/preview-api": "7.6.7"
             },
             "funding": {
                 "type": "opencollective",
@@ -6085,17 +5817,17 @@
             }
         },
         "node_modules/@storybook/core-client/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -6111,14 +5843,14 @@
             }
         },
         "node_modules/@storybook/core-common": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-common/-/core-common-7.6.4.tgz",
-            "integrity": "sha512-qes4+mXqINu0kCgSMFjk++GZokmYjb71esId0zyJsk0pcIPkAiEjnhbSEQkMhbUfcvO1lztoaQTBW2P7Rd1tag==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/core-common/-/core-common-7.6.7.tgz",
+            "integrity": "sha512-F1fJnauVSPQtAlpicbN/O4XW38Ai8kf/IoU0Hgm9gEwurIk6MF5hiVLsaTI/5GUbrepMl9d9J+iIL4lHAT8IyA==",
             "dev": true,
             "dependencies": {
-                "@storybook/core-events": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/core-events": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/find-cache-dir": "^3.2.1",
                 "@types/node": "^18.0.0",
                 "@types/node-fetch": "^2.6.4",
@@ -6145,23 +5877,10 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/core-common/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/core-common/node_modules/@types/node": {
-            "version": "18.19.3",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.3.tgz",
-            "integrity": "sha512-k5fggr14DwAytoA/t8rPrIz++lXK7/DqckthCmoZOKNsEbJkId4Z//BqgApXBUGrGddrigYa1oqheo/7YmW4rg==",
+            "version": "18.19.4",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.4.tgz",
+            "integrity": "sha512-xNzlUhzoHotIsnFoXmJB+yWmBvFZgKCI9TtPIEdYIMM1KWfwuY8zh7wvc1u1OAXlC7dlf6mZVx/s+Y5KfFz19A==",
             "dev": true,
             "dependencies": {
                 "undici-types": "~5.26.4"
@@ -6280,11 +5999,10 @@
             }
         },
         "node_modules/@storybook/core-events": {
-            "version": "7.4.1",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.4.1.tgz",
-            "integrity": "sha512-F1tGb32XZ4FRfbtXdi4b+zdzWUjFz5rn3TF18mSuBGGXvxKU+4tywgjGQ3dKGdvuP754czn3poSdz2ZW08bLsQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.7.tgz",
+            "integrity": "sha512-KZ5d03c47pnr5/kY26pJtWq7WpmCPXLbgyjJZDSc+TTY153BdZksvlBXRHtqM1yj2UM6QsSyIuiJaADJNAbP2w==",
             "dev": true,
-            "peer": true,
             "dependencies": {
                 "ts-dedent": "^2.0.0"
             },
@@ -6294,26 +6012,26 @@
             }
         },
         "node_modules/@storybook/core-server": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-server/-/core-server-7.6.4.tgz",
-            "integrity": "sha512-mXxZMpCwOhjEPPRjqrTHdiCpFdkc47f46vlgTj02SX+9xKHxslmZ2D3JG/8O4Ab9tG+bBl6lBm3RIrIzaiCu9Q==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/core-server/-/core-server-7.6.7.tgz",
+            "integrity": "sha512-elKRv/DNahNNkGcQY/FdOBrLPmZF0T0fwmAmbc4qqeAisjl+to9TO77zdo2ieaEHKyRwE3B3dOB4EXomdF4N/g==",
             "dev": true,
             "dependencies": {
                 "@aw-web-design/x-default-browser": "1.4.126",
                 "@discoveryjs/json-ext": "^0.5.3",
-                "@storybook/builder-manager": "7.6.4",
-                "@storybook/channels": "7.6.4",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/builder-manager": "7.6.7",
+                "@storybook/channels": "7.6.7",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
-                "@storybook/csf-tools": "7.6.4",
+                "@storybook/csf-tools": "7.6.7",
                 "@storybook/docs-mdx": "^0.1.0",
                 "@storybook/global": "^5.0.0",
-                "@storybook/manager": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/telemetry": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/manager": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/telemetry": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/detect-port": "^1.3.0",
                 "@types/node": "^18.0.0",
                 "@types/pretty-hrtime": "^1.0.0",
@@ -6346,44 +6064,18 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/core-server/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/core-server/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/core-server/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -6399,9 +6091,9 @@
             }
         },
         "node_modules/@storybook/core-server/node_modules/@types/node": {
-            "version": "18.19.3",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.3.tgz",
-            "integrity": "sha512-k5fggr14DwAytoA/t8rPrIz++lXK7/DqckthCmoZOKNsEbJkId4Z//BqgApXBUGrGddrigYa1oqheo/7YmW4rg==",
+            "version": "18.19.4",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.4.tgz",
+            "integrity": "sha512-xNzlUhzoHotIsnFoXmJB+yWmBvFZgKCI9TtPIEdYIMM1KWfwuY8zh7wvc1u1OAXlC7dlf6mZVx/s+Y5KfFz19A==",
             "dev": true,
             "dependencies": {
                 "undici-types": "~5.26.4"
@@ -6516,12 +6208,12 @@
             }
         },
         "node_modules/@storybook/csf-plugin": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/csf-plugin/-/csf-plugin-7.6.4.tgz",
-            "integrity": "sha512-7g9p8s2ITX+Z9iThK5CehPhJOcusVN7JcUEEW+gVF5PlYT+uk/x+66gmQno+scQuNkV9+8UJD6RLFjP+zg2uCA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/csf-plugin/-/csf-plugin-7.6.7.tgz",
+            "integrity": "sha512-YL7e6H4iVcsDI0UpgpdQX2IiGDrlbgaQMHQgDLWXmZyKxBcy0ONROAX5zoT1ml44EHkL60TMaG4f7SinviJCog==",
             "dev": true,
             "dependencies": {
-                "@storybook/csf-tools": "7.6.4",
+                "@storybook/csf-tools": "7.6.7",
                 "unplugin": "^1.3.1"
             },
             "funding": {
@@ -6530,9 +6222,9 @@
             }
         },
         "node_modules/@storybook/csf-tools": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/csf-tools/-/csf-tools-7.6.4.tgz",
-            "integrity": "sha512-6sLayuhgReIK3/QauNj5BW4o4ZfEMJmKf+EWANPEM/xEOXXqrog6Un8sjtBuJS9N1DwyhHY6xfkEiPAwdttwqw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/csf-tools/-/csf-tools-7.6.7.tgz",
+            "integrity": "sha512-hyRbUGa2Uxvz3U09BjcOfMNf/5IYgRum1L6XszqK2O8tK9DGte1r6hArCIAcqiEmFMC40d0kalPzqu6WMNn7sg==",
             "dev": true,
             "dependencies": {
                 "@babel/generator": "^7.23.0",
@@ -6540,7 +6232,7 @@
                 "@babel/traverse": "^7.23.2",
                 "@babel/types": "^7.23.0",
                 "@storybook/csf": "^0.1.2",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "fs-extra": "^11.1.0",
                 "recast": "^0.23.1",
                 "ts-dedent": "^2.0.0"
@@ -6571,14 +6263,14 @@
             "dev": true
         },
         "node_modules/@storybook/docs-tools": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/docs-tools/-/docs-tools-7.6.4.tgz",
-            "integrity": "sha512-2eGam43aD7O3cocA72Z63kRi7t/ziMSpst0qB218QwBWAeZjT4EYDh8V6j/Xhv6zVQL3msW7AglrQP5kCKPvPA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/docs-tools/-/docs-tools-7.6.7.tgz",
+            "integrity": "sha512-enTO/xVjBqwUraGCYTwdyjMvug3OSAM7TPPUEJ3KPieJNwAzcYkww/qNDMIAR4S39zPMrkAmtS3STvVadlJz7g==",
             "dev": true,
             "dependencies": {
-                "@storybook/core-common": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "@types/doctrine": "^0.0.3",
                 "assert": "^2.1.0",
                 "doctrine": "^3.0.0",
@@ -6589,44 +6281,18 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/docs-tools/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/docs-tools/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/docs-tools/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -6648,9 +6314,9 @@
             "dev": true
         },
         "node_modules/@storybook/manager": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/manager/-/manager-7.6.4.tgz",
-            "integrity": "sha512-Ug2ejfKgKre8h/RJbkumukwAA44TbvTPEjDcJmyFdAI+kHYhOYdKPEC2UNmVYz8/4HjwMTJQ3M7t/esK8HHY4A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/manager/-/manager-7.6.7.tgz",
+            "integrity": "sha512-ZCrkB2zEXogzdOcVzD242ZVm4tlHqrayotnI6iOn9uiun0Pgny0m2d7s9Zge6K2dTOO1vZiOHuA/Mr6nnIDjsA==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -6658,23 +6324,22 @@
             }
         },
         "node_modules/@storybook/manager-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/manager-api/-/manager-api-7.6.4.tgz",
-            "integrity": "sha512-RFb/iaBJfXygSgXkINPRq8dXu7AxBicTGX7MxqKXbz5FU7ANwV7abH6ONBYURkSDOH9//TQhRlVkF5u8zWg3bw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/manager-api/-/manager-api-7.6.7.tgz",
+            "integrity": "sha512-3Wk/BvuGUlw/X05s57zZO7gJbzfUeE9Xe+CSIvuH7RY5jx9PYnNwqNlTXPXhJ5LPvwMthae7WJVn3SuBpbptoQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/router": "7.6.4",
-                "@storybook/theming": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/router": "7.6.7",
+                "@storybook/theming": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
                 "memoizerific": "^1.11.3",
-                "semver": "^7.3.7",
                 "store2": "^2.14.2",
                 "telejson": "^7.2.0",
                 "ts-dedent": "^2.0.0"
@@ -6684,85 +6349,6 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/manager-api/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/manager-api/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/manager-api/node_modules/@storybook/theming": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.6.4.tgz",
-            "integrity": "sha512-Z/dcC5EpkIXelYCkt9ojnX6D7qGOng8YHxV/OWlVE9TrEGYVGPOEfwQryR0RhmGpDha1TYESLYrsDb4A8nJ1EA==",
-            "dev": true,
-            "dependencies": {
-                "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/global": "^5.0.0",
-                "memoizerific": "^1.11.3"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            },
-            "peerDependencies": {
-                "react": "^16.8.0 || ^17.0.0 || ^18.0.0",
-                "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
-            }
-        },
-        "node_modules/@storybook/manager-api/node_modules/lru-cache": {
-            "version": "6.0.0",
-            "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
-            "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
-            "dev": true,
-            "dependencies": {
-                "yallist": "^4.0.0"
-            },
-            "engines": {
-                "node": ">=10"
-            }
-        },
-        "node_modules/@storybook/manager-api/node_modules/semver": {
-            "version": "7.5.4",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz",
-            "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==",
-            "dev": true,
-            "dependencies": {
-                "lru-cache": "^6.0.0"
-            },
-            "bin": {
-                "semver": "bin/semver.js"
-            },
-            "engines": {
-                "node": ">=10"
-            }
-        },
-        "node_modules/@storybook/manager-api/node_modules/yallist": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
-            "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
-            "dev": true
-        },
         "node_modules/@storybook/mdx2-csf": {
             "version": "1.1.0",
             "resolved": "https://registry.npmjs.org/@storybook/mdx2-csf/-/mdx2-csf-1.1.0.tgz",
@@ -6770,9 +6356,9 @@
             "dev": true
         },
         "node_modules/@storybook/node-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/node-logger/-/node-logger-7.6.4.tgz",
-            "integrity": "sha512-GDkEnnDj4Op+PExs8ZY/P6ox3wg453CdEIaR8PR9TxF/H/T2fBL6puzma3hN2CMam6yzfAL8U+VeIIDLQ5BZdQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/node-logger/-/node-logger-7.6.7.tgz",
+            "integrity": "sha512-XLih8MxylkpZG9+8tgp8sPGc2tldlWF+DpuAkUv6J3Mc81mPyc3cQKQWZ7Hb+m1LpRGqKV4wyOQj1rC+leVMoQ==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -6780,9 +6366,9 @@
             }
         },
         "node_modules/@storybook/postinstall": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/postinstall/-/postinstall-7.6.4.tgz",
-            "integrity": "sha512-7uoB82hSzlFSdDMS3hKQD+AaeSvPit/fAMvXCBxn0/D0UGJUZcq4M9JcKBwEHkZJcbuDROgOTJ6TUeXi/FWO0w==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/postinstall/-/postinstall-7.6.7.tgz",
+            "integrity": "sha512-mrpRmcwFd9FcvtHPXA9x6vOrHLVCKScZX/Xx2QPWgAvB3W6uzP8G+8QNb1u834iToxrWeuszUMB9UXZK4Qj5yg==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -6790,9 +6376,9 @@
             }
         },
         "node_modules/@storybook/preview": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview/-/preview-7.6.4.tgz",
-            "integrity": "sha512-p9xIvNkgXgTpSRphOMV9KpIiNdkymH61jBg3B0XyoF6IfM1S2/mQGvC89lCVz1dMGk2SrH4g87/WcOapkU5ArA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview/-/preview-7.6.7.tgz",
+            "integrity": "sha512-/ddKIyT+6b8CKGJAma1wood4nwCAoi/E1olCqgpCmviMeUtAiMzgK0xzPwvq5Mxkz/cPeXVi8CQgaQZCa4yvNA==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -6886,9 +6472,9 @@
             }
         },
         "node_modules/@storybook/react-dom-shim": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/react-dom-shim/-/react-dom-shim-7.6.4.tgz",
-            "integrity": "sha512-wGJfomlDEBnowNmhmumWDu/AcUInxSoPqUUJPgk2f5oL0EW17fR9fDP/juG3XOEdieMDM0jDX48GML7lyvL2fg==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/react-dom-shim/-/react-dom-shim-7.6.7.tgz",
+            "integrity": "sha512-b/rmy/YzVrwP+ifyZG4yXVIdeFVdTbmziodHUlbrWiUNsqtTZZur9kqkKRUH/7ofji9MFe81nd0MRlcTNFomqg==",
             "dev": true,
             "funding": {
                 "type": "opencollective",
@@ -6900,12 +6486,12 @@
             }
         },
         "node_modules/@storybook/router": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/router/-/router-7.6.4.tgz",
-            "integrity": "sha512-5MQ7Z4D7XNPN2yhFgjey7hXOYd6s8CggUqeAwhzGTex90SMCkKHSz1hfkcXn1ZqBPaall2b53uK553OvPLp9KQ==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/router/-/router-7.6.7.tgz",
+            "integrity": "sha512-kkhNSdC3fXaQxILg8a26RKk4/ZbF/AUVrepUEyO8lwvbJ6LItTyWSE/4I9Ih4qV2Mjx33ncc8vLqM9p8r5qnMA==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
+                "@storybook/client-logger": "7.6.7",
                 "memoizerific": "^1.11.3",
                 "qs": "^6.10.0"
             },
@@ -6914,28 +6500,15 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/router/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/telemetry": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/telemetry/-/telemetry-7.6.4.tgz",
-            "integrity": "sha512-Q4QpvcgloHUEqC9PGo7tgqkUH91/PjX+74/0Hi9orLo8QmLMgdYS5fweFwgSKoTwDGNg2PaHp/jqvhhw7UmnJA==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/telemetry/-/telemetry-7.6.7.tgz",
+            "integrity": "sha512-NHGzC/LGLXpK4AFbVj8ln5ab86ZiiNFvORQMn3+LNGwUt3ZdsHBzExN+WPZdw7OPtfk4ubUY89FXH2GedhTALw==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-common": "7.6.4",
-                "@storybook/csf-tools": "7.6.4",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-common": "7.6.7",
+                "@storybook/csf-tools": "7.6.7",
                 "chalk": "^4.1.0",
                 "detect-package-manager": "^2.0.1",
                 "fetch-retry": "^5.0.2",
@@ -6947,19 +6520,6 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/telemetry/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/telemetry/node_modules/ansi-styles": {
             "version": "4.3.0",
             "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
@@ -7027,14 +6587,13 @@
             }
         },
         "node_modules/@storybook/theming": {
-            "version": "7.4.1",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.4.1.tgz",
-            "integrity": "sha512-a4QajZbnYumq8ovtn7nW7BeNrk/TaWyKmUrIz4w08I6ghzESJA4aCWZ6394awbrruiIOzCCKOUq4mfWEsc8W6A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.6.7.tgz",
+            "integrity": "sha512-+42rfC4rZtWVAXJ7JBUQKnQ6vWBXJVHZ9HtNUWzQLPR9sJSMmHnnSMV6y5tizGgZqmBnAIkuoYk+Tt6NfwUmSA==",
             "dev": true,
-            "peer": true,
             "dependencies": {
                 "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.4.1",
+                "@storybook/client-logger": "7.6.7",
                 "@storybook/global": "^5.0.0",
                 "memoizerific": "^1.11.3"
             },
@@ -7048,12 +6607,12 @@
             }
         },
         "node_modules/@storybook/types": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/types/-/types-7.6.4.tgz",
-            "integrity": "sha512-qyiiXPCvol5uVgfubcIMzJBA0awAyFPU+TyUP1mkPYyiTHnsHYel/mKlSdPjc8a97N3SlJXHOCx41Hde4IyJgg==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/types/-/types-7.6.7.tgz",
+            "integrity": "sha512-VcGwrI4AkBENxkoAUJ+Z7SyMK73hpoY0TTtw2J7tc05/xdiXhkQTX15Qa12IBWIkoXCyNrtaU+q7KR8Tjzi+uw==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
+                "@storybook/channels": "7.6.7",
                 "@types/babel__core": "^7.0.0",
                 "@types/express": "^4.7.0",
                 "file-system-cache": "2.3.0"
@@ -7064,18 +6623,18 @@
             }
         },
         "node_modules/@storybook/web-components": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/web-components/-/web-components-7.6.4.tgz",
-            "integrity": "sha512-SUvNDzSUkvQdDhPhZU04UNIpuyrpMylodXwe8UX6V/q8dbv1n5RP7mpBh9tGNb9pJKIIznybJAC/oGnUy9jkzw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/web-components/-/web-components-7.6.7.tgz",
+            "integrity": "sha512-TrBhMctSIgV2qqyV7fhhaNIdAvuaca2jEDXLXFiH/M2NkyXRepNjG7AZndWhQUGvG01ojs1+2vRNqJZtKCmFDg==",
             "dev": true,
             "dependencies": {
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-client": "7.6.4",
-                "@storybook/docs-tools": "7.6.4",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-client": "7.6.7",
+                "@storybook/docs-tools": "7.6.7",
                 "@storybook/global": "^5.0.0",
-                "@storybook/manager-api": "7.6.4",
-                "@storybook/preview-api": "7.6.4",
-                "@storybook/types": "7.6.4",
+                "@storybook/manager-api": "7.6.7",
+                "@storybook/preview-api": "7.6.7",
+                "@storybook/types": "7.6.7",
                 "tiny-invariant": "^1.3.1",
                 "ts-dedent": "^2.0.0"
             },
@@ -7091,15 +6650,15 @@
             }
         },
         "node_modules/@storybook/web-components-vite": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/web-components-vite/-/web-components-vite-7.6.4.tgz",
-            "integrity": "sha512-y4LJFUkzIy8Ggv9ZFeaTZKAZOCrJBlqAqNuSEKyxuBH8JVWZaDMgkDIE4U7vYt9vu5edtA5uYTh4KLHI80gVXw==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/web-components-vite/-/web-components-vite-7.6.7.tgz",
+            "integrity": "sha512-jfnVNhmgDYBdEnOliNcfo9FwfDDke66y6Zw2zkOz9qhJy8DCd5TzgDEmE7AU2XRzb1a464A90xfvJpvlUracfA==",
             "dev": true,
             "dependencies": {
-                "@storybook/builder-vite": "7.6.4",
-                "@storybook/core-server": "7.6.4",
-                "@storybook/node-logger": "7.6.4",
-                "@storybook/web-components": "7.6.4",
+                "@storybook/builder-vite": "7.6.7",
+                "@storybook/core-server": "7.6.7",
+                "@storybook/node-logger": "7.6.7",
+                "@storybook/web-components": "7.6.7",
                 "magic-string": "^0.30.0"
             },
             "engines": {
@@ -7110,44 +6669,18 @@
                 "url": "https://opencollective.com/storybook"
             }
         },
-        "node_modules/@storybook/web-components/node_modules/@storybook/client-logger": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.6.4.tgz",
-            "integrity": "sha512-vJwMShC98tcoFruRVQ4FphmFqvAZX1FqZqjFyk6IxtFumPKTVSnXJjlU1SnUIkSK2x97rgdUMqkdI+wAv/tugQ==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/@storybook/web-components/node_modules/@storybook/core-events": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.6.4.tgz",
-            "integrity": "sha512-i3xzcJ19ILSy4oJL5Dz9y0IlyApynn5RsGhAMIsW+mcfri+hGfeakq1stNCo0o7jW4Y3A7oluFTtIoK8DOxQdQ==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
         "node_modules/@storybook/web-components/node_modules/@storybook/preview-api": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.4.tgz",
-            "integrity": "sha512-KhisNdQX5NdfAln+spLU4B82d804GJQp/CnI5M1mm/taTnjvMgs/wTH9AmR89OPoq+tFZVW0vhy2zgPS3ar71A==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/@storybook/preview-api/-/preview-api-7.6.7.tgz",
+            "integrity": "sha512-ja85ItrT6q2TeBQ6n0CNoRi1R6L8yF2kkis9hVeTQHpwLdZyHUTRqqR5WmhtLqqQXcofyasBPOeJV06wuOhgRQ==",
             "dev": true,
             "dependencies": {
-                "@storybook/channels": "7.6.4",
-                "@storybook/client-logger": "7.6.4",
-                "@storybook/core-events": "7.6.4",
+                "@storybook/channels": "7.6.7",
+                "@storybook/client-logger": "7.6.7",
+                "@storybook/core-events": "7.6.7",
                 "@storybook/csf": "^0.1.2",
                 "@storybook/global": "^5.0.0",
-                "@storybook/types": "7.6.4",
+                "@storybook/types": "7.6.7",
                 "@types/qs": "^6.9.5",
                 "dequal": "^2.0.2",
                 "lodash": "^4.17.21",
@@ -7732,9 +7265,9 @@
             "dev": true
         },
         "node_modules/@types/estree": {
-            "version": "1.0.1",
-            "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.1.tgz",
-            "integrity": "sha512-LG4opVs2ANWZ1TJoKc937iMmNstM/d0ae1vNbnBvBhqCSezgVUOzcLCqbI5elV8Vy6WKwKjaqR+zO9VKirBBCA==",
+            "version": "1.0.5",
+            "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz",
+            "integrity": "sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==",
             "dev": true
         },
         "node_modules/@types/express": {
@@ -7801,6 +7334,12 @@
             "integrity": "sha512-ah5GDQfsiK3dnkaCbYcDFZXkZCG3o90VRu9hzXHnSe4kACrRB1KUI/ZyWHvYmqm1W5Tl8B5YxxT98uGTlkbf2Q==",
             "dev": true
         },
+        "node_modules/@types/guacamole-common-js": {
+            "version": "1.5.2",
+            "resolved": "https://registry.npmjs.org/@types/guacamole-common-js/-/guacamole-common-js-1.5.2.tgz",
+            "integrity": "sha512-S01txydRyBscHyV8giYNdrfU7dzwUkLb8prQPP68/YCpY/gMtcL9e7BXGpQttj4XpelSUVkA++TjllalZ0AHjg==",
+            "dev": true
+        },
         "node_modules/@types/http-errors": {
             "version": "2.0.1",
             "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.1.tgz",
@@ -8037,16 +7576,16 @@
             "dev": true
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.13.2.tgz",
-            "integrity": "sha512-3+9OGAWHhk4O1LlcwLBONbdXsAhLjyCFogJY/cWy2lxdVJ2JrcTF2pTGMaLl2AE7U1l31n8Py4a8bx5DLf/0dQ==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.18.0.tgz",
+            "integrity": "sha512-3lqEvQUdCozi6d1mddWqd+kf8KxmGq2Plzx36BlkjuQe3rSTm/O98cLf0A4uDO+a5N1KD2SeEEl6fW97YHY+6w==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/regexpp": "^4.5.1",
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/type-utils": "6.13.2",
-                "@typescript-eslint/utils": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/type-utils": "6.18.0",
+                "@typescript-eslint/utils": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4",
                 "graphemer": "^1.4.0",
                 "ignore": "^5.2.4",
@@ -8105,15 +7644,15 @@
             "dev": true
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.13.2.tgz",
-            "integrity": "sha512-MUkcC+7Wt/QOGeVlM8aGGJZy1XV5YKjTpq9jK6r6/iLsGXhBVaGP5N0UYvFsu9BFlSpwY9kMretzdBH01rkRXg==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.18.0.tgz",
+            "integrity": "sha512-v6uR68SFvqhNQT41frCMCQpsP+5vySy6IdgjlzUWoo7ALCnpaWYcz/Ij2k4L8cEsL0wkvOviCMpjmtRtHNOKzA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/typescript-estree": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/typescript-estree": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4"
             },
             "engines": {
@@ -8133,13 +7672,13 @@
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.13.2.tgz",
-            "integrity": "sha512-CXQA0xo7z6x13FeDYCgBkjWzNqzBn8RXaE3QVQVIUm74fWJLkJkaHmHdKStrxQllGh6Q4eUGyNpMe0b1hMkXFA==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.18.0.tgz",
+            "integrity": "sha512-o/UoDT2NgOJ2VfHpfr+KBY2ErWvCySNUIX/X7O9g8Zzt/tXdpfEU43qbNk8LVuWUT2E0ptzTWXh79i74PP0twA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2"
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0"
             },
             "engines": {
                 "node": "^16.0.0 || >=18.0.0"
@@ -8150,13 +7689,13 @@
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.13.2.tgz",
-            "integrity": "sha512-Qr6ssS1GFongzH2qfnWKkAQmMUyZSyOr0W54nZNU1MDfo+U4Mv3XveeLZzadc/yq8iYhQZHYT+eoXJqnACM1tw==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.18.0.tgz",
+            "integrity": "sha512-ZeMtrXnGmTcHciJN1+u2CigWEEXgy1ufoxtWcHORt5kGvpjjIlK9MUhzHm4RM8iVy6dqSaZA/6PVkX6+r+ChjQ==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/typescript-estree": "6.13.2",
-                "@typescript-eslint/utils": "6.13.2",
+                "@typescript-eslint/typescript-estree": "6.18.0",
+                "@typescript-eslint/utils": "6.18.0",
                 "debug": "^4.3.4",
                 "ts-api-utils": "^1.0.1"
             },
@@ -8177,9 +7716,9 @@
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.13.2.tgz",
-            "integrity": "sha512-7sxbQ+EMRubQc3wTfTsycgYpSujyVbI1xw+3UMRUcrhSy+pN09y/lWzeKDbvhoqcRbHdc+APLs/PWYi/cisLPg==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.18.0.tgz",
+            "integrity": "sha512-/RFVIccwkwSdW/1zeMx3hADShWbgBxBnV/qSrex6607isYjj05t36P6LyONgqdUrNLl5TYU8NIKdHUYpFvExkA==",
             "dev": true,
             "engines": {
                 "node": "^16.0.0 || >=18.0.0"
@@ -8190,16 +7729,17 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.13.2.tgz",
-            "integrity": "sha512-SuD8YLQv6WHnOEtKv8D6HZUzOub855cfPnPMKvdM/Bh1plv1f7Q/0iFUDLKKlxHcEstQnaUU4QZskgQq74t+3w==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.18.0.tgz",
+            "integrity": "sha512-klNvl+Ql4NsBNGB4W9TZ2Od03lm7aGvTbs0wYaFYsplVPhr+oeXjlPZCDI4U9jgJIDK38W1FKhacCFzCC+nbIg==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/visitor-keys": "6.13.2",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/visitor-keys": "6.18.0",
                 "debug": "^4.3.4",
                 "globby": "^11.1.0",
                 "is-glob": "^4.0.3",
+                "minimatch": "9.0.3",
                 "semver": "^7.5.4",
                 "ts-api-utils": "^1.0.1"
             },
@@ -8216,6 +7756,15 @@
                 }
             }
         },
+        "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
+            "version": "2.0.1",
+            "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
+            "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
+            "dev": true,
+            "dependencies": {
+                "balanced-match": "^1.0.0"
+            }
+        },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/lru-cache": {
             "version": "6.0.0",
             "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
@@ -8228,6 +7777,21 @@
                 "node": ">=10"
             }
         },
+        "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
+            "version": "9.0.3",
+            "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
+            "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
+            "dev": true,
+            "dependencies": {
+                "brace-expansion": "^2.0.1"
+            },
+            "engines": {
+                "node": ">=16 || 14 >=14.17"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/isaacs"
+            }
+        },
         "node_modules/@typescript-eslint/typescript-estree/node_modules/semver": {
             "version": "7.5.4",
             "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz",
@@ -8250,17 +7814,17 @@
             "dev": true
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.13.2.tgz",
-            "integrity": "sha512-b9Ptq4eAZUym4idijCRzl61oPCwwREcfDI8xGk751Vhzig5fFZR9CyzDz4Sp/nxSLBYxUPyh4QdIDqWykFhNmQ==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.18.0.tgz",
+            "integrity": "sha512-wiKKCbUeDPGaYEYQh1S580dGxJ/V9HI7K5sbGAVklyf+o5g3O+adnS4UNJajplF4e7z2q0uVBaTdT/yLb4XAVA==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.4.0",
                 "@types/json-schema": "^7.0.12",
                 "@types/semver": "^7.5.0",
-                "@typescript-eslint/scope-manager": "6.13.2",
-                "@typescript-eslint/types": "6.13.2",
-                "@typescript-eslint/typescript-estree": "6.13.2",
+                "@typescript-eslint/scope-manager": "6.18.0",
+                "@typescript-eslint/types": "6.18.0",
+                "@typescript-eslint/typescript-estree": "6.18.0",
                 "semver": "^7.5.4"
             },
             "engines": {
@@ -8308,12 +7872,12 @@
             "dev": true
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "6.13.2",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.13.2.tgz",
-            "integrity": "sha512-OGznFs0eAQXJsp+xSd6k/O1UbFi/K/L7WjqeRoFE7vadjAF9y0uppXhYNQNEqygjou782maGClOoZwPqF0Drlw==",
+            "version": "6.18.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.18.0.tgz",
+            "integrity": "sha512-1wetAlSZpewRDb2h9p/Q8kRjdGuqdTAQbkJIOUMLug2LBLG+QOjiWoSj6/3B/hA9/tVTFFdtiKvAYoYnSRW/RA==",
             "dev": true,
             "dependencies": {
-                "@typescript-eslint/types": "6.13.2",
+                "@typescript-eslint/types": "6.18.0",
                 "eslint-visitor-keys": "^3.4.1"
             },
             "engines": {
@@ -8479,15 +8043,12 @@
             }
         },
         "node_modules/agent-base": {
-            "version": "7.1.0",
-            "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz",
-            "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==",
+            "version": "5.1.1",
+            "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-5.1.1.tgz",
+            "integrity": "sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g==",
             "dev": true,
-            "dependencies": {
-                "debug": "^4.3.4"
-            },
             "engines": {
-                "node": ">= 14"
+                "node": ">= 6.0.0"
             }
         },
         "node_modules/aggregate-error": {
@@ -8762,13 +8323,13 @@
             }
         },
         "node_modules/babel-plugin-polyfill-corejs2": {
-            "version": "0.4.6",
-            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.4.6.tgz",
-            "integrity": "sha512-jhHiWVZIlnPbEUKSSNb9YoWcQGdlTLq7z1GHL4AjFxaoOUMuuEVJ+Y4pAaQUGOGk93YsVCKPbqbfw3m0SM6H8Q==",
+            "version": "0.4.7",
+            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.4.7.tgz",
+            "integrity": "sha512-LidDk/tEGDfuHW2DWh/Hgo4rmnw3cduK6ZkOI1NPFceSK3n/yAGeOsNT7FLnSGHkXj3RHGSEVkN3FsCTY6w2CQ==",
             "dev": true,
             "dependencies": {
                 "@babel/compat-data": "^7.22.6",
-                "@babel/helper-define-polyfill-provider": "^0.4.3",
+                "@babel/helper-define-polyfill-provider": "^0.4.4",
                 "semver": "^6.3.1"
             },
             "peerDependencies": {
@@ -8776,25 +8337,25 @@
             }
         },
         "node_modules/babel-plugin-polyfill-corejs3": {
-            "version": "0.8.5",
-            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.8.5.tgz",
-            "integrity": "sha512-Q6CdATeAvbScWPNLB8lzSO7fgUVBkQt6zLgNlfyeCr/EQaEQR+bWiBYYPYAFyE528BMjRhL+1QBMOI4jc/c5TA==",
+            "version": "0.8.7",
+            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.8.7.tgz",
+            "integrity": "sha512-KyDvZYxAzkC0Aj2dAPyDzi2Ym15e5JKZSK+maI7NAwSqofvuFglbSsxE7wUOvTg9oFVnHMzVzBKcqEb4PJgtOA==",
             "dev": true,
             "dependencies": {
-                "@babel/helper-define-polyfill-provider": "^0.4.3",
-                "core-js-compat": "^3.32.2"
+                "@babel/helper-define-polyfill-provider": "^0.4.4",
+                "core-js-compat": "^3.33.1"
             },
             "peerDependencies": {
                 "@babel/core": "^7.4.0 || ^8.0.0-0 <8.0.0"
             }
         },
         "node_modules/babel-plugin-polyfill-regenerator": {
-            "version": "0.5.3",
-            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-regenerator/-/babel-plugin-polyfill-regenerator-0.5.3.tgz",
-            "integrity": "sha512-8sHeDOmXC8csczMrYEOf0UTNa4yE2SxV5JGeT/LP1n0OYVDUUFPxG9vdk2AlDlIit4t+Kf0xCtpgXPBwnn/9pw==",
+            "version": "0.5.4",
+            "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-regenerator/-/babel-plugin-polyfill-regenerator-0.5.4.tgz",
+            "integrity": "sha512-S/x2iOCvDaCASLYsOOgWOq4bCfKYVqvO/uxjkaYyZ3rVsVE3CeAI/c84NpyuBBymEgNvHgjEot3a9/Z/kXvqsg==",
             "dev": true,
             "dependencies": {
-                "@babel/helper-define-polyfill-provider": "^0.4.3"
+                "@babel/helper-define-polyfill-provider": "^0.4.4"
             },
             "peerDependencies": {
                 "@babel/core": "^7.4.0 || ^8.0.0-0 <8.0.0"
@@ -9025,9 +8586,9 @@
             }
         },
         "node_modules/browserslist": {
-            "version": "4.21.10",
-            "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.10.tgz",
-            "integrity": "sha512-bipEBdZfVH5/pwrvqc+Ub0kUPVfGUhlKxbvfD+z1BDnPEO/X98ruXGA1WP5ASpAFKan7Qr6j736IacbZQuAlKQ==",
+            "version": "4.22.2",
+            "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.22.2.tgz",
+            "integrity": "sha512-0UgcrvQmBDvZHFGdYUehrCNIazki7/lUP3kkoi/r3YB2amZbFM9J43ZRkJTXBUZK4gmx56+Sqk9+Vs9mwZx9+A==",
             "dev": true,
             "funding": [
                 {
@@ -9044,10 +8605,10 @@
                 }
             ],
             "dependencies": {
-                "caniuse-lite": "^1.0.30001517",
-                "electron-to-chromium": "^1.4.477",
-                "node-releases": "^2.0.13",
-                "update-browserslist-db": "^1.0.11"
+                "caniuse-lite": "^1.0.30001565",
+                "electron-to-chromium": "^1.4.601",
+                "node-releases": "^2.0.14",
+                "update-browserslist-db": "^1.0.13"
             },
             "bin": {
                 "browserslist": "cli.js"
@@ -9155,9 +8716,9 @@
             }
         },
         "node_modules/caniuse-lite": {
-            "version": "1.0.30001532",
-            "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001532.tgz",
-            "integrity": "sha512-FbDFnNat3nMnrROzqrsg314zhqN5LGQ1kyyMk2opcrwGbVGpHRhgCWtAgD5YJUqNAiQ+dklreil/c3Qf1dfCTw==",
+            "version": "1.0.30001568",
+            "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001568.tgz",
+            "integrity": "sha512-vSUkH84HontZJ88MiNrOau1EBrCqEQYgkC5gIySiDlpsm8sGVrhU7Kx4V6h0tnqaHzIHZv08HlJIwPbL4XL9+A==",
             "dev": true,
             "funding": [
                 {
@@ -9280,6 +8841,15 @@
                 "node": ">=8"
             }
         },
+        "node_modules/citty": {
+            "version": "0.1.5",
+            "resolved": "https://registry.npmjs.org/citty/-/citty-0.1.5.tgz",
+            "integrity": "sha512-AS7n5NSc0OQVMV9v6wt3ByujNIrne0/cTjiC2MYqhvao57VNfiuVksTSr2p17nVOhEr2KtqiAkGwHcgMC/qUuQ==",
+            "dev": true,
+            "dependencies": {
+                "consola": "^3.2.3"
+            }
+        },
         "node_modules/clean-stack": {
             "version": "2.2.0",
             "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
@@ -9536,6 +9106,15 @@
                 "safe-buffer": "~5.1.0"
             }
         },
+        "node_modules/consola": {
+            "version": "3.2.3",
+            "resolved": "https://registry.npmjs.org/consola/-/consola-3.2.3.tgz",
+            "integrity": "sha512-I5qxpzLv+sJhTVEoLYNcTW+bThDCPsit0vLNKShZx6rLtpilNpmmeTPaeqJb9ZE9dV3DGaeby6Vuhrw38WjeyQ==",
+            "dev": true,
+            "engines": {
+                "node": "^14.18.0 || >=16.10.0"
+            }
+        },
         "node_modules/construct-style-sheets-polyfill": {
             "version": "3.1.0",
             "resolved": "https://registry.npmjs.org/construct-style-sheets-polyfill/-/construct-style-sheets-polyfill-3.1.0.tgz",
@@ -9603,9 +9182,9 @@
             "dev": true
         },
         "node_modules/core-js": {
-            "version": "3.34.0",
-            "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.34.0.tgz",
-            "integrity": "sha512-aDdvlDder8QmY91H88GzNi9EtQi2TjvQhpCX6B1v/dAZHU1AuLgHvRh54RiOerpEhEW46Tkf+vgAViB/CWC0ag==",
+            "version": "3.35.0",
+            "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.35.0.tgz",
+            "integrity": "sha512-ntakECeqg81KqMueeGJ79Q5ZgQNR+6eaE8sxGCx62zMbAIj65q+uYvatToew3m6eAGdU4gNZwpZ34NMe4GYswg==",
             "hasInstallScript": true,
             "funding": {
                 "type": "opencollective",
@@ -9613,12 +9192,12 @@
             }
         },
         "node_modules/core-js-compat": {
-            "version": "3.32.2",
-            "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.32.2.tgz",
-            "integrity": "sha512-+GjlguTDINOijtVRUxrQOv3kfu9rl+qPNdX2LTbJ/ZyVTuxK+ksVSAGX1nHstu4hrv1En/uPTtWgq2gI5wt4AQ==",
+            "version": "3.35.0",
+            "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.35.0.tgz",
+            "integrity": "sha512-5blwFAddknKeNgsjBzilkdQ0+YK8L1PfqPYq40NOYMYFSS38qj+hpTcLLWwpIwA2A5bje/x5jmVn2tzUMg9IVw==",
             "dev": true,
             "dependencies": {
-                "browserslist": "^4.21.10"
+                "browserslist": "^4.22.2"
             },
             "funding": {
                 "type": "opencollective",
@@ -10604,9 +10183,9 @@
             }
         },
         "node_modules/electron-to-chromium": {
-            "version": "1.4.513",
-            "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.513.tgz",
-            "integrity": "sha512-cOB0xcInjm+E5qIssHeXJ29BaUyWpMyFKT5RB3bsLENDheCja0wMkHJyiPl0NBE/VzDI7JDuNEQWhe6RitEUcw==",
+            "version": "1.4.610",
+            "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.610.tgz",
+            "integrity": "sha512-mqi2oL1mfeHYtOdCxbPQYV/PL7YrQlxbvFEZ0Ee8GbDdShimqt2/S6z2RWqysuvlwdOrQdqvE0KZrBTipAeJzg==",
             "dev": true
         },
         "node_modules/elkjs": {
@@ -10873,15 +10452,15 @@
             }
         },
         "node_modules/eslint": {
-            "version": "8.55.0",
-            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.55.0.tgz",
-            "integrity": "sha512-iyUUAM0PCKj5QpwGfmCAG9XXbZCWsqP/eWAWrG/W0umvjuLRBECwSFdt+rCntju0xEH7teIABPwXpahftIaTdA==",
+            "version": "8.56.0",
+            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
+            "integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.2.0",
                 "@eslint-community/regexpp": "^4.6.1",
                 "@eslint/eslintrc": "^2.1.4",
-                "@eslint/js": "8.55.0",
+                "@eslint/js": "8.56.0",
                 "@humanwhocodes/config-array": "^0.11.13",
                 "@humanwhocodes/module-importer": "^1.0.1",
                 "@nodelib/fs.walk": "^1.2.8",
@@ -10949,9 +10528,9 @@
             }
         },
         "node_modules/eslint-plugin-lit": {
-            "version": "1.10.1",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-1.10.1.tgz",
-            "integrity": "sha512-3eH++xFpe6efd+TN6B9kW1coULdPyK+3fMNws378nbYQ/HiWIz0+jVcsaGVs9BbLt6kVkDxZmUGF4Ivx3BatkA==",
+            "version": "1.11.0",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-lit/-/eslint-plugin-lit-1.11.0.tgz",
+            "integrity": "sha512-jVqy2juQTAtOzj1ILf+ZW5GpDobXlSw0kvpP2zu2r8ZbW7KISt7ikj1Gw9DhNeirEU1UlSJR0VIWpdr4lzjayw==",
             "dev": true,
             "dependencies": {
                 "parse5": "^6.0.1",
@@ -11868,9 +11447,9 @@
             "dev": true
         },
         "node_modules/flow-parser": {
-            "version": "0.223.3",
-            "resolved": "https://registry.npmjs.org/flow-parser/-/flow-parser-0.223.3.tgz",
-            "integrity": "sha512-9KxxDKSB22ovMpSULbOL/QAQGPN6M0YMS3PubQvB0jVc4W7QP6VhasIVic7MzKcJSh0BAVs4J6SZjoH0lDDNlg==",
+            "version": "0.225.1",
+            "resolved": "https://registry.npmjs.org/flow-parser/-/flow-parser-0.225.1.tgz",
+            "integrity": "sha512-50fjR6zbLQcpq5IFNkheUSY/AFPxVeeLiBM5B3NQBSKId2G0cUuExOlDDOguxc49dl9lnh8hI1xcYlPJWNp4KQ==",
             "dev": true,
             "engines": {
                 "node": ">=0.4.0"
@@ -12191,16 +11770,17 @@
             }
         },
         "node_modules/giget": {
-            "version": "1.1.3",
-            "resolved": "https://registry.npmjs.org/giget/-/giget-1.1.3.tgz",
-            "integrity": "sha512-zHuCeqtfgqgDwvXlR84UNgnJDuUHQcNI5OqWqFxxuk2BshuKbYhJWdxBsEo4PvKqoGh23lUAIvBNpChMLv7/9Q==",
+            "version": "1.2.1",
+            "resolved": "https://registry.npmjs.org/giget/-/giget-1.2.1.tgz",
+            "integrity": "sha512-4VG22mopWtIeHwogGSy1FViXVo0YT+m6BrqZfz0JJFwbSsePsCdOzdLIIli5BtMp7Xe8f/o2OmBpQX2NBOC24g==",
             "dev": true,
             "dependencies": {
-                "colorette": "^2.0.20",
-                "defu": "^6.1.2",
-                "https-proxy-agent": "^7.0.2",
-                "mri": "^1.2.0",
-                "node-fetch-native": "^1.4.0",
+                "citty": "^0.1.5",
+                "consola": "^3.2.3",
+                "defu": "^6.1.3",
+                "node-fetch-native": "^1.6.1",
+                "nypm": "^0.3.3",
+                "ohash": "^1.1.3",
                 "pathe": "^1.1.1",
                 "tar": "^6.2.0"
             },
@@ -12208,12 +11788,6 @@
                 "giget": "dist/cli.mjs"
             }
         },
-        "node_modules/giget/node_modules/colorette": {
-            "version": "2.0.20",
-            "resolved": "https://registry.npmjs.org/colorette/-/colorette-2.0.20.tgz",
-            "integrity": "sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==",
-            "dev": true
-        },
         "node_modules/github-from-package": {
             "version": "0.0.0",
             "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz",
@@ -12373,6 +11947,11 @@
                 "node": ">=6.0"
             }
         },
+        "node_modules/guacamole-common-js": {
+            "version": "1.5.0",
+            "resolved": "https://registry.npmjs.org/guacamole-common-js/-/guacamole-common-js-1.5.0.tgz",
+            "integrity": "sha512-zxztif3GGhKbg1RgOqwmqot8kXgv2HmHFg1EvWwd4q7UfEKvBcYZ0f+7G8HzvU+FUxF0Psqm9Kl5vCbgfrRgJg=="
+        },
         "node_modules/gunzip-maybe": {
             "version": "1.4.2",
             "resolved": "https://registry.npmjs.org/gunzip-maybe/-/gunzip-maybe-1.4.2.tgz",
@@ -12538,16 +12117,16 @@
             }
         },
         "node_modules/https-proxy-agent": {
-            "version": "7.0.2",
-            "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz",
-            "integrity": "sha512-NmLNjm6ucYwtcUmL7JQC1ZQ57LmHP4lT15FQ8D61nak1rO6DH+fz5qNK2Ap5UN4ZapYICE3/0KodcLYSPsPbaA==",
+            "version": "4.0.0",
+            "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz",
+            "integrity": "sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==",
             "dev": true,
             "dependencies": {
-                "agent-base": "^7.0.2",
+                "agent-base": "5",
                 "debug": "4"
             },
             "engines": {
-                "node": ">= 14"
+                "node": ">= 6.0.0"
             }
         },
         "node_modules/human-signals": {
@@ -13748,9 +13327,9 @@
             }
         },
         "node_modules/lit-analyzer": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/lit-analyzer/-/lit-analyzer-2.0.1.tgz",
-            "integrity": "sha512-4bHJLCbxywMHd9bnVkLDkCSHXs/KrlwUks75EhYtJNdzH07O5BSVdZdadbw4T2AvuYxb0xRO4ZjqgQJCkp8Kjg==",
+            "version": "2.0.2",
+            "resolved": "https://registry.npmjs.org/lit-analyzer/-/lit-analyzer-2.0.2.tgz",
+            "integrity": "sha512-Is3cx8ypCVq5uNl8EKkPdlLuV3HDVntDVUeLNQlzTM2Je3uG5wHcn+06NB+yhCoa4rhwwXCjprU/7g21CSFqOA==",
             "dev": true,
             "dependencies": {
                 "@vscode/web-custom-data": "^0.4.2",
@@ -14859,9 +14438,9 @@
             }
         },
         "node_modules/nanoid": {
-            "version": "3.3.6",
-            "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.6.tgz",
-            "integrity": "sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==",
+            "version": "3.3.7",
+            "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
+            "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==",
             "dev": true,
             "funding": [
                 {
@@ -15005,9 +14584,9 @@
             }
         },
         "node_modules/node-fetch-native": {
-            "version": "1.4.1",
-            "resolved": "https://registry.npmjs.org/node-fetch-native/-/node-fetch-native-1.4.1.tgz",
-            "integrity": "sha512-NsXBU0UgBxo2rQLOeWNZqS3fvflWePMECr8CoSWoSTqCqGbVVsvl9vZu1HfQicYN0g5piV9Gh8RTEvo/uP752w==",
+            "version": "1.6.1",
+            "resolved": "https://registry.npmjs.org/node-fetch-native/-/node-fetch-native-1.6.1.tgz",
+            "integrity": "sha512-bW9T/uJDPAJB2YNYEpWzE54U5O3MQidXsOyTfnbKYtTtFexRvGzb1waphBN4ZwP6EcIvYYEOwW0b72BpAqydTw==",
             "dev": true
         },
         "node_modules/node-int64": {
@@ -15017,9 +14596,9 @@
             "dev": true
         },
         "node_modules/node-releases": {
-            "version": "2.0.13",
-            "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz",
-            "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==",
+            "version": "2.0.14",
+            "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz",
+            "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==",
             "dev": true
         },
         "node_modules/non-layered-tidy-tree-layout": {
@@ -15161,6 +14740,158 @@
                 "node": ">=8"
             }
         },
+        "node_modules/nypm": {
+            "version": "0.3.4",
+            "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.3.4.tgz",
+            "integrity": "sha512-1JLkp/zHBrkS3pZ692IqOaIKSYHmQXgqfELk6YTOfVBnwealAmPA1q2kKK7PHJAHSMBozerThEFZXP3G6o7Ukg==",
+            "dev": true,
+            "dependencies": {
+                "citty": "^0.1.5",
+                "execa": "^8.0.1",
+                "pathe": "^1.1.1",
+                "ufo": "^1.3.2"
+            },
+            "bin": {
+                "nypm": "dist/cli.mjs"
+            },
+            "engines": {
+                "node": "^14.16.0 || >=16.10.0"
+            }
+        },
+        "node_modules/nypm/node_modules/execa": {
+            "version": "8.0.1",
+            "resolved": "https://registry.npmjs.org/execa/-/execa-8.0.1.tgz",
+            "integrity": "sha512-VyhnebXciFV2DESc+p6B+y0LjSm0krU4OgJN44qFAhBY0TJ+1V61tYD2+wHusZ6F9n5K+vl8k0sTy7PEfV4qpg==",
+            "dev": true,
+            "dependencies": {
+                "cross-spawn": "^7.0.3",
+                "get-stream": "^8.0.1",
+                "human-signals": "^5.0.0",
+                "is-stream": "^3.0.0",
+                "merge-stream": "^2.0.0",
+                "npm-run-path": "^5.1.0",
+                "onetime": "^6.0.0",
+                "signal-exit": "^4.1.0",
+                "strip-final-newline": "^3.0.0"
+            },
+            "engines": {
+                "node": ">=16.17"
+            },
+            "funding": {
+                "url": "https://github.com/sindresorhus/execa?sponsor=1"
+            }
+        },
+        "node_modules/nypm/node_modules/get-stream": {
+            "version": "8.0.1",
+            "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-8.0.1.tgz",
+            "integrity": "sha512-VaUJspBffn/LMCJVoMvSAdmscJyS1auj5Zulnn5UoYcY531UWmdwhRWkcGKnGU93m5HSXP9LP2usOryrBtQowA==",
+            "dev": true,
+            "engines": {
+                "node": ">=16"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/human-signals": {
+            "version": "5.0.0",
+            "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-5.0.0.tgz",
+            "integrity": "sha512-AXcZb6vzzrFAUE61HnN4mpLqd/cSIwNQjtNWR0euPm6y0iqx3G4gOXaIDdtdDwZmhwe82LA6+zinmW4UBWVePQ==",
+            "dev": true,
+            "engines": {
+                "node": ">=16.17.0"
+            }
+        },
+        "node_modules/nypm/node_modules/is-stream": {
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-3.0.0.tgz",
+            "integrity": "sha512-LnQR4bZ9IADDRSkvpqMGvt/tEJWclzklNgSw48V5EAaAeDd6qGvN8ei6k5p0tvxSR171VmGyHuTiAOfxAbr8kA==",
+            "dev": true,
+            "engines": {
+                "node": "^12.20.0 || ^14.13.1 || >=16.0.0"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/mimic-fn": {
+            "version": "4.0.0",
+            "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-4.0.0.tgz",
+            "integrity": "sha512-vqiC06CuhBTUdZH+RYl8sFrL096vA45Ok5ISO6sE/Mr1jRbGH4Csnhi8f3wKVl7x8mO4Au7Ir9D3Oyv1VYMFJw==",
+            "dev": true,
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/npm-run-path": {
+            "version": "5.2.0",
+            "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.2.0.tgz",
+            "integrity": "sha512-W4/tgAXFqFA0iL7fk0+uQ3g7wkL8xJmx3XdK0VGb4cHW//eZTtKGvFBBoRKVTpY7n6ze4NL9ly7rgXcHufqXKg==",
+            "dev": true,
+            "dependencies": {
+                "path-key": "^4.0.0"
+            },
+            "engines": {
+                "node": "^12.20.0 || ^14.13.1 || >=16.0.0"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/onetime": {
+            "version": "6.0.0",
+            "resolved": "https://registry.npmjs.org/onetime/-/onetime-6.0.0.tgz",
+            "integrity": "sha512-1FlR+gjXK7X+AsAHso35MnyN5KqGwJRi/31ft6x0M194ht7S+rWAvd7PHss9xSKMzE0asv1pyIHaJYq+BbacAQ==",
+            "dev": true,
+            "dependencies": {
+                "mimic-fn": "^4.0.0"
+            },
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/path-key": {
+            "version": "4.0.0",
+            "resolved": "https://registry.npmjs.org/path-key/-/path-key-4.0.0.tgz",
+            "integrity": "sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==",
+            "dev": true,
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
+        "node_modules/nypm/node_modules/signal-exit": {
+            "version": "4.1.0",
+            "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz",
+            "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==",
+            "dev": true,
+            "engines": {
+                "node": ">=14"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/isaacs"
+            }
+        },
+        "node_modules/nypm/node_modules/strip-final-newline": {
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-3.0.0.tgz",
+            "integrity": "sha512-dOESqjYr96iWYylGObzd39EuNTa5VJxyvVAEm5Jnh7KGo75V43Hk1odPQkNDyXNmUR6k+gEiDVXnjB8HJ3crXw==",
+            "dev": true,
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/sindresorhus"
+            }
+        },
         "node_modules/object-assign": {
             "version": "4.1.1",
             "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
@@ -15221,6 +14952,12 @@
                 "url": "https://github.com/sponsors/ljharb"
             }
         },
+        "node_modules/ohash": {
+            "version": "1.1.3",
+            "resolved": "https://registry.npmjs.org/ohash/-/ohash-1.1.3.tgz",
+            "integrity": "sha512-zuHHiGTYTA1sYJ/wZN+t5HKZaH23i4yI1HMwbuXm24Nid7Dv0KcuRlKoNKS9UNfAVSBlnGLcuQrnOKWOZoEGaw==",
+            "dev": true
+        },
         "node_modules/on-finished": {
             "version": "2.4.1",
             "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz",
@@ -15375,6 +15112,38 @@
                 "node": ">=8"
             }
         },
+        "node_modules/ospec": {
+            "version": "3.1.0",
+            "resolved": "https://registry.npmjs.org/ospec/-/ospec-3.1.0.tgz",
+            "integrity": "sha512-+nGtjV3vlADp+UGfL51miAh/hB4awPBkQrArhcgG4trAaoA2gKt5bf9w0m9ch9zOr555cHWaCHZEDiBOkNZSxw==",
+            "dev": true,
+            "dependencies": {
+                "glob": "^7.1.3"
+            },
+            "bin": {
+                "ospec": "bin/ospec"
+            }
+        },
+        "node_modules/ospec/node_modules/glob": {
+            "version": "7.2.3",
+            "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+            "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+            "dev": true,
+            "dependencies": {
+                "fs.realpath": "^1.0.0",
+                "inflight": "^1.0.4",
+                "inherits": "2",
+                "minimatch": "^3.1.1",
+                "once": "^1.3.0",
+                "path-is-absolute": "^1.0.0"
+            },
+            "engines": {
+                "node": "*"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/isaacs"
+            }
+        },
         "node_modules/p-limit": {
             "version": "3.1.0",
             "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz",
@@ -15658,9 +15427,9 @@
             }
         },
         "node_modules/postcss": {
-            "version": "8.4.31",
-            "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.31.tgz",
-            "integrity": "sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==",
+            "version": "8.4.32",
+            "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.32.tgz",
+            "integrity": "sha512-D/kj5JNu6oo2EIy+XL/26JEDTlIbB8hw85G8StOE6L74RQAVVP5rej6wxCNqyMbR4RkPfqvezVbPw81Ngd6Kcw==",
             "dev": true,
             "funding": [
                 {
@@ -15678,7 +15447,7 @@
             ],
             "peer": true,
             "dependencies": {
-                "nanoid": "^3.3.6",
+                "nanoid": "^3.3.7",
                 "picocolors": "^1.0.0",
                 "source-map-js": "^1.0.2"
             },
@@ -15903,15 +15672,6 @@
                 "node": ">=8.16.0"
             }
         },
-        "node_modules/puppeteer-core/node_modules/agent-base": {
-            "version": "5.1.1",
-            "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-5.1.1.tgz",
-            "integrity": "sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g==",
-            "dev": true,
-            "engines": {
-                "node": ">= 6.0.0"
-            }
-        },
         "node_modules/puppeteer-core/node_modules/glob": {
             "version": "7.2.3",
             "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
@@ -15932,19 +15692,6 @@
                 "url": "https://github.com/sponsors/isaacs"
             }
         },
-        "node_modules/puppeteer-core/node_modules/https-proxy-agent": {
-            "version": "4.0.0",
-            "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz",
-            "integrity": "sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==",
-            "dev": true,
-            "dependencies": {
-                "agent-base": "5",
-                "debug": "4"
-            },
-            "engines": {
-                "node": ">= 6.0.0"
-            }
-        },
         "node_modules/puppeteer-core/node_modules/mime": {
             "version": "2.6.0",
             "resolved": "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz",
@@ -16672,10 +16419,13 @@
             "integrity": "sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg=="
         },
         "node_modules/rollup": {
-            "version": "4.7.0",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.7.0.tgz",
-            "integrity": "sha512-7Kw0dUP4BWH78zaZCqF1rPyQ8D5DSU6URG45v1dqS/faNsx9WXyess00uTOZxKr7oR/4TOjO1CPudT8L1UsEgw==",
+            "version": "4.9.4",
+            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.9.4.tgz",
+            "integrity": "sha512-2ztU7pY/lrQyXSCnnoU4ICjT/tCG9cdH3/G25ERqE3Lst6vl2BCM5hL2Nw+sslAvAf+ccKsAq1SkKQALyqhR7g==",
             "dev": true,
+            "dependencies": {
+                "@types/estree": "1.0.5"
+            },
             "bin": {
                 "rollup": "dist/bin/rollup"
             },
@@ -16684,19 +16434,19 @@
                 "npm": ">=8.0.0"
             },
             "optionalDependencies": {
-                "@rollup/rollup-android-arm-eabi": "4.7.0",
-                "@rollup/rollup-android-arm64": "4.7.0",
-                "@rollup/rollup-darwin-arm64": "4.7.0",
-                "@rollup/rollup-darwin-x64": "4.7.0",
-                "@rollup/rollup-linux-arm-gnueabihf": "4.7.0",
-                "@rollup/rollup-linux-arm64-gnu": "4.7.0",
-                "@rollup/rollup-linux-arm64-musl": "4.7.0",
-                "@rollup/rollup-linux-riscv64-gnu": "4.7.0",
-                "@rollup/rollup-linux-x64-gnu": "4.7.0",
-                "@rollup/rollup-linux-x64-musl": "4.7.0",
-                "@rollup/rollup-win32-arm64-msvc": "4.7.0",
-                "@rollup/rollup-win32-ia32-msvc": "4.7.0",
-                "@rollup/rollup-win32-x64-msvc": "4.7.0",
+                "@rollup/rollup-android-arm-eabi": "4.9.4",
+                "@rollup/rollup-android-arm64": "4.9.4",
+                "@rollup/rollup-darwin-arm64": "4.9.4",
+                "@rollup/rollup-darwin-x64": "4.9.4",
+                "@rollup/rollup-linux-arm-gnueabihf": "4.9.4",
+                "@rollup/rollup-linux-arm64-gnu": "4.9.4",
+                "@rollup/rollup-linux-arm64-musl": "4.9.4",
+                "@rollup/rollup-linux-riscv64-gnu": "4.9.4",
+                "@rollup/rollup-linux-x64-gnu": "4.9.4",
+                "@rollup/rollup-linux-x64-musl": "4.9.4",
+                "@rollup/rollup-win32-arm64-msvc": "4.9.4",
+                "@rollup/rollup-win32-ia32-msvc": "4.9.4",
+                "@rollup/rollup-win32-x64-msvc": "4.9.4",
                 "fsevents": "~2.3.2"
             }
         },
@@ -16809,6 +16559,25 @@
                 "node": ">= 8.0.0"
             }
         },
+        "node_modules/rollup-plugin-modify": {
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/rollup-plugin-modify/-/rollup-plugin-modify-3.0.0.tgz",
+            "integrity": "sha512-p/ffs0Y2jz2dEnWjq1oVC7SY37tuS+aP7whoNaQz1EAAOPg+k3vKJo8cMMWx6xpdd0NzhX4y2YF9o/NPu5YR0Q==",
+            "dev": true,
+            "dependencies": {
+                "magic-string": "0.25.2",
+                "ospec": "3.1.0"
+            }
+        },
+        "node_modules/rollup-plugin-modify/node_modules/magic-string": {
+            "version": "0.25.2",
+            "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.25.2.tgz",
+            "integrity": "sha512-iLs9mPjh9IuTtRsqqhNGYcZXGei0Nh/A4xirrsqW7c+QhKVFL2vm7U09ru6cHRD22azaP/wMDgI+HCqbETMTtg==",
+            "dev": true,
+            "dependencies": {
+                "sourcemap-codec": "^1.4.4"
+            }
+        },
         "node_modules/rollup-plugin-postcss-lit": {
             "version": "2.1.0",
             "resolved": "https://registry.npmjs.org/rollup-plugin-postcss-lit/-/rollup-plugin-postcss-lit-2.1.0.tgz",
@@ -17333,12 +17102,12 @@
             "dev": true
         },
         "node_modules/storybook": {
-            "version": "7.6.4",
-            "resolved": "https://registry.npmjs.org/storybook/-/storybook-7.6.4.tgz",
-            "integrity": "sha512-nQhs9XkrroxjqMoBnnToyc6M8ndbmpkOb1qmULO4chtfMy4k0p9Un3K4TJvDaP8c3wPUFGd4ZaJ1hZNVmIl56Q==",
+            "version": "7.6.7",
+            "resolved": "https://registry.npmjs.org/storybook/-/storybook-7.6.7.tgz",
+            "integrity": "sha512-1Cd895dqYIT5MOUOCDlD73OTWoJubLq/sWC7AMzkMrLu76yD4Cu6f+wv1HDrRAheRaCaeT3yhYEhsMB6qHIcaA==",
             "dev": true,
             "dependencies": {
-                "@storybook/cli": "7.6.4"
+                "@storybook/cli": "7.6.7"
             },
             "bin": {
                 "sb": "index.js",
@@ -17382,52 +17151,6 @@
                 }
             }
         },
-        "node_modules/storybook-addon-mock/node_modules/@storybook/client-logger": {
-            "version": "7.4.2",
-            "resolved": "https://registry.npmjs.org/@storybook/client-logger/-/client-logger-7.4.2.tgz",
-            "integrity": "sha512-LC8tYrYSJwF4DHRdNYh6y8hSvccwUIv5/WOZKJDmKx7mcEm6HsVuUu16C9jsl7iy6IqJYxgVz1va3WS6852E+A==",
-            "dev": true,
-            "dependencies": {
-                "@storybook/global": "^5.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/storybook-addon-mock/node_modules/@storybook/core-events": {
-            "version": "7.4.2",
-            "resolved": "https://registry.npmjs.org/@storybook/core-events/-/core-events-7.4.2.tgz",
-            "integrity": "sha512-WCEBw+Ew8DrccnB0hpP9TXadreoOlMnWCyuXU2XrvmK/vde009leWQIsLs1rY+L17zDVuogBms62AxrDDJmMpw==",
-            "dev": true,
-            "dependencies": {
-                "ts-dedent": "^2.0.0"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            }
-        },
-        "node_modules/storybook-addon-mock/node_modules/@storybook/theming": {
-            "version": "7.4.2",
-            "resolved": "https://registry.npmjs.org/@storybook/theming/-/theming-7.4.2.tgz",
-            "integrity": "sha512-wVmxZHVCqDoZgUOXTS4HRV4UClLtCydRNOEuUZ7X08QIPSA1FVL3gEpTQJfgCsyBX/cwSSofAMUbzAGEVNo+9g==",
-            "dev": true,
-            "dependencies": {
-                "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0",
-                "@storybook/client-logger": "7.4.2",
-                "@storybook/global": "^5.0.0",
-                "memoizerific": "^1.11.3"
-            },
-            "funding": {
-                "type": "opencollective",
-                "url": "https://opencollective.com/storybook"
-            },
-            "peerDependencies": {
-                "react": "^16.8.0 || ^17.0.0 || ^18.0.0",
-                "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0"
-            }
-        },
         "node_modules/storybook-addon-mock/node_modules/path-to-regexp": {
             "version": "6.2.1",
             "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.1.tgz",
@@ -18194,9 +17917,9 @@
             }
         },
         "node_modules/turnstile-types": {
-            "version": "1.1.3",
-            "resolved": "https://registry.npmjs.org/turnstile-types/-/turnstile-types-1.1.3.tgz",
-            "integrity": "sha512-hurCjOLYMYU9OmUY2JX/ewHBcadUfOhHX1XgLx9A9Ig5TFl2NGqoyM4EyfaaClsROr95cT868rkgzxCvSCcY6A==",
+            "version": "1.2.0",
+            "resolved": "https://registry.npmjs.org/turnstile-types/-/turnstile-types-1.2.0.tgz",
+            "integrity": "sha512-cTtNEtCYpcXeXR5AOD0YR0xZpXk1iZeTOuXT5vAGNowGGdgapC+k6m/lOVSkmDOUopZmPtmu311XeULIro4gUA==",
             "dev": true
         },
         "node_modules/type-check": {
@@ -18328,6 +18051,12 @@
                 "node": ">=14.17"
             }
         },
+        "node_modules/ufo": {
+            "version": "1.3.2",
+            "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.3.2.tgz",
+            "integrity": "sha512-o+ORpgGwaYQXgqGDwd+hkS4PuZ3QnmqMMxRuajK/a38L6fTpcE5GPIfrf+L/KemFzfUpeUQc1rRS1iDBozvnFA==",
+            "dev": true
+        },
         "node_modules/uglify-js": {
             "version": "3.17.4",
             "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.17.4.tgz",
@@ -18510,9 +18239,9 @@
             }
         },
         "node_modules/update-browserslist-db": {
-            "version": "1.0.11",
-            "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz",
-            "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==",
+            "version": "1.0.13",
+            "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz",
+            "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==",
             "dev": true,
             "funding": [
                 {
@@ -18699,30 +18428,30 @@
             }
         },
         "node_modules/vite": {
-            "version": "4.4.9",
-            "resolved": "https://registry.npmjs.org/vite/-/vite-4.4.9.tgz",
-            "integrity": "sha512-2mbUn2LlUmNASWwSCNSJ/EG2HuSRTnVNaydp6vMCm5VIqJsjMfbIWtbH2kDuwUVW5mMUKKZvGPX/rqeqVvv1XA==",
+            "version": "5.0.10",
+            "resolved": "https://registry.npmjs.org/vite/-/vite-5.0.10.tgz",
+            "integrity": "sha512-2P8J7WWgmc355HUMlFrwofacvr98DAjoE52BfdbwQtyLH06XKwaL/FMnmKM2crF0iX4MpmMKoDlNCB1ok7zHCw==",
             "dev": true,
             "peer": true,
             "dependencies": {
-                "esbuild": "^0.18.10",
-                "postcss": "^8.4.27",
-                "rollup": "^3.27.1"
+                "esbuild": "^0.19.3",
+                "postcss": "^8.4.32",
+                "rollup": "^4.2.0"
             },
             "bin": {
                 "vite": "bin/vite.js"
             },
             "engines": {
-                "node": "^14.18.0 || >=16.0.0"
+                "node": "^18.0.0 || >=20.0.0"
             },
             "funding": {
                 "url": "https://github.com/vitejs/vite?sponsor=1"
             },
             "optionalDependencies": {
-                "fsevents": "~2.3.2"
+                "fsevents": "~2.3.3"
             },
             "peerDependencies": {
-                "@types/node": ">= 14",
+                "@types/node": "^18.0.0 || >=20.0.0",
                 "less": "*",
                 "lightningcss": "^1.21.0",
                 "sass": "*",
@@ -18755,9 +18484,9 @@
             }
         },
         "node_modules/vite-tsconfig-paths": {
-            "version": "4.2.2",
-            "resolved": "https://registry.npmjs.org/vite-tsconfig-paths/-/vite-tsconfig-paths-4.2.2.tgz",
-            "integrity": "sha512-dq0FjyxHHDnp0uS3P12WEOX2W7NeuLzX9AWP38D7Zw2CTbFErapwQVlCiT5DMJcVWKQ1MMdTe92PZl/rBQ7qcw==",
+            "version": "4.2.3",
+            "resolved": "https://registry.npmjs.org/vite-tsconfig-paths/-/vite-tsconfig-paths-4.2.3.tgz",
+            "integrity": "sha512-xVsA2xe6QSlzBujtWF8q2NYexh7PAUYfzJ4C8Axpe/7d2pcERYxuxGgph9F4f0iQO36g5tyGq6eBUYIssdUrVw==",
             "dev": true,
             "dependencies": {
                 "debug": "^4.1.1",
@@ -18773,21 +18502,416 @@
                 }
             }
         },
-        "node_modules/vite/node_modules/rollup": {
-            "version": "3.29.4",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-3.29.4.tgz",
-            "integrity": "sha512-oWzmBZwvYrU0iJHtDmhsm662rC15FRXmcjCk1xD771dFDx5jJ02ufAQQTn0etB2emNk4J9EZg/yWKpsn9BWGRw==",
+        "node_modules/vite/node_modules/@esbuild/android-arm": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.9.tgz",
+            "integrity": "sha512-jkYjjq7SdsWuNI6b5quymW0oC83NN5FdRPuCbs9HZ02mfVdAP8B8eeqLSYU3gb6OJEaY5CQabtTFbqBf26H3GA==",
+            "cpu": [
+                "arm"
+            ],
             "dev": true,
+            "optional": true,
+            "os": [
+                "android"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/android-arm64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.9.tgz",
+            "integrity": "sha512-q4cR+6ZD0938R19MyEW3jEsMzbb/1rulLXiNAJQADD/XYp7pT+rOS5JGxvpRW8dFDEfjW4wLgC/3FXIw4zYglQ==",
+            "cpu": [
+                "arm64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "android"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/android-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.9.tgz",
+            "integrity": "sha512-KOqoPntWAH6ZxDwx1D6mRntIgZh9KodzgNOy5Ebt9ghzffOk9X2c1sPwtM9P+0eXbefnDhqYfkh5PLP5ULtWFA==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "android"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/darwin-arm64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.9.tgz",
+            "integrity": "sha512-KBJ9S0AFyLVx2E5D8W0vExqRW01WqRtczUZ8NRu+Pi+87opZn5tL4Y0xT0mA4FtHctd0ZgwNoN639fUUGlNIWw==",
+            "cpu": [
+                "arm64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "darwin"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/darwin-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.9.tgz",
+            "integrity": "sha512-vE0VotmNTQaTdX0Q9dOHmMTao6ObjyPm58CHZr1UK7qpNleQyxlFlNCaHsHx6Uqv86VgPmR4o2wdNq3dP1qyDQ==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "darwin"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/freebsd-arm64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.9.tgz",
+            "integrity": "sha512-uFQyd/o1IjiEk3rUHSwUKkqZwqdvuD8GevWF065eqgYfexcVkxh+IJgwTaGZVu59XczZGcN/YMh9uF1fWD8j1g==",
+            "cpu": [
+                "arm64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "freebsd"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/freebsd-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.9.tgz",
+            "integrity": "sha512-WMLgWAtkdTbTu1AWacY7uoj/YtHthgqrqhf1OaEWnZb7PQgpt8eaA/F3LkV0E6K/Lc0cUr/uaVP/49iE4M4asA==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "freebsd"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-arm": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.9.tgz",
+            "integrity": "sha512-C/ChPohUYoyUaqn1h17m/6yt6OB14hbXvT8EgM1ZWaiiTYz7nWZR0SYmMnB5BzQA4GXl3BgBO1l8MYqL/He3qw==",
+            "cpu": [
+                "arm"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-arm64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.9.tgz",
+            "integrity": "sha512-PiPblfe1BjK7WDAKR1Cr9O7VVPqVNpwFcPWgfn4xu0eMemzRp442hXyzF/fSwgrufI66FpHOEJk0yYdPInsmyQ==",
+            "cpu": [
+                "arm64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-ia32": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.9.tgz",
+            "integrity": "sha512-f37i/0zE0MjDxijkPSQw1CO/7C27Eojqb+r3BbHVxMLkj8GCa78TrBZzvPyA/FNLUMzP3eyHCVkAopkKVja+6Q==",
+            "cpu": [
+                "ia32"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-loong64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.9.tgz",
+            "integrity": "sha512-t6mN147pUIf3t6wUt3FeumoOTPfmv9Cc6DQlsVBpB7eCpLOqQDyWBP1ymXn1lDw4fNUSb/gBcKAmvTP49oIkaA==",
+            "cpu": [
+                "loong64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-mips64el": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.9.tgz",
+            "integrity": "sha512-jg9fujJTNTQBuDXdmAg1eeJUL4Jds7BklOTkkH80ZgQIoCTdQrDaHYgbFZyeTq8zbY+axgptncko3v9p5hLZtw==",
+            "cpu": [
+                "mips64el"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-ppc64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.9.tgz",
+            "integrity": "sha512-tkV0xUX0pUUgY4ha7z5BbDS85uI7ABw3V1d0RNTii7E9lbmV8Z37Pup2tsLV46SQWzjOeyDi1Q7Wx2+QM8WaCQ==",
+            "cpu": [
+                "ppc64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-riscv64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.9.tgz",
+            "integrity": "sha512-DfLp8dj91cufgPZDXr9p3FoR++m3ZJ6uIXsXrIvJdOjXVREtXuQCjfMfvmc3LScAVmLjcfloyVtpn43D56JFHg==",
+            "cpu": [
+                "riscv64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-s390x": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.9.tgz",
+            "integrity": "sha512-zHbglfEdC88KMgCWpOl/zc6dDYJvWGLiUtmPRsr1OgCViu3z5GncvNVdf+6/56O2Ca8jUU+t1BW261V6kp8qdw==",
+            "cpu": [
+                "s390x"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/linux-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.9.tgz",
+            "integrity": "sha512-JUjpystGFFmNrEHQnIVG8hKwvA2DN5o7RqiO1CVX8EN/F/gkCjkUMgVn6hzScpwnJtl2mPR6I9XV1oW8k9O+0A==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "linux"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/netbsd-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.9.tgz",
+            "integrity": "sha512-GThgZPAwOBOsheA2RUlW5UeroRfESwMq/guy8uEe3wJlAOjpOXuSevLRd70NZ37ZrpO6RHGHgEHvPg1h3S1Jug==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "netbsd"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/openbsd-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.9.tgz",
+            "integrity": "sha512-Ki6PlzppaFVbLnD8PtlVQfsYw4S9n3eQl87cqgeIw+O3sRr9IghpfSKY62mggdt1yCSZ8QWvTZ9jo9fjDSg9uw==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "openbsd"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/sunos-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.9.tgz",
+            "integrity": "sha512-MLHj7k9hWh4y1ddkBpvRj2b9NCBhfgBt3VpWbHQnXRedVun/hC7sIyTGDGTfsGuXo4ebik2+3ShjcPbhtFwWDw==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "sunos"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/win32-arm64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.9.tgz",
+            "integrity": "sha512-GQoa6OrQ8G08guMFgeXPH7yE/8Dt0IfOGWJSfSH4uafwdC7rWwrfE6P9N8AtPGIjUzdo2+7bN8Xo3qC578olhg==",
+            "cpu": [
+                "arm64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/win32-ia32": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.9.tgz",
+            "integrity": "sha512-UOozV7Ntykvr5tSOlGCrqU3NBr3d8JqPes0QWN2WOXfvkWVGRajC+Ym0/Wj88fUgecUCLDdJPDF0Nna2UK3Qtg==",
+            "cpu": [
+                "ia32"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/@esbuild/win32-x64": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.9.tgz",
+            "integrity": "sha512-oxoQgglOP7RH6iasDrhY+R/3cHrfwIDvRlT4CGChflq6twk8iENeVvMJjmvBb94Ik1Z+93iGO27err7w6l54GQ==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "peer": true,
+            "engines": {
+                "node": ">=12"
+            }
+        },
+        "node_modules/vite/node_modules/esbuild": {
+            "version": "0.19.9",
+            "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.19.9.tgz",
+            "integrity": "sha512-U9CHtKSy+EpPsEBa+/A2gMs/h3ylBC0H0KSqIg7tpztHerLi6nrrcoUJAkNCEPumx8yJ+Byic4BVwHgRbN0TBg==",
+            "dev": true,
+            "hasInstallScript": true,
             "peer": true,
             "bin": {
-                "rollup": "dist/bin/rollup"
+                "esbuild": "bin/esbuild"
             },
             "engines": {
-                "node": ">=14.18.0",
-                "npm": ">=8.0.0"
+                "node": ">=12"
             },
             "optionalDependencies": {
-                "fsevents": "~2.3.2"
+                "@esbuild/android-arm": "0.19.9",
+                "@esbuild/android-arm64": "0.19.9",
+                "@esbuild/android-x64": "0.19.9",
+                "@esbuild/darwin-arm64": "0.19.9",
+                "@esbuild/darwin-x64": "0.19.9",
+                "@esbuild/freebsd-arm64": "0.19.9",
+                "@esbuild/freebsd-x64": "0.19.9",
+                "@esbuild/linux-arm": "0.19.9",
+                "@esbuild/linux-arm64": "0.19.9",
+                "@esbuild/linux-ia32": "0.19.9",
+                "@esbuild/linux-loong64": "0.19.9",
+                "@esbuild/linux-mips64el": "0.19.9",
+                "@esbuild/linux-ppc64": "0.19.9",
+                "@esbuild/linux-riscv64": "0.19.9",
+                "@esbuild/linux-s390x": "0.19.9",
+                "@esbuild/linux-x64": "0.19.9",
+                "@esbuild/netbsd-x64": "0.19.9",
+                "@esbuild/openbsd-x64": "0.19.9",
+                "@esbuild/sunos-x64": "0.19.9",
+                "@esbuild/win32-arm64": "0.19.9",
+                "@esbuild/win32-ia32": "0.19.9",
+                "@esbuild/win32-x64": "0.19.9"
             }
         },
         "node_modules/vscode-css-languageservice": {
diff --git a/web/package.json b/web/package.json
index 811e221ca..5f50add27 100644
--- a/web/package.json
+++ b/web/package.json
@@ -19,6 +19,7 @@
         "lint:spelling": "codespell -D - -D ../.github/codespell-dictionary.txt -I ../.github/codespell-words.txt -S './src/locales/**' ./src -s",
         "lit-analyse": "lit-analyzer src",
         "precommit": "run-s tsc lit-analyse lint:precommit lint:spelling prettier",
+        "prequick": "run-s tsc:execute lit-analyse lint:precommit lint:spelling",
         "prettier-check": "prettier --check .",
         "prettier": "prettier --write .",
         "pseudolocalize:build-extract-script": "cd scripts && tsc --esModuleInterop --module es2020 --moduleResolution 'node' pseudolocalize.ts && mv pseudolocalize.js pseudolocalize.mjs",
@@ -27,7 +28,10 @@
         "tsc:execute": "tsc --noEmit -p .",
         "tsc": "run-s build-locales tsc:execute",
         "storybook": "storybook dev -p 6006",
-        "storybook:build": "cross-env NODE_OPTIONS='--max_old_space_size=4096' storybook build"
+        "storybook:build": "cross-env NODE_OPTIONS='--max_old_space_size=4096' storybook build",
+        "storybook:build-import-map": "run-s storybook:build-import-map-script storybook:run-import-map-script",
+        "storybook:build-import-map-script": "cd scripts && tsc --esModuleInterop --module es2020 --target es2020 --moduleResolution 'node' build-storybook-import-maps.ts && mv build-storybook-import-maps.js build-storybook-import-maps.mjs",
+        "storybook:run-import-map-script": "node scripts/build-storybook-import-maps.mjs"
     },
     "dependencies": {
         "@codemirror/lang-html": "^6.4.7",
@@ -38,24 +42,25 @@
         "@codemirror/theme-one-dark": "^6.1.2",
         "@formatjs/intl-listformat": "^7.5.3",
         "@fortawesome/fontawesome-free": "^6.5.1",
-        "@goauthentik/api": "^2023.10.4-1701882394",
+        "@goauthentik/api": "^2023.10.5-1704382057",
         "@lit-labs/context": "^0.4.0",
         "@lit-labs/task": "^3.1.0",
         "@lit/localize": "^0.11.4",
         "@open-wc/lit-helpers": "^0.6.0",
         "@patternfly/elements": "^2.4.0",
         "@patternfly/patternfly": "^4.224.2",
-        "@sentry/browser": "^7.86.0",
-        "@sentry/tracing": "^7.86.0",
+        "@sentry/browser": "^7.92.0",
+        "@sentry/tracing": "^7.92.0",
         "@webcomponents/webcomponentsjs": "^2.8.0",
         "base64-js": "^1.5.1",
         "chart.js": "^4.4.1",
         "chartjs-adapter-moment": "^1.0.1",
         "codemirror": "^6.0.1",
         "construct-style-sheets-polyfill": "^3.1.0",
-        "core-js": "^3.34.0",
+        "core-js": "^3.35.0",
         "country-flag-icons": "^1.5.9",
         "fuse.js": "^7.0.0",
+        "guacamole-common-js": "^1.5.0",
         "lit": "^2.8.0",
         "mermaid": "^10.6.1",
         "rapidoc": "^9.3.4",
@@ -64,13 +69,13 @@
         "yaml": "^2.3.4"
     },
     "devDependencies": {
-        "@babel/core": "^7.23.5",
+        "@babel/core": "^7.23.7",
         "@babel/plugin-proposal-class-properties": "^7.18.6",
-        "@babel/plugin-proposal-decorators": "^7.23.5",
+        "@babel/plugin-proposal-decorators": "^7.23.7",
         "@babel/plugin-transform-private-methods": "^7.23.3",
         "@babel/plugin-transform-private-property-in-object": "^7.23.4",
-        "@babel/plugin-transform-runtime": "^7.23.4",
-        "@babel/preset-env": "^7.23.5",
+        "@babel/plugin-transform-runtime": "^7.23.7",
+        "@babel/preset-env": "^7.23.7",
         "@babel/preset-typescript": "^7.23.3",
         "@hcaptcha/types": "^1.0.3",
         "@jackfranklin/rollup-plugin-markdown": "^0.4.0",
@@ -82,51 +87,53 @@
         "@rollup/plugin-replace": "^5.0.5",
         "@rollup/plugin-terser": "^0.4.4",
         "@rollup/plugin-typescript": "^11.1.5",
-        "@storybook/addon-essentials": "^7.6.4",
-        "@storybook/addon-links": "^7.6.4",
-        "@storybook/api": "^7.6.4",
+        "@storybook/addon-essentials": "^7.6.7",
+        "@storybook/addon-links": "^7.6.7",
+        "@storybook/api": "^7.6.7",
         "@storybook/blocks": "^7.6.4",
-        "@storybook/manager-api": "^7.6.4",
-        "@storybook/web-components-vite": "^7.6.4",
-        "@storybook/web-components": "^7.6.4",
+        "@storybook/manager-api": "^7.6.7",
+        "@storybook/web-components": "^7.6.7",
+        "@storybook/web-components-vite": "^7.6.7",
         "@trivago/prettier-plugin-sort-imports": "^4.3.0",
         "@types/chart.js": "^2.9.41",
         "@types/codemirror": "5.60.15",
         "@types/grecaptcha": "^3.0.7",
-        "@typescript-eslint/eslint-plugin": "^6.13.2",
-        "@typescript-eslint/parser": "^6.13.2",
+        "@types/guacamole-common-js": "1.5.2",
+        "@typescript-eslint/eslint-plugin": "^6.18.0",
+        "@typescript-eslint/parser": "^6.18.0",
         "babel-plugin-macros": "^3.1.0",
         "babel-plugin-tsconfig-paths": "^1.0.3",
         "cross-env": "^7.0.3",
-        "eslint": "^8.55.0",
+        "eslint": "^8.56.0",
         "eslint-config-google": "^0.14.0",
         "eslint-plugin-custom-elements": "0.0.8",
-        "eslint-plugin-lit": "^1.10.1",
+        "eslint-plugin-lit": "^1.11.0",
         "eslint-plugin-sonarjs": "^0.23.0",
         "eslint-plugin-storybook": "^0.6.15",
-        "lit-analyzer": "^2.0.1",
+        "lit-analyzer": "^2.0.2",
         "npm-run-all": "^4.1.5",
         "prettier": "^3.1.1",
         "pseudolocale": "^2.0.0",
-        "pyright": "^1.1.338",
+        "pyright": "=1.1.338",
         "react": "^18.2.0",
         "react-dom": "^18.2.0",
-        "rollup": "^4.7.0",
+        "rollup": "^4.9.4",
         "rollup-plugin-copy": "^3.5.0",
         "rollup-plugin-cssimport": "^1.0.3",
+        "rollup-plugin-modify": "^3.0.0",
         "rollup-plugin-postcss-lit": "^2.1.0",
-        "storybook": "^7.6.4",
+        "storybook": "^7.6.7",
         "storybook-addon-mock": "^4.3.0",
         "ts-lit-plugin": "^2.0.1",
         "tslib": "^2.6.2",
-        "turnstile-types": "^1.1.3",
+        "turnstile-types": "^1.2.0",
         "typescript": "^5.3.3",
-        "vite-tsconfig-paths": "^4.2.2"
+        "vite-tsconfig-paths": "^4.2.3"
     },
     "optionalDependencies": {
-        "@esbuild/darwin-arm64": "^0.19.9",
+        "@esbuild/darwin-arm64": "^0.19.11",
         "@esbuild/linux-amd64": "^0.18.11",
-        "@esbuild/linux-arm64": "^0.19.9"
+        "@esbuild/linux-arm64": "^0.19.11"
     },
     "engines": {
         "node": ">=20"
diff --git a/web/rollup.config.mjs b/web/rollup.config.mjs
index 49825a29d..c4139e13e 100644
--- a/web/rollup.config.mjs
+++ b/web/rollup.config.mjs
@@ -129,6 +129,21 @@ export const standalone = ["api-browser", "loading"].map((input) => {
     };
 });
 
+export const enterprise = ["rac"].map((input) => {
+    return {
+        input: `./src/enterprise/${input}`,
+        output: [
+            {
+                format: "es",
+                dir: `dist/enterprise/${input}`,
+                sourcemap: true,
+                manualChunks: manualChunks,
+            },
+        ],
+        ...defaultOptions,
+    };
+});
+
 export default [
     POLY,
     // Standalone
@@ -172,4 +187,6 @@ export default [
         ],
         ...defaultOptions,
     },
+    // Enterprise
+    ...enterprise,
 ];
diff --git a/web/scripts/build-storybook-import-maps.ts b/web/scripts/build-storybook-import-maps.ts
new file mode 100644
index 000000000..121ad105f
--- /dev/null
+++ b/web/scripts/build-storybook-import-maps.ts
@@ -0,0 +1,84 @@
+import fs from "fs";
+import path from "path";
+import { fileURLToPath } from "url";
+
+const __dirname = fileURLToPath(new URL(".", import.meta.url));
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+function* walkFilesystem(dir: string): Generator<string, undefined, any> {
+    const openeddir = fs.opendirSync(dir);
+    if (!openeddir) {
+        return;
+    }
+
+    let d: fs.Dirent | null;
+    while ((d = openeddir?.readSync())) {
+        if (!d) {
+            break;
+        }
+        const entry = path.join(dir, d.name);
+        if (d.isDirectory()) yield* walkFilesystem(entry);
+        else if (d.isFile()) yield entry;
+    }
+    openeddir.close();
+}
+
+const import_re = /^(import \w+ from .*\.css)";/;
+function extractImportLinesFromFile(path: string) {
+    const source = fs.readFileSync(path, { encoding: "utf8", flag: "r" });
+    const lines = source?.split("\n") ?? [];
+    return lines.filter((l) => import_re.test(l));
+}
+
+function createOneImportLine(line: string) {
+    const importMatch = import_re.exec(line);
+    if (!importMatch) {
+        throw new Error("How did an unmatchable line get here?");
+    }
+    const importContent = importMatch[1];
+    if (!importContent) {
+        throw new Error("How did an unmatchable line get here!?");
+    }
+    return `'${importContent}";': '${importContent}?inline";',`;
+}
+
+const isSourceFile = /\.ts$/;
+function getTheSourceFiles() {
+    return Array.from(walkFilesystem(path.join(__dirname, "..", "src"))).filter((path) =>
+        isSourceFile.test(path),
+    );
+}
+
+function getTheImportLines(importPaths: string[]) {
+    const importLines: string[] = importPaths.reduce(
+        (acc: string[], path) => [...acc, extractImportLinesFromFile(path)].flat(),
+        [],
+    );
+    const uniqueImportLines = new Set(importLines);
+    const sortedImportLines = Array.from(uniqueImportLines.keys());
+    sortedImportLines.sort();
+    return sortedImportLines;
+}
+
+const importPaths = getTheSourceFiles();
+const importLines = getTheImportLines(importPaths);
+
+const outputFile = `
+// THIS IS A GENERATED FILE.  DO NOT EDIT BY HAND.
+//
+// This file is generated by the build-storybook-import-maps script in the UI's base directory.
+// This is a *hack* to work around an inconsistency in the way rollup, vite, and storybook
+// import CSS modules.
+//
+// Sometime around 2030 or so, the Javascript community may finally get its collective act together
+// and we'll have one unified way of doing this.  I can only hope.
+
+export const cssImportMaps = {
+${importLines.map(createOneImportLine).join("\n")}
+};
+`;
+
+fs.writeFileSync(path.join(__dirname, "..", ".storybook", "css-import-maps.ts"), outputFile, {
+    encoding: "utf8",
+    flag: "w",
+});
diff --git a/web/src/admin/admin-overview/charts/SyncStatusChart.ts b/web/src/admin/admin-overview/charts/SyncStatusChart.ts
index 28747d682..d9a3cce6c 100644
--- a/web/src/admin/admin-overview/charts/SyncStatusChart.ts
+++ b/web/src/admin/admin-overview/charts/SyncStatusChart.ts
@@ -93,15 +93,16 @@ export class LDAPSyncStatusChart extends AKChart<SyncStatus[]> {
                     const health = await api.providersScimSyncStatusRetrieve({
                         id: element.pk,
                     });
-
-                    if (health.status !== TaskStatusEnum.Successful) {
-                        sourceKey = "failed";
-                    }
-                    const now = new Date().getTime();
-                    const maxDelta = 3600000; // 1 hour
-                    if (!health || now - health.taskFinishTimestamp.getTime() > maxDelta) {
-                        sourceKey = "unsynced";
-                    }
+                    health.tasks.forEach((task) => {
+                        if (task.status !== TaskStatusEnum.Successful) {
+                            sourceKey = "failed";
+                        }
+                        const now = new Date().getTime();
+                        const maxDelta = 3600000; // 1 hour
+                        if (!health || now - task.taskFinishTimestamp.getTime() > maxDelta) {
+                            sourceKey = "unsynced";
+                        }
+                    });
                 } catch {
                     sourceKey = "unsynced";
                 }
diff --git a/web/src/admin/applications/ApplicationForm.ts b/web/src/admin/applications/ApplicationForm.ts
index 07d9af36e..ead17e9b2 100644
--- a/web/src/admin/applications/ApplicationForm.ts
+++ b/web/src/admin/applications/ApplicationForm.ts
@@ -72,11 +72,9 @@ export class ApplicationForm extends WithCapabilitiesConfig(ModelForm<Applicatio
     clearIcon = false;
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated application.");
-        } else {
-            return msg("Successfully created application.");
-        }
+        return this.instance
+            ? msg("Successfully updated application.")
+            : msg("Successfully created application.");
     }
 
     async send(data: Application): Promise<Application | void> {
diff --git a/web/src/admin/blueprints/BlueprintForm.ts b/web/src/admin/blueprints/BlueprintForm.ts
index 47b6c492c..2df50180b 100644
--- a/web/src/admin/blueprints/BlueprintForm.ts
+++ b/web/src/admin/blueprints/BlueprintForm.ts
@@ -44,11 +44,9 @@ export class BlueprintForm extends ModelForm<BlueprintInstance, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated instance.");
-        } else {
-            return msg("Successfully created instance.");
-        }
+        return this.instance
+            ? msg("Successfully updated instance.")
+            : msg("Successfully created instance.");
     }
 
     static get styles(): CSSResult[] {
diff --git a/web/src/admin/crypto/CertificateKeyPairForm.ts b/web/src/admin/crypto/CertificateKeyPairForm.ts
index 46e7cd4c9..6f194d436 100644
--- a/web/src/admin/crypto/CertificateKeyPairForm.ts
+++ b/web/src/admin/crypto/CertificateKeyPairForm.ts
@@ -19,11 +19,9 @@ export class CertificateKeyPairForm extends ModelForm<CertificateKeyPair, string
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated certificate-key pair.");
-        } else {
-            return msg("Successfully created certificate-key pair.");
-        }
+        return this.instance
+            ? msg("Successfully updated certificate-key pair.")
+            : msg("Successfully created certificate-key pair.");
     }
 
     async send(data: CertificateKeyPair): Promise<CertificateKeyPair> {
diff --git a/web/src/admin/events/RuleForm.ts b/web/src/admin/events/RuleForm.ts
index 43e54ab89..ed392a1ca 100644
--- a/web/src/admin/events/RuleForm.ts
+++ b/web/src/admin/events/RuleForm.ts
@@ -37,11 +37,9 @@ export class RuleForm extends ModelForm<NotificationRule, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated rule.");
-        } else {
-            return msg("Successfully created rule.");
-        }
+        return this.instance
+            ? msg("Successfully updated rule.")
+            : msg("Successfully created rule.");
     }
 
     async send(data: NotificationRule): Promise<NotificationRule> {
diff --git a/web/src/admin/events/TransportForm.ts b/web/src/admin/events/TransportForm.ts
index 1554d7007..593477c60 100644
--- a/web/src/admin/events/TransportForm.ts
+++ b/web/src/admin/events/TransportForm.ts
@@ -36,11 +36,9 @@ export class TransportForm extends ModelForm<NotificationTransport, string> {
     showWebhook = false;
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated transport.");
-        } else {
-            return msg("Successfully created transport.");
-        }
+        return this.instance
+            ? msg("Successfully updated transport.")
+            : msg("Successfully created transport.");
     }
 
     async send(data: NotificationTransport): Promise<NotificationTransport> {
diff --git a/web/src/admin/flows/FlowForm.ts b/web/src/admin/flows/FlowForm.ts
index 9b6a1ed47..3925f6db9 100644
--- a/web/src/admin/flows/FlowForm.ts
+++ b/web/src/admin/flows/FlowForm.ts
@@ -20,8 +20,8 @@ import {
     DeniedActionEnum,
     Flow,
     FlowDesignationEnum,
+    FlowLayoutEnum,
     FlowsApi,
-    LayoutEnum,
     PolicyEngineMode,
 } from "@goauthentik/api";
 
@@ -36,11 +36,9 @@ export class FlowForm extends WithCapabilitiesConfig(ModelForm<Flow, string>) {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated flow.");
-        } else {
-            return msg("Successfully created flow.");
-        }
+        return this.instance
+            ? msg("Successfully updated flow.")
+            : msg("Successfully created flow.");
     }
 
     @property({ type: Boolean })
@@ -200,6 +198,13 @@ export class FlowForm extends WithCapabilitiesConfig(ModelForm<Flow, string>) {
                     >
                         ${msg("Require superuser.")}
                     </option>
+                    <option
+                        value=${AuthenticationEnum.RequireOutpost}
+                        ?selected=${this.instance?.authentication ===
+                        AuthenticationEnum.RequireOutpost}
+                    >
+                        ${msg("Require Outpost (flow can only be executed from an outpost).")}
+                    </option>
                 </select>
                 <p class="pf-c-form__helper-text">
                     ${msg("Required authentication level for this flow.")}
@@ -306,34 +311,34 @@ export class FlowForm extends WithCapabilitiesConfig(ModelForm<Flow, string>) {
                     >
                         <select class="pf-c-form-control">
                             <option
-                                value=${LayoutEnum.Stacked}
-                                ?selected=${this.instance?.layout === LayoutEnum.Stacked}
+                                value=${FlowLayoutEnum.Stacked}
+                                ?selected=${this.instance?.layout === FlowLayoutEnum.Stacked}
                             >
-                                ${LayoutToLabel(LayoutEnum.Stacked)}
+                                ${LayoutToLabel(FlowLayoutEnum.Stacked)}
                             </option>
                             <option
-                                value=${LayoutEnum.ContentLeft}
-                                ?selected=${this.instance?.layout === LayoutEnum.ContentLeft}
+                                value=${FlowLayoutEnum.ContentLeft}
+                                ?selected=${this.instance?.layout === FlowLayoutEnum.ContentLeft}
                             >
-                                ${LayoutToLabel(LayoutEnum.ContentLeft)}
+                                ${LayoutToLabel(FlowLayoutEnum.ContentLeft)}
                             </option>
                             <option
-                                value=${LayoutEnum.ContentRight}
-                                ?selected=${this.instance?.layout === LayoutEnum.ContentRight}
+                                value=${FlowLayoutEnum.ContentRight}
+                                ?selected=${this.instance?.layout === FlowLayoutEnum.ContentRight}
                             >
-                                ${LayoutToLabel(LayoutEnum.ContentRight)}
+                                ${LayoutToLabel(FlowLayoutEnum.ContentRight)}
                             </option>
                             <option
-                                value=${LayoutEnum.SidebarLeft}
-                                ?selected=${this.instance?.layout === LayoutEnum.SidebarLeft}
+                                value=${FlowLayoutEnum.SidebarLeft}
+                                ?selected=${this.instance?.layout === FlowLayoutEnum.SidebarLeft}
                             >
-                                ${LayoutToLabel(LayoutEnum.SidebarLeft)}
+                                ${LayoutToLabel(FlowLayoutEnum.SidebarLeft)}
                             </option>
                             <option
-                                value=${LayoutEnum.SidebarRight}
-                                ?selected=${this.instance?.layout === LayoutEnum.SidebarRight}
+                                value=${FlowLayoutEnum.SidebarRight}
+                                ?selected=${this.instance?.layout === FlowLayoutEnum.SidebarRight}
                             >
-                                ${LayoutToLabel(LayoutEnum.SidebarRight)}
+                                ${LayoutToLabel(FlowLayoutEnum.SidebarRight)}
                             </option>
                         </select>
                     </ak-form-element-horizontal>
diff --git a/web/src/admin/flows/utils.ts b/web/src/admin/flows/utils.ts
index 3c5ae8f29..90c123c9a 100644
--- a/web/src/admin/flows/utils.ts
+++ b/web/src/admin/flows/utils.ts
@@ -1,6 +1,6 @@
 import { msg } from "@lit/localize";
 
-import { Flow, FlowDesignationEnum, LayoutEnum } from "@goauthentik/api";
+import { Flow, FlowDesignationEnum, FlowLayoutEnum } from "@goauthentik/api";
 
 export function RenderFlowOption(flow: Flow): string {
     return `${flow.slug} (${flow.name})`;
@@ -27,19 +27,19 @@ export function DesignationToLabel(designation: FlowDesignationEnum): string {
     }
 }
 
-export function LayoutToLabel(layout: LayoutEnum): string {
+export function LayoutToLabel(layout: FlowLayoutEnum): string {
     switch (layout) {
-        case LayoutEnum.Stacked:
+        case FlowLayoutEnum.Stacked:
             return msg("Stacked");
-        case LayoutEnum.ContentLeft:
+        case FlowLayoutEnum.ContentLeft:
             return msg("Content left");
-        case LayoutEnum.ContentRight:
+        case FlowLayoutEnum.ContentRight:
             return msg("Content right");
-        case LayoutEnum.SidebarLeft:
+        case FlowLayoutEnum.SidebarLeft:
             return msg("Sidebar left");
-        case LayoutEnum.SidebarRight:
+        case FlowLayoutEnum.SidebarRight:
             return msg("Sidebar right");
-        case LayoutEnum.UnknownDefaultOpenApi:
+        case FlowLayoutEnum.UnknownDefaultOpenApi:
             return msg("Unknown layout");
     }
 }
diff --git a/web/src/admin/groups/GroupForm.ts b/web/src/admin/groups/GroupForm.ts
index 1d703133e..b55cafb56 100644
--- a/web/src/admin/groups/GroupForm.ts
+++ b/web/src/admin/groups/GroupForm.ts
@@ -46,11 +46,9 @@ export class GroupForm extends ModelForm<Group, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated group.");
-        } else {
-            return msg("Successfully created group.");
-        }
+        return this.instance
+            ? msg("Successfully updated group.")
+            : msg("Successfully created group.");
     }
 
     async load(): Promise<void> {
diff --git a/web/src/admin/outposts/OutpostForm.ts b/web/src/admin/outposts/OutpostForm.ts
index 65fd60845..7c6c9dda5 100644
--- a/web/src/admin/outposts/OutpostForm.ts
+++ b/web/src/admin/outposts/OutpostForm.ts
@@ -3,6 +3,7 @@ import { docLink } from "@goauthentik/common/global";
 import { groupBy } from "@goauthentik/common/utils";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
@@ -21,6 +22,7 @@ import {
     OutpostsServiceConnectionsAllListRequest,
     PaginatedLDAPProviderList,
     PaginatedProxyProviderList,
+    PaginatedRACProviderList,
     PaginatedRadiusProviderList,
     ProvidersApi,
     ServiceConnection,
@@ -38,7 +40,8 @@ export class OutpostForm extends ModelForm<Outpost, string> {
     providers?:
         | PaginatedProxyProviderList
         | PaginatedLDAPProviderList
-        | PaginatedRadiusProviderList;
+        | PaginatedRadiusProviderList
+        | PaginatedRACProviderList;
 
     defaultConfig?: OutpostDefaultConfig;
 
@@ -73,17 +76,21 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                     applicationIsnull: false,
                 });
                 break;
+            case OutpostTypeEnum.Rac:
+                this.providers = await new ProvidersApi(DEFAULT_CONFIG).providersRacList({
+                    ordering: "name",
+                    applicationIsnull: false,
+                });
+                break;
             case OutpostTypeEnum.UnknownDefaultOpenApi:
                 this.providers = undefined;
         }
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated outpost.");
-        } else {
-            return msg("Successfully created outpost.");
-        }
+        return this.instance
+            ? msg("Successfully updated outpost.")
+            : msg("Successfully created outpost.");
     }
 
     async send(data: Outpost): Promise<Outpost> {
@@ -135,6 +142,12 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                     >
                         ${msg("Radius")}
                     </option>
+                    <option
+                        value=${OutpostTypeEnum.Rac}
+                        ?selected=${this.instance?.type === OutpostTypeEnum.Rac}
+                    >
+                        ${msg("RAC")}
+                    </option>
                 </select>
             </ak-form-element-horizontal>
             <ak-form-element-horizontal label=${msg("Integration")} name="serviceConnection">
@@ -208,24 +221,27 @@ export class OutpostForm extends ModelForm<Outpost, string> {
                     ${msg("Hold control/command to select multiple items.")}
                 </p>
             </ak-form-element-horizontal>
-            <ak-form-element-horizontal label=${msg("Configuration")} name="config">
-                <ak-codemirror
-                    mode=${CodeMirrorMode.YAML}
-                    value="${YAML.stringify(
-                        this.instance ? this.instance.config : this.defaultConfig?.config,
-                    )}"
-                ></ak-codemirror>
-                <p class="pf-c-form__helper-text">
-                    ${msg("Set custom attributes using YAML or JSON.")}
-                </p>
-                <p class="pf-c-form__helper-text">
-                    ${msg("See more here:")}&nbsp;
-                    <a
-                        target="_blank"
-                        href="${docLink("/docs/outposts?utm_source=authentik#configuration")}"
-                        >${msg("Documentation")}</a
-                    >
-                </p>
-            </ak-form-element-horizontal>`;
+            <ak-form-group aria-label="Advanced settings">
+                <span slot="header"> ${msg("Advanced settings")} </span>
+                <ak-form-element-horizontal label=${msg("Configuration")} name="config">
+                    <ak-codemirror
+                        mode=${CodeMirrorMode.YAML}
+                        value="${YAML.stringify(
+                            this.instance ? this.instance.config : this.defaultConfig?.config,
+                        )}"
+                    ></ak-codemirror>
+                    <p class="pf-c-form__helper-text">
+                        ${msg("Set custom attributes using YAML or JSON.")}
+                    </p>
+                    <p class="pf-c-form__helper-text">
+                        ${msg("See more here:")}&nbsp;
+                        <a
+                            target="_blank"
+                            href="${docLink("/docs/outposts?utm_source=authentik#configuration")}"
+                            >${msg("Documentation")}</a
+                        >
+                    </p>
+                </ak-form-element-horizontal>
+            </ak-form-group>`;
     }
 }
diff --git a/web/src/admin/outposts/OutpostListPage.ts b/web/src/admin/outposts/OutpostListPage.ts
index 390134ad0..318355585 100644
--- a/web/src/admin/outposts/OutpostListPage.ts
+++ b/web/src/admin/outposts/OutpostListPage.ts
@@ -41,6 +41,8 @@ export function TypeToLabel(type?: OutpostTypeEnum): string {
             return msg("LDAP");
         case OutpostTypeEnum.Radius:
             return msg("Radius");
+        case OutpostTypeEnum.Rac:
+            return msg("RAC");
         case OutpostTypeEnum.UnknownDefaultOpenApi:
             return msg("Unknown type");
     }
diff --git a/web/src/admin/outposts/ServiceConnectionDockerForm.ts b/web/src/admin/outposts/ServiceConnectionDockerForm.ts
index 7fd8731ad..10dc8894b 100644
--- a/web/src/admin/outposts/ServiceConnectionDockerForm.ts
+++ b/web/src/admin/outposts/ServiceConnectionDockerForm.ts
@@ -21,11 +21,9 @@ export class ServiceConnectionDockerForm extends ModelForm<DockerServiceConnecti
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated integration.");
-        } else {
-            return msg("Successfully created integration.");
-        }
+        return this.instance
+            ? msg("Successfully updated integration.")
+            : msg("Successfully created integration.");
     }
 
     async send(data: DockerServiceConnection): Promise<DockerServiceConnection> {
@@ -88,7 +86,7 @@ export class ServiceConnectionDockerForm extends ModelForm<DockerServiceConnecti
                 name="tlsVerification"
             >
                 <ak-crypto-certificate-search
-                    certificate=${this.instance?.tlsVerification}
+                    .certificate=${this.instance?.tlsVerification}
                 ></ak-crypto-certificate-search>
                 <p class="pf-c-form__helper-text">
                     ${msg(
@@ -101,7 +99,7 @@ export class ServiceConnectionDockerForm extends ModelForm<DockerServiceConnecti
                 name="tlsAuthentication"
             >
                 <ak-crypto-certificate-search
-                    certificate=${this.instance?.tlsAuthentication}
+                    .certificate=${this.instance?.tlsAuthentication}
                 ></ak-crypto-certificate-search>
                 <p class="pf-c-form__helper-text">
                     ${msg(
diff --git a/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts b/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts
index f087998cc..414bb8922 100644
--- a/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts
+++ b/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts
@@ -25,11 +25,9 @@ export class ServiceConnectionKubernetesForm extends ModelForm<
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated integration.");
-        } else {
-            return msg("Successfully created integration.");
-        }
+        return this.instance
+            ? msg("Successfully updated integration.")
+            : msg("Successfully created integration.");
     }
 
     async send(data: KubernetesServiceConnection): Promise<KubernetesServiceConnection> {
diff --git a/web/src/admin/policies/BasePolicyForm.ts b/web/src/admin/policies/BasePolicyForm.ts
new file mode 100644
index 000000000..450a653a6
--- /dev/null
+++ b/web/src/admin/policies/BasePolicyForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BasePolicyForm<T> extends ModelForm<T, string> {
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated policy.")
+            : msg("Successfully created policy.");
+    }
+}
diff --git a/web/src/admin/policies/dummy/DummyPolicyForm.ts b/web/src/admin/policies/dummy/DummyPolicyForm.ts
index 7dcb82ec2..57fe5812d 100644
--- a/web/src/admin/policies/dummy/DummyPolicyForm.ts
+++ b/web/src/admin/policies/dummy/DummyPolicyForm.ts
@@ -1,8 +1,8 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { DummyPolicy, PoliciesApi } from "@goauthentik/api";
 
 @customElement("ak-policy-dummy-form")
-export class DummyPolicyForm extends ModelForm<DummyPolicy, string> {
+export class DummyPolicyForm extends BasePolicyForm<DummyPolicy> {
     loadInstance(pk: string): Promise<DummyPolicy> {
         return new PoliciesApi(DEFAULT_CONFIG).policiesDummyRetrieve({
             policyUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: DummyPolicy): Promise<DummyPolicy> {
         if (this.instance) {
             return new PoliciesApi(DEFAULT_CONFIG).policiesDummyUpdate({
diff --git a/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts b/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts
index a8198d8f6..b6d3e00d1 100644
--- a/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts
+++ b/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts
@@ -1,8 +1,8 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -20,21 +20,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-policy-event-matcher-form")
-export class EventMatcherPolicyForm extends ModelForm<EventMatcherPolicy, string> {
+export class EventMatcherPolicyForm extends BasePolicyForm<EventMatcherPolicy> {
     loadInstance(pk: string): Promise<EventMatcherPolicy> {
         return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRetrieve({
             policyUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: EventMatcherPolicy): Promise<EventMatcherPolicy> {
         if (data.action?.toString() === "") data.action = null;
         if (data.clientIp?.toString() === "") data.clientIp = null;
diff --git a/web/src/admin/policies/expiry/ExpiryPolicyForm.ts b/web/src/admin/policies/expiry/ExpiryPolicyForm.ts
index 0ec7caae3..c22311571 100644
--- a/web/src/admin/policies/expiry/ExpiryPolicyForm.ts
+++ b/web/src/admin/policies/expiry/ExpiryPolicyForm.ts
@@ -1,8 +1,8 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PasswordExpiryPolicy, PoliciesApi } from "@goauthentik/api";
 
 @customElement("ak-policy-password-expiry-form")
-export class PasswordExpiryPolicyForm extends ModelForm<PasswordExpiryPolicy, string> {
+export class PasswordExpiryPolicyForm extends BasePolicyForm<PasswordExpiryPolicy> {
     loadInstance(pk: string): Promise<PasswordExpiryPolicy> {
         return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryRetrieve({
             policyUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: PasswordExpiryPolicy): Promise<PasswordExpiryPolicy> {
         if (this.instance) {
             return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryUpdate({
diff --git a/web/src/admin/policies/expression/ExpressionPolicyForm.ts b/web/src/admin/policies/expression/ExpressionPolicyForm.ts
index a00c6584d..01c603914 100644
--- a/web/src/admin/policies/expression/ExpressionPolicyForm.ts
+++ b/web/src/admin/policies/expression/ExpressionPolicyForm.ts
@@ -1,3 +1,4 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { docLink } from "@goauthentik/common/global";
 import { first } from "@goauthentik/common/utils";
@@ -5,7 +6,6 @@ import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -15,21 +15,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { ExpressionPolicy, PoliciesApi } from "@goauthentik/api";
 
 @customElement("ak-policy-expression-form")
-export class ExpressionPolicyForm extends ModelForm<ExpressionPolicy, string> {
+export class ExpressionPolicyForm extends BasePolicyForm<ExpressionPolicy> {
     loadInstance(pk: string): Promise<ExpressionPolicy> {
         return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionRetrieve({
             policyUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: ExpressionPolicy): Promise<ExpressionPolicy> {
         if (this.instance) {
             return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionUpdate({
diff --git a/web/src/admin/policies/password/PasswordPolicyForm.ts b/web/src/admin/policies/password/PasswordPolicyForm.ts
index 96183b077..08674effa 100644
--- a/web/src/admin/policies/password/PasswordPolicyForm.ts
+++ b/web/src/admin/policies/password/PasswordPolicyForm.ts
@@ -1,8 +1,8 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PasswordPolicy, PoliciesApi } from "@goauthentik/api";
 
 @customElement("ak-policy-password-form")
-export class PasswordPolicyForm extends ModelForm<PasswordPolicy, string> {
+export class PasswordPolicyForm extends BasePolicyForm<PasswordPolicy> {
     @state()
     showStatic = true;
 
@@ -32,14 +32,6 @@ export class PasswordPolicyForm extends ModelForm<PasswordPolicy, string> {
         return policy;
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: PasswordPolicy): Promise<PasswordPolicy> {
         if (this.instance) {
             return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordUpdate({
diff --git a/web/src/admin/policies/reputation/ReputationPolicyForm.ts b/web/src/admin/policies/reputation/ReputationPolicyForm.ts
index a32d6febf..d5f12ba1c 100644
--- a/web/src/admin/policies/reputation/ReputationPolicyForm.ts
+++ b/web/src/admin/policies/reputation/ReputationPolicyForm.ts
@@ -1,8 +1,8 @@
+import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PoliciesApi, ReputationPolicy } from "@goauthentik/api";
 
 @customElement("ak-policy-reputation-form")
-export class ReputationPolicyForm extends ModelForm<ReputationPolicy, string> {
+export class ReputationPolicyForm extends BasePolicyForm<ReputationPolicy> {
     loadInstance(pk: string): Promise<ReputationPolicy> {
         return new PoliciesApi(DEFAULT_CONFIG).policiesReputationRetrieve({
             policyUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated policy.");
-        } else {
-            return msg("Successfully created policy.");
-        }
-    }
-
     async send(data: ReputationPolicy): Promise<ReputationPolicy> {
         if (this.instance) {
             return new PoliciesApi(DEFAULT_CONFIG).policiesReputationUpdate({
diff --git a/web/src/admin/property-mappings/BasePropertyMappingForm.ts b/web/src/admin/property-mappings/BasePropertyMappingForm.ts
new file mode 100644
index 000000000..82981b9cf
--- /dev/null
+++ b/web/src/admin/property-mappings/BasePropertyMappingForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BasePropertyMappingForm<T> extends ModelForm<T, string> {
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated mapping.")
+            : msg("Successfully created mapping.");
+    }
+}
diff --git a/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts b/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
index 6919ab079..0b5afe81b 100644
--- a/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts
@@ -1,9 +1,9 @@
+import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { docLink } from "@goauthentik/common/global";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { LDAPPropertyMapping, PropertymappingsApi } from "@goauthentik/api";
 
 @customElement("ak-property-mapping-ldap-form")
-export class PropertyMappingLDAPForm extends ModelForm<LDAPPropertyMapping, string> {
+export class PropertyMappingLDAPForm extends BasePropertyMappingForm<LDAPPropertyMapping> {
     loadInstance(pk: string): Promise<LDAPPropertyMapping> {
         return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapRetrieve({
             pmUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated mapping.");
-        } else {
-            return msg("Successfully created mapping.");
-        }
-    }
-
     async send(data: LDAPPropertyMapping): Promise<LDAPPropertyMapping> {
         if (this.instance) {
             return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapUpdate({
diff --git a/web/src/admin/property-mappings/PropertyMappingListPage.ts b/web/src/admin/property-mappings/PropertyMappingListPage.ts
index e961a744c..18521f5e4 100644
--- a/web/src/admin/property-mappings/PropertyMappingListPage.ts
+++ b/web/src/admin/property-mappings/PropertyMappingListPage.ts
@@ -1,5 +1,6 @@
 import "@goauthentik/admin/property-mappings/PropertyMappingLDAPForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingNotification";
+import "@goauthentik/admin/property-mappings/PropertyMappingRACForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingSAMLForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingSCIMForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingScopeForm";
diff --git a/web/src/admin/property-mappings/PropertyMappingNotification.ts b/web/src/admin/property-mappings/PropertyMappingNotification.ts
index 8ab561dec..9991d2a32 100644
--- a/web/src/admin/property-mappings/PropertyMappingNotification.ts
+++ b/web/src/admin/property-mappings/PropertyMappingNotification.ts
@@ -21,11 +21,9 @@ export class PropertyMappingNotification extends ModelForm<NotificationWebhookMa
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated mapping.");
-        } else {
-            return msg("Successfully created mapping.");
-        }
+        return this.instance
+            ? msg("Successfully updated mapping.")
+            : msg("Successfully created mapping.");
     }
 
     async send(data: NotificationWebhookMapping): Promise<NotificationWebhookMapping> {
diff --git a/web/src/admin/property-mappings/PropertyMappingRACForm.ts b/web/src/admin/property-mappings/PropertyMappingRACForm.ts
new file mode 100644
index 000000000..72e2bb090
--- /dev/null
+++ b/web/src/admin/property-mappings/PropertyMappingRACForm.ts
@@ -0,0 +1,195 @@
+import { first } from "@goauthentik/app/common/utils";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { docLink } from "@goauthentik/common/global";
+import "@goauthentik/elements/CodeMirror";
+import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/forms/FormGroup";
+import "@goauthentik/elements/forms/HorizontalFormElement";
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+import { TemplateResult, html } from "lit";
+import { customElement } from "lit/decorators.js";
+import { ifDefined } from "lit/directives/if-defined.js";
+
+import { PropertymappingsApi, RACPropertyMapping } from "@goauthentik/api";
+
+@customElement("ak-property-mapping-rac-form")
+export class PropertyMappingLDAPForm extends ModelForm<RACPropertyMapping, string> {
+    loadInstance(pk: string): Promise<RACPropertyMapping> {
+        return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsRacRetrieve({
+            pmUuid: pk,
+        });
+    }
+
+    getSuccessMessage(): string {
+        if (this.instance) {
+            return msg("Successfully updated mapping.");
+        } else {
+            return msg("Successfully created mapping.");
+        }
+    }
+
+    async send(data: RACPropertyMapping): Promise<RACPropertyMapping> {
+        if (this.instance) {
+            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsRacUpdate({
+                pmUuid: this.instance.pk || "",
+                rACPropertyMappingRequest: data,
+            });
+        } else {
+            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsRacCreate({
+                rACPropertyMappingRequest: data,
+            });
+        }
+    }
+
+    renderForm(): TemplateResult {
+        return html`
+            <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name">
+                <input
+                    type="text"
+                    value="${ifDefined(this.instance?.name)}"
+                    class="pf-c-form-control"
+                    required
+                />
+            </ak-form-element-horizontal>
+            <ak-form-group .expanded=${true}>
+                <span slot="header"> ${msg("General settings")} </span>
+                <div slot="body" class="pf-c-form">
+                    <ak-form-element-horizontal
+                        label=${msg("Username")}
+                        ?required=${true}
+                        name="staticSettings.username"
+                    >
+                        <input
+                            type="text"
+                            value="${ifDefined(this.instance?.staticSettings.username)}"
+                            class="pf-c-form-control"
+                            required
+                        />
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal
+                        label=${msg("Password")}
+                        ?required=${true}
+                        name="staticSettings.password"
+                    >
+                        <input
+                            type="password"
+                            value="${ifDefined(this.instance?.staticSettings.password)}"
+                            class="pf-c-form-control"
+                            required
+                        />
+                    </ak-form-element-horizontal>
+                </div>
+            </ak-form-group>
+            <ak-form-group>
+                <span slot="header"> ${msg("RDP settings")} </span>
+                <div slot="body" class="pf-c-form">
+                    <ak-form-element-horizontal name="staticSettings.ignore-cert">
+                        <label class="pf-c-switch">
+                            <input
+                                class="pf-c-switch__input"
+                                type="checkbox"
+                                ?checked=${first(
+                                    this.instance?.staticSettings["ignore-cert"],
+                                    false,
+                                )}
+                            />
+                            <span class="pf-c-switch__toggle">
+                                <span class="pf-c-switch__toggle-icon">
+                                    <i class="fas fa-check" aria-hidden="true"></i>
+                                </span>
+                            </span>
+                            <span class="pf-c-switch__label"
+                                >${msg("Ignore server certificate")}</span
+                            >
+                        </label>
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal name="staticSettings.enable-wallpaper">
+                        <label class="pf-c-switch">
+                            <input
+                                class="pf-c-switch__input"
+                                type="checkbox"
+                                ?checked=${first(
+                                    this.instance?.staticSettings["enable-wallpaper"],
+                                    false,
+                                )}
+                            />
+                            <span class="pf-c-switch__toggle">
+                                <span class="pf-c-switch__toggle-icon">
+                                    <i class="fas fa-check" aria-hidden="true"></i>
+                                </span>
+                            </span>
+                            <span class="pf-c-switch__label">${msg("Enable wallpaper")}</span>
+                        </label>
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal name="staticSettings.enable-font-smoothing">
+                        <label class="pf-c-switch">
+                            <input
+                                class="pf-c-switch__input"
+                                type="checkbox"
+                                ?checked=${first(
+                                    this.instance?.staticSettings["enable-font-smoothing"],
+                                    false,
+                                )}
+                            />
+                            <span class="pf-c-switch__toggle">
+                                <span class="pf-c-switch__toggle-icon">
+                                    <i class="fas fa-check" aria-hidden="true"></i>
+                                </span>
+                            </span>
+                            <span class="pf-c-switch__label">${msg("Enable font-smoothing")}</span>
+                        </label>
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal name="staticSettings.enable-full-window-drag">
+                        <label class="pf-c-switch">
+                            <input
+                                class="pf-c-switch__input"
+                                type="checkbox"
+                                ?checked=${first(
+                                    this.instance?.staticSettings["enable-full-window-drag"],
+                                    false,
+                                )}
+                            />
+                            <span class="pf-c-switch__toggle">
+                                <span class="pf-c-switch__toggle-icon">
+                                    <i class="fas fa-check" aria-hidden="true"></i>
+                                </span>
+                            </span>
+                            <span class="pf-c-switch__label"
+                                >${msg("Enable full window dragging")}</span
+                            >
+                        </label>
+                    </ak-form-element-horizontal>
+                </div>
+            </ak-form-group>
+            <ak-form-group>
+                <span slot="header"> ${msg("Advanced settings")} </span>
+                <div slot="body" class="pf-c-form">
+                    <ak-form-element-horizontal
+                        label=${msg("Expression")}
+                        ?required=${true}
+                        name="expression"
+                    >
+                        <ak-codemirror
+                            mode=${CodeMirrorMode.Python}
+                            value="${ifDefined(this.instance?.expression)}"
+                        >
+                        </ak-codemirror>
+                        <p class="pf-c-form__helper-text">
+                            ${msg("Expression using Python.")}
+                            <a
+                                target="_blank"
+                                href="${docLink(
+                                    "/docs/property-mappings/expression?utm_source=authentik",
+                                )}"
+                            >
+                                ${msg("See documentation for a list of all variables.")}
+                            </a>
+                        </p>
+                    </ak-form-element-horizontal>
+                </div>
+            </ak-form-group>
+        `;
+    }
+}
diff --git a/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts b/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
index 77836c505..101455c84 100644
--- a/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts
@@ -1,9 +1,9 @@
+import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { docLink } from "@goauthentik/common/global";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PropertymappingsApi, SAMLPropertyMapping } from "@goauthentik/api";
 
 @customElement("ak-property-mapping-saml-form")
-export class PropertyMappingSAMLForm extends ModelForm<SAMLPropertyMapping, string> {
+export class PropertyMappingSAMLForm extends BasePropertyMappingForm<SAMLPropertyMapping> {
     loadInstance(pk: string): Promise<SAMLPropertyMapping> {
         return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlRetrieve({
             pmUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated mapping.");
-        } else {
-            return msg("Successfully created mapping.");
-        }
-    }
-
     async send(data: SAMLPropertyMapping): Promise<SAMLPropertyMapping> {
         if (this.instance) {
             return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlUpdate({
diff --git a/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts b/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
index 19bd13aab..30993cbbd 100644
--- a/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts
@@ -1,9 +1,9 @@
+import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { docLink } from "@goauthentik/common/global";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PropertymappingsApi, SCIMMapping } from "@goauthentik/api";
 
 @customElement("ak-property-mapping-scim-form")
-export class PropertyMappingSCIMForm extends ModelForm<SCIMMapping, string> {
+export class PropertyMappingSCIMForm extends BasePropertyMappingForm<SCIMMapping> {
     loadInstance(pk: string): Promise<SCIMMapping> {
         return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScimRetrieve({
             pmUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated mapping.");
-        } else {
-            return msg("Successfully created mapping.");
-        }
-    }
-
     async send(data: SCIMMapping): Promise<SCIMMapping> {
         if (this.instance) {
             return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScimUpdate({
diff --git a/web/src/admin/property-mappings/PropertyMappingScopeForm.ts b/web/src/admin/property-mappings/PropertyMappingScopeForm.ts
index caf2dc11d..3df60889f 100644
--- a/web/src/admin/property-mappings/PropertyMappingScopeForm.ts
+++ b/web/src/admin/property-mappings/PropertyMappingScopeForm.ts
@@ -1,9 +1,9 @@
+import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { docLink } from "@goauthentik/common/global";
 import "@goauthentik/elements/CodeMirror";
 import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { PropertymappingsApi, ScopeMapping } from "@goauthentik/api";
 
 @customElement("ak-property-mapping-scope-form")
-export class PropertyMappingScopeForm extends ModelForm<ScopeMapping, string> {
+export class PropertyMappingScopeForm extends BasePropertyMappingForm<ScopeMapping> {
     loadInstance(pk: string): Promise<ScopeMapping> {
         return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeRetrieve({
             pmUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated mapping.");
-        } else {
-            return msg("Successfully created mapping.");
-        }
-    }
-
     async send(data: ScopeMapping): Promise<ScopeMapping> {
         if (this.instance) {
             return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeUpdate({
diff --git a/web/src/admin/property-mappings/PropertyMappingWizard.ts b/web/src/admin/property-mappings/PropertyMappingWizard.ts
index 9086546a0..4f0ab6122 100644
--- a/web/src/admin/property-mappings/PropertyMappingWizard.ts
+++ b/web/src/admin/property-mappings/PropertyMappingWizard.ts
@@ -1,5 +1,6 @@
 import "@goauthentik/admin/property-mappings/PropertyMappingLDAPForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingNotification";
+import "@goauthentik/admin/property-mappings/PropertyMappingRACForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingSAMLForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingScopeForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingTestForm";
@@ -12,21 +13,24 @@ import { WizardPage } from "@goauthentik/elements/wizard/WizardPage";
 
 import { msg, str } from "@lit/localize";
 import { customElement } from "@lit/reactive-element/decorators/custom-element.js";
-import { CSSResult, TemplateResult, html } from "lit";
-import { property } from "lit/decorators.js";
+import { CSSResult, TemplateResult, html, nothing } from "lit";
+import { property, state } from "lit/decorators.js";
 
 import PFButton from "@patternfly/patternfly/components/Button/button.css";
 import PFForm from "@patternfly/patternfly/components/Form/form.css";
 import PFRadio from "@patternfly/patternfly/components/Radio/radio.css";
 import PFBase from "@patternfly/patternfly/patternfly-base.css";
 
-import { PropertymappingsApi, TypeCreate } from "@goauthentik/api";
+import { EnterpriseApi, LicenseSummary, PropertymappingsApi, TypeCreate } from "@goauthentik/api";
 
 @customElement("ak-property-mapping-wizard-initial")
 export class InitialPropertyMappingWizardPage extends WizardPage {
     @property({ attribute: false })
     mappingTypes: TypeCreate[] = [];
 
+    @property({ attribute: false })
+    enterprise?: LicenseSummary;
+
     static get styles(): CSSResult[] {
         return [PFBase, PFForm, PFButton, PFRadio];
     }
@@ -59,11 +63,20 @@ export class InitialPropertyMappingWizardPage extends WizardPage {
                             ];
                             this.host.isValid = true;
                         }}
+                        ?disabled=${type.requiresEnterprise ? !this.enterprise?.hasLicense : false}
                     />
                     <label class="pf-c-radio__label" for=${`${type.component}-${type.modelName}`}
                         >${type.name}</label
                     >
                     <span class="pf-c-radio__description">${type.description}</span>
+                    ${type.requiresEnterprise && !this.enterprise?.hasLicense
+                        ? html`
+                              <ak-alert class="pf-c-radio__description" ?inline=${true}>
+                                  ${msg("Provider require enterprise.")}
+                                  <a href="#/enterprise/licenses">${msg("Learn more")}</a>
+                              </ak-alert>
+                          `
+                        : nothing}
                 </div>`;
             })}
         </form>`;
@@ -79,10 +92,16 @@ export class PropertyMappingWizard extends AKElement {
     @property({ attribute: false })
     mappingTypes: TypeCreate[] = [];
 
-    firstUpdated(): void {
-        new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsAllTypesList().then((types) => {
-            this.mappingTypes = types;
-        });
+    @state()
+    enterprise?: LicenseSummary;
+
+    async firstUpdated(): Promise<void> {
+        this.mappingTypes = await new PropertymappingsApi(
+            DEFAULT_CONFIG,
+        ).propertymappingsAllTypesList();
+        this.enterprise = await new EnterpriseApi(
+            DEFAULT_CONFIG,
+        ).enterpriseLicenseSummaryRetrieve();
     }
 
     render(): TemplateResult {
diff --git a/web/src/admin/providers/BaseProviderForm.ts b/web/src/admin/providers/BaseProviderForm.ts
new file mode 100644
index 000000000..3f6134046
--- /dev/null
+++ b/web/src/admin/providers/BaseProviderForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BaseProviderForm<T> extends ModelForm<T, number> {
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated provider.")
+            : msg("Successfully created provider.");
+    }
+}
diff --git a/web/src/admin/providers/ProviderListPage.ts b/web/src/admin/providers/ProviderListPage.ts
index 6ff994611..87a123c82 100644
--- a/web/src/admin/providers/ProviderListPage.ts
+++ b/web/src/admin/providers/ProviderListPage.ts
@@ -3,6 +3,7 @@ import "@goauthentik/admin/providers/ProviderWizard";
 import "@goauthentik/admin/providers/ldap/LDAPProviderForm";
 import "@goauthentik/admin/providers/oauth2/OAuth2ProviderForm";
 import "@goauthentik/admin/providers/proxy/ProxyProviderForm";
+import "@goauthentik/admin/providers/rac/RACProviderForm";
 import "@goauthentik/admin/providers/radius/RadiusProviderForm";
 import "@goauthentik/admin/providers/saml/SAMLProviderForm";
 import "@goauthentik/admin/providers/scim/SCIMProviderForm";
diff --git a/web/src/admin/providers/ProviderViewPage.ts b/web/src/admin/providers/ProviderViewPage.ts
index 4157081d8..5cebd14dd 100644
--- a/web/src/admin/providers/ProviderViewPage.ts
+++ b/web/src/admin/providers/ProviderViewPage.ts
@@ -1,6 +1,7 @@
 import "@goauthentik/admin/providers/ldap/LDAPProviderViewPage";
 import "@goauthentik/admin/providers/oauth2/OAuth2ProviderViewPage";
 import "@goauthentik/admin/providers/proxy/ProxyProviderViewPage";
+import "@goauthentik/admin/providers/rac/RACProviderViewPage";
 import "@goauthentik/admin/providers/radius/RadiusProviderViewPage";
 import "@goauthentik/admin/providers/saml/SAMLProviderViewPage";
 import "@goauthentik/admin/providers/scim/SCIMProviderViewPage";
@@ -65,6 +66,10 @@ export class ProviderViewPage extends AKElement {
                 return html`<ak-provider-radius-view
                     providerID=${ifDefined(this.provider.pk)}
                 ></ak-provider-radius-view>`;
+            case "ak-provider-rac-form":
+                return html`<ak-provider-rac-view
+                    providerID=${ifDefined(this.provider.pk)}
+                ></ak-provider-rac-view>`;
             default:
                 return html`<p>Invalid provider type ${this.provider?.component}</p>`;
         }
diff --git a/web/src/admin/providers/ProviderWizard.ts b/web/src/admin/providers/ProviderWizard.ts
index a65945354..7f19b4d02 100644
--- a/web/src/admin/providers/ProviderWizard.ts
+++ b/web/src/admin/providers/ProviderWizard.ts
@@ -4,6 +4,7 @@ import "@goauthentik/admin/providers/proxy/ProxyProviderForm";
 import "@goauthentik/admin/providers/saml/SAMLProviderForm";
 import "@goauthentik/admin/providers/saml/SAMLProviderImportForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import "@goauthentik/elements/Alert";
 import { AKElement } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/forms/ProxyForm";
 import { paramURL } from "@goauthentik/elements/router/RouterOutlet";
@@ -13,8 +14,8 @@ import { WizardPage } from "@goauthentik/elements/wizard/WizardPage";
 
 import { msg, str } from "@lit/localize";
 import { customElement } from "@lit/reactive-element/decorators/custom-element.js";
-import { CSSResult, TemplateResult, html } from "lit";
-import { property } from "lit/decorators.js";
+import { CSSResult, TemplateResult, html, nothing } from "lit";
+import { property, state } from "lit/decorators.js";
 
 import PFButton from "@patternfly/patternfly/components/Button/button.css";
 import PFForm from "@patternfly/patternfly/components/Form/form.css";
@@ -22,13 +23,16 @@ import PFHint from "@patternfly/patternfly/components/Hint/hint.css";
 import PFRadio from "@patternfly/patternfly/components/Radio/radio.css";
 import PFBase from "@patternfly/patternfly/patternfly-base.css";
 
-import { ProvidersApi, TypeCreate } from "@goauthentik/api";
+import { EnterpriseApi, LicenseSummary, ProvidersApi, TypeCreate } from "@goauthentik/api";
 
 @customElement("ak-provider-wizard-initial")
 export class InitialProviderWizardPage extends WizardPage {
     @property({ attribute: false })
     providerTypes: TypeCreate[] = [];
 
+    @property({ attribute: false })
+    enterprise?: LicenseSummary;
+
     static get styles(): CSSResult[] {
         return [PFBase, PFForm, PFHint, PFButton, PFRadio];
     }
@@ -79,9 +83,18 @@ export class InitialProviderWizardPage extends WizardPage {
                             this.host.steps = ["initial", `type-${type.component}`];
                             this.host.isValid = true;
                         }}
+                        ?disabled=${type.requiresEnterprise ? !this.enterprise?.hasLicense : false}
                     />
                     <label class="pf-c-radio__label" for=${type.component}>${type.name}</label>
                     <span class="pf-c-radio__description">${type.description}</span>
+                    ${type.requiresEnterprise && !this.enterprise?.hasLicense
+                        ? html`
+                              <ak-alert class="pf-c-radio__description" ?inline=${true}>
+                                  ${msg("Provider require enterprise.")}
+                                  <a href="#/enterprise/licenses">${msg("Learn more")}</a>
+                              </ak-alert>
+                          `
+                        : nothing}
                 </div>`;
             })}
         </form>`;
@@ -100,15 +113,19 @@ export class ProviderWizard extends AKElement {
     @property({ attribute: false })
     providerTypes: TypeCreate[] = [];
 
+    @state()
+    enterprise?: LicenseSummary;
+
     @property({ attribute: false })
     finalHandler: () => Promise<void> = () => {
         return Promise.resolve();
     };
 
-    firstUpdated(): void {
-        new ProvidersApi(DEFAULT_CONFIG).providersAllTypesList().then((types) => {
-            this.providerTypes = types;
-        });
+    async firstUpdated(): Promise<void> {
+        this.providerTypes = await new ProvidersApi(DEFAULT_CONFIG).providersAllTypesList();
+        this.enterprise = await new EnterpriseApi(
+            DEFAULT_CONFIG,
+        ).enterpriseLicenseSummaryRetrieve();
     }
 
     render(): TemplateResult {
@@ -121,7 +138,11 @@ export class ProviderWizard extends AKElement {
                     return this.finalHandler();
                 }}
             >
-                <ak-provider-wizard-initial slot="initial" .providerTypes=${this.providerTypes}>
+                <ak-provider-wizard-initial
+                    slot="initial"
+                    .providerTypes=${this.providerTypes}
+                    .enterprise=${this.enterprise}
+                >
                 </ak-provider-wizard-initial>
                 ${this.providerTypes.map((type) => {
                     return html`
diff --git a/web/src/admin/providers/ldap/LDAPProviderForm.ts b/web/src/admin/providers/ldap/LDAPProviderForm.ts
index c720bc8dc..4ddd19b2b 100644
--- a/web/src/admin/providers/ldap/LDAPProviderForm.ts
+++ b/web/src/admin/providers/ldap/LDAPProviderForm.ts
@@ -1,11 +1,11 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-tenanted-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import { WithTenantConfig } from "@goauthentik/elements/Interface/tenantProvider";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 
@@ -25,21 +25,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-provider-ldap-form")
-export class LDAPProviderFormPage extends WithTenantConfig(ModelForm<LDAPProvider, number>) {
+export class LDAPProviderFormPage extends WithTenantConfig(BaseProviderForm<LDAPProvider>) {
     async loadInstance(pk: number): Promise<LDAPProvider> {
         return new ProvidersApi(DEFAULT_CONFIG).providersLdapRetrieve({
             id: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: LDAPProvider): Promise<LDAPProvider> {
         if (this.instance) {
             return new ProvidersApi(DEFAULT_CONFIG).providersLdapUpdate({
@@ -206,7 +198,7 @@ export class LDAPProviderFormPage extends WithTenantConfig(ModelForm<LDAPProvide
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal label=${msg("Certificate")} name="certificate">
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.certificate}
+                            .certificate=${this.instance?.certificate}
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
                             ${msg(
diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
index f5b59efe5..74f3acbeb 100644
--- a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
+++ b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
@@ -1,5 +1,6 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-radio-input";
@@ -7,7 +8,6 @@ import "@goauthentik/components/ak-text-input";
 import "@goauthentik/components/ak-textarea-input";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -116,7 +116,7 @@ export const redirectUriHelp = html`${redirectUriHelpMessages.map(
  */
 
 @customElement("ak-provider-oauth2-form")
-export class OAuth2ProviderFormPage extends ModelForm<OAuth2Provider, number> {
+export class OAuth2ProviderFormPage extends BaseProviderForm<OAuth2Provider> {
     propertyMappings?: PaginatedScopeMappingList;
     oauthSources?: PaginatedOAuthSourceList;
 
@@ -143,14 +143,6 @@ export class OAuth2ProviderFormPage extends ModelForm<OAuth2Provider, number> {
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: OAuth2Provider): Promise<OAuth2Provider> {
         if (this.instance) {
             return new ProvidersApi(DEFAULT_CONFIG).providersOauth2Update({
@@ -298,9 +290,13 @@ export class OAuth2ProviderFormPage extends ModelForm<OAuth2Provider, number> {
                                 let selected = false;
                                 if (!provider?.propertyMappings) {
                                     selected =
-                                        scope.managed?.startsWith(
+                                        // By default select all managed scope mappings, except offline_access
+                                        (scope.managed?.startsWith(
                                             "goauthentik.io/providers/oauth2/scope-",
-                                        ) || false;
+                                        ) &&
+                                            scope.managed !==
+                                                "goauthentik.io/providers/oauth2/scope-offline_access") ||
+                                        false;
                                 } else {
                                     selected = Array.from(provider?.propertyMappings).some((su) => {
                                         return su == scope.pk;
diff --git a/web/src/admin/providers/proxy/ProxyProviderForm.ts b/web/src/admin/providers/proxy/ProxyProviderForm.ts
index 9886c9be3..ddd554572 100644
--- a/web/src/admin/providers/proxy/ProxyProviderForm.ts
+++ b/web/src/admin/providers/proxy/ProxyProviderForm.ts
@@ -1,11 +1,11 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-toggle-group";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
 
@@ -30,7 +30,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-provider-proxy-form")
-export class ProxyProviderFormPage extends ModelForm<ProxyProvider, number> {
+export class ProxyProviderFormPage extends BaseProviderForm<ProxyProvider> {
     static get styles(): CSSResult[] {
         return [...super.styles, PFContent, PFList, PFSpacing];
     }
@@ -65,14 +65,6 @@ export class ProxyProviderFormPage extends ModelForm<ProxyProvider, number> {
     @state()
     mode: ProxyMode = ProxyMode.Proxy;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: ProxyProvider): Promise<ProxyProvider> {
         data.mode = this.mode;
         if (this.mode !== ProxyMode.ForwardDomain) {
@@ -324,7 +316,7 @@ export class ProxyProviderFormPage extends ModelForm<ProxyProvider, number> {
                 <div slot="body" class="pf-c-form">
                     <ak-form-element-horizontal label=${msg("Certificate")} name="certificate">
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.certificate}
+                            .certificate=${this.instance?.certificate}
                         ></ak-crypto-certificate-search>
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal
diff --git a/web/src/admin/providers/rac/EndpointForm.ts b/web/src/admin/providers/rac/EndpointForm.ts
new file mode 100644
index 000000000..0f23f4fca
--- /dev/null
+++ b/web/src/admin/providers/rac/EndpointForm.ts
@@ -0,0 +1,163 @@
+import { first } from "@goauthentik/app/common/utils";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import "@goauthentik/components/ak-radio-input";
+import "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/forms/FormGroup";
+import "@goauthentik/elements/forms/HorizontalFormElement";
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+import YAML from "yaml";
+
+import { msg } from "@lit/localize";
+import { TemplateResult, html } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { ifDefined } from "lit/directives/if-defined.js";
+
+import {
+    AuthModeEnum,
+    Endpoint,
+    PaginatedRACPropertyMappingList,
+    PropertymappingsApi,
+    ProtocolEnum,
+    RacApi,
+} from "@goauthentik/api";
+
+@customElement("ak-rac-endpoint-form")
+export class EndpointForm extends ModelForm<Endpoint, string> {
+    @property({ type: Number })
+    providerID?: number;
+
+    propertyMappings?: PaginatedRACPropertyMappingList;
+
+    async load(): Promise<void> {
+        this.propertyMappings = await new PropertymappingsApi(
+            DEFAULT_CONFIG,
+        ).propertymappingsRacList({
+            ordering: "name",
+        });
+    }
+
+    loadInstance(pk: string): Promise<Endpoint> {
+        return new RacApi(DEFAULT_CONFIG).racEndpointsRetrieve({
+            pbmUuid: pk,
+        });
+    }
+
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated endpoint.")
+            : msg("Successfully created endpoint.");
+    }
+
+    async send(data: Endpoint): Promise<Endpoint> {
+        data.authMode = AuthModeEnum.Prompt;
+        if (!this.instance) {
+            data.provider = this.providerID || 0;
+        } else {
+            data.provider = this.instance.provider;
+        }
+        if (this.instance) {
+            return new RacApi(DEFAULT_CONFIG).racEndpointsPartialUpdate({
+                pbmUuid: this.instance.pk || "",
+                patchedEndpointRequest: data,
+            });
+        } else {
+            return new RacApi(DEFAULT_CONFIG).racEndpointsCreate({
+                endpointRequest: data,
+            });
+        }
+    }
+
+    renderForm(): TemplateResult {
+        return html`
+            <ak-form-element-horizontal label=${msg("Name")} name="name" ?required=${true}>
+                <input
+                    type="text"
+                    value="${ifDefined(this.instance?.name)}"
+                    class="pf-c-form-control"
+                    required
+                />
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal label=${msg("Protocol")} ?required=${true} name="protocol">
+                <ak-radio
+                    .options=${[
+                        {
+                            label: msg("RDP"),
+                            value: ProtocolEnum.Rdp,
+                        },
+                        {
+                            label: msg("SSH"),
+                            value: ProtocolEnum.Ssh,
+                        },
+                        {
+                            label: msg("VNC"),
+                            value: ProtocolEnum.Vnc,
+                        },
+                    ]}
+                    .value=${this.instance?.protocol}
+                >
+                </ak-radio>
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal label=${msg("Host")} name="host" ?required=${true}>
+                <input
+                    type="text"
+                    value="${ifDefined(this.instance?.host)}"
+                    class="pf-c-form-control"
+                    required
+                />
+                <p class="pf-c-form__helper-text">${msg("Hostname/IP to connect to.")}</p>
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal
+                label=${msg("Maximum concurrent connections")}
+                name="maximumConnections"
+                ?required=${true}
+            >
+                <input
+                    type="number"
+                    value="${first(this.instance?.maximumConnections, 1)}"
+                    class="pf-c-form-control"
+                    required
+                />
+                <p class="pf-c-form__helper-text">
+                    ${msg(
+                        "Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.",
+                    )}
+                </p>
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal
+                label=${msg("Property mappings")}
+                ?required=${true}
+                name="propertyMappings"
+            >
+                <select class="pf-c-form-control" multiple>
+                    ${this.propertyMappings?.results.map((mapping) => {
+                        let selected = false;
+                        if (this.instance?.propertyMappings) {
+                            selected = Array.from(this.instance?.propertyMappings).some((su) => {
+                                return su == mapping.pk;
+                            });
+                        }
+                        return html`<option value=${ifDefined(mapping.pk)} ?selected=${selected}>
+                            ${mapping.name}
+                        </option>`;
+                    })}
+                </select>
+                <p class="pf-c-form__helper-text">
+                    ${msg("Hold control/command to select multiple items.")}
+                </p>
+            </ak-form-element-horizontal>
+            <ak-form-group>
+                <span slot="header"> ${msg("Advanced settings")} </span>
+                <div slot="body" class="pf-c-form">
+                    <ak-form-element-horizontal label=${msg("Settings")} name="settings">
+                        <ak-codemirror
+                            mode="yaml"
+                            value="${YAML.stringify(first(this.instance?.settings, {}))}"
+                        >
+                        </ak-codemirror>
+                        <p class="pf-c-form__helper-text">${msg("Connection settings.")}</p>
+                    </ak-form-element-horizontal>
+                </div>
+            </ak-form-group>
+        `;
+    }
+}
diff --git a/web/src/admin/providers/rac/EndpointList.ts b/web/src/admin/providers/rac/EndpointList.ts
new file mode 100644
index 000000000..d3c3f88c3
--- /dev/null
+++ b/web/src/admin/providers/rac/EndpointList.ts
@@ -0,0 +1,142 @@
+import "@goauthentik/admin/policies/BoundPoliciesList";
+import "@goauthentik/app/admin/providers/rac/EndpointForm";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { uiConfig } from "@goauthentik/common/ui/config";
+import "@goauthentik/elements/buttons/SpinnerButton";
+import "@goauthentik/elements/forms/DeleteBulkForm";
+import "@goauthentik/elements/forms/ModalForm";
+import "@goauthentik/elements/rbac/ObjectPermissionModal";
+import { PaginatedResponse, Table } from "@goauthentik/elements/table/Table";
+import { TableColumn } from "@goauthentik/elements/table/Table";
+import "@patternfly/elements/pf-tooltip/pf-tooltip.js";
+
+import { msg } from "@lit/localize";
+import { CSSResult, TemplateResult, html } from "lit";
+import { customElement, property } from "lit/decorators.js";
+
+import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
+
+import {
+    Endpoint,
+    RACProvider,
+    RacApi,
+    RbacPermissionsAssignedByUsersListModelEnum,
+} from "@goauthentik/api";
+
+@customElement("ak-rac-endpoint-list")
+export class EndpointListPage extends Table<Endpoint> {
+    expandable = true;
+    checkbox = true;
+
+    searchEnabled(): boolean {
+        return true;
+    }
+
+    @property()
+    order = "name";
+
+    @property({ attribute: false })
+    provider?: RACProvider;
+
+    static get styles(): CSSResult[] {
+        return super.styles.concat(PFDescriptionList);
+    }
+
+    async apiEndpoint(page: number): Promise<PaginatedResponse<Endpoint>> {
+        return new RacApi(DEFAULT_CONFIG).racEndpointsList({
+            ordering: this.order,
+            page: page,
+            pageSize: (await uiConfig()).pagination.perPage,
+            search: this.search || "",
+            provider: this.provider?.pk,
+            superuserFullList: true,
+        });
+    }
+
+    columns(): TableColumn[] {
+        return [
+            new TableColumn(msg("Name"), "name"),
+            new TableColumn(msg("Host"), "host"),
+            new TableColumn(msg("Actions")),
+        ];
+    }
+
+    renderToolbarSelected(): TemplateResult {
+        const disabled = this.selectedElements.length < 1;
+        return html`<ak-forms-delete-bulk
+            objectLabel=${msg("Endpoint(s)")}
+            .objects=${this.selectedElements}
+            .metadata=${(item: Endpoint) => {
+                return [
+                    { key: msg("Name"), value: item.name },
+                    { key: msg("Host"), value: item.host },
+                ];
+            }}
+            .usedBy=${(item: Endpoint) => {
+                return new RacApi(DEFAULT_CONFIG).racEndpointsUsedByList({
+                    pbmUuid: item.pk,
+                });
+            }}
+            .delete=${(item: Endpoint) => {
+                return new RacApi(DEFAULT_CONFIG).racEndpointsDestroy({
+                    pbmUuid: item.pk,
+                });
+            }}
+        >
+            <button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
+                ${msg("Delete")}
+            </button>
+        </ak-forms-delete-bulk>`;
+    }
+
+    row(item: Endpoint): TemplateResult[] {
+        return [
+            html`${item.name}`,
+            html`${item.host}`,
+            html`<ak-forms-modal>
+                    <span slot="submit"> ${msg("Update")} </span>
+                    <span slot="header"> ${msg("Update Endpoint")} </span>
+                    <ak-rac-endpoint-form slot="form" .instancePk=${item.pk}>
+                    </ak-rac-endpoint-form>
+                    <button slot="trigger" class="pf-c-button pf-m-plain">
+                        <pf-tooltip position="top" content=${msg("Edit")}>
+                            <i class="fas fa-edit"></i>
+                        </pf-tooltip>
+                    </button>
+                </ak-forms-modal>
+                <ak-rbac-object-permission-modal
+                    model=${RbacPermissionsAssignedByUsersListModelEnum.ProvidersRacEndpoint}
+                    objectPk=${item.pk}
+                >
+                </ak-rbac-object-permission-modal>`,
+        ];
+    }
+
+    renderExpanded(item: Endpoint): TemplateResult {
+        return html` <td></td>
+            <td role="cell" colspan="4">
+                <div class="pf-c-table__expandable-row-content">
+                    <div class="pf-c-content">
+                        <p>
+                            ${msg(
+                                "These bindings control which users will have access to this endpoint. Users must also have access to the application.",
+                            )}
+                        </p>
+                        <ak-bound-policies-list .target=${item.pk}> </ak-bound-policies-list>
+                    </div>
+                </div>
+            </td>`;
+    }
+
+    renderObjectCreate(): TemplateResult {
+        return html`
+            <ak-forms-modal>
+                <span slot="submit"> ${msg("Create")} </span>
+                <span slot="header"> ${msg("Create Endpoint")} </span>
+                <ak-rac-endpoint-form slot="form" .providerID=${this.provider?.pk}>
+                </ak-rac-endpoint-form>
+                <button slot="trigger" class="pf-c-button pf-m-primary">${msg("Create")}</button>
+            </ak-forms-modal>
+        `;
+    }
+}
diff --git a/web/src/admin/providers/rac/RACProviderForm.ts b/web/src/admin/providers/rac/RACProviderForm.ts
new file mode 100644
index 000000000..53a5357a9
--- /dev/null
+++ b/web/src/admin/providers/rac/RACProviderForm.ts
@@ -0,0 +1,158 @@
+import "@goauthentik/admin/common/ak-crypto-certificate-search";
+import "@goauthentik/admin/common/ak-flow-search/ak-tenanted-flow-search";
+import { first } from "@goauthentik/app/common/utils";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/forms/FormGroup";
+import "@goauthentik/elements/forms/HorizontalFormElement";
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+import "@goauthentik/elements/forms/Radio";
+import "@goauthentik/elements/forms/SearchSelect";
+import "@goauthentik/elements/utils/TimeDeltaHelp";
+import YAML from "yaml";
+
+import { msg } from "@lit/localize";
+import { TemplateResult, html } from "lit";
+import { customElement, state } from "lit/decorators.js";
+import { ifDefined } from "lit/directives/if-defined.js";
+
+import {
+    FlowsInstancesListDesignationEnum,
+    PaginatedEndpointList,
+    PaginatedRACPropertyMappingList,
+    PropertymappingsApi,
+    ProvidersApi,
+    RACProvider,
+    RacApi,
+} from "@goauthentik/api";
+
+@customElement("ak-provider-rac-form")
+export class RACProviderFormPage extends ModelForm<RACProvider, number> {
+    @state()
+    endpoints?: PaginatedEndpointList;
+
+    propertyMappings?: PaginatedRACPropertyMappingList;
+
+    async load(): Promise<void> {
+        this.endpoints = await new RacApi(DEFAULT_CONFIG).racEndpointsList({});
+        this.propertyMappings = await new PropertymappingsApi(
+            DEFAULT_CONFIG,
+        ).propertymappingsRacList({
+            ordering: "name",
+        });
+    }
+
+    async loadInstance(pk: number): Promise<RACProvider> {
+        return new ProvidersApi(DEFAULT_CONFIG).providersRacRetrieve({
+            id: pk,
+        });
+    }
+
+    getSuccessMessage(): string {
+        if (this.instance) {
+            return msg("Successfully updated provider.");
+        } else {
+            return msg("Successfully created provider.");
+        }
+    }
+
+    async send(data: RACProvider): Promise<RACProvider> {
+        if (this.instance) {
+            return new ProvidersApi(DEFAULT_CONFIG).providersRacUpdate({
+                id: this.instance.pk || 0,
+                rACProviderRequest: data,
+            });
+        } else {
+            return new ProvidersApi(DEFAULT_CONFIG).providersRacCreate({
+                rACProviderRequest: data,
+            });
+        }
+    }
+
+    renderForm(): TemplateResult {
+        return html`
+            <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name">
+                <input
+                    type="text"
+                    value="${ifDefined(this.instance?.name)}"
+                    class="pf-c-form-control"
+                    required
+                />
+            </ak-form-element-horizontal>
+
+            <ak-form-element-horizontal
+                name="authorizationFlow"
+                label=${msg("Authorization flow")}
+                ?required=${true}
+            >
+                <ak-flow-search
+                    flowType=${FlowsInstancesListDesignationEnum.Authorization}
+                    .currentFlow=${this.instance?.authorizationFlow}
+                    required
+                ></ak-flow-search>
+                <p class="pf-c-form__helper-text">
+                    ${msg("Flow used when authorizing this provider.")}
+                </p>
+            </ak-form-element-horizontal>
+            <ak-form-element-horizontal
+                label=${msg("Connection expiry")}
+                ?required=${true}
+                name="connectionExpiry"
+            >
+                <input
+                    type="text"
+                    value="${first(this.instance?.connectionExpiry, "hours=8")}"
+                    class="pf-c-form-control"
+                    required
+                />
+                <p class="pf-c-form__helper-text">
+                    ${msg(
+                        "Determines how long a session lasts before being disconnected and requiring re-authorization.",
+                    )}
+                </p>
+                <ak-utils-time-delta-help></ak-utils-time-delta-help>
+            </ak-form-element-horizontal>
+
+            <ak-form-group .expanded=${true}>
+                <span slot="header"> ${msg("Protocol settings")} </span>
+                <div slot="body" class="pf-c-form">
+                    <ak-form-element-horizontal
+                        label=${msg("Property mappings")}
+                        ?required=${true}
+                        name="propertyMappings"
+                    >
+                        <select class="pf-c-form-control" multiple>
+                            ${this.propertyMappings?.results.map((mapping) => {
+                                let selected = false;
+                                if (this.instance?.propertyMappings) {
+                                    selected = Array.from(this.instance?.propertyMappings).some(
+                                        (su) => {
+                                            return su == mapping.pk;
+                                        },
+                                    );
+                                }
+                                return html`<option
+                                    value=${ifDefined(mapping.pk)}
+                                    ?selected=${selected}
+                                >
+                                    ${mapping.name}
+                                </option>`;
+                            })}
+                        </select>
+                        <p class="pf-c-form__helper-text">
+                            ${msg("Hold control/command to select multiple items.")}
+                        </p>
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal label=${msg("Settings")} name="settings">
+                        <ak-codemirror
+                            mode="yaml"
+                            value="${YAML.stringify(first(this.instance?.settings, {}))}"
+                        >
+                        </ak-codemirror>
+                        <p class="pf-c-form__helper-text">${msg("Connection settings.")}</p>
+                    </ak-form-element-horizontal>
+                </div>
+            </ak-form-group>
+        `;
+    }
+}
diff --git a/web/src/admin/providers/rac/RACProviderViewPage.ts b/web/src/admin/providers/rac/RACProviderViewPage.ts
new file mode 100644
index 000000000..393fa4375
--- /dev/null
+++ b/web/src/admin/providers/rac/RACProviderViewPage.ts
@@ -0,0 +1,181 @@
+import "@goauthentik/admin/providers/RelatedApplicationButton";
+import "@goauthentik/admin/providers/rac/EndpointForm";
+import "@goauthentik/admin/providers/rac/EndpointList";
+import "@goauthentik/admin/providers/rac/RACProviderForm";
+import "@goauthentik/app/elements/rbac/ObjectPermissionsPage";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_REFRESH } from "@goauthentik/common/constants";
+import "@goauthentik/components/ak-status-label";
+import "@goauthentik/components/events/ObjectChangelog";
+import { AKElement } from "@goauthentik/elements/Base";
+import "@goauthentik/elements/CodeMirror";
+import "@goauthentik/elements/Tabs";
+import "@goauthentik/elements/buttons/ModalButton";
+import "@goauthentik/elements/buttons/SpinnerButton";
+
+import { msg } from "@lit/localize";
+import { CSSResult, TemplateResult, html } from "lit";
+import { customElement, property } from "lit/decorators.js";
+
+import PFBanner from "@patternfly/patternfly/components/Banner/banner.css";
+import PFButton from "@patternfly/patternfly/components/Button/button.css";
+import PFCard from "@patternfly/patternfly/components/Card/card.css";
+import PFContent from "@patternfly/patternfly/components/Content/content.css";
+import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
+import PFForm from "@patternfly/patternfly/components/Form/form.css";
+import PFFormControl from "@patternfly/patternfly/components/FormControl/form-control.css";
+import PFList from "@patternfly/patternfly/components/List/list.css";
+import PFPage from "@patternfly/patternfly/components/Page/page.css";
+import PFGrid from "@patternfly/patternfly/layouts/Grid/grid.css";
+import PFBase from "@patternfly/patternfly/patternfly-base.css";
+
+import {
+    ProvidersApi,
+    RACProvider,
+    RbacPermissionsAssignedByUsersListModelEnum,
+} from "@goauthentik/api";
+
+@customElement("ak-provider-rac-view")
+export class RACProviderViewPage extends AKElement {
+    @property()
+    set args(value: { [key: string]: number }) {
+        this.providerID = value.id;
+    }
+
+    @property({ type: Number })
+    set providerID(value: number) {
+        new ProvidersApi(DEFAULT_CONFIG)
+            .providersRacRetrieve({
+                id: value,
+            })
+            .then((prov) => (this.provider = prov));
+    }
+
+    @property({ attribute: false })
+    provider?: RACProvider;
+
+    static get styles(): CSSResult[] {
+        return [
+            PFBase,
+            PFButton,
+            PFPage,
+            PFGrid,
+            PFContent,
+            PFList,
+            PFForm,
+            PFFormControl,
+            PFCard,
+            PFDescriptionList,
+            PFBanner,
+        ];
+    }
+
+    constructor() {
+        super();
+        this.addEventListener(EVENT_REFRESH, () => {
+            if (!this.provider?.pk) return;
+            this.providerID = this.provider?.pk;
+        });
+    }
+
+    render(): TemplateResult {
+        if (!this.provider) {
+            return html``;
+        }
+        return html`<ak-tabs>
+            <section slot="page-overview" data-tab-title="${msg("Overview")}">
+                ${this.renderTabOverview()}
+            </section>
+            <section
+                slot="page-changelog"
+                data-tab-title="${msg("Changelog")}"
+                class="pf-c-page__main-section pf-m-no-padding-mobile"
+            >
+                <div class="pf-c-card">
+                    <div class="pf-c-card__body">
+                        <ak-object-changelog
+                            targetModelPk=${this.provider?.pk || ""}
+                            targetModelName=${this.provider?.metaModelName || ""}
+                        >
+                        </ak-object-changelog>
+                    </div>
+                </div>
+            </section>
+            <ak-rbac-object-permission-page
+                slot="page-permissions"
+                data-tab-title="${msg("Permissions")}"
+                model=${RbacPermissionsAssignedByUsersListModelEnum.ProvidersRacRacprovider}
+                objectPk=${this.provider.pk}
+            ></ak-rbac-object-permission-page>
+        </ak-tabs>`;
+    }
+
+    renderTabOverview(): TemplateResult {
+        if (!this.provider) {
+            return html``;
+        }
+        return html` <div slot="header" class="pf-c-banner pf-m-info">
+                ${msg("RAC is in preview.")}
+                <a href="mailto:hello+feature/rac@goauthentik.io">${msg("Send us feedback!")}</a>
+            </div>
+            ${this.provider?.assignedApplicationName
+                ? html``
+                : html`<div slot="header" class="pf-c-banner pf-m-warning">
+                      ${msg("Warning: Provider is not used by an Application.")}
+                  </div>`}
+            ${this.provider?.outpostSet.length < 1
+                ? html`<div slot="header" class="pf-c-banner pf-m-warning">
+                      ${msg("Warning: Provider is not used by any Outpost.")}
+                  </div>`
+                : html``}
+            <div class="pf-c-page__main-section pf-m-no-padding-mobile pf-l-grid pf-m-gutter">
+                <div class="pf-c-card pf-l-grid__item pf-m-12-col">
+                    <div class="pf-c-card__body">
+                        <dl class="pf-c-description-list pf-m-3-col-on-lg">
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text">${msg("Name")}</span>
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        ${this.provider.name}
+                                    </div>
+                                </dd>
+                            </div>
+                            <div class="pf-c-description-list__group">
+                                <dt class="pf-c-description-list__term">
+                                    <span class="pf-c-description-list__text"
+                                        >${msg("Assigned to application")}</span
+                                    >
+                                </dt>
+                                <dd class="pf-c-description-list__description">
+                                    <div class="pf-c-description-list__text">
+                                        <ak-provider-related-application
+                                            .provider=${this.provider}
+                                        ></ak-provider-related-application>
+                                    </div>
+                                </dd>
+                            </div>
+                        </dl>
+                    </div>
+                    <div class="pf-c-card__footer">
+                        <ak-forms-modal>
+                            <span slot="submit"> ${msg("Update")} </span>
+                            <span slot="header"> ${msg("Update RAC Provider")} </span>
+                            <ak-provider-rac-form slot="form" .instancePk=${this.provider.pk || 0}>
+                            </ak-provider-rac-form>
+                            <button slot="trigger" class="pf-c-button pf-m-primary">
+                                ${msg("Edit")}
+                            </button>
+                        </ak-forms-modal>
+                    </div>
+                </div>
+                <div class="pf-c-card pf-l-grid__item pf-m-12-col">
+                    <div class="pf-c-card__title">${msg("Endpoints")}</div>
+                    <div class="pf-c-card__body">
+                        <ak-rac-endpoint-list .provider=${this.provider}> </ak-rac-endpoint-list>
+                    </div>
+                </div>
+            </div>`;
+    }
+}
diff --git a/web/src/admin/providers/radius/RadiusProviderForm.ts b/web/src/admin/providers/radius/RadiusProviderForm.ts
index 8a95f10db..f37c865d5 100644
--- a/web/src/admin/providers/radius/RadiusProviderForm.ts
+++ b/web/src/admin/providers/radius/RadiusProviderForm.ts
@@ -1,9 +1,9 @@
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils";
 import { WithTenantConfig } from "@goauthentik/elements/Interface/tenantProvider";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -14,21 +14,13 @@ import { customElement } from "lit/decorators.js";
 import { FlowsInstancesListDesignationEnum, ProvidersApi, RadiusProvider } from "@goauthentik/api";
 
 @customElement("ak-provider-radius-form")
-export class RadiusProviderFormPage extends WithTenantConfig(ModelForm<RadiusProvider, number>) {
+export class RadiusProviderFormPage extends WithTenantConfig(BaseProviderForm<RadiusProvider>) {
     loadInstance(pk: number): Promise<RadiusProvider> {
         return new ProvidersApi(DEFAULT_CONFIG).providersRadiusRetrieve({
             id: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: RadiusProvider): Promise<RadiusProvider> {
         if (this.instance) {
             return new ProvidersApi(DEFAULT_CONFIG).providersRadiusUpdate({
diff --git a/web/src/admin/providers/saml/SAMLProviderForm.ts b/web/src/admin/providers/saml/SAMLProviderForm.ts
index c48993e84..006a32545 100644
--- a/web/src/admin/providers/saml/SAMLProviderForm.ts
+++ b/web/src/admin/providers/saml/SAMLProviderForm.ts
@@ -1,9 +1,9 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -27,7 +27,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-provider-saml-form")
-export class SAMLProviderFormPage extends ModelForm<SAMLProvider, number> {
+export class SAMLProviderFormPage extends BaseProviderForm<SAMLProvider> {
     loadInstance(pk: number): Promise<SAMLProvider> {
         return new ProvidersApi(DEFAULT_CONFIG).providersSamlRetrieve({
             id: pk,
@@ -44,14 +44,6 @@ export class SAMLProviderFormPage extends ModelForm<SAMLProvider, number> {
 
     propertyMappings?: PaginatedSAMLPropertyMappingList;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: SAMLProvider): Promise<SAMLProvider> {
         if (this.instance) {
             return new ProvidersApi(DEFAULT_CONFIG).providersSamlUpdate({
@@ -175,7 +167,7 @@ export class SAMLProviderFormPage extends ModelForm<SAMLProvider, number> {
                         name="signingKp"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.signingKp}
+                            .certificate=${this.instance?.signingKp}
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
                             ${msg(
@@ -188,7 +180,7 @@ export class SAMLProviderFormPage extends ModelForm<SAMLProvider, number> {
                         name="verificationKp"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.verificationKp}
+                            .certificate=${this.instance?.verificationKp}
                             nokey
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
diff --git a/web/src/admin/providers/scim/SCIMProviderForm.ts b/web/src/admin/providers/scim/SCIMProviderForm.ts
index cdc935973..e505c4b23 100644
--- a/web/src/admin/providers/scim/SCIMProviderForm.ts
+++ b/web/src/admin/providers/scim/SCIMProviderForm.ts
@@ -1,8 +1,8 @@
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 
@@ -22,7 +22,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-provider-scim-form")
-export class SCIMProviderFormPage extends ModelForm<SCIMProvider, number> {
+export class SCIMProviderFormPage extends BaseProviderForm<SCIMProvider> {
     loadInstance(pk: number): Promise<SCIMProvider> {
         return new ProvidersApi(DEFAULT_CONFIG).providersScimRetrieve({
             id: pk,
@@ -39,14 +39,6 @@ export class SCIMProviderFormPage extends ModelForm<SCIMProvider, number> {
 
     propertyMappings?: PaginatedSCIMMappingList;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated provider.");
-        } else {
-            return msg("Successfully created provider.");
-        }
-    }
-
     async send(data: SCIMProvider): Promise<SCIMProvider> {
         if (this.instance) {
             return new ProvidersApi(DEFAULT_CONFIG).providersScimUpdate({
diff --git a/web/src/admin/providers/scim/SCIMProviderViewPage.ts b/web/src/admin/providers/scim/SCIMProviderViewPage.ts
index 3998c7c81..d745ed55e 100644
--- a/web/src/admin/providers/scim/SCIMProviderViewPage.ts
+++ b/web/src/admin/providers/scim/SCIMProviderViewPage.ts
@@ -10,7 +10,7 @@ import "@goauthentik/elements/Tabs";
 import "@goauthentik/elements/buttons/ActionButton";
 import "@goauthentik/elements/buttons/ModalButton";
 
-import { msg } from "@lit/localize";
+import { msg, str } from "@lit/localize";
 import { CSSResult, TemplateResult, html } from "lit";
 import { customElement, property, state } from "lit/decorators.js";
 
@@ -31,7 +31,8 @@ import {
     ProvidersApi,
     RbacPermissionsAssignedByUsersListModelEnum,
     SCIMProvider,
-    Task,
+    SCIMSyncStatus,
+    TaskStatusEnum,
 } from "@goauthentik/api";
 
 @customElement("ak-provider-scim-view")
@@ -54,7 +55,7 @@ export class SCIMProviderViewPage extends AKElement {
     provider?: SCIMProvider;
 
     @state()
-    syncState?: Task;
+    syncState?: SCIMSyncStatus;
 
     static get styles(): CSSResult[] {
         return [
@@ -128,6 +129,41 @@ export class SCIMProviderViewPage extends AKElement {
         </ak-tabs>`;
     }
 
+    renderSyncStatus(): TemplateResult {
+        if (!this.syncState) {
+            return html`${msg("No sync status.")}`;
+        }
+        if (this.syncState.isRunning) {
+            return html`${msg("Sync currently running.")}`;
+        }
+        if (this.syncState.tasks.length < 1) {
+            return html`${msg("Not synced yet.")}`;
+        }
+        return html`
+            <ul class="pf-c-list">
+                ${this.syncState.tasks.map((task) => {
+                    let header = "";
+                    if (task.status === TaskStatusEnum.Warning) {
+                        header = msg("Task finished with warnings");
+                    } else if (task.status === TaskStatusEnum.Error) {
+                        header = msg("Task finished with errors");
+                    } else {
+                        header = msg(str`Last sync: ${task.taskFinishTimestamp.toLocaleString()}`);
+                    }
+                    return html`<li>
+                        <p>${task.taskName}</p>
+                        <ul class="pf-c-list">
+                            <li>${header}</li>
+                            ${task.messages.map((m) => {
+                                return html`<li>${m}</li>`;
+                            })}
+                        </ul>
+                    </li> `;
+                })}
+            </ul>
+        `;
+    }
+
     renderTabOverview(): TemplateResult {
         if (!this.provider) {
             return html``;
@@ -186,16 +222,7 @@ export class SCIMProviderViewPage extends AKElement {
                         <div class="pf-c-card__title">
                             <p>${msg("Sync status")}</p>
                         </div>
-                        <div class="pf-c-card__body">
-                            ${this.syncState
-                                ? html` <ul class="pf-c-list">
-                                      ${this.syncState.messages.map((m) => {
-                                          return html`<li>${m}</li>`;
-                                      })}
-                                  </ul>`
-                                : html` ${msg("Sync not run yet.")} `}
-                        </div>
-
+                        <div class="pf-c-card__body">${this.renderSyncStatus()}</div>
                         <div class="pf-c-card__footer">
                             <ak-action-button
                                 class="pf-m-secondary"
diff --git a/web/src/admin/roles/RoleForm.ts b/web/src/admin/roles/RoleForm.ts
index 7d4778469..e5cc0e8f3 100644
--- a/web/src/admin/roles/RoleForm.ts
+++ b/web/src/admin/roles/RoleForm.ts
@@ -21,11 +21,9 @@ export class RoleForm extends ModelForm<Role, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated role.");
-        } else {
-            return msg("Successfully created role.");
-        }
+        return this.instance
+            ? msg("Successfully updated role.")
+            : msg("Successfully created role.");
     }
 
     async send(data: Role): Promise<Role> {
diff --git a/web/src/admin/sources/BaseSourceForm.ts b/web/src/admin/sources/BaseSourceForm.ts
new file mode 100644
index 000000000..f8c68c4bd
--- /dev/null
+++ b/web/src/admin/sources/BaseSourceForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BaseSourceForm<T> extends ModelForm<T, string> {
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated source.")
+            : msg("Successfully created source.");
+    }
+}
diff --git a/web/src/admin/sources/ldap/LDAPSourceForm.ts b/web/src/admin/sources/ldap/LDAPSourceForm.ts
index a927eae29..39a121cb9 100644
--- a/web/src/admin/sources/ldap/LDAPSourceForm.ts
+++ b/web/src/admin/sources/ldap/LDAPSourceForm.ts
@@ -1,10 +1,10 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import { placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -24,7 +24,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-source-ldap-form")
-export class LDAPSourceForm extends ModelForm<LDAPSource, string> {
+export class LDAPSourceForm extends BaseSourceForm<LDAPSource> {
     loadInstance(pk: string): Promise<LDAPSource> {
         return new SourcesApi(DEFAULT_CONFIG).sourcesLdapRetrieve({
             slug: pk,
@@ -41,14 +41,6 @@ export class LDAPSourceForm extends ModelForm<LDAPSource, string> {
 
     propertyMappings?: PaginatedLDAPPropertyMappingList;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated source.");
-        } else {
-            return msg("Successfully created source.");
-        }
-    }
-
     async send(data: LDAPSource): Promise<LDAPSource> {
         if (this.instance) {
             return new SourcesApi(DEFAULT_CONFIG).sourcesLdapPartialUpdate({
@@ -206,7 +198,7 @@ export class LDAPSourceForm extends ModelForm<LDAPSource, string> {
                         name="peerCertificate"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.peerCertificate}
+                            .certificate=${this.instance?.peerCertificate}
                             nokey
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
@@ -220,7 +212,7 @@ export class LDAPSourceForm extends ModelForm<LDAPSource, string> {
                         name="clientCertificate"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.clientCertificate}
+                            .certificate=${this.instance?.clientCertificate}
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
                             ${msg(
diff --git a/web/src/admin/sources/oauth/OAuthSourceForm.ts b/web/src/admin/sources/oauth/OAuthSourceForm.ts
index e15639cc4..92763bf7b 100644
--- a/web/src/admin/sources/oauth/OAuthSourceForm.ts
+++ b/web/src/admin/sources/oauth/OAuthSourceForm.ts
@@ -1,5 +1,6 @@
 import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
 import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
 import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
 import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
@@ -11,7 +12,6 @@ import {
 } from "@goauthentik/elements/Interface/capabilitiesProvider";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -30,7 +30,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-source-oauth-form")
-export class OAuthSourceForm extends WithCapabilitiesConfig(ModelForm<OAuthSource, string>) {
+export class OAuthSourceForm extends WithCapabilitiesConfig(BaseSourceForm<OAuthSource>) {
     async loadInstance(pk: string): Promise<OAuthSource> {
         const source = await new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({
             slug: pk,
@@ -63,14 +63,6 @@ export class OAuthSourceForm extends WithCapabilitiesConfig(ModelForm<OAuthSourc
     @state()
     clearIcon = false;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated source.");
-        } else {
-            return msg("Successfully created source.");
-        }
-    }
-
     async send(data: OAuthSource): Promise<OAuthSource> {
         data.providerType = (this.providerType?.slug || "") as ProviderTypeEnum;
         let source: OAuthSource;
diff --git a/web/src/admin/sources/plex/PlexSourceForm.ts b/web/src/admin/sources/plex/PlexSourceForm.ts
index 81a76f2b4..8444e1112 100644
--- a/web/src/admin/sources/plex/PlexSourceForm.ts
+++ b/web/src/admin/sources/plex/PlexSourceForm.ts
@@ -1,5 +1,6 @@
 import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
 import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
 import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { PlexAPIClient, PlexResource, popupCenterScreen } from "@goauthentik/common/helpers/plex";
@@ -10,7 +11,6 @@ import {
 } from "@goauthentik/elements/Interface/capabilitiesProvider";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -26,7 +26,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-source-plex-form")
-export class PlexSourceForm extends WithCapabilitiesConfig(ModelForm<PlexSource, string>) {
+export class PlexSourceForm extends WithCapabilitiesConfig(BaseSourceForm<PlexSource>) {
     async loadInstance(pk: string): Promise<PlexSource> {
         const source = await new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({
             slug: pk,
@@ -52,14 +52,6 @@ export class PlexSourceForm extends WithCapabilitiesConfig(ModelForm<PlexSource,
         } as PlexSource;
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated source.");
-        } else {
-            return msg("Successfully created source.");
-        }
-    }
-
     async send(data: PlexSource): Promise<PlexSource> {
         data.plexToken = this.plexToken || "";
         let source: PlexSource;
diff --git a/web/src/admin/sources/saml/SAMLSourceForm.ts b/web/src/admin/sources/saml/SAMLSourceForm.ts
index 2dde099f0..c969411fb 100644
--- a/web/src/admin/sources/saml/SAMLSourceForm.ts
+++ b/web/src/admin/sources/saml/SAMLSourceForm.ts
@@ -1,6 +1,7 @@
 import "@goauthentik/admin/common/ak-crypto-certificate-search";
 import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
 import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
 import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
 import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
@@ -10,7 +11,6 @@ import {
 } from "@goauthentik/elements/Interface/capabilitiesProvider";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
 
@@ -31,7 +31,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-source-saml-form")
-export class SAMLSourceForm extends WithCapabilitiesConfig(ModelForm<SAMLSource, string>) {
+export class SAMLSourceForm extends WithCapabilitiesConfig(BaseSourceForm<SAMLSource>) {
     @state()
     clearIcon = false;
 
@@ -43,14 +43,6 @@ export class SAMLSourceForm extends WithCapabilitiesConfig(ModelForm<SAMLSource,
         return source;
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated source.");
-        } else {
-            return msg("Successfully created source.");
-        }
-    }
-
     async send(data: SAMLSource): Promise<SAMLSource> {
         let source: SAMLSource;
         if (this.instance) {
@@ -274,7 +266,7 @@ export class SAMLSourceForm extends WithCapabilitiesConfig(ModelForm<SAMLSource,
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal label=${msg("Signing keypair")} name="signingKp">
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.signingKp}
+                            .certificate=${this.instance?.signingKp}
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
                             ${msg(
@@ -287,7 +279,7 @@ export class SAMLSourceForm extends WithCapabilitiesConfig(ModelForm<SAMLSource,
                         name="verificationKp"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.verificationKp}
+                            .certificate=${this.instance?.verificationKp}
                             nokey
                         ></ak-crypto-certificate-search>
                         <p class="pf-c-form__helper-text">
diff --git a/web/src/admin/stages/BaseStageForm.ts b/web/src/admin/stages/BaseStageForm.ts
new file mode 100644
index 000000000..67c5ffc35
--- /dev/null
+++ b/web/src/admin/stages/BaseStageForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BaseStageForm<T> extends ModelForm<T, string> {
+    getSuccessMessage(): string {
+        return this.instance
+            ? msg("Successfully updated stage.")
+            : msg("Successfully created stage.");
+    }
+}
diff --git a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
index 4d74059be..db9322a84 100644
--- a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
+++ b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
@@ -1,9 +1,9 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -21,21 +21,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-duo-form")
-export class AuthenticatorDuoStageForm extends ModelForm<AuthenticatorDuoStage, string> {
+export class AuthenticatorDuoStageForm extends BaseStageForm<AuthenticatorDuoStage> {
     loadInstance(pk: string): Promise<AuthenticatorDuoStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticatorDuoStage): Promise<AuthenticatorDuoStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoPartialUpdate({
diff --git a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
index 4522d050b..2938b156a 100644
--- a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
+++ b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
@@ -1,9 +1,9 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 
@@ -26,7 +26,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-sms-form")
-export class AuthenticatorSMSStageForm extends ModelForm<AuthenticatorSMSStage, string> {
+export class AuthenticatorSMSStageForm extends BaseStageForm<AuthenticatorSMSStage> {
     loadInstance(pk: string): Promise<AuthenticatorSMSStage> {
         return new StagesApi(DEFAULT_CONFIG)
             .stagesAuthenticatorSmsRetrieve({
@@ -45,14 +45,6 @@ export class AuthenticatorSMSStageForm extends ModelForm<AuthenticatorSMSStage,
     @property({ attribute: false })
     authType?: AuthTypeEnum;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticatorSMSStage): Promise<AuthenticatorSMSStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorSmsUpdate({
diff --git a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
index f9f2684d0..7a5dcab47 100644
--- a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
+++ b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
@@ -1,8 +1,8 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -19,21 +19,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-static-form")
-export class AuthenticatorStaticStageForm extends ModelForm<AuthenticatorStaticStage, string> {
+export class AuthenticatorStaticStageForm extends BaseStageForm<AuthenticatorStaticStage> {
     loadInstance(pk: string): Promise<AuthenticatorStaticStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticatorStaticStage): Promise<AuthenticatorStaticStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticUpdate({
diff --git a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
index aebca9872..91ddcab19 100644
--- a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
+++ b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
@@ -1,9 +1,9 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -21,21 +21,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-totp-form")
-export class AuthenticatorTOTPStageForm extends ModelForm<AuthenticatorTOTPStage, string> {
+export class AuthenticatorTOTPStageForm extends BaseStageForm<AuthenticatorTOTPStage> {
     loadInstance(pk: string): Promise<AuthenticatorTOTPStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticatorTOTPStage): Promise<AuthenticatorTOTPStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpUpdate({
diff --git a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
index 146422988..2884f948c 100644
--- a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
+++ b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
 
@@ -20,7 +20,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-validate-form")
-export class AuthenticatorValidateStageForm extends ModelForm<AuthenticatorValidateStage, string> {
+export class AuthenticatorValidateStageForm extends BaseStageForm<AuthenticatorValidateStage> {
     async loadInstance(pk: string): Promise<AuthenticatorValidateStage> {
         const stage = await new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateRetrieve({
             stageUuid: pk,
@@ -41,14 +41,6 @@ export class AuthenticatorValidateStageForm extends ModelForm<AuthenticatorValid
     @property({ type: Boolean })
     showConfigurationStages = true;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticatorValidateStage): Promise<AuthenticatorValidateStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateUpdate({
diff --git a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
index 9bd8bebe1..d8464b6f3 100644
--- a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
+++ b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
@@ -1,8 +1,8 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 
@@ -23,21 +23,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-authenticator-webauthn-form")
-export class AuthenticateWebAuthnStageForm extends ModelForm<AuthenticateWebAuthnStage, string> {
+export class AuthenticateWebAuthnStageForm extends BaseStageForm<AuthenticateWebAuthnStage> {
     loadInstance(pk: string): Promise<AuthenticateWebAuthnStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: AuthenticateWebAuthnStage): Promise<AuthenticateWebAuthnStage> {
         if (data.authenticatorAttachment?.toString() === "") {
             data.authenticatorAttachment = null;
diff --git a/web/src/admin/stages/captcha/CaptchaStageForm.ts b/web/src/admin/stages/captcha/CaptchaStageForm.ts
index cc8299f30..cacdee5de 100644
--- a/web/src/admin/stages/captcha/CaptchaStageForm.ts
+++ b/web/src/admin/stages/captcha/CaptchaStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { CaptchaStage, CaptchaStageRequest, StagesApi } from "@goauthentik/api";
 
 @customElement("ak-stage-captcha-form")
-export class CaptchaStageForm extends ModelForm<CaptchaStage, string> {
+export class CaptchaStageForm extends BaseStageForm<CaptchaStage> {
     loadInstance(pk: string): Promise<CaptchaStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: CaptchaStage): Promise<CaptchaStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesCaptchaPartialUpdate({
diff --git a/web/src/admin/stages/consent/ConsentStageForm.ts b/web/src/admin/stages/consent/ConsentStageForm.ts
index 84866b10d..7bc5ad0ec 100644
--- a/web/src/admin/stages/consent/ConsentStageForm.ts
+++ b/web/src/admin/stages/consent/ConsentStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
 
 import { msg } from "@lit/localize";
@@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { ConsentStage, ConsentStageModeEnum, StagesApi } from "@goauthentik/api";
 
 @customElement("ak-stage-consent-form")
-export class ConsentStageForm extends ModelForm<ConsentStage, string> {
+export class ConsentStageForm extends BaseStageForm<ConsentStage> {
     loadInstance(pk: string): Promise<ConsentStage> {
         return new StagesApi(DEFAULT_CONFIG)
             .stagesConsentRetrieve({
@@ -27,14 +27,6 @@ export class ConsentStageForm extends ModelForm<ConsentStage, string> {
     @property({ type: Boolean })
     showExpiresIn = false;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: ConsentStage): Promise<ConsentStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesConsentUpdate({
diff --git a/web/src/admin/stages/deny/DenyStageForm.ts b/web/src/admin/stages/deny/DenyStageForm.ts
index 340e911d2..ed3dffa5f 100644
--- a/web/src/admin/stages/deny/DenyStageForm.ts
+++ b/web/src/admin/stages/deny/DenyStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { DenyStage, StagesApi } from "@goauthentik/api";
 
 @customElement("ak-stage-deny-form")
-export class DenyStageForm extends ModelForm<DenyStage, string> {
+export class DenyStageForm extends BaseStageForm<DenyStage> {
     loadInstance(pk: string): Promise<DenyStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesDenyRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: DenyStage): Promise<DenyStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesDenyUpdate({
diff --git a/web/src/admin/stages/dummy/DummyStageForm.ts b/web/src/admin/stages/dummy/DummyStageForm.ts
index 03fbbb4c3..39d36b99d 100644
--- a/web/src/admin/stages/dummy/DummyStageForm.ts
+++ b/web/src/admin/stages/dummy/DummyStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { DummyStage, StagesApi } from "@goauthentik/api";
 
 @customElement("ak-stage-dummy-form")
-export class DummyStageForm extends ModelForm<DummyStage, string> {
+export class DummyStageForm extends BaseStageForm<DummyStage> {
     loadInstance(pk: string): Promise<DummyStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesDummyRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: DummyStage): Promise<DummyStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesDummyUpdate({
diff --git a/web/src/admin/stages/email/EmailStageForm.ts b/web/src/admin/stages/email/EmailStageForm.ts
index a08b5c115..c2595674d 100644
--- a/web/src/admin/stages/email/EmailStageForm.ts
+++ b/web/src/admin/stages/email/EmailStageForm.ts
@@ -1,8 +1,8 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { EmailStage, StagesApi, TypeCreate } from "@goauthentik/api";
 
 @customElement("ak-stage-email-form")
-export class EmailStageForm extends ModelForm<EmailStage, string> {
+export class EmailStageForm extends BaseStageForm<EmailStage> {
     async loadInstance(pk: string): Promise<EmailStage> {
         const stage = await new StagesApi(DEFAULT_CONFIG).stagesEmailRetrieve({
             stageUuid: pk,
@@ -30,14 +30,6 @@ export class EmailStageForm extends ModelForm<EmailStage, string> {
     @property({ type: Boolean })
     showConnectionSettings = false;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: EmailStage): Promise<EmailStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesEmailPartialUpdate({
diff --git a/web/src/admin/stages/identification/IdentificationStageForm.ts b/web/src/admin/stages/identification/IdentificationStageForm.ts
index 6fad5fbb2..cc064adf1 100644
--- a/web/src/admin/stages/identification/IdentificationStageForm.ts
+++ b/web/src/admin/stages/identification/IdentificationStageForm.ts
@@ -1,9 +1,9 @@
 import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first, groupBy } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -23,7 +23,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-identification-form")
-export class IdentificationStageForm extends ModelForm<IdentificationStage, string> {
+export class IdentificationStageForm extends BaseStageForm<IdentificationStage> {
     loadInstance(pk: string): Promise<IdentificationStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesIdentificationRetrieve({
             stageUuid: pk,
@@ -38,14 +38,6 @@ export class IdentificationStageForm extends ModelForm<IdentificationStage, stri
 
     sources?: PaginatedSourceList;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: IdentificationStage): Promise<IdentificationStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesIdentificationUpdate({
diff --git a/web/src/admin/stages/invitation/InvitationForm.ts b/web/src/admin/stages/invitation/InvitationForm.ts
index 4555a547e..24b2c34cf 100644
--- a/web/src/admin/stages/invitation/InvitationForm.ts
+++ b/web/src/admin/stages/invitation/InvitationForm.ts
@@ -23,11 +23,9 @@ export class InvitationForm extends ModelForm<Invitation, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated invitation.");
-        } else {
-            return msg("Successfully created invitation.");
-        }
+        return this.instance
+            ? msg("Successfully updated invitation.")
+            : msg("Successfully created invitation.");
     }
 
     async send(data: Invitation): Promise<Invitation> {
diff --git a/web/src/admin/stages/invitation/InvitationStageForm.ts b/web/src/admin/stages/invitation/InvitationStageForm.ts
index 549c58ae6..822d8a2da 100644
--- a/web/src/admin/stages/invitation/InvitationStageForm.ts
+++ b/web/src/admin/stages/invitation/InvitationStageForm.ts
@@ -1,8 +1,8 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { customElement } from "lit/decorators.js";
 import { InvitationStage, StagesApi } from "@goauthentik/api";
 
 @customElement("ak-stage-invitation-form")
-export class InvitationStageForm extends ModelForm<InvitationStage, string> {
+export class InvitationStageForm extends BaseStageForm<InvitationStage> {
     loadInstance(pk: string): Promise<InvitationStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: InvitationStage): Promise<InvitationStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesUpdate({
diff --git a/web/src/admin/stages/password/PasswordStageForm.ts b/web/src/admin/stages/password/PasswordStageForm.ts
index ce503ef00..939f92931 100644
--- a/web/src/admin/stages/password/PasswordStageForm.ts
+++ b/web/src/admin/stages/password/PasswordStageForm.ts
@@ -1,9 +1,9 @@
 import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/SearchSelect";
 
 import { msg } from "@lit/localize";
@@ -22,21 +22,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-password-form")
-export class PasswordStageForm extends ModelForm<PasswordStage, string> {
+export class PasswordStageForm extends BaseStageForm<PasswordStage> {
     loadInstance(pk: string): Promise<PasswordStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesPasswordRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: PasswordStage): Promise<PasswordStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesPasswordUpdate({
diff --git a/web/src/admin/stages/prompt/PromptForm.ts b/web/src/admin/stages/prompt/PromptForm.ts
index f46a6be5a..bddf1c368 100644
--- a/web/src/admin/stages/prompt/PromptForm.ts
+++ b/web/src/admin/stages/prompt/PromptForm.ts
@@ -90,11 +90,9 @@ export class PromptForm extends ModelForm<Prompt, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated prompt.");
-        } else {
-            return msg("Successfully created prompt.");
-        }
+        return this.instance
+            ? msg("Successfully updated prompt.")
+            : msg("Successfully created prompt.");
     }
 
     static get styles(): CSSResult[] {
diff --git a/web/src/admin/stages/prompt/PromptStageForm.ts b/web/src/admin/stages/prompt/PromptStageForm.ts
index f3841e10f..43e35f475 100644
--- a/web/src/admin/stages/prompt/PromptStageForm.ts
+++ b/web/src/admin/stages/prompt/PromptStageForm.ts
@@ -1,9 +1,9 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import "@goauthentik/admin/stages/prompt/PromptForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import "@goauthentik/elements/forms/ModalForm";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg, str } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -19,7 +19,7 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-prompt-form")
-export class PromptStageForm extends ModelForm<PromptStage, string> {
+export class PromptStageForm extends BaseStageForm<PromptStage> {
     loadInstance(pk: string): Promise<PromptStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRetrieve({
             stageUuid: pk,
@@ -38,14 +38,6 @@ export class PromptStageForm extends ModelForm<PromptStage, string> {
     prompts?: PaginatedPromptList;
     policies?: PaginatedPolicyList;
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: PromptStage): Promise<PromptStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesUpdate({
diff --git a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
index 3d15b52ff..617cd182a 100644
--- a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
+++ b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { StagesApi, UserDeleteStage } from "@goauthentik/api";
 
 @customElement("ak-stage-user-delete-form")
-export class UserDeleteStageForm extends ModelForm<UserDeleteStage, string> {
+export class UserDeleteStageForm extends BaseStageForm<UserDeleteStage> {
     loadInstance(pk: string): Promise<UserDeleteStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: UserDeleteStage): Promise<UserDeleteStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteUpdate({
diff --git a/web/src/admin/stages/user_login/UserLoginStageForm.ts b/web/src/admin/stages/user_login/UserLoginStageForm.ts
index 6ba879799..e7c94c247 100644
--- a/web/src/admin/stages/user_login/UserLoginStageForm.ts
+++ b/web/src/admin/stages/user_login/UserLoginStageForm.ts
@@ -1,33 +1,25 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/Alert";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/utils/TimeDeltaHelp";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
 import { customElement } from "lit/decorators.js";
 
-import { StagesApi, UserLoginStage } from "@goauthentik/api";
+import { GeoipBindingEnum, NetworkBindingEnum, StagesApi, UserLoginStage } from "@goauthentik/api";
 
 @customElement("ak-stage-user-login-form")
-export class UserLoginStageForm extends ModelForm<UserLoginStage, string> {
+export class UserLoginStageForm extends BaseStageForm<UserLoginStage> {
     loadInstance(pk: string): Promise<UserLoginStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: UserLoginStage): Promise<UserLoginStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesUserLoginUpdate({
@@ -101,6 +93,74 @@ export class UserLoginStageForm extends ModelForm<UserLoginStage, string> {
                         </p>
                         <ak-utils-time-delta-help></ak-utils-time-delta-help>
                     </ak-form-element-horizontal>
+                    <ak-form-element-horizontal
+                        label=${msg("Network binding")}
+                        ?required=${true}
+                        name="networkBinding"
+                    >
+                        <ak-radio
+                            .options=${[
+                                {
+                                    label: msg("No binding"),
+                                    value: NetworkBindingEnum.NoBinding,
+                                },
+                                {
+                                    label: msg("Bind ASN"),
+                                    value: NetworkBindingEnum.BindAsn,
+                                    default: true,
+                                },
+                                {
+                                    label: msg("Bind ASN and Network"),
+                                    value: NetworkBindingEnum.BindAsnNetwork,
+                                },
+                                {
+                                    label: msg("Bind ASN, Network and IP"),
+                                    value: NetworkBindingEnum.BindAsnNetworkIp,
+                                },
+                            ]}
+                            .value=${this.instance?.networkBinding}
+                        >
+                        </ak-radio>
+                        <p class="pf-c-form__helper-text">
+                            ${msg(
+                                "Configure if sessions created by this stage should be bound to the Networks they were created in.",
+                            )}
+                        </p>
+                    </ak-form-element-horizontal>
+                    <ak-form-element-horizontal
+                        label=${msg("GeoIP binding")}
+                        ?required=${true}
+                        name="geoipBinding"
+                    >
+                        <ak-radio
+                            .options=${[
+                                {
+                                    label: msg("No binding"),
+                                    value: GeoipBindingEnum.NoBinding,
+                                },
+                                {
+                                    label: msg("Bind Continent"),
+                                    value: GeoipBindingEnum.BindContinent,
+                                    default: true,
+                                },
+                                {
+                                    label: msg("Bind Continent and Country"),
+                                    value: GeoipBindingEnum.BindContinentCountry,
+                                },
+                                {
+                                    label: msg("Bind Continent, Country and City"),
+                                    value: GeoipBindingEnum.BindContinentCountryCity,
+                                },
+                            ]}
+                            .value=${this.instance?.geoipBinding}
+                        >
+                        </ak-radio>
+                        <p class="pf-c-form__helper-text">
+                            ${msg(
+                                "Configure if sessions created by this stage should be bound to their GeoIP-based location",
+                            )}
+                        </p>
+                    </ak-form-element-horizontal>
                     <ak-form-element-horizontal name="terminateOtherSessions">
                         <label class="pf-c-switch">
                             <input
diff --git a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
index 7e90aade6..40a99500f 100644
--- a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
+++ b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 
 import { msg } from "@lit/localize";
 import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
 import { StagesApi, UserLogoutStage } from "@goauthentik/api";
 
 @customElement("ak-stage-user-logout-form")
-export class UserLogoutStageForm extends ModelForm<UserLogoutStage, string> {
+export class UserLogoutStageForm extends BaseStageForm<UserLogoutStage> {
     loadInstance(pk: string): Promise<UserLogoutStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: UserLogoutStage): Promise<UserLogoutStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutUpdate({
diff --git a/web/src/admin/stages/user_write/UserWriteStageForm.ts b/web/src/admin/stages/user_write/UserWriteStageForm.ts
index 3ef5185cd..08b436f9b 100644
--- a/web/src/admin/stages/user_write/UserWriteStageForm.ts
+++ b/web/src/admin/stages/user_write/UserWriteStageForm.ts
@@ -1,9 +1,9 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
 import { UserCreationModeEnum } from "@goauthentik/api/dist/models/UserCreationModeEnum";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { first } from "@goauthentik/common/utils";
 import "@goauthentik/elements/forms/FormGroup";
 import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
 import "@goauthentik/elements/forms/Radio";
 import "@goauthentik/elements/forms/SearchSelect";
 
@@ -22,21 +22,13 @@ import {
 } from "@goauthentik/api";
 
 @customElement("ak-stage-user-write-form")
-export class UserWriteStageForm extends ModelForm<UserWriteStage, string> {
+export class UserWriteStageForm extends BaseStageForm<UserWriteStage> {
     loadInstance(pk: string): Promise<UserWriteStage> {
         return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRetrieve({
             stageUuid: pk,
         });
     }
 
-    getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated stage.");
-        } else {
-            return msg("Successfully created stage.");
-        }
-    }
-
     async send(data: UserWriteStage): Promise<UserWriteStage> {
         if (this.instance) {
             return new StagesApi(DEFAULT_CONFIG).stagesUserWriteUpdate({
diff --git a/web/src/admin/tenants/TenantForm.ts b/web/src/admin/tenants/TenantForm.ts
index 59048d987..51e81b24e 100644
--- a/web/src/admin/tenants/TenantForm.ts
+++ b/web/src/admin/tenants/TenantForm.ts
@@ -26,11 +26,9 @@ export class TenantForm extends ModelForm<Tenant, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated tenant.");
-        } else {
-            return msg("Successfully created tenant.");
-        }
+        return this.instance
+            ? msg("Successfully updated tenant.")
+            : msg("Successfully created tenant.");
     }
 
     async send(data: Tenant): Promise<Tenant> {
@@ -235,7 +233,7 @@ export class TenantForm extends ModelForm<Tenant, string> {
                         name="webCertificate"
                     >
                         <ak-crypto-certificate-search
-                            certificate=${this.instance?.webCertificate}
+                            .certificate=${this.instance?.webCertificate}
                         ></ak-crypto-certificate-search>
                     </ak-form-element-horizontal>
                     <ak-form-element-horizontal
diff --git a/web/src/admin/tokens/TokenForm.ts b/web/src/admin/tokens/TokenForm.ts
index 904c8cdac..7324b0e70 100644
--- a/web/src/admin/tokens/TokenForm.ts
+++ b/web/src/admin/tokens/TokenForm.ts
@@ -26,11 +26,9 @@ export class TokenForm extends ModelForm<Token, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated token.");
-        } else {
-            return msg("Successfully created token.");
-        }
+        return this.instance
+            ? msg("Successfully updated token.")
+            : msg("Successfully created token.");
     }
 
     async send(data: Token): Promise<Token> {
diff --git a/web/src/admin/users/UserViewPage.ts b/web/src/admin/users/UserViewPage.ts
index 6c49cbafa..ddc9e92ba 100644
--- a/web/src/admin/users/UserViewPage.ts
+++ b/web/src/admin/users/UserViewPage.ts
@@ -14,6 +14,11 @@ import "@goauthentik/app/elements/rbac/ObjectPermissionsPage";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { EVENT_REFRESH } from "@goauthentik/common/constants";
 import { userTypeToLabel } from "@goauthentik/common/labels";
+import "@goauthentik/components/DescriptionList";
+import {
+    type DescriptionPair,
+    renderDescriptionList,
+} from "@goauthentik/components/DescriptionList";
 import "@goauthentik/components/ak-status-label";
 import "@goauthentik/components/events/ObjectChangelog";
 import "@goauthentik/components/events/UserEvents";
@@ -138,166 +143,90 @@ export class UserViewPage extends WithCapabilitiesConfig(AKElement) {
 
         const user = this.user;
 
-        const canImpersonate =
-            this.can(CapabilitiesEnum.CanImpersonate) && this.user.pk !== this.me?.user.pk;
-
-        console.log(canImpersonate);
+        // prettier-ignore
+        const userInfo: DescriptionPair[] = [
+            [msg("Username"), user.username],
+            [msg("Name"), user.name],
+            [msg("Email"), user.email || "-"],
+            [msg("Last login"), user.lastLogin?.toLocaleString()],
+            [msg("Active"), html`<ak-status-label type="warning" ?good=${user.isActive}></ak-status-label>`],
+            [msg("Type"), userTypeToLabel(user.type)],
+            [msg("Superuser"), html`<ak-status-label type="warning" ?good=${user.isSuperuser}></ak-status-label>`],
+            [msg("Actions"), this.renderActionButtons(user)],
+            [msg("Recovery"), this.renderRecoveryButtons(user)],
+        ];
 
         return html`
             <div class="pf-c-card__title">${msg("User Info")}</div>
-            <div class="pf-c-card__body">
-                <dl class="pf-c-description-list">
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Username")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">${user.username}</div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Name")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">${user.name}</div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Email")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">${user.email || "-"}</div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Last login")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">
-                                ${user.lastLogin?.toLocaleString()}
-                            </div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Active")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">
-                                <ak-status-label
-                                    type="warning"
-                                    ?good=${user.isActive}
-                                ></ak-status-label>
-                            </div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Type")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">
-                                ${userTypeToLabel(user.type)}
-                            </div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Superuser")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text">
-                                <ak-status-label
-                                    type="warning"
-                                    ?good=${user.isSuperuser}
-                                ></ak-status-label>
-                            </div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Actions")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description ak-button-collection">
-                            <div class="pf-c-description-list__text">
-                                <ak-forms-modal>
-                                    <span slot="submit"> ${msg("Update")} </span>
-                                    <span slot="header"> ${msg("Update User")} </span>
-                                    <ak-user-form slot="form" .instancePk=${user.pk}>
-                                    </ak-user-form>
-                                    <button
-                                        slot="trigger"
-                                        class="pf-m-primary pf-c-button pf-m-block"
-                                    >
-                                        ${msg("Edit")}
-                                    </button>
-                                </ak-forms-modal>
-                                <ak-user-active-form
-                                    .obj=${user}
-                                    objectLabel=${msg("User")}
-                                    .delete=${() => {
-                                        return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({
-                                            id: user.pk,
-                                            patchedUserRequest: {
-                                                isActive: !user.isActive,
-                                            },
-                                        });
-                                    }}
-                                >
-                                    <button
-                                        slot="trigger"
-                                        class="pf-c-button pf-m-warning pf-m-block"
-                                    >
-                                        <pf-tooltip
-                                            position="top"
-                                            content=${user.isActive
-                                                ? msg("Lock the user out of this system")
-                                                : msg(
-                                                      "Allow the user to log in and use this system",
-                                                  )}
-                                        >
-                                            ${user.isActive ? msg("Deactivate") : msg("Activate")}
-                                        </pf-tooltip>
-                                    </button>
-                                </ak-user-active-form>
-                                ${canImpersonate
-                                    ? html`
-                                          <ak-action-button
-                                              class="pf-m-secondary pf-m-block"
-                                              id="impersonate-user-button"
-                                              .apiRequest=${() => {
-                                                  return new CoreApi(DEFAULT_CONFIG)
-                                                      .coreUsersImpersonateCreate({
-                                                          id: user.pk,
-                                                      })
-                                                      .then(() => {
-                                                          window.location.href = "/";
-                                                      });
-                                              }}
-                                          >
-                                              <pf-tooltip
-                                                  position="top"
-                                                  content=${msg(
-                                                      "Temporarily assume the identity of this user",
-                                                  )}
-                                              >
-                                                  ${msg("Impersonate")}
-                                              </pf-tooltip>
-                                          </ak-action-button>
-                                      `
-                                    : nothing}
-                            </div>
-                        </dd>
-                    </div>
-                    <div class="pf-c-description-list__group">
-                        <dt class="pf-c-description-list__term">
-                            <span class="pf-c-description-list__text">${msg("Recovery")}</span>
-                        </dt>
-                        <dd class="pf-c-description-list__description">
-                            <div class="pf-c-description-list__text ak-button-collection">
+            <div class="pf-c-card__body">${renderDescriptionList(userInfo)}</div>
+        `;
+    }
+
+    renderActionButtons(user: User) {
+        const canImpersonate =
+            this.can(CapabilitiesEnum.CanImpersonate) && user.pk !== this.me?.user.pk;
+
+        return html`<div class="ak-button-collection">
+            <ak-forms-modal>
+                <span slot="submit"> ${msg("Update")} </span>
+                <span slot="header"> ${msg("Update User")} </span>
+                <ak-user-form slot="form" .instancePk=${user.pk}> </ak-user-form>
+                <button slot="trigger" class="pf-m-primary pf-c-button pf-m-block">
+                    ${msg("Edit")}
+                </button>
+            </ak-forms-modal>
+            <ak-user-active-form
+                .obj=${user}
+                objectLabel=${msg("User")}
+                .delete=${() => {
+                    return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({
+                        id: user.pk,
+                        patchedUserRequest: {
+                            isActive: !user.isActive,
+                        },
+                    });
+                }}
+            >
+                <button slot="trigger" class="pf-c-button pf-m-warning pf-m-block">
+                    <pf-tooltip
+                        position="top"
+                        content=${user.isActive
+                            ? msg("Lock the user out of this system")
+                            : msg("Allow the user to log in and use this system")}
+                    >
+                        ${user.isActive ? msg("Deactivate") : msg("Activate")}
+                    </pf-tooltip>
+                </button>
+            </ak-user-active-form>
+            ${canImpersonate
+                ? html`
+                      <ak-action-button
+                          class="pf-m-secondary pf-m-block"
+                          id="impersonate-user-button"
+                          .apiRequest=${() => {
+                              return new CoreApi(DEFAULT_CONFIG)
+                                  .coreUsersImpersonateCreate({
+                                      id: user.pk,
+                                  })
+                                  .then(() => {
+                                      window.location.href = "/";
+                                  });
+                          }}
+                      >
+                          <pf-tooltip
+                              position="top"
+                              content=${msg("Temporarily assume the identity of this user")}
+                          >
+                              ${msg("Impersonate")}
+                          </pf-tooltip>
+                      </ak-action-button>
+                  `
+                : nothing}
+        </div> `;
+    }
+
+    renderRecoveryButtons(user: User) {
+        return html`<div class="ak-button-collection">
                                 <ak-forms-modal size=${PFSize.Medium} id="update-password-request">
                                     <span slot="submit">${msg("Update password")}</span>
                                     <span slot="header">${msg("Update password")}</span>
diff --git a/web/src/common/constants.ts b/web/src/common/constants.ts
index 459fc91a5..7a95056ef 100644
--- a/web/src/common/constants.ts
+++ b/web/src/common/constants.ts
@@ -3,7 +3,7 @@ export const SUCCESS_CLASS = "pf-m-success";
 export const ERROR_CLASS = "pf-m-danger";
 export const PROGRESS_CLASS = "pf-m-in-progress";
 export const CURRENT_CLASS = "pf-m-current";
-export const VERSION = "2023.10.4";
+export const VERSION = "2023.10.5";
 export const TITLE_DEFAULT = "authentik";
 export const ROUTE_SEPARATOR = ";";
 
diff --git a/web/src/common/styles/authentik.css b/web/src/common/styles/authentik.css
index 6a0000e4e..a9a085e54 100644
--- a/web/src/common/styles/authentik.css
+++ b/web/src/common/styles/authentik.css
@@ -124,3 +124,27 @@ html > form > input {
     margin-right: 6px;
     margin-bottom: 6px;
 }
+
+/* Flow-card adjustments for static pages */
+.pf-c-brand {
+    padding-top: calc(
+        var(--pf-c-login__main-footer-links--PaddingTop) +
+            var(--pf-c-login__main-footer-links--PaddingBottom) +
+            var(--pf-c-login__main-body--PaddingBottom)
+    );
+    max-height: 9rem;
+}
+.ak-brand {
+    display: flex;
+    justify-content: center;
+}
+.ak-brand img {
+    padding: 0 2rem;
+    max-height: inherit;
+}
+
+@media (min-height: 60rem) {
+    .pf-c-login.stacked .pf-c-login__main {
+        margin-top: 13rem;
+    }
+}
diff --git a/web/src/common/styles/theme-dark.css b/web/src/common/styles/theme-dark.css
index 30cda084a..530a7c218 100644
--- a/web/src/common/styles/theme-dark.css
+++ b/web/src/common/styles/theme-dark.css
@@ -310,6 +310,12 @@ select[multiple] option:checked {
     --pf-c-wizard__nav-link--before--BackgroundColor: transparent;
 }
 /* tree view */
+.pf-c-tree-view__node {
+    --pf-c-tree-view__node--Color: var(--ak-dark-foreground);
+}
+.pf-c-tree-view__node-toggle {
+    --pf-c-tree-view__node-toggle--Color: var(--ak-dark-foreground);
+}
 .pf-c-tree-view__node:focus {
     --pf-c-tree-view__node--focus--BackgroundColor: var(--ak-dark-background-light-ish);
 }
diff --git a/web/src/components/DescriptionList.ts b/web/src/components/DescriptionList.ts
new file mode 100644
index 000000000..cfeee4640
--- /dev/null
+++ b/web/src/components/DescriptionList.ts
@@ -0,0 +1,94 @@
+import { TemplateResult, html, nothing } from "lit";
+import { classMap } from "lit/directives/class-map.js";
+import { map } from "lit/directives/map.js";
+
+export type DescriptionDesc = string | TemplateResult | undefined | typeof nothing;
+export type DescriptionPair = [string, DescriptionDesc];
+export type DescriptionRecord = { term: string; desc: DescriptionDesc };
+
+interface DescriptionConfig {
+    horizontal: boolean;
+    compact: boolean;
+    twocolumn: boolean;
+    threecolumn: boolean;
+}
+
+const isDescriptionRecordCollection = (v: Array<unknown>): v is DescriptionRecord[] =>
+    v.length > 0 && typeof v[0] === "object" && !Array.isArray(v[0]);
+
+function renderDescriptionGroup([term, description]: DescriptionPair) {
+    return html` <div class="pf-c-description-list__group">
+        <dt class="pf-c-description-list__term">
+            <span class="pf-c-description-list__text">${term}</span>
+        </dt>
+        <dd class="pf-c-description-list__description">
+            <div class="pf-c-description-list__text">${description ?? nothing}</div>
+        </dd>
+    </div>`;
+}
+
+function recordToPair({ term, desc }: DescriptionRecord): DescriptionPair {
+    return [term, desc];
+}
+
+function alignTermType(terms: DescriptionRecord[] | DescriptionPair[] = []) {
+    if (isDescriptionRecordCollection(terms)) {
+        return terms.map(recordToPair);
+    }
+    return terms ?? [];
+}
+
+/**
+ * renderDescriptionList
+ *
+ * This function renders the most common form of the PatternFly description list used in our code.
+ * It expects either an array of term/description pairs or an array of `{ term: string, description:
+ * string | TemplateResult }`.
+ *
+ * An optional dictionary of configuration options is available. These enable the Patternfly
+ * "horizontal," "compact", "2 column on large," or "3 column on large" layouts that are (so far)
+ * the layouts used in Authentik's (and Gravity's, for that matter) code.
+ *
+ * This is not a web component and it does not bring its own styling ; calling code will still have
+ * to provide the styling necessary. It is only a function to replace the repetitious boilerplate of
+ * routine description lists. Its output is a standard TemplateResult that will be fully realized
+ * within the context of the DOM or ShadowDOM in which it is called.
+ */
+
+const defaultConfig = {
+    horizontal: false,
+    compact: false,
+    twocolumn: false,
+    threecolumn: false,
+};
+
+export function renderDescriptionList(
+    terms: DescriptionRecord[],
+    config?: DescriptionConfig,
+): TemplateResult;
+
+export function renderDescriptionList(
+    terms: DescriptionPair[],
+    config?: DescriptionConfig,
+): TemplateResult;
+
+export function renderDescriptionList(
+    terms: DescriptionRecord[] | DescriptionPair[] = [],
+    config: DescriptionConfig = defaultConfig,
+) {
+    const checkedTerms = alignTermType(terms);
+    const classes = classMap({
+        "pf-m-horizontal": config.horizontal,
+        "pf-m-compact": config.compact,
+        "pf-m-2-col-on-lg": config.twocolumn,
+        "pf-m-3-col-on-lg": config.threecolumn,
+    });
+
+    return html`
+        <dl class="pf-c-description-list ${classes}">
+            ${map(checkedTerms, renderDescriptionGroup)}
+        </dl>
+    `;
+}
+
+export default renderDescriptionList;
diff --git a/web/src/components/ak-event-info.ts b/web/src/components/ak-event-info.ts
index 6901f31a8..e728958c2 100644
--- a/web/src/components/ak-event-info.ts
+++ b/web/src/components/ak-event-info.ts
@@ -285,10 +285,12 @@ export class EventInfo extends AKElement {
     }
 
     renderEmailSent() {
+        let body = this.event.context.body as string;
+        body = body.replace("cid:logo.png", "/static/dist/assets/icons/icon_left_brand.png");
         return html`<div class="pf-c-card__title">${msg("Email info:")}</div>
             <div class="pf-c-card__body">${this.getEmailInfo(this.event.context)}</div>
             <ak-expand>
-                <iframe srcdoc=${this.event.context.body}></iframe>
+                <iframe srcdoc=${body}></iframe>
             </ak-expand>`;
     }
 
diff --git a/web/src/components/events/ObjectChangelog.ts b/web/src/components/events/ObjectChangelog.ts
index 160a98d73..dcfef105b 100644
--- a/web/src/components/events/ObjectChangelog.ts
+++ b/web/src/components/events/ObjectChangelog.ts
@@ -1,3 +1,5 @@
+import { EventGeo } from "@goauthentik/app/admin/events/utils";
+import { actionToLabel } from "@goauthentik/app/common/labels";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { EventWithContext } from "@goauthentik/common/events";
 import { uiConfig } from "@goauthentik/common/ui/config";
@@ -73,7 +75,7 @@ export class ObjectChangelog extends Table<Event> {
 
     row(item: EventWithContext): TemplateResult[] {
         return [
-            html`${item.action}`,
+            html`${actionToLabel(item.action)}`,
             html`<div>${item.user?.username}</div>
                 ${item.user.on_behalf_of
                     ? html`<small>
@@ -81,7 +83,9 @@ export class ObjectChangelog extends Table<Event> {
                       </small>`
                     : html``}`,
             html`<span>${item.created?.toLocaleString()}</span>`,
-            html`<span>${item.clientIp || msg("-")}</span>`,
+            html`<div>${item.clientIp || msg("-")}</div>
+
+                <small>${EventGeo(item)}</small>`,
         ];
     }
 
diff --git a/web/src/elements/LoadingOverlay.ts b/web/src/elements/LoadingOverlay.ts
index 25ed89667..8420156df 100644
--- a/web/src/elements/LoadingOverlay.ts
+++ b/web/src/elements/LoadingOverlay.ts
@@ -1,5 +1,5 @@
 import { AKElement } from "@goauthentik/elements/Base";
-import { PFSize } from "@goauthentik/elements/Spinner";
+import "@goauthentik/elements/EmptyState";
 
 import { CSSResult, TemplateResult, css, html } from "lit";
 import { customElement, property } from "lit/decorators.js";
@@ -33,6 +33,8 @@ export class LoadingOverlay extends AKElement {
     }
 
     render(): TemplateResult {
-        return html`<ak-spinner size=${PFSize.XLarge}></ak-spinner>`;
+        return html`<ak-empty-state ?loading="${true}">
+            <slot name="body" slot="body"></slot>
+        </ak-empty-state>`;
     }
 }
diff --git a/web/src/elements/PageHeader.ts b/web/src/elements/PageHeader.ts
index e1d4b57c9..7be55996d 100644
--- a/web/src/elements/PageHeader.ts
+++ b/web/src/elements/PageHeader.ts
@@ -79,6 +79,7 @@ export class PageHeader extends WithTenantConfig(AKElement) {
                 }
                 .pf-c-page__main-section {
                     flex-grow: 1;
+                    flex-shrink: 1;
                     display: flex;
                     flex-direction: column;
                     justify-content: center;
diff --git a/web/src/elements/ak-locale-context/definitions.ts b/web/src/elements/ak-locale-context/definitions.ts
index e920e85b1..018c9e2a1 100644
--- a/web/src/elements/ak-locale-context/definitions.ts
+++ b/web/src/elements/ak-locale-context/definitions.ts
@@ -46,6 +46,8 @@ const LOCALE_TABLE: LocaleRow[] = [
     ["es",      /^es([_-]|$)/i,      () => msg("Spanish"),               async () => await import("@goauthentik/locales/es")],
     ["de",      /^de([_-]|$)/i,      () => msg("German"),                async () => await import("@goauthentik/locales/de")],
     ["fr",      /^fr([_-]|$)/i,      () => msg("French"),                async () => await import("@goauthentik/locales/fr")],
+    ["ko",      /^ko([_-]|$)/i,      () => msg("Korean"),                async () => await import("@goauthentik/locales/ko")],
+    ["nl",      /^nl([_-]|$)/i,      () => msg("Dutch"),                 async () => await import("@goauthentik/locales/nl")],
     ["pl",      /^pl([_-]|$)/i,      () => msg("Polish"),                async () => await import("@goauthentik/locales/pl")],
     ["tr",      /^tr([_-]|$)/i,      () => msg("Turkish"),               async () => await import("@goauthentik/locales/tr")],
     ["zh-Hant", /^zh[_-](HK|Hant)/i, () => msg("Chinese (traditional)"), async () => await import("@goauthentik/locales/zh-Hant")],
diff --git a/web/src/elements/enterprise/EnterpriseStatusBanner.ts b/web/src/elements/enterprise/EnterpriseStatusBanner.ts
index 0ac115457..09d376759 100644
--- a/web/src/elements/enterprise/EnterpriseStatusBanner.ts
+++ b/web/src/elements/enterprise/EnterpriseStatusBanner.ts
@@ -21,10 +21,8 @@ export class EnterpriseStatusBanner extends AKElement {
         return [PFBanner];
     }
 
-    firstUpdated(): void {
-        new EnterpriseApi(DEFAULT_CONFIG).enterpriseLicenseSummaryRetrieve().then((b) => {
-            this.summary = b;
-        });
+    async firstUpdated(): Promise<void> {
+        this.summary = await new EnterpriseApi(DEFAULT_CONFIG).enterpriseLicenseSummaryRetrieve();
     }
 
     renderBanner(): TemplateResult {
diff --git a/web/src/elements/table/Table.ts b/web/src/elements/table/Table.ts
index 6175b5296..82fb9f5ae 100644
--- a/web/src/elements/table/Table.ts
+++ b/web/src/elements/table/Table.ts
@@ -13,6 +13,7 @@ import "@goauthentik/elements/table/TableSearch";
 import { msg } from "@lit/localize";
 import { CSSResult, TemplateResult, css, html } from "lit";
 import { property, state } from "lit/decorators.js";
+import { classMap } from "lit/directives/class-map.js";
 import { ifDefined } from "lit/directives/if-defined.js";
 
 import PFButton from "@patternfly/patternfly/components/Button/button.css";
@@ -26,6 +27,11 @@ import PFBase from "@patternfly/patternfly/patternfly-base.css";
 
 import { Pagination, ResponseError } from "@goauthentik/api";
 
+export interface TableLike {
+    order?: string;
+    fetch: () => void;
+}
+
 export class TableColumn {
     title: string;
     orderBy?: string;
@@ -37,19 +43,15 @@ export class TableColumn {
         this.orderBy = orderBy;
     }
 
-    headerClickHandler(table: Table<unknown>): void {
+    headerClickHandler(table: TableLike): void {
         if (!this.orderBy) {
             return;
         }
-        if (table.order === this.orderBy) {
-            table.order = `-${this.orderBy}`;
-        } else {
-            table.order = this.orderBy;
-        }
+        table.order = table.order === this.orderBy ? `-${this.orderBy}` : this.orderBy;
         table.fetch();
     }
 
-    private getSortIndicator(table: Table<unknown>): string {
+    private getSortIndicator(table: TableLike): string {
         switch (table.order) {
             case this.orderBy:
                 return "fa-long-arrow-alt-down";
@@ -60,7 +62,7 @@ export class TableColumn {
         }
     }
 
-    renderSortable(table: Table<unknown>): TemplateResult {
+    renderSortable(table: TableLike): TemplateResult {
         return html` <button
             class="pf-c-table__button"
             @click=${() => this.headerClickHandler(table)}
@@ -74,17 +76,13 @@ export class TableColumn {
         </button>`;
     }
 
-    render(table: Table<unknown>): TemplateResult {
-        return html`<th
-            role="columnheader"
-            scope="col"
-            class="
-                ${this.orderBy ? "pf-c-table__sort " : " "}
-                ${table.order === this.orderBy || table.order === `-${this.orderBy}`
-                ? "pf-m-selected "
-                : ""}
-            "
-        >
+    render(table: TableLike): TemplateResult {
+        const classes = {
+            "pf-c-table__sort": !!this.orderBy,
+            "pf-m-selected": table.order === this.orderBy || table.order === `-${this.orderBy}`,
+        };
+
+        return html`<th role="columnheader" scope="col" class="${classMap(classes)}">
             ${this.orderBy ? this.renderSortable(table) : html`${this.title}`}
         </th>`;
     }
@@ -96,7 +94,7 @@ export interface PaginatedResponse<T> {
     results: Array<T>;
 }
 
-export abstract class Table<T> extends AKElement {
+export abstract class Table<T> extends AKElement implements TableLike {
     abstract apiEndpoint(page: number): Promise<PaginatedResponse<T>>;
     abstract columns(): TableColumn[];
     abstract row(item: T): TemplateResult[];
@@ -130,6 +128,12 @@ export abstract class Table<T> extends AKElement {
     @property({ type: Boolean })
     checkbox = false;
 
+    @property({ type: Boolean })
+    clickable = false;
+
+    @property({ attribute: false })
+    clickHandler: (item: T) => void = () => {};
+
     @property({ type: Boolean })
     radioSelect = false;
 
@@ -230,7 +234,7 @@ export abstract class Table<T> extends AKElement {
         return html`<tr role="row">
             <td role="cell" colspan="25">
                 <div class="pf-l-bullseye">
-                    <ak-empty-state ?loading="${true}" header=${msg("Loading")}> </ak-empty-state>
+                    <ak-empty-state loading header=${msg("Loading")}> </ak-empty-state>
                 </div>
             </td>
         </tr>`;
@@ -241,11 +245,10 @@ export abstract class Table<T> extends AKElement {
             <tr role="row">
                 <td role="cell" colspan="8">
                     <div class="pf-l-bullseye">
-                        ${inner
-                            ? inner
-                            : html`<ak-empty-state header="${msg("No objects found.")}"
-                                  ><div slot="primary">${this.renderObjectCreate()}</div>
-                              </ak-empty-state>`}
+                        ${inner ??
+                        html`<ak-empty-state header="${msg("No objects found.")}"
+                            ><div slot="primary">${this.renderObjectCreate()}</div>
+                        </ak-empty-state>`}
                     </div>
                 </td>
             </tr>
@@ -257,14 +260,13 @@ export abstract class Table<T> extends AKElement {
     }
 
     renderError(): TemplateResult {
-        if (!this.error) {
-            return html``;
-        }
-        return html`<ak-empty-state header="${msg("Failed to fetch objects.")}" icon="fa-times">
-            ${this.error instanceof ResponseError
-                ? html` <div slot="body">${this.error.message}</div> `
-                : html`<div slot="body">${this.error.detail}</div>`}
-        </ak-empty-state>`;
+        return this.error
+            ? html`<ak-empty-state header="${msg("Failed to fetch objects.")}" icon="fa-times">
+                  ${this.error instanceof ResponseError
+                      ? html` <div slot="body">${this.error.message}</div> `
+                      : html`<div slot="body">${this.error.detail}</div>`}
+              </ak-empty-state>`
+            : html``;
     }
 
     private renderRows(): TemplateResult[] | undefined {
@@ -294,104 +296,93 @@ export abstract class Table<T> extends AKElement {
     private renderRowGroup(items: T[]): TemplateResult[] {
         return items.map((item) => {
             const itemSelectHandler = (ev: InputEvent | PointerEvent) => {
-                let checked = false;
                 const target = ev.target as HTMLElement;
-                if (ev.type === "input") {
-                    checked = (target as HTMLInputElement).checked;
-                } else if (ev instanceof PointerEvent) {
-                    if (target.classList.contains("ignore-click")) {
-                        return;
-                    }
-                    checked = this.selectedElements.indexOf(item) === -1;
-                }
-                if (checked) {
-                    // Prevent double-adding the element to selected items
-                    if (this.selectedElements.indexOf(item) !== -1) {
-                        return;
-                    }
-                    // Add item to selected
-                    this.selectedElements.push(item);
-                } else {
-                    // Get index of item and remove if selected
-                    const index = this.selectedElements.indexOf(item);
-                    if (index <= -1) return;
-                    this.selectedElements.splice(index, 1);
-                }
-                this.requestUpdate();
-                // Unset select-all if selectedElements is empty
-                const selectAllCheckbox =
-                    this.shadowRoot?.querySelector<HTMLInputElement>("[name=select-all]");
-                if (!selectAllCheckbox) {
+                if (ev instanceof PointerEvent && target.classList.contains("ignore-click")) {
                     return;
                 }
-                if (this.selectedElements.length < 1) {
-                    selectAllCheckbox.checked = false;
-                    this.requestUpdate();
+
+                const selected = this.selectedElements.includes(item);
+                const checked =
+                    ev instanceof PointerEvent ? !selected : (target as HTMLInputElement).checked;
+
+                if ((checked && selected) || !(checked || selected)) {
+                    return;
                 }
+
+                this.selectedElements = this.selectedElements.filter((i) => i !== item);
+                if (checked) {
+                    this.selectedElements.push(item);
+                }
+
+                const selectAllCheckbox =
+                    this.shadowRoot?.querySelector<HTMLInputElement>("[name=select-all]");
+                if (selectAllCheckbox && this.selectedElements.length < 1) {
+                    selectAllCheckbox.checked = false;
+                }
+
+                this.requestUpdate();
             };
-            return html`<tbody
-                role="rowgroup"
-                class="${this.expandedElements.indexOf(item) > -1 ? "pf-m-expanded" : ""}"
-            >
+
+            const renderCheckbox = () =>
+                html`<td class="pf-c-table__check" role="cell">
+                    <label class="ignore-click"
+                        ><input
+                            type="checkbox"
+                            class="ignore-click"
+                            .checked=${this.selectedElements.includes(item)}
+                            @input=${itemSelectHandler}
+                            @click=${(ev: Event) => {
+                                ev.stopPropagation();
+                            }}
+                    /></label>
+                </td>`;
+
+            const handleExpansion = (ev: Event) => {
+                ev.stopPropagation();
+                const expanded = this.expandedElements.includes(item);
+                this.expandedElements = this.expandedElements.filter((i) => i !== item);
+                if (!expanded) {
+                    this.expandedElements.push(item);
+                }
+                this.requestUpdate();
+            };
+
+            const expandedClass = {
+                "pf-m-expanded": this.expandedElements.includes(item),
+            };
+
+            const renderExpansion = () => {
+                return html`<td class="pf-c-table__toggle" role="cell">
+                    <button
+                        class="pf-c-button pf-m-plain ${classMap(expandedClass)}"
+                        @click=${handleExpansion}
+                    >
+                        <div class="pf-c-table__toggle-icon">
+                            &nbsp;<i class="fas fa-angle-down" aria-hidden="true"></i>&nbsp;
+                        </div>
+                    </button>
+                </td>`;
+            };
+
+            return html`<tbody role="rowgroup" class="${classMap(expandedClass)}">
                 <tr
                     role="row"
-                    class="${this.checkbox ? "pf-m-hoverable" : ""}"
-                    @click=${itemSelectHandler}
+                    class="${this.checkbox || this.clickable ? "pf-m-hoverable" : ""}"
+                    @click=${this.clickable
+                        ? () => {
+                              this.clickHandler(item);
+                          }
+                        : itemSelectHandler}
                 >
-                    ${this.checkbox
-                        ? html`<td class="pf-c-table__check" role="cell">
-                              <label class="ignore-click"
-                                  ><input
-                                      type="checkbox"
-                                      class="ignore-click"
-                                      .checked=${this.selectedElements.indexOf(item) >= 0}
-                                      @input=${itemSelectHandler}
-                                      @click=${(ev: Event) => {
-                                          ev.stopPropagation();
-                                      }}
-                              /></label>
-                          </td>`
-                        : html``}
-                    ${this.expandable
-                        ? html`<td class="pf-c-table__toggle" role="cell">
-                              <button
-                                  class="pf-c-button pf-m-plain ${this.expandedElements.indexOf(
-                                      item,
-                                  ) > -1
-                                      ? "pf-m-expanded"
-                                      : ""}"
-                                  @click=${(ev: Event) => {
-                                      ev.stopPropagation();
-                                      const idx = this.expandedElements.indexOf(item);
-                                      if (idx <= -1) {
-                                          // Element is not expanded, add it
-                                          this.expandedElements.push(item);
-                                      } else {
-                                          // Element is expanded, remove it
-                                          this.expandedElements.splice(idx, 1);
-                                      }
-                                      this.requestUpdate();
-                                  }}
-                              >
-                                  <div class="pf-c-table__toggle-icon">
-                                      &nbsp;<i class="fas fa-angle-down" aria-hidden="true"></i
-                                      >&nbsp;
-                                  </div>
-                              </button>
-                          </td>`
-                        : html``}
+                    ${this.checkbox ? renderCheckbox() : html``}
+                    ${this.expandable ? renderExpansion() : html``}
                     ${this.row(item).map((col) => {
                         return html`<td role="cell">${col}</td>`;
                     })}
                 </tr>
-                <tr
-                    class="pf-c-table__expandable-row ${this.expandedElements.indexOf(item) > -1
-                        ? "pf-m-expanded"
-                        : ""}"
-                    role="row"
-                >
+                <tr class="pf-c-table__expandable-row ${classMap(expandedClass)}" role="row">
                     <td></td>
-                    ${this.expandedElements.indexOf(item) > -1 ? this.renderExpanded(item) : html``}
+                    ${this.expandedElements.includes(item) ? this.renderExpanded(item) : html``}
                 </tr>
             </tbody>`;
         });
@@ -418,28 +409,24 @@ export abstract class Table<T> extends AKElement {
     }
 
     renderSearch(): TemplateResult {
-        if (!this.searchEnabled()) {
-            return html``;
-        }
-        return html`<div class="pf-c-toolbar__group pf-m-search-filter">
-            <ak-table-search
-                class="pf-c-toolbar__item pf-m-search-filter"
-                value=${ifDefined(this.search)}
-                .onSearch=${(value: string) => {
-                    this.search = value;
-                    this.fetch();
-                    updateURLParams({
-                        search: value,
-                    });
-                }}
-            >
-            </ak-table-search>
-        </div>`;
-    }
+        const runSearch = (value: string) => {
+            this.search = value;
+            updateURLParams({
+                search: value,
+            });
+            this.fetch();
+        };
 
-    // eslint-disable-next-line @typescript-eslint/no-unused-vars
-    renderSelectedChip(item: T): TemplateResult {
-        return html``;
+        return !this.searchEnabled()
+            ? html``
+            : html`<div class="pf-c-toolbar__group pf-m-search-filter">
+                  <ak-table-search
+                      class="pf-c-toolbar__item pf-m-search-filter"
+                      value=${ifDefined(this.search)}
+                      .onSearch=${runSearch}
+                  >
+                  </ak-table-search>
+              </div>`;
     }
 
     renderToolbarContainer(): TemplateResult {
@@ -449,18 +436,7 @@ export abstract class Table<T> extends AKElement {
                 <div class="pf-c-toolbar__bulk-select">${this.renderToolbar()}</div>
                 <div class="pf-c-toolbar__group">${this.renderToolbarAfter()}</div>
                 <div class="pf-c-toolbar__group">${this.renderToolbarSelected()}</div>
-                ${this.paginated
-                    ? html`<ak-table-pagination
-                          class="pf-c-toolbar__item pf-m-pagination"
-                          .pages=${this.data?.pagination}
-                          .pageChangeHandler=${(page: number) => {
-                              this.page = page;
-                              updateURLParams({ tablePage: page });
-                              this.fetch();
-                          }}
-                      >
-                      </ak-table-pagination>`
-                    : html``}
+                ${this.paginated ? this.renderTablePagination() : html``}
             </div>
         </div>`;
     }
@@ -469,57 +445,87 @@ export abstract class Table<T> extends AKElement {
         this.fetch();
     }
 
+    /* The checkbox on the table header row that allows the user to "activate all on this page,"
+     * "deactivate all on this page" with a single click.
+     */
+    renderAllOnThisPageCheckbox(): TemplateResult {
+        const checked =
+            this.selectedElements.length === this.data?.results.length &&
+            this.selectedElements.length > 0;
+
+        const onInput = (ev: InputEvent) => {
+            this.selectedElements = (ev.target as HTMLInputElement).checked
+                ? this.data?.results.slice(0) || []
+                : [];
+        };
+
+        return html`<td class="pf-c-table__check" role="cell">
+            <input
+                name="select-all"
+                type="checkbox"
+                aria-label=${msg("Select all rows")}
+                .checked=${checked}
+                @input=${onInput}
+            />
+        </td>`;
+    }
+
+    /* For very large tables where the user is selecting a limited number of entries, we provide a
+     * chip-based subtable at the top that shows the list of selected entries. Long text result in
+     * ellipsized chips, which is sub-optimal.
+     */
+    renderSelectedChip(_item: T): TemplateResult {
+        // Override this for chip-based displays
+        return html``;
+    }
+
+    get needChipGroup() {
+        return this.checkbox && this.checkboxChip;
+    }
+
+    renderChipGroup(): TemplateResult {
+        return html`<ak-chip-group>
+            ${this.selectedElements.map((el) => {
+                return html`<ak-chip>${this.renderSelectedChip(el)}</ak-chip>`;
+            })}
+        </ak-chip-group>`;
+    }
+
+    /* A simple pagination display, shown at both the top and bottom of the page. */
+    renderTablePagination(): TemplateResult {
+        const handler = (page: number) => {
+            updateURLParams({ tablePage: page });
+            this.page = page;
+            this.fetch();
+        };
+
+        return html`
+            <ak-table-pagination
+                class="pf-c-toolbar__item pf-m-pagination"
+                .pages=${this.data?.pagination}
+                .pageChangeHandler=${handler}
+            >
+            </ak-table-pagination>
+        `;
+    }
+
     renderTable(): TemplateResult {
-        return html` ${this.checkbox && this.checkboxChip
-                ? html`<ak-chip-group>
-                      ${this.selectedElements.map((el) => {
-                          return html`<ak-chip>${this.renderSelectedChip(el)}</ak-chip>`;
-                      })}
-                  </ak-chip-group>`
-                : html``}
+        const renderBottomPagination = () =>
+            html`<div class="pf-c-pagination pf-m-bottom">${this.renderTablePagination()}</div>`;
+
+        return html` ${this.needChipGroup ? this.renderChipGroup() : html``}
             ${this.renderToolbarContainer()}
             <table class="pf-c-table pf-m-compact pf-m-grid-md pf-m-expandable">
                 <thead>
                     <tr role="row">
-                        ${this.checkbox
-                            ? html`<td class="pf-c-table__check" role="cell">
-                                  <input
-                                      name="select-all"
-                                      type="checkbox"
-                                      aria-label=${msg("Select all rows")}
-                                      .checked=${this.selectedElements.length ===
-                                          this.data?.results.length &&
-                                      this.selectedElements.length > 0}
-                                      @input=${(ev: InputEvent) => {
-                                          if ((ev.target as HTMLInputElement).checked) {
-                                              this.selectedElements =
-                                                  this.data?.results.slice(0) || [];
-                                          } else {
-                                              this.selectedElements = [];
-                                          }
-                                      }}
-                                  />
-                              </td>`
-                            : html``}
+                        ${this.checkbox ? this.renderAllOnThisPageCheckbox() : html``}
                         ${this.expandable ? html`<td role="cell"></td>` : html``}
                         ${this.columns().map((col) => col.render(this))}
                     </tr>
                 </thead>
                 ${this.renderRows()}
             </table>
-            ${this.paginated
-                ? html` <div class="pf-c-pagination pf-m-bottom">
-                      <ak-table-pagination
-                          class="pf-c-toolbar__item pf-m-pagination"
-                          .pages=${this.data?.pagination}
-                          .pageChangeHandler=${(page: number) => {
-                              this.page = page;
-                              this.fetch();
-                          }}
-                      >
-                      </ak-table-pagination>
-                  </div>`
-                : html``}`;
+            ${this.paginated ? renderBottomPagination() : html``}`;
     }
 
     render(): TemplateResult {
diff --git a/web/src/elements/table/TableModal.ts b/web/src/elements/table/TableModal.ts
index 328f5ffdf..341951fe6 100644
--- a/web/src/elements/table/TableModal.ts
+++ b/web/src/elements/table/TableModal.ts
@@ -19,7 +19,18 @@ export abstract class TableModal<T> extends Table<T> {
     size: PFSize = PFSize.Large;
 
     @property({ type: Boolean })
-    open = false;
+    set open(value: boolean) {
+        this._open = value;
+        if (value) {
+            this.fetch();
+        }
+    }
+
+    get open(): boolean {
+        return this._open;
+    }
+
+    _open = false;
 
     static get styles(): CSSResult[] {
         return super.styles.concat(
@@ -43,6 +54,13 @@ export abstract class TableModal<T> extends Table<T> {
         });
     }
 
+    public async fetch(): Promise<void> {
+        if (!this.open) {
+            return;
+        }
+        return super.fetch();
+    }
+
     resetForms(): void {
         this.querySelectorAll<HTMLFormElement>("[slot=form]").forEach((form) => {
             if ("resetForm" in form) {
diff --git a/web/src/enterprise/rac/index.ts b/web/src/enterprise/rac/index.ts
new file mode 100644
index 000000000..e5a9e04e7
--- /dev/null
+++ b/web/src/enterprise/rac/index.ts
@@ -0,0 +1,326 @@
+import { TITLE_DEFAULT } from "@goauthentik/app/common/constants";
+import { Interface } from "@goauthentik/elements/Interface";
+import "@goauthentik/elements/LoadingOverlay";
+import Guacamole from "guacamole-common-js";
+
+import { msg, str } from "@lit/localize";
+import { CSSResult, TemplateResult, css, html } from "lit";
+import { customElement, property, state } from "lit/decorators.js";
+
+import AKGlobal from "@goauthentik/common/styles/authentik.css";
+import PFContent from "@patternfly/patternfly/components/Content/content.css";
+import PFPage from "@patternfly/patternfly/components/Page/page.css";
+import PFBase from "@patternfly/patternfly/patternfly-base.css";
+
+enum GuacClientState {
+    IDLE = 0,
+    CONNECTING = 1,
+    WAITING = 2,
+    CONNECTED = 3,
+    DISCONNECTING = 4,
+    DISCONNECTED = 5,
+}
+
+const AUDIO_INPUT_MIMETYPE = "audio/L16;rate=44100,channels=2";
+const RECONNECT_ATTEMPTS_INITIAL = 5;
+const RECONNECT_ATTEMPTS = 5;
+
+@customElement("ak-rac")
+export class RacInterface extends Interface {
+    static get styles(): CSSResult[] {
+        return [
+            PFBase,
+            PFPage,
+            PFContent,
+            AKGlobal,
+            css`
+                :host {
+                    cursor: none;
+                }
+                canvas {
+                    z-index: unset !important;
+                }
+                .container {
+                    overflow: hidden;
+                    height: 100vh;
+                    background-color: black;
+                    display: flex;
+                    justify-content: center;
+                    align-items: center;
+                }
+                ak-loading-overlay {
+                    z-index: 5;
+                }
+            `,
+        ];
+    }
+
+    client?: Guacamole.Client;
+    tunnel?: Guacamole.Tunnel;
+
+    @state()
+    container?: HTMLElement;
+
+    @state()
+    clientState?: GuacClientState;
+
+    @state()
+    reconnectingMessage = "";
+
+    @property()
+    token?: string;
+
+    @property()
+    endpointName?: string;
+
+    @state()
+    clipboardWatcherTimer = 0;
+
+    _previousClipboardValue: unknown;
+
+    // Set to `true` if we've successfully connected once
+    hasConnected = false;
+    // Keep track of current connection attempt
+    connectionAttempt = 0;
+
+    static domSize(): DOMRect {
+        return document.body.getBoundingClientRect();
+    }
+
+    constructor() {
+        super();
+        this.initKeyboard();
+        this.checkClipboard();
+        this.clipboardWatcherTimer = setInterval(
+            this.checkClipboard.bind(this),
+            500,
+        ) as unknown as number;
+    }
+
+    connectedCallback(): void {
+        super.connectedCallback();
+        window.addEventListener(
+            "focus",
+            () => {
+                this.checkClipboard();
+            },
+            {
+                capture: false,
+            },
+        );
+        window.addEventListener("resize", () => {
+            this.client?.sendSize(
+                Math.floor(RacInterface.domSize().width),
+                Math.floor(RacInterface.domSize().height),
+            );
+        });
+    }
+
+    disconnectedCallback(): void {
+        super.disconnectedCallback();
+        clearInterval(this.clipboardWatcherTimer);
+    }
+
+    async firstUpdated(): Promise<void> {
+        this.updateTitle();
+        const wsUrl = `${window.location.protocol.replace("http", "ws")}//${
+            window.location.host
+        }/ws/rac/${this.token}/`;
+        this.tunnel = new Guacamole.WebSocketTunnel(wsUrl);
+        this.tunnel.receiveTimeout = 10 * 1000; // 10 seconds
+        this.tunnel.onerror = (status) => {
+            console.debug("authentik/rac: tunnel error: ", status);
+            this.reconnect();
+        };
+        this.client = new Guacamole.Client(this.tunnel);
+        this.client.onerror = (err) => {
+            console.debug("authentik/rac: error: ", err);
+            this.reconnect();
+        };
+        this.client.onstatechange = (state) => {
+            this.clientState = state;
+            if (state === GuacClientState.CONNECTED) {
+                this.onConnected();
+            }
+        };
+        this.client.onclipboard = (stream, mimetype) => {
+            // If the received data is text, read it as a simple string
+            if (/^text\//.exec(mimetype)) {
+                const reader = new Guacamole.StringReader(stream);
+                let data = "";
+                reader.ontext = (text) => {
+                    data += text;
+                };
+                reader.onend = () => {
+                    this._previousClipboardValue = data;
+                    navigator.clipboard.writeText(data);
+                };
+            } else {
+                const reader = new Guacamole.BlobReader(stream, mimetype);
+                reader.onend = () => {
+                    const blob = reader.getBlob();
+                    navigator.clipboard.write([
+                        new ClipboardItem({
+                            [blob.type]: blob,
+                        }),
+                    ]);
+                };
+            }
+            console.debug("authentik/rac: updated clipboard from remote");
+        };
+        const params = new URLSearchParams();
+        params.set("screen_width", Math.floor(RacInterface.domSize().width).toString());
+        params.set("screen_height", Math.floor(RacInterface.domSize().height).toString());
+        params.set("screen_dpi", (window.devicePixelRatio * 96).toString());
+        this.client.connect(params.toString());
+    }
+
+    reconnect(): void {
+        this.clientState = undefined;
+        this.connectionAttempt += 1;
+        if (!this.hasConnected) {
+            // Check connection attempts if we haven't had a successful connection
+            if (this.connectionAttempt >= RECONNECT_ATTEMPTS_INITIAL) {
+                this.hasConnected = true;
+                this.reconnectingMessage = msg(
+                    str`Connection failed after ${this.connectionAttempt} attempts.`,
+                );
+                return;
+            }
+        } else {
+            if (this.connectionAttempt >= RECONNECT_ATTEMPTS) {
+                this.reconnectingMessage = msg(
+                    str`Connection failed after ${this.connectionAttempt} attempts.`,
+                );
+                return;
+            }
+        }
+        const delay = 500 * this.connectionAttempt;
+        this.reconnectingMessage = msg(
+            str`Re-connecting in ${Math.max(1, delay / 1000)} second(s).`,
+        );
+        setTimeout(() => {
+            this.firstUpdated();
+        }, delay);
+    }
+
+    updateTitle(): void {
+        let title = this.tenant?.brandingTitle || TITLE_DEFAULT;
+        if (this.endpointName) {
+            title = `${this.endpointName} - ${title}`;
+        }
+        document.title = `${title}`;
+    }
+
+    onConnected(): void {
+        console.debug("authentik/rac: connected");
+        if (!this.client) {
+            return;
+        }
+        this.hasConnected = true;
+        this.container = this.client.getDisplay().getElement();
+        this.initMouse(this.container);
+        this.client?.sendSize(
+            Math.floor(RacInterface.domSize().width),
+            Math.floor(RacInterface.domSize().height),
+        );
+    }
+
+    initMouse(container: HTMLElement): void {
+        const mouse = new Guacamole.Mouse(container);
+        const handler = (mouseState: Guacamole.Mouse.State, scaleMouse = false) => {
+            if (!this.client) return;
+
+            if (scaleMouse) {
+                mouseState.y = mouseState.y / this.client.getDisplay().getScale();
+                mouseState.x = mouseState.x / this.client.getDisplay().getScale();
+            }
+
+            this.client.sendMouseState(mouseState);
+        };
+        // @ts-ignore
+        mouse.onEach(["mouseup", "mousedown"], (ev: Guacamole.Mouse.Event) => {
+            this.container?.focus();
+            handler(ev.state);
+        });
+        // @ts-ignore
+        mouse.on("mousemove", (ev: Guacamole.Mouse.Event) => {
+            handler(ev.state, true);
+        });
+    }
+
+    initAudioInput(): void {
+        const stream = this.client?.createAudioStream(AUDIO_INPUT_MIMETYPE);
+        if (!stream) return;
+        // Guacamole.AudioPlayer
+        const recorder = Guacamole.AudioRecorder.getInstance(stream, AUDIO_INPUT_MIMETYPE);
+        // If creation of the AudioRecorder failed, simply end the stream
+        if (!recorder) {
+            stream.sendEnd();
+            return;
+        }
+        // Otherwise, ensure that another audio stream is created after this
+        // audio stream is closed
+        recorder.onclose = this.initAudioInput.bind(this);
+    }
+
+    initKeyboard(): void {
+        const keyboard = new Guacamole.Keyboard(document);
+        keyboard.onkeydown = (keysym) => {
+            this.client?.sendKeyEvent(1, keysym);
+        };
+        keyboard.onkeyup = (keysym) => {
+            this.client?.sendKeyEvent(0, keysym);
+        };
+    }
+
+    async checkClipboard(): Promise<void> {
+        try {
+            if (!this._previousClipboardValue) {
+                this._previousClipboardValue = await navigator.clipboard.readText();
+                return;
+            }
+            const newValue = await navigator.clipboard.readText();
+            if (newValue !== this._previousClipboardValue) {
+                console.debug(`authentik/rac: new clipboard value: ${newValue}`);
+                this._previousClipboardValue = newValue;
+                this.writeClipboard(newValue);
+            }
+        } catch (ex) {
+            // The error is most likely caused by the document not being in focus
+            // in which case we can ignore it and just retry
+            if (ex instanceof DOMException) {
+                return;
+            }
+            console.warn("authentik/rac: error reading clipboard", ex);
+        }
+    }
+
+    private writeClipboard(value: string) {
+        if (!this.client) {
+            return;
+        }
+        const stream = this.client.createClipboardStream("text/plain");
+        const writer = new Guacamole.StringWriter(stream);
+        writer.sendText(value);
+        writer.sendEnd();
+        console.debug("authentik/rac: Sent clipboard");
+    }
+
+    render(): TemplateResult {
+        return html`
+            ${this.clientState !== GuacClientState.CONNECTED
+                ? html`
+                      <ak-loading-overlay>
+                          <span slot="body">
+                              ${this.hasConnected
+                                  ? html`${this.reconnectingMessage}`
+                                  : html`${msg("Connecting...")}`}
+                          </span>
+                      </ak-loading-overlay>
+                  `
+                : html``}
+            <div class="container">${this.container}</div>
+        `;
+    }
+}
diff --git a/web/src/flow/FlowExecutor.ts b/web/src/flow/FlowExecutor.ts
index 595c52585..e0d31e421 100644
--- a/web/src/flow/FlowExecutor.ts
+++ b/web/src/flow/FlowExecutor.ts
@@ -37,8 +37,8 @@ import {
     ContextualFlowInfo,
     FlowChallengeResponseRequest,
     FlowErrorChallenge,
+    FlowLayoutEnum,
     FlowsApi,
-    LayoutEnum,
     ResponseError,
     ShellChallenge,
     UiThemeEnum,
@@ -115,8 +115,10 @@ export class FlowExecutor extends Interface implements StageHost {
                 background-color: transparent;
             }
             /* layouts */
-            .pf-c-login.stacked .pf-c-login__main {
-                margin-top: 13rem;
+            @media (min-height: 60rem) {
+                .pf-c-login.stacked .pf-c-login__main {
+                    margin-top: 13rem;
+                }
             }
             .pf-c-login__container.content-right {
                 grid-template-areas:
@@ -451,7 +453,7 @@ export class FlowExecutor extends Interface implements StageHost {
     }
 
     getLayout(): string {
-        const prefilledFlow = globalAK()?.flow?.layout || LayoutEnum.Stacked;
+        const prefilledFlow = globalAK()?.flow?.layout || FlowLayoutEnum.Stacked;
         if (this.challenge) {
             return this.challenge?.flowInfo?.layout || prefilledFlow;
         }
@@ -461,11 +463,11 @@ export class FlowExecutor extends Interface implements StageHost {
     getLayoutClass(): string {
         const layout = this.getLayout();
         switch (layout) {
-            case LayoutEnum.ContentLeft:
+            case FlowLayoutEnum.ContentLeft:
                 return "pf-c-login__container";
-            case LayoutEnum.ContentRight:
+            case FlowLayoutEnum.ContentRight:
                 return "pf-c-login__container content-right";
-            case LayoutEnum.Stacked:
+            case FlowLayoutEnum.Stacked:
             default:
                 return "ak-login-container";
         }
diff --git a/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts b/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts
index 351b890d6..403a80756 100644
--- a/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts
+++ b/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts
@@ -89,6 +89,9 @@ export class AuthenticatorValidateStage
                 display: flex;
                 align-items: center;
             }
+            :host([theme="dark"]) .authenticator-button {
+                color: var(--ak-dark-foreground) !important;
+            }
             i {
                 font-size: 1.5rem;
                 padding: 1rem 0;
diff --git a/web/src/flow/stages/captcha/CaptchaStage.ts b/web/src/flow/stages/captcha/CaptchaStage.ts
index 7690fc626..753bda99c 100644
--- a/web/src/flow/stages/captcha/CaptchaStage.ts
+++ b/web/src/flow/stages/captcha/CaptchaStage.ts
@@ -1,11 +1,11 @@
 ///<reference types="@hcaptcha/types"/>
-///<reference types="turnstile-types"/>
 import "@goauthentik/elements/EmptyState";
 import { PFSize } from "@goauthentik/elements/Spinner";
 import "@goauthentik/elements/forms/FormElement";
 import "@goauthentik/flow/FormStatic";
 import "@goauthentik/flow/stages/access_denied/AccessDeniedStage";
 import { BaseStage } from "@goauthentik/flow/stages/base";
+import type { TurnstileObject } from "turnstile-types";
 
 import { msg } from "@lit/localize";
 import { CSSResult, TemplateResult, html } from "lit";
@@ -21,6 +21,10 @@ import PFBase from "@patternfly/patternfly/patternfly-base.css";
 
 import { CaptchaChallenge, CaptchaChallengeResponseRequest } from "@goauthentik/api";
 
+interface TurnstileWindow extends Window {
+    turnstile: TurnstileObject;
+}
+
 @customElement("ak-stage-captcha")
 export class CaptchaStage extends BaseStage<CaptchaChallenge, CaptchaChallengeResponseRequest> {
     static get styles(): CSSResult[] {
@@ -110,9 +114,8 @@ export class CaptchaStage extends BaseStage<CaptchaChallenge, CaptchaChallengeRe
         if (!Object.hasOwn(window, "turnstile")) {
             return false;
         }
-        window.turnstile.render(container, {
+        (window as unknown as TurnstileWindow).turnstile.render(container, {
             sitekey: this.challenge.siteKey,
-            size: "invisible",
             callback: (token) => {
                 this.host?.submit({
                     token: token,
diff --git a/web/src/global.d.ts b/web/src/global.d.ts
index b7b3dfdf8..059e86815 100644
--- a/web/src/global.d.ts
+++ b/web/src/global.d.ts
@@ -1,4 +1,5 @@
 declare module "*.css";
+
 declare module "*.md" {
     const html: string;
     const metadata: { [key: string]: string };
diff --git a/web/src/locale-codes.ts b/web/src/locale-codes.ts
index 86337dc8d..8b7a36ac1 100644
--- a/web/src/locale-codes.ts
+++ b/web/src/locale-codes.ts
@@ -15,10 +15,13 @@ export const targetLocales = [
   `en`,
   `es`,
   `fr`,
+  `ko`,
+  `nl`,
   `pl`,
   `pseudo-LOCALE`,
   `tr`,
   `zh_TW`,
+  `zh-CN`,
   `zh-Hans`,
   `zh-Hant`,
 ] as const;
@@ -32,10 +35,13 @@ export const allLocales = [
   `en`,
   `es`,
   `fr`,
+  `ko`,
+  `nl`,
   `pl`,
   `pseudo-LOCALE`,
   `tr`,
   `zh_TW`,
+  `zh-CN`,
   `zh-Hans`,
   `zh-Hant`,
 ] as const;
diff --git a/web/src/user/LibraryApplication/RACLaunchEndpointModal.ts b/web/src/user/LibraryApplication/RACLaunchEndpointModal.ts
new file mode 100644
index 000000000..40f5668f7
--- /dev/null
+++ b/web/src/user/LibraryApplication/RACLaunchEndpointModal.ts
@@ -0,0 +1,71 @@
+import { DEFAULT_CONFIG } from "@goauthentik/app/common/api/config";
+import { PaginatedResponse, TableColumn } from "@goauthentik/app/elements/table/Table";
+import { TableModal } from "@goauthentik/app/elements/table/TableModal";
+
+import { msg } from "@lit/localize";
+import { TemplateResult, html } from "lit";
+import { customElement, property } from "lit/decorators.js";
+
+import { Application, Endpoint, RacApi } from "@goauthentik/api";
+
+@customElement("ak-library-rac-endpoint-launch")
+export class RACLaunchEndpointModal extends TableModal<Endpoint> {
+    clickable = true;
+    searchEnabled(): boolean {
+        return true;
+    }
+
+    clickHandler = (item: Endpoint) => {
+        if (!item.launchUrl) {
+            return;
+        }
+        if (this.app?.openInNewTab) {
+            window.open(item.launchUrl);
+        } else {
+            window.location.assign(item.launchUrl);
+        }
+    };
+
+    @property({ attribute: false })
+    app?: Application;
+
+    async apiEndpoint(page: number): Promise<PaginatedResponse<Endpoint>> {
+        const endpoints = await new RacApi(DEFAULT_CONFIG).racEndpointsList({
+            provider: this.app?.provider || 0,
+            page: page,
+            search: this.search,
+        });
+        if (this.open && endpoints.pagination.count === 1) {
+            this.clickHandler(endpoints.results[0]);
+            this.open = false;
+        }
+        return endpoints;
+    }
+
+    columns(): TableColumn[] {
+        return [new TableColumn("Name")];
+    }
+
+    row(item: Endpoint): TemplateResult[] {
+        return [html`${item.name}`];
+    }
+
+    renderModalInner(): TemplateResult {
+        return html`<section class="pf-c-modal-box__header pf-c-page__main-section pf-m-light">
+                <div class="pf-c-content">
+                    <h1 class="pf-c-title pf-m-2xl">${msg("Select endpoint to connect to")}</h1>
+                </div>
+            </section>
+            <section class="pf-c-modal-box__body pf-m-light">${this.renderTable()}</section>
+            <footer class="pf-c-modal-box__footer">
+                <ak-spinner-button
+                    .callAction=${async () => {
+                        this.open = false;
+                    }}
+                    class="pf-m-secondary"
+                >
+                    ${msg("Cancel")}
+                </ak-spinner-button>
+            </footer>`;
+    }
+}
diff --git a/web/src/user/LibraryApplication/index.ts b/web/src/user/LibraryApplication/index.ts
index 282ce63b2..35f60804f 100644
--- a/web/src/user/LibraryApplication/index.ts
+++ b/web/src/user/LibraryApplication/index.ts
@@ -3,6 +3,7 @@ import { truncateWords } from "@goauthentik/common/utils";
 import "@goauthentik/components/ak-app-icon";
 import { AKElement, rootInterface } from "@goauthentik/elements/Base";
 import "@goauthentik/elements/Expand";
+import "@goauthentik/user/LibraryApplication/RACLaunchEndpointModal";
 import { UserInterface } from "@goauthentik/user/UserInterface";
 
 import { msg } from "@lit/localize";
@@ -85,6 +86,22 @@ export class LibraryApplication extends AKElement {
         </ak-expand>`;
     }
 
+    renderLaunch(): TemplateResult {
+        if (!this.application) {
+            return html``;
+        }
+        if (this.application?.launchUrl === "goauthentik.io://providers/rac/launch") {
+            return html`<ak-library-rac-endpoint-launch .app=${this.application}>
+                <a slot="trigger"> ${this.application.name} </a>
+            </ak-library-rac-endpoint-launch>`;
+        }
+        return html`<a
+            href="${ifDefined(this.application.launchUrl ?? "")}"
+            target="${ifDefined(this.application.openInNewTab ? "_blank" : undefined)}"
+            >${this.application.name}</a
+        >`;
+    }
+
     render(): TemplateResult {
         if (!this.application) {
             return html`<ak-spinner></ak-spinner>`;
@@ -111,13 +128,7 @@ export class LibraryApplication extends AKElement {
                     <ak-app-icon size=${PFSize.Large} .app=${this.application}></ak-app-icon>
                 </a>
             </div>
-            <div class="pf-c-card__title">
-                <a
-                    href="${ifDefined(this.application.launchUrl ?? "")}"
-                    target="${ifDefined(this.application.openInNewTab ? "_blank" : undefined)}"
-                    >${this.application.name}</a
-                >
-            </div>
+            <div class="pf-c-card__title">${this.renderLaunch()}</div>
             <div class="expander"></div>
             ${expandable ? this.renderExpansion(this.application) : nothing}
         </div>`;
diff --git a/web/src/user/LibraryPage/LibraryPageImpl.utils.ts b/web/src/user/LibraryPage/LibraryPageImpl.utils.ts
index bac9186e8..0b3375dc3 100644
--- a/web/src/user/LibraryPage/LibraryPageImpl.utils.ts
+++ b/web/src/user/LibraryPage/LibraryPageImpl.utils.ts
@@ -2,10 +2,16 @@ import type { Application } from "@goauthentik/api";
 
 const isFullUrlRe = new RegExp("://");
 const isHttpRe = new RegExp("http(s?)://");
+const isAuthentikSpecialRe = new RegExp("goauthentik.io://");
 const isNotFullUrl = (url: string) => !isFullUrlRe.test(url);
 const isHttp = (url: string) => isHttpRe.test(url);
+const isAuthentikSpecial = (url: string) => isAuthentikSpecialRe.test(url);
 
 export const appHasLaunchUrl = (app: Application) => {
     const url = app.launchUrl;
-    return !!(typeof url === "string" && url !== "" && (isHttp(url) || isNotFullUrl(url)));
+    return !!(
+        typeof url === "string" &&
+        url !== "" &&
+        (isHttp(url) || isNotFullUrl(url) || isAuthentikSpecial(url))
+    );
 };
diff --git a/web/src/user/UserInterface.ts b/web/src/user/UserInterface.ts
index f45f64789..aad94e73d 100644
--- a/web/src/user/UserInterface.ts
+++ b/web/src/user/UserInterface.ts
@@ -82,9 +82,9 @@ export class UserInterface extends Interface {
                 :host([theme="dark"]) .pf-c-page__header {
                     color: var(--ak-dark-foreground) !important;
                 }
-                .pf-c-page__header-tools-item .fas,
-                .pf-c-notification-badge__count,
-                .pf-c-page__header-tools-group .pf-c-button {
+                :host([theme="light"]) .pf-c-page__header-tools-item .fas,
+                :host([theme="light"]) .pf-c-notification-badge__count,
+                :host([theme="light"]) .pf-c-page__header-tools-group .pf-c-button {
                     color: var(--ak-global--Color--100) !important;
                 }
                 .pf-c-page {
@@ -183,7 +183,7 @@ export class UserInterface extends Interface {
             <ak-enterprise-status interface="user"></ak-enterprise-status>
             <div class="pf-c-page">
                 <div class="background-wrapper" style="${this.uiConfig.theme.background}">
-                    ${this.uiConfig.theme.background === ""
+                    ${(this.uiConfig.theme.background || "") === ""
                         ? html`<div class="background-default-slant"></div>`
                         : html``}
                 </div>
diff --git a/web/src/user/user-settings/tokens/UserTokenForm.ts b/web/src/user/user-settings/tokens/UserTokenForm.ts
index 05bb3b111..78ce3413d 100644
--- a/web/src/user/user-settings/tokens/UserTokenForm.ts
+++ b/web/src/user/user-settings/tokens/UserTokenForm.ts
@@ -21,11 +21,9 @@ export class UserTokenForm extends ModelForm<Token, string> {
     }
 
     getSuccessMessage(): string {
-        if (this.instance) {
-            return msg("Successfully updated token.");
-        } else {
-            return msg("Successfully created token.");
-        }
+        return this.instance
+            ? msg("Successfully updated token.")
+            : msg("Successfully created token.");
     }
 
     async send(data: Token): Promise<Token> {
diff --git a/web/xliff/de.xlf b/web/xliff/de.xlf
index 85e253602..a28d3a09a 100644
--- a/web/xliff/de.xlf
+++ b/web/xliff/de.xlf
@@ -1688,9 +1688,6 @@
       <trans-unit id="sc6c575c5ff64cdb1">
         <source>Update SCIM Provider</source>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>Synchronisation erneut ausführen</target>
@@ -6117,6 +6114,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/en.xlf b/web/xliff/en.xlf
index 2b236521f..aa3e928a1 100644
--- a/web/xliff/en.xlf
+++ b/web/xliff/en.xlf
@@ -1779,10 +1779,6 @@
         <source>Update SCIM Provider</source>
         <target>Update SCIM Provider</target>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-        <target>Sync not run yet.</target>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>Run sync again</target>
@@ -6394,6 +6390,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/es.xlf b/web/xliff/es.xlf
index d9564b6ad..a4758ca1e 100644
--- a/web/xliff/es.xlf
+++ b/web/xliff/es.xlf
@@ -1660,9 +1660,6 @@
       <trans-unit id="sc6c575c5ff64cdb1">
         <source>Update SCIM Provider</source>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>Vuelve a ejecutar la sincronización</target>
@@ -6033,6 +6030,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf
index 2c647c773..10d1a6d1d 100644
--- a/web/xliff/fr.xlf
+++ b/web/xliff/fr.xlf
@@ -1,4 +1,4 @@
-<?xml version="1.0" ?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
+<?xml version="1.0"?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
   <file target-language="fr" source-language="en" original="lit-localize-inputs" datatype="plaintext">
     <body>
       <trans-unit id="s4caed5b7a7e5d89b">
@@ -613,9 +613,9 @@ Il y a <x id="0" equiv-text="${ago}"/> jour(s)</target>
         
       </trans-unit>
       <trans-unit id="saa0e2675da69651b">
-        <source>The URL &quot;<x id="0" equiv-text="${this.url}"/>&quot; was not found.</source>
-        <target>L'URL &quot; 
-        <x id="0" equiv-text="${this.url}"/>&quot; n'a pas été trouvée.</target>
+        <source>The URL "<x id="0" equiv-text="${this.url}"/>" was not found.</source>
+        <target>L'URL " 
+        <x id="0" equiv-text="${this.url}"/>" n'a pas été trouvée.</target>
         
       </trans-unit>
       <trans-unit id="s58cd9c2fe836d9c6">
@@ -1057,8 +1057,8 @@ Il y a <x id="0" equiv-text="${ago}"/> jour(s)</target>
         
       </trans-unit>
       <trans-unit id="sa8384c9c26731f83">
-        <source>To allow any redirect URI, set this value to &quot;.*&quot;. Be aware of the possible security implications this can have.</source>
-        <target>Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur &quot;.*&quot;. Soyez conscient des possibles implications de sécurité que cela peut avoir.</target>
+        <source>To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have.</source>
+        <target>Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur ".*". Soyez conscient des possibles implications de sécurité que cela peut avoir.</target>
         
       </trans-unit>
       <trans-unit id="s55787f4dfcdce52b">
@@ -1630,7 +1630,7 @@ Il y a <x id="0" equiv-text="${ago}"/> jour(s)</target>
       </trans-unit>
       <trans-unit id="s33ed903c210a6209">
         <source>Token to authenticate with. Currently only bearer authentication is supported.</source>
-        <target>Jeton d'authentification à utiliser. Actuellement, seule l'authentification &quot;bearer authentication&quot; est prise en charge.</target>
+        <target>Jeton d'authentification à utiliser. Actuellement, seule l'authentification "bearer authentication" est prise en charge.</target>
         
       </trans-unit>
       <trans-unit id="sfc8bb104e2c05af8">
@@ -1798,8 +1798,8 @@ Il y a <x id="0" equiv-text="${ago}"/> jour(s)</target>
         
       </trans-unit>
       <trans-unit id="sa90b7809586c35ce">
-        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon &quot;fa-test&quot;.</source>
-        <target>Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome &quot;fa-test&quot;.</target>
+        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test".</source>
+        <target>Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome "fa-test".</target>
         
       </trans-unit>
       <trans-unit id="s0410779cb47de312">
@@ -2216,11 +2216,6 @@ Il y a <x id="0" equiv-text="${ago}"/> jour(s)</target>
         <source>Update SCIM Provider</source>
         <target>Mettre à jour le fournisseur SCIM</target>
         
-      </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-        <target>La synchronisation n'a pas encore été lancée.</target>
-        
       </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
@@ -2897,7 +2892,7 @@ doesn't pass when either or both of the selected options are equal or above the
       </trans-unit>
       <trans-unit id="s33683c3b1dbaf264">
         <source>To use SSL instead, use 'ldaps://' and disable this option.</source>
-        <target>Pour utiliser SSL à la base, utilisez &quot;ldaps://&quot; et désactviez cette option.</target>
+        <target>Pour utiliser SSL à la base, utilisez "ldaps://" et désactviez cette option.</target>
         
       </trans-unit>
       <trans-unit id="s2221fef80f4753a2">
@@ -2986,8 +2981,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s76768bebabb7d543">
-        <source>Field which contains members of a group. Note that if using the &quot;memberUid&quot; field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
-        <target>Champ qui contient les membres d'un groupe. Si vous utilisez le champ &quot;memberUid&quot;, la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...'</target>
+        <source>Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
+        <target>Champ qui contient les membres d'un groupe. Si vous utilisez le champ "memberUid", la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...'</target>
         
       </trans-unit>
       <trans-unit id="s026555347e589f0e">
@@ -3282,7 +3277,7 @@ doesn't pass when either or both of the selected options are equal or above the
       </trans-unit>
       <trans-unit id="s3198c384c2f68b08">
         <source>Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually.</source>
-        <target>Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID &quot;transient&quot; et que l'utilisateur ne se déconnecte pas manuellement.</target>
+        <target>Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID "transient" et que l'utilisateur ne se déconnecte pas manuellement.</target>
         
       </trans-unit>
       <trans-unit id="sb32e9c1faa0b8673">
@@ -3450,7 +3445,7 @@ doesn't pass when either or both of the selected options are equal or above the
       </trans-unit>
       <trans-unit id="s9f8aac89fe318acc">
         <source>Optionally set the 'FriendlyName' value of the Assertion attribute.</source>
-        <target>Indiquer la valeur &quot;FriendlyName&quot; de l'attribut d'assertion (optionnel)</target>
+        <target>Indiquer la valeur "FriendlyName" de l'attribut d'assertion (optionnel)</target>
         
       </trans-unit>
       <trans-unit id="s851c108679653d2a">
@@ -3779,8 +3774,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s7b1fba26d245cb1c">
-        <source>When using an external logging solution for archiving, this can be set to &quot;minutes=5&quot;.</source>
-        <target>En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à &quot;minutes=5&quot;.</target>
+        <source>When using an external logging solution for archiving, this can be set to "minutes=5".</source>
+        <target>En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à "minutes=5".</target>
         
       </trans-unit>
       <trans-unit id="s44536d20bb5c8257">
@@ -3789,8 +3784,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s3bb51cabb02b997e">
-        <source>Format: &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</source>
-        <target>Format : &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</target>
+        <source>Format: "weeks=3;days=2;hours=3,seconds=2".</source>
+        <target>Format : "weeks=3;days=2;hours=3,seconds=2".</target>
         
       </trans-unit>
       <trans-unit id="s04bfd02201db5ab8">
@@ -3986,10 +3981,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sa95a538bfbb86111">
-        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> &quot;<x id="1" equiv-text="${this.obj?.name}"/>&quot;?</source>
+        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> "<x id="1" equiv-text="${this.obj?.name}"/>"?</source>
         <target>Êtes-vous sûr de vouloir mettre à jour 
-        <x id="0" equiv-text="${this.objectLabel}"/>&quot; 
-        <x id="1" equiv-text="${this.obj?.name}"/>&quot; ?</target>
+        <x id="0" equiv-text="${this.objectLabel}"/>" 
+        <x id="1" equiv-text="${this.obj?.name}"/>" ?</target>
         
       </trans-unit>
       <trans-unit id="sc92d7cfb6ee1fec6">
@@ -5075,8 +5070,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sdf1d8edef27236f0">
-        <source>A &quot;roaming&quot; authenticator, like a YubiKey</source>
-        <target>Un authentificateur &quot;itinérant&quot;, comme une YubiKey</target>
+        <source>A "roaming" authenticator, like a YubiKey</source>
+        <target>Un authentificateur "itinérant", comme une YubiKey</target>
         
       </trans-unit>
       <trans-unit id="sfffba7b23d8fb40c">
@@ -5401,7 +5396,7 @@ doesn't pass when either or both of the selected options are equal or above the
       </trans-unit>
       <trans-unit id="s5170f9ef331949c0">
         <source>Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable.</source>
-        <target>Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable &quot;prompt_data&quot;.</target>
+        <target>Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable "prompt_data".</target>
         
       </trans-unit>
       <trans-unit id="s36cb242ac90353bc">
@@ -5410,10 +5405,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s2d5f69929bb7221d">
-        <source><x id="0" equiv-text="${prompt.name}"/> (&quot;<x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, of type <x id="2" equiv-text="${prompt.type}"/>)</source>
+        <source><x id="0" equiv-text="${prompt.name}"/> ("<x id="1" equiv-text="${prompt.fieldKey}"/>", of type <x id="2" equiv-text="${prompt.type}"/>)</source>
         <target>
-        <x id="0" equiv-text="${prompt.name}"/>(&quot; 
-        <x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, de type 
+        <x id="0" equiv-text="${prompt.name}"/>(" 
+        <x id="1" equiv-text="${prompt.fieldKey}"/>", de type 
         <x id="2" equiv-text="${prompt.type}"/>)</target>
         
       </trans-unit>
@@ -5462,8 +5457,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s1608b2f94fa0dbd4">
-        <source>If set to a duration above 0, the user will have the option to choose to &quot;stay signed in&quot;, which will extend their session by the time specified here.</source>
-        <target>Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de &quot;rester connecté&quot;, ce qui prolongera sa session jusqu'à la durée spécifiée ici.</target>
+        <source>If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here.</source>
+        <target>Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de "rester connecté", ce qui prolongera sa session jusqu'à la durée spécifiée ici.</target>
         
       </trans-unit>
       <trans-unit id="s542a71bb8f41e057">
@@ -6247,7 +6242,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
       </trans-unit>
       <trans-unit id="sa7fcf026bd25f231">
         <source>Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system.</source>
-        <target>Peut être au format &quot;unix://&quot; pour une connexion à un service docker local, &quot;ssh://&quot; pour une connexion via SSH, ou &quot;https://:2376&quot; pour une connexion à un système distant.</target>
+        <target>Peut être au format "unix://" pour une connexion à un service docker local, "ssh://" pour une connexion via SSH, ou "https://:2376" pour une connexion à un système distant.</target>
         
       </trans-unit>
       <trans-unit id="saf1d289e3137c2ea">
@@ -7554,7 +7549,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
 </trans-unit>
 <trans-unit id="sff0ac1ace2d90709">
   <source>Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you).</source>
-  <target>Utilisez ce fournisseur avec l'option &quot;auth_request&quot; de Nginx ou &quot;forwardAuth&quot; de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, &quot;/outpost.goauthentik.io&quot; doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous).</target>
+  <target>Utilisez ce fournisseur avec l'option "auth_request" de Nginx ou "forwardAuth" de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, "/outpost.goauthentik.io" doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous).</target>
 </trans-unit>
 <trans-unit id="scb58b8a60cad8762">
   <source>Default relay state</source>
@@ -7901,7 +7896,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
 </trans-unit>
 <trans-unit id="sc615309d10a9228c">
   <source>RBAC is in preview.</source>
-  <target>RBAC est en aperçu,</target>
+  <target>RBAC est en aperçu.</target>
 </trans-unit>
 <trans-unit id="s32babfed740fd3c1">
   <source>User type used for newly created users.</source>
@@ -7968,7 +7963,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
   <target>Utilisateur créé et ajouté au groupe <x id="0" equiv-text="${this.group.name}"/> avec succès</target>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
-  <source>This user will be added to the group &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot;.</source>
+  <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
   <target>Cet utilisateur sera ajouté au groupe &amp;quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&amp;quot;.</target>
 </trans-unit>
 <trans-unit id="s62e7f6ed7d9cb3ca">
@@ -8042,7 +8037,183 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
   <target>Volume d'événements</target>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+  <target>Forcer l'utilisation d'un avant-poste (le flux ne pourrait être exécuter que depuis un outpost).</target>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+  <target>Paramètres de connexion.</target>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+  <target>Point de terminaison mis à jour avec succès.</target>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+  <target>Point de terminaison créé avec succès.</target>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+  <target>Protocole</target>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+  <target>RDP</target>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+  <target>SSH</target>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+  <target>VNC</target>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+  <target>Hôte</target>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+  <target>Nom d'hôte/IP à laquelle se connecter.</target>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+  <target>Point(s) de terminaison</target>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+  <target>Mettre à jour le point de terminaison</target>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+  <target>Ces liaisons controllent quels utilisateurs auront accès à ce point de terminaison. Les utilisateurs doivent également avoir accès à l'application.</target>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+  <target>Créer un point de terminaison</target>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+  <target>RAC est en aperçu.</target>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+  <target>Mettre à jour le fournisseur RAC</target>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+  <target>Points de terminaison</target>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+  <target>Paramètres généraux</target>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+  <target>Paramètres RDP</target>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+  <target>Ignorer le certificat serveur</target>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+  <target>Activer le fond d'écran</target>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+  <target>Activer le lissage des polices d'écriture</target>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+  <target>Activer le déplacement dans toute la fenêtre</target>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+  <target>Liaison réseau</target>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+  <target>Pas de liaison</target>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+  <target>Lier l'ASN</target>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+  <target>Lier l'ASN et le réseau</target>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+  <target>Lier l'ASN, le réseau et l'IP</target>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+  <target>Configurer si les sessions créer par cette étape doivent être liées aux réseaux depuis lesquelles elle ont été créées.</target>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+  <target>Liaison GeoIP</target>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+  <target>Lier le continent</target>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+  <target>Lier le continent et le pays</target>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+  <target>Lier le continent, pays et ville</target>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+  <target>Configurer si les sessions créer par cette étape doivent être liées à la localisation GeoIP depuis lesquelles elle ont été créées.</target>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+  <target>RAC</target>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+  <target>Connexion échouée après <x id="0" equiv-text="${this.connectionAttempt}"/> essais.</target>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+  <target>Re-connexion dans <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> seconde(s).</target>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+  <target>Connexion...</target>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+  <target>Sélectionner le point de terminaison auquel se connecter</target>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+  <target>Expiration de la connection</target>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+  <target>Détermine combien de temps une session dure avant déconnexion et ré-authorisation.</target>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
-</xliff>
\ No newline at end of file
+</xliff>
diff --git a/web/xliff/ko.xlf b/web/xliff/ko.xlf
new file mode 100644
index 000000000..ed1d838d9
--- /dev/null
+++ b/web/xliff/ko.xlf
@@ -0,0 +1,8010 @@
+<?xml version="1.0" ?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
+  <file target-language="ko" source-language="en" original="lit-localize-inputs" datatype="plaintext">
+    <body>
+      <trans-unit id="s4caed5b7a7e5d89b">
+        <source>English</source>
+        <target>영어</target>
+        
+      </trans-unit>
+      <trans-unit id="s75a27f43413e02c5">
+        <source>French</source>
+        <target>프랑스어</target>
+        
+      </trans-unit>
+      <trans-unit id="s9d2d00982edafabb">
+        <source>Turkish</source>
+        <target>터키어</target>
+        
+      </trans-unit>
+      <trans-unit id="sf1868dc19e3917bb">
+        <source>Spanish</source>
+        <target>스페인어</target>
+        
+      </trans-unit>
+      <trans-unit id="s03f49e598ffb11cc">
+        <source>Polish</source>
+        <target>폴란드어</target>
+        
+      </trans-unit>
+      <trans-unit id="s4660da32fb311ac0">
+        <source>Taiwanese Mandarin</source>
+        <target>대만어</target>
+        
+      </trans-unit>
+      <trans-unit id="s354e0a9f146d2869">
+        <source>Chinese (simplified)</source>
+        <target>중국어 (간체)</target>
+        
+      </trans-unit>
+      <trans-unit id="se3e6af2ce24d80e8">
+        <source>Chinese (traditional)</source>
+        <target>중국어 (번체)</target>
+        
+      </trans-unit>
+      <trans-unit id="s63e71d20d1eaca93">
+        <source>German</source>
+        <target>독일어</target>
+        
+      </trans-unit>
+      <trans-unit id="s49730f3d5751a433">
+        <source>Loading...</source>
+        <target>로드 중...</target>
+        
+      </trans-unit>
+      <trans-unit id="sf1e9d421f35b51e5">
+        <source>Application</source>
+        <target>애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="s310d8757ce319673">
+        <source>Logins</source>
+        <target>로그인</target>
+        
+      </trans-unit>
+      <trans-unit id="sa50a6326530d8a0d">
+        <source>Show less</source>
+        <target>적게 표시</target>
+        
+      </trans-unit>
+      <trans-unit id="sb2c57b2d347203dd">
+        <source>Show more</source>
+        <target>자세히 보기</target>
+        
+      </trans-unit>
+      <trans-unit id="s6238f519db67980d">
+        <source>UID</source>
+        <target>UID</target>
+        
+      </trans-unit>
+      <trans-unit id="sef49aec68fd1dc66">
+        <source>Name</source>
+        <target>이름</target>
+        
+      </trans-unit>
+      <trans-unit id="sf9f2c719a04066ec">
+        <source>App</source>
+        <target>앱</target>
+        
+      </trans-unit>
+      <trans-unit id="sda796c87fa97ed4d">
+        <source>Model Name</source>
+        <target>모델 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="s79e8cc71a5975b04">
+        <source>Message</source>
+        <target>메시지</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbc53e0e54d7946f">
+        <source>Subject</source>
+        <target>Subject</target>
+        
+      </trans-unit>
+      <trans-unit id="sa6ab5184d6315895">
+        <source>From</source>
+        <target>From</target>
+        
+      </trans-unit>
+      <trans-unit id="s09353907b5c79284">
+        <source>To</source>
+        <target>To</target>
+        
+      </trans-unit>
+      <trans-unit id="s63e03c70f67ebf9c">
+        <source>Context</source>
+        <target>맥락</target>
+        
+      </trans-unit>
+      <trans-unit id="sa48f81f001b893d2">
+        <source>User</source>
+        <target>사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="s119498d4e4cf59a6">
+        <source>Affected model:</source>
+        <target>영향 받는 모델:</target>
+        
+      </trans-unit>
+      <trans-unit id="sa3660d505e7011e0">
+        <source>Authorized application:</source>
+        <target>인가된 애플리케이션:</target>
+        
+      </trans-unit>
+      <trans-unit id="s95a032ae86881bf5">
+        <source>Using flow</source>
+        <target>플로우 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="scb5c9a7cc4ccd68d">
+        <source>Email info:</source>
+        <target>이메일 정보:</target>
+        
+      </trans-unit>
+      <trans-unit id="s677f1b675fc21bb1">
+        <source>Secret:</source>
+        <target>비밀:</target>
+        
+      </trans-unit>
+      <trans-unit id="sd947d57c9a9b7108">
+        <source>Open issue on GitHub...</source>
+        <target>GitHub에서 이슈 열기...</target>
+        
+      </trans-unit>
+      <trans-unit id="sa6905be242387f36">
+        <source>Exception</source>
+        <target>예외</target>
+        
+      </trans-unit>
+      <trans-unit id="s6ab73c998850c5ab">
+        <source>Expression</source>
+        <target>표현식</target>
+        
+      </trans-unit>
+      <trans-unit id="s50ebe627b4bc7d02">
+        <source>Binding</source>
+        <target>바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s3c6de3f257e0c912">
+        <source>Request</source>
+        <target>요청</target>
+        
+      </trans-unit>
+      <trans-unit id="s730182ad28374cda">
+        <source>Object</source>
+        <target>오브젝트</target>
+        
+      </trans-unit>
+      <trans-unit id="s890e983a7be64da4">
+        <source>Result</source>
+        <target>결과</target>
+        
+      </trans-unit>
+      <trans-unit id="sd3a853f63f45dcb0">
+        <source>Passing</source>
+        <target>통과</target>
+        
+      </trans-unit>
+      <trans-unit id="sbdeedc1c60306b35">
+        <source>Messages</source>
+        <target>메시지</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a5401d4419f9958">
+        <source>Using source</source>
+        <target>소스 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s14622ee6de586485">
+        <source>Attempted to log in as <x id="0" equiv-text="${this.event.context.username}"/></source>
+        <target><x id="0" equiv-text="${this.event.context.username}"/>로 로그인을 시도함</target>
+        
+      </trans-unit>
+      <trans-unit id="sb07bf992e3d00664">
+        <source>No additional data available.</source>
+        <target>추가 데이터를 사용할 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s09810653c832e935">
+        <source>Click to change value</source>
+        <target>클릭하여 값 변경</target>
+        
+      </trans-unit>
+      <trans-unit id="sfefce784ec55868f">
+        <source>Select an object.</source>
+        <target>오브젝트를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s04ceadb276bbe149">
+        <source>Loading options...</source>
+        <target>옵션 로드 중...</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe629863ba1338c2">
+        <source>Connection error, reconnecting...</source>
+        <target>연결 오류, 다시 연결 중...</target>
+        
+      </trans-unit>
+      <trans-unit id="sc8da3cc71de63832">
+        <source>Login</source>
+        <target>로그인</target>
+        
+      </trans-unit>
+      <trans-unit id="sb4564c127ab8b921">
+        <source>Failed login</source>
+        <target>로그인 실패</target>
+        
+      </trans-unit>
+      <trans-unit id="s67749057edb2586b">
+        <source>Logout</source>
+        <target>로그아웃</target>
+        
+      </trans-unit>
+      <trans-unit id="s7e537ad68d7c16e1">
+        <source>User was written to</source>
+        <target>사용자가 다음에 기록됨</target>
+        
+      </trans-unit>
+      <trans-unit id="sa0e0bdd7e244416b">
+        <source>Suspicious request</source>
+        <target>의심스러운 요청</target>
+        
+      </trans-unit>
+      <trans-unit id="s7bda44013984fc48">
+        <source>Password set</source>
+        <target>비밀번호 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sa1b41e334ad89d94">
+        <source>Secret was viewed</source>
+        <target>비밀이 표시됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s92ca679592a36b35">
+        <source>Secret was rotated</source>
+        <target>비밀이 회전됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s8a1d9403ca90989b">
+        <source>Invitation used</source>
+        <target>사용된 초대</target>
+        
+      </trans-unit>
+      <trans-unit id="s5f496533610103f2">
+        <source>Application authorized</source>
+        <target>승인된 애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="sdc9e222be9612939">
+        <source>Source linked</source>
+        <target>링크된 소스</target>
+        
+      </trans-unit>
+      <trans-unit id="sb1c91762ae3a9bee">
+        <source>Impersonation started</source>
+        <target>사용자 위장 시작</target>
+        
+      </trans-unit>
+      <trans-unit id="s9c73bd29b279d26b">
+        <source>Impersonation ended</source>
+        <target>사용자 위장 종료</target>
+        
+      </trans-unit>
+      <trans-unit id="s1cd264012278c047">
+        <source>Flow execution</source>
+        <target>플로우 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="s32f04d33924ce8ad">
+        <source>Policy execution</source>
+        <target>정책 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6d7128df5978cee">
+        <source>Policy exception</source>
+        <target>정책 예외</target>
+        
+      </trans-unit>
+      <trans-unit id="s77f572257f69a8db">
+        <source>Property Mapping exception</source>
+        <target>속성 매핑 예외</target>
+        
+      </trans-unit>
+      <trans-unit id="s2543cffd6ebb6803">
+        <source>System task execution</source>
+        <target>시스템 작업 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="se2f258b996f7279c">
+        <source>System task exception</source>
+        <target>시스템 작업 예외</target>
+        
+      </trans-unit>
+      <trans-unit id="s81eff3409d572a21">
+        <source>General system exception</source>
+        <target>일반 시스템 예외</target>
+        
+      </trans-unit>
+      <trans-unit id="sf8f49cdbf0036343">
+        <source>Configuration error</source>
+        <target>구성 오류</target>
+        
+      </trans-unit>
+      <trans-unit id="s9c6f61dc47bc4f0a">
+        <source>Model created</source>
+        <target>모델 생성함</target>
+        
+      </trans-unit>
+      <trans-unit id="s47a4983a2c6bb749">
+        <source>Model updated</source>
+        <target>모델 업데이트함</target>
+        
+      </trans-unit>
+      <trans-unit id="sc9f69360b58706c7">
+        <source>Model deleted</source>
+        <target>모델 삭제함</target>
+        
+      </trans-unit>
+      <trans-unit id="sa266303caf1bd27f">
+        <source>Email sent</source>
+        <target>이메일 보냄</target>
+        
+      </trans-unit>
+      <trans-unit id="s6c410fedda2a575f">
+        <source>Update available</source>
+        <target>업데이트 가능</target>
+        
+      </trans-unit>
+      <trans-unit id="s02240309358f557c">
+        <source>Unknown severity</source>
+        <target>심각도 불명</target>
+        
+      </trans-unit>
+      <trans-unit id="sf1ec4acb8d744ed9">
+        <source>Alert</source>
+        <target>경고</target>
+        
+      </trans-unit>
+      <trans-unit id="s9117fb5195e75151">
+        <source>Notice</source>
+        <target>공지</target>
+        
+      </trans-unit>
+      <trans-unit id="s34be76c6b1eadbef">
+        <source>Warning</source>
+        <target>주의</target>
+        
+      </trans-unit>
+      <trans-unit id="sf45a0d2f00bcc6ff">
+        <source>no tabs defined</source>
+        <target>탭이 정의되지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s04c5a637328c9b67">
+        <source><x id="0" equiv-text="${this.pages?.startIndex}"/> - <x id="1" equiv-text="${this.pages?.endIndex}"/> of <x id="2" equiv-text="${this.pages?.count}"/></source>
+        <target>
+        <x id="0" equiv-text="${this.pages?.startIndex}"/>- 
+        <x id="1" equiv-text="${this.pages?.endIndex}"/>of 
+        <x id="2" equiv-text="${this.pages?.count}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s6a89bb10338369b4">
+        <source>Go to previous page</source>
+        <target>이전 페이지 가기</target>
+        
+      </trans-unit>
+      <trans-unit id="s7edad99c6b7bfe88">
+        <source>Go to next page</source>
+        <target>다음 페이지 가기</target>
+        
+      </trans-unit>
+      <trans-unit id="sffa721bb6aa3128d">
+        <source>Search...</source>
+        <target>검색...</target>
+        
+      </trans-unit>
+      <trans-unit id="sb59d68ed12d46377">
+        <source>Loading</source>
+        <target>로드 중</target>
+        
+      </trans-unit>
+      <trans-unit id="s7bc8c327f1f7c82c">
+        <source>No objects found.</source>
+        <target>오브젝트를 찾을 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfd44ce578f643145">
+        <source>Failed to fetch objects.</source>
+        <target>오브젝트를 가져오는데 실패했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b7163270e57e8b4">
+        <source>Refresh</source>
+        <target>새로고침</target>
+        
+      </trans-unit>
+      <trans-unit id="s909e876731a8febb">
+        <source>Select all rows</source>
+        <target>모든 행 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="sa442044b586ec8bf">
+        <source>Action</source>
+        <target>액션</target>
+        
+      </trans-unit>
+      <trans-unit id="s02839b01844d6ca8">
+        <source>Creation Date</source>
+        <target>생성일</target>
+        
+      </trans-unit>
+      <trans-unit id="s4d00f1de1c82281b">
+        <source>Client IP</source>
+        <target>클라이언트 IP</target>
+        
+      </trans-unit>
+      <trans-unit id="s45f9e7ce0897f9e5">
+        <source>Tenant</source>
+        <target>테넌트</target>
+        
+      </trans-unit>
+      <trans-unit id="s2152f3482784705f">
+        <source>Recent events</source>
+        <target>최근 이력</target>
+        
+      </trans-unit>
+      <trans-unit id="sc35581d9c1cd67ff">
+        <source>On behalf of <x id="0" equiv-text="${item.user.on_behalf_of.username}"/></source>
+        <target><x id="0" equiv-text="${item.user.on_behalf_of.username}"/>
+을 대신하여</target>
+        
+      </trans-unit>
+      <trans-unit id="saf63a04c86018698">
+        <source>-</source>
+        <target>-</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b448a4ea79d4eef">
+        <source>No Events found.</source>
+        <target>이력을 찾을 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s50911ec1c8aee99a">
+        <source>No matching events could be found.</source>
+        <target>일치하는 이력을 찾을 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s113c05ef9996ca4b">
+        <source>Embedded outpost is not configured correctly.</source>
+        <target>내장된 Outpost가 올바르게 구성되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="seb5ba88f21937c98">
+        <source>Check outposts.</source>
+        <target>Outpost를 확인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd0bc94e11935ee5a">
+        <source>HTTPS is not detected correctly</source>
+        <target>HTTPS가 올바르게 감지되지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s40bf151b56a64f51">
+        <source>Server and client are further than 5 seconds apart.</source>
+        <target>서버와 클라이언트의 간격이 5초 이상입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s091d3d07b5b3076f">
+        <source>OK</source>
+        <target>OK</target>
+        
+      </trans-unit>
+      <trans-unit id="sae486938be80729c">
+        <source>Everything is ok.</source>
+        <target>모든 것이 양호합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sea91c57b3d3969fe">
+        <source>System status</source>
+        <target>시스템 상태</target>
+        
+      </trans-unit>
+      <trans-unit id="scefe482c547fb3f3">
+        <source>Based on <x id="0" equiv-text="${value.versionCurrent}"/></source>
+        <target><x id="0" equiv-text="${value.versionCurrent}"/>
+기반</target>
+        
+      </trans-unit>
+      <trans-unit id="s68a50b1ee6efee7b">
+        <source><x id="0" equiv-text="${value.versionLatest}"/> is available!</source>
+        <target>
+        <x id="0" equiv-text="${value.versionLatest}"/> 버전 사용가능!</target>
+        
+      </trans-unit>
+      <trans-unit id="s713d147e1761d0f0">
+        <source>Up-to-date!</source>
+        <target>최신-버전!</target>
+        
+      </trans-unit>
+      <trans-unit id="sf4122b220926be97">
+        <source>Version</source>
+        <target>버전</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a63a8be0b2b422c">
+        <source>Workers</source>
+        <target>워커</target>
+        
+      </trans-unit>
+      <trans-unit id="s341ab68d4130de20">
+        <source>No workers connected. Background tasks will not run.</source>
+        <target>연결된 워커가 없습니다. 백그라운드 작업이 실행되지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2ed8eb02525a920a">
+        <source><x id="0" equiv-text="${ago}"/> hour(s) ago</source>
+        <target>
+        <x id="0" equiv-text="${ago}"/>시간 전</target>
+        
+      </trans-unit>
+      <trans-unit id="s1f1c857c0c4250e4">
+        <source><x id="0" equiv-text="${ago}"/> day(s) ago</source>
+        <target>
+        <x id="0" equiv-text="${ago}"/> 일 전</target>
+        
+      </trans-unit>
+      <trans-unit id="s11bc220e8fa9d797">
+        <source>Authorizations</source>
+        <target>인가됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s3ef3c252ada78076">
+        <source>Failed Logins</source>
+        <target>실패한 로그인</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2f1e5dd74c1b7df">
+        <source>Successful Logins</source>
+        <target>성공한 로그인</target>
+        
+      </trans-unit>
+      <trans-unit id="s0382d73823585617">
+        <source><x id="0" equiv-text="${this.errorMessage}"/>: <x id="1" equiv-text="${e.toString()}"/></source>
+        <target>
+        <x id="0" equiv-text="${this.errorMessage}"/>: 
+        <x id="1" equiv-text="${e.toString()}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s2ceb11be2290bb1b">
+        <source>Cancel</source>
+        <target>취소</target>
+        
+      </trans-unit>
+      <trans-unit id="se085f35c8a9203a1">
+        <source>LDAP Source</source>
+        <target>LDAP 소스</target>
+        
+      </trans-unit>
+      <trans-unit id="s477de089b505a6ea">
+        <source>SCIM Provider</source>
+        <target>SCIM 공급자</target>
+        
+      </trans-unit>
+      <trans-unit id="s8a75e83497a183a2">
+        <source>Healthy</source>
+        <target>양호</target>
+        
+      </trans-unit>
+      <trans-unit id="sfeb82261bcf99edd">
+        <source>Healthy outposts</source>
+        <target>양호한 outpost</target>
+        
+      </trans-unit>
+      <trans-unit id="saae1c70e168b45b4">
+        <source>Admin</source>
+        <target>관리자</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a11c2ffb8309d1a">
+        <source>Not found</source>
+        <target>찾을 수 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="saa0e2675da69651b">
+        <source>The URL &quot;<x id="0" equiv-text="${this.url}"/>&quot; was not found.</source>
+        <target>URL &quot;<x id="0" equiv-text="${this.url}"/>&quot; 을 찾을 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s58cd9c2fe836d9c6">
+        <source>Return home</source>
+        <target>홈으로 가기</target>
+        
+      </trans-unit>
+      <trans-unit id="s41e035c4bb8d15f2">
+        <source>General system status</source>
+        <target>일반 시스템 상태</target>
+        
+      </trans-unit>
+      <trans-unit id="s6dfd15978586d05f">
+        <source>Welcome, <x id="0" equiv-text="${name}"/>.</source>
+        <target><x id="0" equiv-text="${name}"/> 님 반갑습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc381422c585b867f">
+        <source>Quick actions</source>
+        <target>빠른 액션</target>
+        
+      </trans-unit>
+      <trans-unit id="sfd13ca8ebd857c2e">
+        <source>Create a new application</source>
+        <target>새로운 애플리케이션 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s079d388d3cbfa54f">
+        <source>Check the logs</source>
+        <target>로그 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="sed8d4c3fd5f60e1f">
+        <source>Explore integrations</source>
+        <target>통합 살펴보기</target>
+        
+      </trans-unit>
+      <trans-unit id="sfffb0d0958bfbc42">
+        <source>Manage users</source>
+        <target>사용자 관리</target>
+        
+      </trans-unit>
+      <trans-unit id="s8763a33c3d46aaf5">
+        <source>Outpost status</source>
+        <target>Outpost 상태</target>
+        
+      </trans-unit>
+      <trans-unit id="scc286303aa9c6cb0">
+        <source>Sync status</source>
+        <target>동기화 상태</target>
+        
+      </trans-unit>
+      <trans-unit id="sbdc4a833de9ca502">
+        <source>Logins and authorizations over the last week (per 8 hours)</source>
+        <target>최근 한 주 동안의 로그인 및 승인(8시간당)</target>
+        
+      </trans-unit>
+      <trans-unit id="s6e09a19aa3952509">
+        <source>Apps with most usage</source>
+        <target>사용량이 가장 많은 앱</target>
+        
+      </trans-unit>
+      <trans-unit id="sda5e1499f93146ad">
+        <source><x id="0" equiv-text="${ago}"/> days ago</source>
+        <target>
+        <x id="0" equiv-text="${ago}"/> 일 전</target>
+        
+      </trans-unit>
+      <trans-unit id="s51ea3a244c781b1f">
+        <source>Objects created</source>
+        <target>오브젝트 생성됨</target>
+        
+      </trans-unit>
+      <trans-unit id="sfbadb77fbc61efb8">
+        <source>Users created per day in the last month</source>
+        <target>최근 한 달 동안 하루에 생성된 사용자 수</target>
+        
+      </trans-unit>
+      <trans-unit id="sb0669da3df95837c">
+        <source>Logins per day in the last month</source>
+        <target>최근 한 달 일일 로그인 수</target>
+        
+      </trans-unit>
+      <trans-unit id="s835da49b4dc83a51">
+        <source>Failed Logins per day in the last month</source>
+        <target>최근 한 달 일일 로그인 실패 횟수</target>
+        
+      </trans-unit>
+      <trans-unit id="s5f4586bc1e2740e6">
+        <source>Clear search</source>
+        <target>검색 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s3b34d9930e33bd46">
+        <source>System Tasks</source>
+        <target>시스템 작업</target>
+        
+      </trans-unit>
+      <trans-unit id="saaa3abe03c7260f9">
+        <source>Long-running operations which authentik executes in the background.</source>
+        <target>authentik이 백그라운드에서 실행하는 장기 실행 작업입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7468e87263dfff7e">
+        <source>Identifier</source>
+        <target>식별자</target>
+        
+      </trans-unit>
+      <trans-unit id="s63d894b1ddb06289">
+        <source>Description</source>
+        <target>기술</target>
+        
+      </trans-unit>
+      <trans-unit id="sa9b2a245441557dc">
+        <source>Last run</source>
+        <target>마지막 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="sad3e3c8146fc920f">
+        <source>Status</source>
+        <target>상태</target>
+        
+      </trans-unit>
+      <trans-unit id="s8af61807443f32a4">
+        <source>Actions</source>
+        <target>액션</target>
+        
+      </trans-unit>
+      <trans-unit id="sbe9a51f29a4a2c5b">
+        <source>Successful</source>
+        <target>성공</target>
+        
+      </trans-unit>
+      <trans-unit id="s5f343a43e7ea9f91">
+        <source>Error</source>
+        <target>오류</target>
+        
+      </trans-unit>
+      <trans-unit id="sc592307ea80f16b9">
+        <source>Unknown</source>
+        <target>알 수 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="s92921878e886e36d">
+        <source>Duration</source>
+        <target>지속시간</target>
+        
+      </trans-unit>
+      <trans-unit id="se7e1ababbc4868b8">
+        <source><x id="0" equiv-text="${item.taskDuration.toFixed(2)}"/> seconds</source>
+        <target>
+        <x id="0" equiv-text="${item.taskDuration.toFixed(2)}"/> 초</target>
+        
+      </trans-unit>
+      <trans-unit id="sc25edca57df81461">
+        <source>Authentication</source>
+        <target>인증</target>
+        
+      </trans-unit>
+      <trans-unit id="s6dfb7283452f78fe">
+        <source>Authorization</source>
+        <target>인가</target>
+        
+      </trans-unit>
+      <trans-unit id="sddcfc6ab24e3a6ed">
+        <source>Enrollment</source>
+        <target>등록</target>
+        
+      </trans-unit>
+      <trans-unit id="s1fc9c70610c4c67d">
+        <source>Invalidation</source>
+        <target>무효</target>
+        
+      </trans-unit>
+      <trans-unit id="s6ac670086eb137c6">
+        <source>Recovery</source>
+        <target>Recovery</target>
+        
+      </trans-unit>
+      <trans-unit id="sdf22dcf939c27cc7">
+        <source>Stage Configuration</source>
+        <target>스테이지 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s6d5bce4321f57cda">
+        <source>Unenrollment</source>
+        <target>등록 취소</target>
+        
+      </trans-unit>
+      <trans-unit id="sde2bb5418562c5b2">
+        <source>Unknown designation</source>
+        <target>지정할 수 없는 지정</target>
+        
+      </trans-unit>
+      <trans-unit id="sb9834316ffd4ae3e">
+        <source>Stacked</source>
+        <target>Stacked</target>
+        
+      </trans-unit>
+      <trans-unit id="s12146091b2b539a3">
+        <source>Content left</source>
+        <target>왼쪽 콘텐츠</target>
+        
+      </trans-unit>
+      <trans-unit id="sa800871782eba1ac">
+        <source>Content right</source>
+        <target>오른쪽 콘텐츠</target>
+        
+      </trans-unit>
+      <trans-unit id="sb4e50ca3cffdbc10">
+        <source>Sidebar left</source>
+        <target>왼쪽 사이드바</target>
+        
+      </trans-unit>
+      <trans-unit id="s745a55f9abf9f2e5">
+        <source>Sidebar right</source>
+        <target>오른쪽 사이드바</target>
+        
+      </trans-unit>
+      <trans-unit id="sb3182a87ded1bc91">
+        <source>Unknown layout</source>
+        <target>지정할 수 없는 배치</target>
+        
+      </trans-unit>
+      <trans-unit id="sdfd22a21660f6002">
+        <source>Successfully updated provider.</source>
+        <target>성공적으로 공급자 업데이트 했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s457c639088c547c5">
+        <source>Successfully created provider.</source>
+        <target>성공적으로 공급자를 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sff69c1a637f899a6">
+        <source>Bind flow</source>
+        <target>플로우 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="s319040353f479853">
+        <source>Flow used for users to authenticate.</source>
+        <target>사용자가 인증하는 데 사용되는 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbc80eab557fbf782">
+        <source>Search group</source>
+        <target>그룹 검색</target>
+        
+      </trans-unit>
+      <trans-unit id="s04b7f8d6aaef3756">
+        <source>Users in the selected group can do search queries. If no group is selected, no LDAP Searches are allowed.</source>
+        <target>선택한 그룹의 사용자는 검색 쿼리를 수행할 수 있습니다. 그룹이 선택되지 않은 경우, LDAP 검색을 할 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se5973e7c8ba0fc71">
+        <source>Bind mode</source>
+        <target>모드 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="s8915e64b8b999bfe">
+        <source>Cached binding</source>
+        <target>캐시된 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s842d690eb3c11762">
+        <source>Flow is executed and session is cached in memory. Flow is executed when session expires</source>
+        <target>플로우가 실행되고 세션이 메모리에 캐시됩니다. 세션이 만료되면 플로우를 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="s6a66759749bf31ed">
+        <source>Direct binding</source>
+        <target>직접 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="se0adaf83627104fb">
+        <source>Always execute the configured bind flow to authenticate the user</source>
+        <target>항상 구성된 바인드 플로우를 실행하여 사용자를 인증</target>
+        
+      </trans-unit>
+      <trans-unit id="scef3f4ad80abbd22">
+        <source>Configure how the outpost authenticates requests.</source>
+        <target>Outpost가 요청을 인증하는 방법을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbcae51a6f06e53d4">
+        <source>Search mode</source>
+        <target>모드 검색</target>
+        
+      </trans-unit>
+      <trans-unit id="s9065fcccd837a679">
+        <source>Cached querying</source>
+        <target>캐시된 쿼리</target>
+        
+      </trans-unit>
+      <trans-unit id="s30d0d0e6c626a234">
+        <source>The outpost holds all users and groups in-memory and will refresh every 5 Minutes</source>
+        <target>Outpost는 모든 사용자와 그룹을 인메모리에 보관하며 5분마다 새로 고칩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sffc14b8200a9f938">
+        <source>Direct querying</source>
+        <target>직접 쿼리</target>
+        
+      </trans-unit>
+      <trans-unit id="sdce4680288083fe3">
+        <source>Always returns the latest data, but slower than cached querying</source>
+        <target>항상 최신 데이터를 반환하지만 캐시된 쿼리보다는 느립니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8b87df5664de7eb8">
+        <source>Configure how the outpost queries the core authentik server's users.</source>
+        <target>Outpost가 코어 authentik 서버의 사용자를 조회하는 방식을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe388f0313f52da2">
+        <source>Protocol settings</source>
+        <target>프로토콜 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s55d731be1ef66efe">
+        <source>Base DN</source>
+        <target>Base DN</target>
+        
+      </trans-unit>
+      <trans-unit id="s0b15ff11a0049cfd">
+        <source>LDAP DN under which bind requests and search requests can be made.</source>
+        <target>바인드 요청 및 검색 요청을 수행할 LDAP DN입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb157267c85fdff30">
+        <source>Certificate</source>
+        <target>인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="sac43cb9690260b86">
+        <source>UID start number</source>
+        <target>UID 시작 번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s60edbcfac8ed1f90">
+        <source>The start for uidNumbers, this number is added to the user.Pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber</source>
+        <target>UID의 시작값입니다. 이 숫자는 user.Pk에 추가되어 POSIX 사용자의 숫자가 너무 낮지 않도록 합니다. 기본값은 2000으로 설정되어 로컬 사용자 UID와 충돌하지 않도록 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5acb607b40356974">
+        <source>GID start number</source>
+        <target>GID 시작 번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c8e9816dcae6d9c">
+        <source>The start for gidNumbers, this number is added to a number generated from the group.Pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber</source>
+        <target>GID의 시작값입니다. 이 숫자는 group.Pk에서 생성된 숫자에 추가되어 POSIX 그룹의 숫자가 너무 낮지 않도록 합니다. 기본값은 4000으로 설정되어 로컬 그룹 또는 사용자의 기본 그룹 gidNumber와 충돌하지 않도록 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2236dc563c2dbf76">
+        <source>(Format: hours=-1;minutes=-2;seconds=-3).</source>
+        <target>(서식: hours=-1;minutes=-2;seconds=-3).</target>
+        
+      </trans-unit>
+      <trans-unit id="sbec40ef4e6f139b7">
+        <source>(Format: hours=1;minutes=2;seconds=3).</source>
+        <target>(서식: hours=1;minutes=2;seconds=3).</target>
+        
+      </trans-unit>
+      <trans-unit id="sbb8ad22c83d375b1">
+        <source>The following keywords are supported:</source>
+        <target>지원하는 키워드:</target>
+        
+      </trans-unit>
+      <trans-unit id="sbb3243352661428f">
+        <source>Authentication flow</source>
+        <target>인증 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="sa72a3bd1e7e89926">
+        <source>Flow used when a user access this provider and is not authenticated.</source>
+        <target>사용자가 이 공급자에 액세스하고 인증되지 않은 경우에 사용하는 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s62f7c59b0606a8d6">
+        <source>Authorization flow</source>
+        <target>인가 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="sfbaeb0de54fbfdbb">
+        <source>Flow used when authorizing this provider.</source>
+        <target>이 공급자를 승인할 때 사용하는 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc8de93a7dc0d78ba">
+        <source>Client type</source>
+        <target>클라이언트 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="s399cc2d67d92e957">
+        <source>Confidential</source>
+        <target>기밀</target>
+        
+      </trans-unit>
+      <trans-unit id="s95f09b229a0a0bb0">
+        <source>Confidential clients are capable of maintaining the confidentiality of their credentials such as client secrets</source>
+        <target>기밀 클라이언트는 클라이언트 비밀과 같은 자격 증명의 기밀성을 유지할 수 있는 클라이언트입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sdd1ff479d04ac140">
+        <source>Public</source>
+        <target>공개</target>
+        
+      </trans-unit>
+      <trans-unit id="s51c6b8403c2dc5d9">
+        <source>Public clients are incapable of maintaining the confidentiality and should use methods like PKCE. </source>
+        <target>공개 클라이언트는 기밀을 유지할 수 없으며 PKCE와 같은 방법을 사용해야 합니다. </target>
+        
+      </trans-unit>
+      <trans-unit id="s4d00e5de1c8213b7">
+        <source>Client ID</source>
+        <target>클라이언트 ID</target>
+        
+      </trans-unit>
+      <trans-unit id="s03fb3fa232f0434a">
+        <source>Client Secret</source>
+        <target>클라이언트 비밀</target>
+        
+      </trans-unit>
+      <trans-unit id="sde0ad51b14f77cf6">
+        <source>Redirect URIs/Origins (RegEx)</source>
+        <target>리디렉션 URI/Origin (정규표현식)</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f9eb9c8bd26e8fd">
+        <source>Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows.</source>
+        <target>성공적인 인증 플로우 이후의 유효한 리디렉션 URL을 지정하세요. 또한 암시적 플로우에 대한 경우 여기에 origin을 지정하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a369bc2febb5d55">
+        <source>If no explicit redirect URIs are specified, the first successfully used redirect URI will be saved.</source>
+        <target>명시적인 리디렉션 URI를 지정하지 않으면 가장 먼저 성공한 리디렉션 URI가 저장됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa8384c9c26731f83">
+        <source>To allow any redirect URI, set this value to &quot;.*&quot;. Be aware of the possible security implications this can have.</source>
+        <target>리디렉션 URI를 허용하려면 이 값을 &quot;.*&quot;로 설정합니다. 이로 인해 발생할 수 있는 보안상의 영향에 유의하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s55787f4dfcdce52b">
+        <source>Signing Key</source>
+        <target>서명 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sc6c57419ad3a01a8">
+        <source>Key used to sign the tokens.</source>
+        <target>토큰을 서명하는 데 사용되는 키입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s124f93a61ee772d6">
+        <source>Advanced protocol settings</source>
+        <target>고급 프로토콜 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s926e0ecf124fb01a">
+        <source>Access code validity</source>
+        <target>액세스 코드의 유효성</target>
+        
+      </trans-unit>
+      <trans-unit id="sa578033f134a83b6">
+        <source>Configure how long access codes are valid for.</source>
+        <target>액세스 코드가 유효한 기간을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbea3db12fd799210">
+        <source>Access Token validity</source>
+        <target>액세스 토큰 유효기간</target>
+        
+      </trans-unit>
+      <trans-unit id="s72559845d38bf688">
+        <source>Configure how long access tokens are valid for.</source>
+        <target>액세스 토큰이 유효한 기간을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s821f6014c1a435b9">
+        <source>Refresh Token validity</source>
+        <target>토큰 유효 기간 갱신</target>
+        
+      </trans-unit>
+      <trans-unit id="s00c2db16ea9bc263">
+        <source>Configure how long refresh tokens are valid for.</source>
+        <target>갱신한 토큰의 만료 날짜를 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2e3ef41a0edd8608">
+        <source>Scopes</source>
+        <target>스코프</target>
+        
+      </trans-unit>
+      <trans-unit id="s3a3fae99373ce56b">
+        <source>Select which scopes can be used by the client. The client still has to specify the scope to access the data.</source>
+        <target>클라이언트가 사용할 수 있는 범위를 선택하세요. 클라이언트는 여전히 데이터에 액세스하려면 범위를 명시적으로 지정해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sffd2e553143d1b0e">
+        <source>Hold control/command to select multiple items.</source>
+        <target>여러 항목을 선택하려면 Ctrl/Command를 누르세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s26bf2730430efbea">
+        <source>Subject mode</source>
+        <target>Subject 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="sccc47f82044453f9">
+        <source>Based on the User's hashed ID</source>
+        <target>사용자의 해시된 ID 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="sbd5be4fb7442a34c">
+        <source>Based on the User's ID</source>
+        <target>사용자의 ID 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="sc9cf9ecaf9e5d67e">
+        <source>Based on the User's UUID</source>
+        <target>사용자의 UUID 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="s4291727352c4f295">
+        <source>Based on the User's username</source>
+        <target>사용자의 사용자이름 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="sd62cfc27ad4aa33b">
+        <source>Based on the User's Email</source>
+        <target>사용자의 이메일 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="s55eb75bedf96be0f">
+        <source>This is recommended over the UPN mode.</source>
+        <target>이 모드는 UPN보다 권장합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf80e9547166117e6">
+        <source>Based on the User's UPN</source>
+        <target>사용자의 UPN 기반</target>
+        
+      </trans-unit>
+      <trans-unit id="sde949d0ef44572eb">
+        <source>Requires the user to have a 'upn' attribute set, and falls back to hashed user ID. Use this mode only if you have different UPN and Mail domains.</source>
+        <target>사용자에게 'upn' 속성을 설정해야 하며, 해시된 사용자 ID로 대체됩니다. UPN과 메일 도메인이 다른 경우에만 이 모드를 사용하십시오.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f23ed1799b4d49a">
+        <source>Configure what data should be used as unique User Identifier. For most cases, the default should be fine.</source>
+        <target>고유한 사용자 식별자로 사용할 데이터를 구성합니다. 대부분의 경우 기본값을 사용하는 것이 적절합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s17d1e337f6c11c1e">
+        <source>Include claims in id_token</source>
+        <target>Id_token에 요청 포함</target>
+        
+      </trans-unit>
+      <trans-unit id="sbf41e0db12834133">
+        <source>Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint.</source>
+        <target>사용자 정보 엔드포인트에 액세스하지 않는 애플리케이션의 경우, 범위의 사용자 선언을 Id_token에 포함하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s850a58c683682809">
+        <source>Issuer mode</source>
+        <target>Issuer 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="sde56783222b527d6">
+        <source>Each provider has a different issuer, based on the application slug</source>
+        <target>각 공급자는 애플리케이션 슬러그를 기반으로 한 다른 발급자를 가짐</target>
+        
+      </trans-unit>
+      <trans-unit id="s8d32d7b9e8ca60b1">
+        <source>Same identifier is used for all providers</source>
+        <target>모든 공급자에 동일한 식별자를 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s37d9155b9f4cc7bd">
+        <source>Configure how the issuer field of the ID Token should be filled.</source>
+        <target>ID 토큰의 발급자 필드를 어떻게 채울지 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se2adaf0371ffcd65">
+        <source>Machine-to-Machine authentication settings</source>
+        <target>머신간 M2M 인증 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s33318837e6c54a9b">
+        <source>Trusted OIDC Sources</source>
+        <target>신뢰할 수 있는 OIDC 소스</target>
+        
+      </trans-unit>
+      <trans-unit id="s22e566052f7bec81">
+        <source>JWTs signed by certificates configured in the selected sources can be used to authenticate to this provider.</source>
+        <target>선택한 소스에 구성된 인증서로 서명된 JWT를 사용하여 이 공급자를 인증할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s072c6d12d3d37501">
+        <source>HTTP-Basic Username Key</source>
+        <target>HTTP-Basic 사용자명 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sb2bb6f93773a4594">
+        <source>User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used.</source>
+        <target>HTTP-Basic 헤더의 사용자 부분에 사용되는 사용자/그룹 속성입니다. 설정하지 않으면 사용자의 이메일 주소가 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s70f6471de355b98c">
+        <source>HTTP-Basic Password Key</source>
+        <target>HTTP-Basic 비밀번호 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sf4de1644dcdb53d5">
+        <source>User/Group Attribute used for the password part of the HTTP-Basic Header.</source>
+        <target>HTTP-Basic 헤더의 비밀번호 부분에 사용되는 사용자/그룹 속성입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8dd788adf7b907b">
+        <source>Proxy</source>
+        <target>프록시</target>
+        
+      </trans-unit>
+      <trans-unit id="s7489f76224f8120d">
+        <source>Forward auth (single application)</source>
+        <target>Forward auth (단일 애플리케이션)</target>
+        
+      </trans-unit>
+      <trans-unit id="s25d0cd75377daf75">
+        <source>Forward auth (domain level)</source>
+        <target>Forward auth (도메인 레벨)</target>
+        
+      </trans-unit>
+      <trans-unit id="s93574c03953f25dd">
+        <source>This provider will behave like a transparent reverse-proxy, except requests must be authenticated. If your upstream application uses HTTPS, make sure to connect to the outpost using HTTPS as well.</source>
+        <target>이 공급자는 투명한 리버스 프록시처럼 동작하지만 요청은 반드시 인증되어야 합니다. 업스트림 애플리케이션이 HTTPS를 사용하는 경우 아웃포스트에 연결할 때도 HTTPS를 사용해야합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa29b5680cfafacc8">
+        <source>External host</source>
+        <target>외부 호스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s764bccb30868bf62">
+        <source>The external URL you'll access the application at. Include any non-standard port.</source>
+        <target>애플리케이션에서 엑세스할 외부 URL입니다. 비표준 포트를 포함해야합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scb317851cbcc6b12">
+        <source>Internal host</source>
+        <target>내부 호스트</target>
+        
+      </trans-unit>
+      <trans-unit id="sf05e384059a0a7c1">
+        <source>Upstream host that the requests are forwarded to.</source>
+        <target>요청을 전달해야하는 업스트림 호스트입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3d34068a31cab30b">
+        <source>Internal host SSL Validation</source>
+        <target>내부 호스트 SSL 유효성 검사</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a26798e1c3c37dd">
+        <source>Validate SSL Certificates of upstream servers.</source>
+        <target>업스트림 서버의 SSL 인증서를 유효성 검사합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s44c90273f08fb718">
+        <source>Use this provider with nginx's auth_request or traefik's forwardAuth. Only a single provider is required per root domain. You can't do per-application authorization, but you don't have to create a provider for each application.</source>
+        <target>이 공급자는 Nginx의 auth_request 또는 Traefik의 forwardAuth와 함께 사용됩니다. 루트 도메인 당 하나의 공급자만 필요합니다. 응용 프로그램 당 인증은 수행할 수 없지만 각 응용 프로그램마다 별도의 공급자를 생성할 필요는 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf55d28d4dff0e41b">
+        <source>An example setup can look like this:</source>
+        <target>예제 설정은 다음과 같습니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="sb4a1d1c19438e929">
+        <source>authentik running on auth.example.com</source>
+        <target>authentik이 auth.example.com에서 실행 중인 경우</target>
+        
+      </trans-unit>
+      <trans-unit id="s68f935c9ca792016">
+        <source>app1 running on app1.example.com</source>
+        <target>app1은 app1.example.com에서 실행 중인 경우</target>
+        
+      </trans-unit>
+      <trans-unit id="sf813a72d8fadd765">
+        <source>In this case, you'd set the Authentication URL to auth.example.com and Cookie domain to example.com.</source>
+        <target>위의 상황에서는, 인증 URL을 auth.example.com으로 설정하고 쿠키 도메인을 example.com으로 설정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s31d15c6f16951464">
+        <source>Authentication URL</source>
+        <target>인증 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sa03fe48e892df2d8">
+        <source>The external URL you'll authenticate at. The authentik core server should be reachable under this URL.</source>
+        <target>외부 호스트는 인증을 수행할 외부 URL입니다. authentik 코어 서버는 이 URL 아래에 도달 가능해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7def067ed3ad3ad9">
+        <source>Cookie domain</source>
+        <target>쿠키 도메인</target>
+        
+      </trans-unit>
+      <trans-unit id="s211b75e868072162">
+        <source>Set this to the domain you wish the authentication to be valid for. Must be a parent domain of the URL above. If you're running applications as app1.domain.tld, app2.domain.tld, set this to 'domain.tld'.</source>
+        <target>이를 원하는 인증이 유효한 도메인으로 설정하세요. 위의 URL의 상위 도메인이어야 합니다. 예를 들어 app1.domain.tld, app2.domain.tld와 같은 응용 프로그램을 실행 중이라면 'domain.tld'로 설정하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2345170f7e272668">
+        <source>Unknown proxy mode</source>
+        <target>알려지지 않은 프록시 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="s7c10976de6411844">
+        <source>Token validity</source>
+        <target>토큰 수명</target>
+        
+      </trans-unit>
+      <trans-unit id="s3e87ce98ba3c4d80">
+        <source>Configure how long tokens are valid for.</source>
+        <target>토큰이 유효한 기간을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd539548ca4c71619">
+        <source>Additional scopes</source>
+        <target>스코프 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s8f12575f694e85a2">
+        <source>Additional scope mappings, which are passed to the proxy.</source>
+        <target>프록시에 전달되는 추가 스코프를 매핑하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s93cea6ca1f93349d">
+        <source>Unauthenticated URLs</source>
+        <target>Unauthenticated URLs</target>
+        
+      </trans-unit>
+      <trans-unit id="sc4508175bf6b09dd">
+        <source>Unauthenticated Paths</source>
+        <target>Unauthenticated Paths</target>
+        
+      </trans-unit>
+      <trans-unit id="sc9fc206433f67588">
+        <source>Regular expressions for which authentication is not required. Each new line is interpreted as a new expression.</source>
+        <target>인증이 필요하지 않은 정규 표현식. 각 새 줄은 새 표현식으로 해석됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd503fabef9691134">
+        <source>When using proxy or forward auth (single application) mode, the requested URL Path is checked against the regular expressions. When using forward auth (domain mode), the full requested URL including scheme and host is matched against the regular expressions.</source>
+        <target>프록시 또는 forward auth(단일 응용 프로그램) 모드를 사용할 때 요청된 URL 경로는 정규 표현식과 일치하는지 확인합니다. forward auth(도메인 모드)을 사용할 때는 스킴 및 호스트를 포함한 전체 요청된 URL이 정규 표현식과 일치해야합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb488dee0be434f7e">
+        <source>Authentication settings</source>
+        <target>인증 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s23cee624c735f266">
+        <source>Intercept header authentication</source>
+        <target>Authorization header 가로채기</target>
+        
+      </trans-unit>
+      <trans-unit id="sc007cca5af67eae0">
+        <source>When enabled, authentik will intercept the Authorization header to authenticate the request.</source>
+        <target>활성화 하면, authentik은 요청을 인증하기 위해 Authorization 헤더를 가로챕니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s36e630ba56617556">
+        <source>Send HTTP-Basic Authentication</source>
+        <target>HTTP-Basic 인증 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="s9d5796a4b9b7560e">
+        <source>Send a custom HTTP-Basic Authentication header based on values from authentik.</source>
+        <target>authentik의 값에 기반하여 사용자 정의 HTTP-Basic 인증 헤더를 전송합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s11204eeb1e27ea8f">
+        <source>ACS URL</source>
+        <target>ACS URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sb7a30abc1dcf6c36">
+        <source>Issuer</source>
+        <target>발급자</target>
+        
+      </trans-unit>
+      <trans-unit id="sf54c562d8a10ce77">
+        <source>Also known as EntityID.</source>
+        <target>EntityID로도 표현하기도 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s991b750e2d5c4234">
+        <source>Service Provider Binding</source>
+        <target>서비스 공급자 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="sd8f220c999726151">
+        <source>Redirect</source>
+        <target>리디렉트</target>
+        
+      </trans-unit>
+      <trans-unit id="sb357ea19a722d827">
+        <source>Post</source>
+        <target>포스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s4e28e2899e08a5f8">
+        <source>Determines how authentik sends the response back to the Service Provider.</source>
+        <target>authentik이 응답을 서비스 공급자에 다시 전송하는 방식을 결정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd5a4b41c6c883b03">
+        <source>Audience</source>
+        <target>수신처</target>
+        
+      </trans-unit>
+      <trans-unit id="sc741d9ebe07ad103">
+        <source>Signing Certificate</source>
+        <target>서명 인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="sd6c3ddb62de0e8f7">
+        <source>Certificate used to sign outgoing Responses going to the Service Provider.</source>
+        <target>서비스 공급자에게 전송되는 응답을 서명하는 데 사용되는 인증서입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5be3b0567172e415">
+        <source>Verification Certificate</source>
+        <target>검증 인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="s7c27e113f90a89e0">
+        <source>When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.</source>
+        <target>선택한 경우, 들어오는 요청의 서명은 이 인증서를 기반으로 유효성을 검사합니다. 서명되지 않은 요청을 허용하려면, 기본값으로 유지하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="se6d950402810c34f">
+        <source>Property mappings</source>
+        <target>속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s1a2797874b7fe852">
+        <source>NameID Property Mapping</source>
+        <target>NameID 속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s256b8452664ccae4">
+        <source>Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected.</source>
+        <target>NameID 값이 어떻게 생성될지 구성합니다. 비워 둘 경우, 들어오는 요청의 NameIDPolicy를 존중합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f91cc8bcfabb40f">
+        <source>Assertion valid not before</source>
+        <target>다음 시간 이전의 어설션은 무효</target>
+        
+      </trans-unit>
+      <trans-unit id="s733f83ff9d50da30">
+        <source>Configure the maximum allowed time drift for an assertion.</source>
+        <target>어설션에 대한 최대 허용 시간 드리프트를 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2af5754090898640">
+        <source>Assertion valid not on or after</source>
+        <target>다음 시간의 어설션 혹은 그 이후는 무효</target>
+        
+      </trans-unit>
+      <trans-unit id="s43c1f927936f0a02">
+        <source>Assertion not valid on or after current time + this value.</source>
+        <target>어설션은 현재 시간 이후에 무효가 되거나, 현재 시간 + 값에 무효가 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sad8550b8731518d8">
+        <source>Session valid not on or after</source>
+        <target>다음 시간의 세션 혹은 그 이후는 무효</target>
+        
+      </trans-unit>
+      <trans-unit id="s0dd00fbaba08748a">
+        <source>Session not valid on or after current time + this value.</source>
+        <target>세션은 현재 시간 이후에 무효가 되거나, 현재 시간 + 값에 무효가 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a0f60e74b478804">
+        <source>Digest algorithm</source>
+        <target>해시 알고리즘</target>
+        
+      </trans-unit>
+      <trans-unit id="s693d975d38ff0214">
+        <source>Signature algorithm</source>
+        <target>서명 알고리즘</target>
+        
+      </trans-unit>
+      <trans-unit id="sd1a5560fde6f2271">
+        <source>Successfully imported provider.</source>
+        <target>성공적으로 공급자를 불러왔습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s252a52330d32b900">
+        <source>Metadata</source>
+        <target>메타데이터</target>
+        
+      </trans-unit>
+      <trans-unit id="s7181a5504472e856">
+        <source>Apply changes</source>
+        <target>변경사항 저장</target>
+        
+      </trans-unit>
+      <trans-unit id="s5e8250fb85d64c23">
+        <source>Close</source>
+        <target>닫기</target>
+        
+      </trans-unit>
+      <trans-unit id="sad59707375956ad2">
+        <source>Finish</source>
+        <target>마침</target>
+        
+      </trans-unit>
+      <trans-unit id="sc16e00a7a8b2fde2">
+        <source>Back</source>
+        <target>뒤로</target>
+        
+      </trans-unit>
+      <trans-unit id="sd5903cc8de68b3fc">
+        <source>No form found</source>
+        <target>찾을 수 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="s45935843b1b5b496">
+        <source>Form didn't return a promise for submitting</source>
+        <target>양식에서 제출하기로 한 것을 반환하지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s74475586afc1fb0f">
+        <source>Select type</source>
+        <target>유형 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="s0b3bf19b31dd6bac">
+        <source>Try the new application wizard</source>
+        <target>새로운 애플리케이션 마법사 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="sa18e1c6e0e6f16cc">
+        <source>The new application wizard greatly simplifies the steps required to create applications and providers.</source>
+        <target>새로운 애플리케이션 마법사는 애플리케이션 및 공급자 생성에 필요한 스테이지를 크게 간소화합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s01ef54f5d7c6ed47">
+        <source>Try it now</source>
+        <target>지금 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s382a2aa3984474dd">
+        <source>Create</source>
+        <target>생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s58d1eb482059da12">
+        <source>New provider</source>
+        <target>새 공급자</target>
+        
+      </trans-unit>
+      <trans-unit id="sa661ea7d7a50f2e9">
+        <source>Create a new provider.</source>
+        <target>새 공급자를 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5d6af4c100ad321b">
+        <source>Create <x id="0" equiv-text="${type.name}"/></source>
+        <target><x id="0" equiv-text="${type.name}"/> 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="sb95baab425322600">
+        <source>Shared secret</source>
+        <target>공유 비밀 키</target>
+        
+      </trans-unit>
+      <trans-unit id="s9e9316a6b0c16231">
+        <source>Client Networks</source>
+        <target>클라이언트 네트워크</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f2dcf01f7a8c0b7">
+        <source>List of CIDRs (comma-seperated) that clients can connect from. A more specific
+                            CIDR will match before a looser one. Clients connecting from a non-specified CIDR
+                            will be dropped.</source>
+        <target>클라이언트가 연결할 수 있는 CIDR 목록(쉼표로 구분)입니다. 더 구체적인
+                             CIDR이 더 넓은 것보다 먼저 일치합니다. 지정되지 않은 CIDR에서 연결하는 클라이언트는
+                            거부됩니다.</target>
+      </trans-unit>
+      <trans-unit id="s61eacb19db252f5e">
+        <source>URL</source>
+        <target>URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sb21f33b039c86322">
+        <source>SCIM base url, usually ends in /v2.</source>
+        <target>일반적으로 /v2로 끝나는 SCIM 기본 URL 입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se68398e3c2c760b2">
+        <source>Token</source>
+        <target>토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="s33ed903c210a6209">
+        <source>Token to authenticate with. Currently only bearer authentication is supported.</source>
+        <target>인증에 사용되는 토큰입니다. 현재는 bearer authentication만 지원됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfc8bb104e2c05af8">
+        <source>User filtering</source>
+        <target>사용자 필터링</target>
+        
+      </trans-unit>
+      <trans-unit id="sc0d0890fbd46ef62">
+        <source>Exclude service accounts</source>
+        <target>서비스 계정 제외</target>
+        
+      </trans-unit>
+      <trans-unit id="s98b1cb8fb62909ec">
+        <source>Group</source>
+        <target>그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="s23ab136ad85f0ad2">
+        <source>Only sync users within the selected group.</source>
+        <target>선택한 그룹 내의 사용자만 동기화합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfdedc3b0b2b7ce3d">
+        <source>Attribute mapping</source>
+        <target>속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="saf794c74c9ea731e">
+        <source>User Property Mappings</source>
+        <target>사용자 속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s019555b5a442aa00">
+        <source>Property mappings used to user mapping.</source>
+        <target>사용자 매핑에 사용되는 속성 매핑입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7cb9aa9ee1783f00">
+        <source>Group Property Mappings</source>
+        <target>그룹 속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="sa319e3bf44c85963">
+        <source>Property mappings used to group creation.</source>
+        <target>그룹 생성에 사용되는 속성 매핑입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se09ab93d69f7f45b">
+        <source>Not used by any other object.</source>
+        <target>다른 오브젝트에서 사용하지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s10922bd0ac765562">
+        <source>object will be DELETED</source>
+        <target>오브젝트가 삭제됩니다</target>
+        
+      </trans-unit>
+      <trans-unit id="sf3981f36525b0dbd">
+        <source>connection will be deleted</source>
+        <target>연결이 삭제됩니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s93cf77a59db53395">
+        <source>reference will be reset to default value</source>
+        <target>참조가 기본값으로 재설정됩니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s3e211d29fa10f843">
+        <source>reference will be set to an empty value</source>
+        <target>참조가 빈 값으로 설정됩니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s55fa598b754cc3cc">
+        <source><x id="0" equiv-text="${ub.name}"/> (<x id="1" equiv-text="${consequence}"/>)</source>
+        <target>
+        <x id="0" equiv-text="${ub.name}"/>( 
+        <x id="1" equiv-text="${consequence}"/>)</target>
+        
+      </trans-unit>
+      <trans-unit id="s09240e07b5b8d640">
+        <source>ID</source>
+        <target>ID</target>
+        
+      </trans-unit>
+      <trans-unit id="se33b158a1ec02a09">
+        <source>Successfully deleted <x id="0" equiv-text="${this.objects.length} ${this.objectLabel}"/></source>
+        <target>성공적으로 <x id="0" equiv-text="${this.objects.length} ${this.objectLabel}"/>가 제거됨</target>
+      </trans-unit>
+      <trans-unit id="sf6eb148db23d19de">
+        <source>Failed to delete <x id="0" equiv-text="${this.objectLabel}"/>: <x id="1" equiv-text="${e.toString()}"/></source>
+        <target>제거에 실패함 <x id="0" equiv-text="${this.objectLabel}"/>: <x id="1" equiv-text="${e.toString()}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s039b6434e8a75560">
+        <source>Delete <x id="0" equiv-text="${this.objectLabel}"/></source>
+        <target><x id="0" equiv-text="${this.objectLabel}"/> 제거</target>
+        
+      </trans-unit>
+      <trans-unit id="s5819a49638f6d7cb">
+        <source>Are you sure you want to delete <x id="0" equiv-text="${this.objects.length} ${this.objectLabel}"/>?</source>
+        <target><x id="0" equiv-text="${this.objects.length} ${this.objectLabel}"/> 정말 삭제하시겠습니까?</target>
+      </trans-unit>
+      <trans-unit id="sdc673e73b5c13aea">
+        <source>Delete</source>
+        <target>제거</target>
+        
+      </trans-unit>
+      <trans-unit id="sb0b86b8ca6ab13bd">
+        <source>Providers</source>
+        <target>공급자</target>
+        
+      </trans-unit>
+      <trans-unit id="s3ffa320128991a45">
+        <source>Provide support for protocols like SAML and OAuth to assigned applications.</source>
+        <target>할당된 애플리케이션에 SAML 및 OAuth와 같은 프로토콜을 지원합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd2223afb7d6b100d">
+        <source>Type</source>
+        <target>유형</target>
+        
+      </trans-unit>
+      <trans-unit id="s10929ca568ae10bc">
+        <source>Provider(s)</source>
+        <target>제공자(목록)</target>
+        
+      </trans-unit>
+      <trans-unit id="sb2b3b281954752c4">
+        <source>Assigned to application </source>
+        <target>애플리케이션에 할당 </target>
+        
+      </trans-unit>
+      <trans-unit id="sa6c0ba4910c7ad7f">
+        <source>Assigned to application (backchannel) </source>
+        <target>애플리케이션에 할당 (백채널) </target>
+        
+      </trans-unit>
+      <trans-unit id="s97f5e0c138eae172">
+        <source>Warning: Provider not assigned to any application.</source>
+        <target>경고: 공급자가 애플리케이션에 할당되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8b0432eecbd8b034">
+        <source>Update</source>
+        <target>업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sc9175cb129fdc306">
+        <source>Update <x id="0" equiv-text="${item.verboseName}"/></source>
+        <target><x id="0" equiv-text="${item.verboseName}"/> 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s398f6ba74ba8943a">
+        <source>Select providers to add to application</source>
+        <target>애플리케이션에 추가할 공급자 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="sf9aee319a006c9b4">
+        <source>Add</source>
+        <target>앱</target>
+        
+      </trans-unit>
+      <trans-unit id="sa90b7809586c35ce">
+        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon &quot;fa-test&quot;.</source>
+        <target>전체 URL, 상대 경로를 입력하거나, 또는 'fa://fa-test'를 사용하여 Font Awesome 아이콘 &quot;fa-test&quot;를 사용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0410779cb47de312">
+        <source>Path template for users created. Use placeholders like `%(slug)s` to insert the source slug.</source>
+        <target>사용자용 경로 템플릿이 생성되었습니다. 소스 슬러그를 삽입하려면 `%(slug)s`와 같은 자리 표시자를 사용하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s58fd2aafa4261c55">
+        <source>Successfully updated application.</source>
+        <target>애플리케이션을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9222ca30ae7786e4">
+        <source>Successfully created application.</source>
+        <target>애플리케이션을 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s03907d7a66c6164e">
+        <source>Application's display Name.</source>
+        <target>애플리케이션의 표시 이름입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s91f70424f5d5d23e">
+        <source>Slug</source>
+        <target>슬러그</target>
+        
+      </trans-unit>
+      <trans-unit id="sdae55084f6cb2662">
+        <source>Optionally enter a group name. Applications with identical groups are shown grouped together.</source>
+        <target>선택 사항으로 그룹 이름을 입력합니다. 동일한 그룹을 가진 애플리케이션이 함께 그룹으로 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f5869b3d14d7cbc">
+        <source>Provider</source>
+        <target>공급자</target>
+        
+      </trans-unit>
+      <trans-unit id="s350a616ff5e145ec">
+        <source>Select a provider that this application should use.</source>
+        <target>이 애플리케이션이 사용할 공급자를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4c6534a118f52fdd">
+        <source>Select backchannel providers which augment the functionality of the main provider.</source>
+        <target>기본 공급자의 기능을 보강하는 백채널 공급자를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0639662111324466">
+        <source>Policy engine mode</source>
+        <target>정책 엔진 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="s1a0e95458b44d7f8">
+        <source>Any policy must match to grant access</source>
+        <target>여러 정책 중 어느 하나라도 충족하면 액세스를 허용</target>
+        
+      </trans-unit>
+      <trans-unit id="s7fc1ace65486dc25">
+        <source>All policies must match to grant access</source>
+        <target>여러 정책 중 모든 정책이 충족하면 액세스를 허용</target>
+        
+      </trans-unit>
+      <trans-unit id="s8be4abc7ca71da6c">
+        <source>UI settings</source>
+        <target>UI 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s427f788ff333f45b">
+        <source>Launch URL</source>
+        <target>시작 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s992f8d1a776e763c">
+        <source>If left empty, authentik will try to extract the launch URL based on the selected provider.</source>
+        <target>비워두면 authentik이 선택한 공급업체를 기반으로 시작 URL을 추출하려고 시도합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2348f46ebf436671">
+        <source>Open in new tab</source>
+        <target>새 브라우저 탭에서 열기</target>
+        
+      </trans-unit>
+      <trans-unit id="s8655c52824caac63">
+        <source>If checked, the launch URL will open in a new browser tab or window from the user's application library.</source>
+        <target>이 옵션을 선택하면 사용자의 애플리케이션 라이브러리에서 새 브라우저 탭이나 창에서 실행 URL이 열립니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s068d4dd16d9106d0">
+        <source>Icon</source>
+        <target>아이콘</target>
+        
+      </trans-unit>
+      <trans-unit id="s67e20cd8018d7e3c">
+        <source>Currently set to:</source>
+        <target>현재 다음으로 설정됨:</target>
+        
+      </trans-unit>
+      <trans-unit id="s80e6d6fe5ad458d3">
+        <source>Clear icon</source>
+        <target>아이콘 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s6d3b4d0561ba1cff">
+        <source>Publisher</source>
+        <target>발행인</target>
+        
+      </trans-unit>
+      <trans-unit id="sa8c45b6b92a8ba1f">
+        <source>Create Application</source>
+        <target>애플리케이션 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s3d197283cb019b5a">
+        <source>Overview</source>
+        <target>개요</target>
+        
+      </trans-unit>
+      <trans-unit id="s6c3daaac4eed12f9">
+        <source>Changelog</source>
+        <target>변경 로그</target>
+        
+      </trans-unit>
+      <trans-unit id="s05e395ff60af047b">
+        <source>Warning: Provider is not used by any Outpost.</source>
+        <target>경고: 공급자는 Outpost에서 사용하고 있지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sccbfc4dec0c8d80c">
+        <source>Assigned to application</source>
+        <target>애플리케이션에 할당</target>
+        
+      </trans-unit>
+      <trans-unit id="s2d46e3a9ee8e0e7e">
+        <source>Update LDAP Provider</source>
+        <target>LDAP 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s64ef2a6c2dd1d3d1">
+        <source>Edit</source>
+        <target>수정</target>
+        
+      </trans-unit>
+      <trans-unit id="saf24e253b3b006d4">
+        <source>How to connect</source>
+        <target>연결 방법</target>
+        
+      </trans-unit>
+      <trans-unit id="s02b3fade1795d03f">
+        <source>Connect to the LDAP Server on port 389:</source>
+        <target>포트 389에서 LDAP 서버에 연결합니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="sa00cf67b54c44c71">
+        <source>Check the IP of the Kubernetes service, or</source>
+        <target>쿠버네티스 서비스의 IP를 확인하거나, 또는</target>
+        
+      </trans-unit>
+      <trans-unit id="s28f270859c5f4d51">
+        <source>The Host IP of the docker host</source>
+        <target>도커 호스트의 호스트 IP</target>
+        
+      </trans-unit>
+      <trans-unit id="sb7794c2910b1a9ec">
+        <source>Bind DN</source>
+        <target>DN 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="s5694f9421c428227">
+        <source>Bind Password</source>
+        <target>비밀번호 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="s086e1bbe7c97ea16">
+        <source>Search base</source>
+        <target>검색 베이스</target>
+        
+      </trans-unit>
+      <trans-unit id="s417b90913e05bc17">
+        <source>Preview</source>
+        <target>미리보기</target>
+        
+      </trans-unit>
+      <trans-unit id="s17f3eaf3b07ece26">
+        <source>Warning: Provider is not used by an Application.</source>
+        <target>경고: 공급자는 애플리케이션에서 사용하지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s56806e9f63efa298">
+        <source>Redirect URIs</source>
+        <target>리디렉션 URI</target>
+        
+      </trans-unit>
+      <trans-unit id="sdbc08adee233f180">
+        <source>Update OAuth2 Provider</source>
+        <target>OAuth2 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s9d96eb5ca93e6473">
+        <source>OpenID Configuration URL</source>
+        <target>OpenID 구성 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s74f809a69e030351">
+        <source>OpenID Configuration Issuer</source>
+        <target>OpenID 구성 발급자</target>
+        
+      </trans-unit>
+      <trans-unit id="s028be8989873f001">
+        <source>Authorize URL</source>
+        <target>인가 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sebda1d54a3f9f967">
+        <source>Token URL</source>
+        <target>토큰 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s2fc3eb68c7ced3af">
+        <source>Userinfo URL</source>
+        <target>사용자정보 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s145483489b87a622">
+        <source>Logout URL</source>
+        <target>로그아웃 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s59f5eda30a904b75">
+        <source>JWKS URL</source>
+        <target>JWKS URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s453b0c150a7ca58e">
+        <source>Example JWT payload (for currently authenticated user)</source>
+        <target>JWT 페이로드 예시(현재 인가된 사용자의 경우)</target>
+        
+      </trans-unit>
+      <trans-unit id="sc6e8a34361c7c272">
+        <source>Forward auth (domain-level)</source>
+        <target>Forward auth (domain-level)</target>
+        
+      </trans-unit>
+      <trans-unit id="s6df42b3072a2d7e9">
+        <source>Nginx (Ingress)</source>
+        <target>Nginx (Ingress)</target>
+        
+      </trans-unit>
+      <trans-unit id="s8e01a852c1db8d29">
+        <source>Nginx (Proxy Manager)</source>
+        <target>Nginx (Proxy Manager)</target>
+        
+      </trans-unit>
+      <trans-unit id="sabebdc7fa6a5bddb">
+        <source>Nginx (standalone)</source>
+        <target>Nginx (standalone)</target>
+        
+      </trans-unit>
+      <trans-unit id="s5d9f93f1fe1c19d3">
+        <source>Traefik (Ingress)</source>
+        <target>Traefik (Ingress)</target>
+        
+      </trans-unit>
+      <trans-unit id="se2b62f7e9017965e">
+        <source>Traefik (Compose)</source>
+        <target>Traefik (Compose)</target>
+        
+      </trans-unit>
+      <trans-unit id="s4c4c504a48c3b7bd">
+        <source>Traefik (Standalone)</source>
+        <target>Traefik (Standalone)</target>
+        
+      </trans-unit>
+      <trans-unit id="s7ba9677d069e5f02">
+        <source>Caddy (Standalone)</source>
+        <target>Caddy (Standalone)</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a1e774ab25aa232">
+        <source>Internal Host</source>
+        <target>내부 호스트</target>
+        
+      </trans-unit>
+      <trans-unit id="sc9c3578cce3cf7a8">
+        <source>External Host</source>
+        <target>외부 호스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s7a141f1b61074fbe">
+        <source>Basic-Auth</source>
+        <target>Basic-Auth</target>
+        
+      </trans-unit>
+      <trans-unit id="scb489a1a173ac3f0">
+        <source>Yes</source>
+        <target>네</target>
+        
+      </trans-unit>
+      <trans-unit id="s37cbecaec58e2192">
+        <source>Mode</source>
+        <target>모드</target>
+        
+      </trans-unit>
+      <trans-unit id="s4e474b9e2e737dd1">
+        <source>Update Proxy Provider</source>
+        <target>프록시 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s37eb2f1b6e3c19c2">
+        <source>Protocol Settings</source>
+        <target>프로토콜 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s5116b89f7db1fbec">
+        <source>Allowed Redirect URIs</source>
+        <target>허가된 리디렉션 URI</target>
+        
+      </trans-unit>
+      <trans-unit id="saeff3596e1ac31b6">
+        <source>Setup</source>
+        <target>설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b783856ab4aaaf3">
+        <source>No additional setup is required.</source>
+        <target>추가 설정이 필요하지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s09b671b120443043">
+        <source>Update Radius Provider</source>
+        <target>Radius 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sd3386a2ef42e80b9">
+        <source>Download</source>
+        <target>다운로드</target>
+        
+      </trans-unit>
+      <trans-unit id="sf417c13d7a0f7995">
+        <source>Copy download URL</source>
+        <target>다운로드 URL 복사</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1cfce89ebcf1bf9">
+        <source>Download signing certificate</source>
+        <target>서명 인증서 다운로드</target>
+        
+      </trans-unit>
+      <trans-unit id="s2c0de3d35a7bc784">
+        <source>Related objects</source>
+        <target>관련 오브젝트</target>
+        
+      </trans-unit>
+      <trans-unit id="s803b0621006085be">
+        <source>Update SAML Provider</source>
+        <target>SAML 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s44b1f042790cd1a2">
+        <source>SAML Configuration</source>
+        <target>SAML 구성</target>
+        
+      </trans-unit>
+      <trans-unit id="sba999428083abce3">
+        <source>EntityID/Issuer</source>
+        <target>EntityID/Issuer</target>
+        
+      </trans-unit>
+      <trans-unit id="scd2984ee5552643a">
+        <source>SSO URL (Post)</source>
+        <target>SSO URL (Post)</target>
+        
+      </trans-unit>
+      <trans-unit id="saa79b47f60c66458">
+        <source>SSO URL (Redirect)</source>
+        <target>SSO URL (Redirect)</target>
+        
+      </trans-unit>
+      <trans-unit id="s2da51a6287118ba8">
+        <source>SSO URL (IdP-initiated Login)</source>
+        <target>SSO URL (IdP-initiated Login)</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a57e911e457302b">
+        <source>SLO URL (Post)</source>
+        <target>SLO URL (Post)</target>
+        
+      </trans-unit>
+      <trans-unit id="s1e7308bb1ca323e1">
+        <source>SLO URL (Redirect)</source>
+        <target>SLO URL (Redirect)</target>
+        
+      </trans-unit>
+      <trans-unit id="sd2c58d7c6dddc515">
+        <source>SAML Metadata</source>
+        <target>SAML 메타데이터</target>
+        
+      </trans-unit>
+      <trans-unit id="s382b702673776873">
+        <source>Example SAML attributes</source>
+        <target>SAML 특성 예시</target>
+        
+      </trans-unit>
+      <trans-unit id="sea3bfc143ced73db">
+        <source>NameID attribute</source>
+        <target>NameID 특성</target>
+        
+      </trans-unit>
+      <trans-unit id="s2f0f6691de0b0388">
+        <source>Warning: Provider is not assigned to an application as backchannel provider.</source>
+        <target>경고: 공급자가 애플리케이션에 백채널 공급자로 할당되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc6c575c5ff64cdb1">
+        <source>Update SCIM Provider</source>
+        <target>SCIM 공급자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sbecf8dc03c978d15">
+        <source>Run sync again</source>
+        <target>다시 동기화 진행</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2cedfb22488ccb2">
+        <source>Modern applications, APIs and Single-page applications.</source>
+        <target>현대적인 애플리케이션, API 및 단일 페이지 애플리케이션.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc3259eb55cf91e8c">
+        <source>LDAP</source>
+        <target>LDAP</target>
+        
+      </trans-unit>
+      <trans-unit id="sffd5481034a1bd41">
+        <source>Provide an LDAP interface for applications and users to authenticate against.</source>
+        <target>응용 프로그램 및 사용자가 인증하기 위한 LDAP 인터페이스를 제공하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0c9670f429e74283">
+        <source>New application</source>
+        <target>새 애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="s6ba50bb0842ba1e2">
+        <source>Applications</source>
+        <target>애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="s96b2fefc550e4b1c">
+        <source>Provider Type</source>
+        <target>공급자 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="sd20f6cd02c90867f">
+        <source>Application(s)</source>
+        <target>애플리케이션(목록)</target>
+        
+      </trans-unit>
+      <trans-unit id="sb564f81eb057342e">
+        <source>Application Icon</source>
+        <target>애플리케이션 아이콘</target>
+        
+      </trans-unit>
+      <trans-unit id="sa347e31efbb60be2">
+        <source>Update Application</source>
+        <target>애플리케이션 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sd9b556a84ae25690">
+        <source>Successfully sent test-request.</source>
+        <target>테스트-요청을 성공적으로 보냈습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5deac600e329de1b">
+        <source>Log messages</source>
+        <target>로그 메시지</target>
+        
+      </trans-unit>
+      <trans-unit id="s3feea7b49673bef2">
+        <source>No log messages.</source>
+        <target>로그 메시지가 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa45a194b58837e4f">
+        <source>Active</source>
+        <target>활성</target>
+        
+      </trans-unit>
+      <trans-unit id="s58c867aac77b9158">
+        <source>Last login</source>
+        <target>마지막 로그인</target>
+        
+      </trans-unit>
+      <trans-unit id="s3e3bb9e7cb1de4fd">
+        <source>Select users to add</source>
+        <target>추가할 사용자 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="s75d5ff5dd8d3c6d2">
+        <source>Successfully updated group.</source>
+        <target>그룹을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3079ca1184e77573">
+        <source>Successfully created group.</source>
+        <target>그룹을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s63cb05541b294335">
+        <source>Is superuser</source>
+        <target>슈퍼유저</target>
+        
+      </trans-unit>
+      <trans-unit id="s29315e374008d0c5">
+        <source>Users added to this group will be superusers.</source>
+        <target>이 그룹에 추가된 사용자는 슈퍼유저가 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4eb514ebcb80553d">
+        <source>Parent</source>
+        <target>상위</target>
+        
+      </trans-unit>
+      <trans-unit id="s16b9446e3a70e1f4">
+        <source>Attributes</source>
+        <target>특성(Attributes)</target>
+        
+      </trans-unit>
+      <trans-unit id="sec97cdaf7af8648b">
+        <source>Set custom attributes using YAML or JSON.</source>
+        <target>YAML 또는 JSON을 사용하여 사용자 정의 특성(Attributes)을 설정하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1e36813d3504ed48">
+        <source>Successfully updated binding.</source>
+        <target>바인딩을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1bf56ee106e9e711">
+        <source>Successfully created binding.</source>
+        <target>바인딩을 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s042baf59902a711f">
+        <source>Policy</source>
+        <target>정책</target>
+        
+      </trans-unit>
+      <trans-unit id="s5f5bf4ef2bd93c04">
+        <source>Group mappings can only be checked if a user is already logged in when trying to access this source.</source>
+        <target>그룹 매핑은 사용자가 이 소스에 액세스하려고 할 때 이미 로그인한 경우에만 확인할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6c607d74bdfe9f36">
+        <source>User mappings can only be checked if a user is already logged in when trying to access this source.</source>
+        <target>사용자 매핑은 사용자가 이 소스에 액세스하려고 할 때 이미 로그인한 경우에만 확인할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s965c503c3e42fdfe">
+        <source>Enabled</source>
+        <target>활성화됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s6b85380416964890">
+        <source>Negate result</source>
+        <target>결과 무효화</target>
+        
+      </trans-unit>
+      <trans-unit id="s3bfa0258999fb629">
+        <source>Negates the outcome of the binding. Messages are unaffected.</source>
+        <target>바인딩 결과를 무효화합니다. 메시지는 영향을 받지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2ba5f4d8f3bd7c57">
+        <source>Order</source>
+        <target>순서</target>
+        
+      </trans-unit>
+      <trans-unit id="se1e040b55319a0e8">
+        <source>Timeout</source>
+        <target>타임아웃</target>
+        
+      </trans-unit>
+      <trans-unit id="s29ec5e7889f4787f">
+        <source>Successfully updated policy.</source>
+        <target>정책을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfc400b2d71e49d28">
+        <source>Successfully created policy.</source>
+        <target>정책을 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="safc0e0656d572f4e">
+        <source>A policy used for testing. Always returns the same result as specified below after waiting a random duration.</source>
+        <target>테스트에 사용되는 정책입니다. 임의의 시간을 기다린 후 항상 아래에 지정된 것과 동일한 결과를 반환합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ffa1ac03ce6fd20">
+        <source>Execution logging</source>
+        <target>실행 로깅</target>
+        
+      </trans-unit>
+      <trans-unit id="saf31b3c610036ed6">
+        <source>When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.</source>
+        <target>이 옵션을 활성화하면 이 정책의 모든 실행이 기록됩니다. 기본적으로 실행 오류만 기록됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa879d5ce584875cf">
+        <source>Policy-specific settings</source>
+        <target>정책별 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s838418d1a0815157">
+        <source>Pass policy?</source>
+        <target>정책을 통과함?</target>
+        
+      </trans-unit>
+      <trans-unit id="sd8c5339b82b71507">
+        <source>Wait (min)</source>
+        <target>대기 (최소)</target>
+        
+      </trans-unit>
+      <trans-unit id="sda4e78c19f5b6f35">
+        <source>The policy takes a random time to execute. This controls the minimum time it will take.</source>
+        <target>정책은 실행하는 데 임의의 시간이 걸립니다. 이 값은 실행에 걸리는 최소 시간을 제어합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1d30ff9ba938e68d">
+        <source>Wait (max)</source>
+        <target>대기 (최대)</target>
+        
+      </trans-unit>
+      <trans-unit id="s303b5e552246e613">
+        <source>Matches an event against a set of criteria. If any of the configured values match, the policy passes.</source>
+        <target>기준 집합에 대해 이벤트를 일치시킵니다. 구성된 값 중 하나라도 일치하면 정책이 통과됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s890810efbe103cbc">
+        <source>Match created events with this action type. When left empty, all action types will be matched.</source>
+        <target>생성된 이벤트를 이 작업 유형과 일치시킵니다. 비워두면 모든 액션 유형이 일치합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfab527528ea64618">
+        <source>Matches Event's Client IP (strict matching, for network matching use an Expression Policy.</source>
+        <target>이벤트의 클라이언트 IP를 일치시킵니다 (엄격 일치, 네트워크 일치의 경우 표현식 정책 사용.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5a15a8f39c699273">
+        <source>Match events created by selected application. When left empty, all applications are matched.</source>
+        <target>선택한 애플리케이션에서 생성한 이벤트와 일치시킵니다. 비워두면 모든 애플리케이션이 일치합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5a13f4bbe004503f">
+        <source>Checks if the request's user's password has been changed in the last x days, and denys based on settings.</source>
+        <target>요청 사용자의 비밀번호가 지난 x일 동안 변경되었는지 확인하고 설정에 따라 거부합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfad8af8ce38104a3">
+        <source>Maximum age (in days)</source>
+        <target>Maximum age (일)</target>
+        
+      </trans-unit>
+      <trans-unit id="s9307f3dbb07a73b5">
+        <source>Only fail the policy, don't invalidate user's password</source>
+        <target>정책만 실패하고 사용자의 비밀번호는 무효화하지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scea1f16238093e35">
+        <source>Executes the python snippet to determine whether to allow or deny a request.</source>
+        <target>파이썬 스니펫을 실행하여 요청을 허용할지 거부할지 결정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sabd1bc9fb7da71e7">
+        <source>Expression using Python.</source>
+        <target>파이썬을 사용하는 정규표현식.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8d08843f397d9e81">
+        <source>See documentation for a list of all variables.</source>
+        <target>모든 변수의 목록은 문서를 참조하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="se2cc93bd2647baec">
+        <source>Static rules</source>
+        <target>정적 규칙</target>
+        
+      </trans-unit>
+      <trans-unit id="sc96dd9d2e7b05fc5">
+        <source>Minimum length</source>
+        <target>최소 길이</target>
+        
+      </trans-unit>
+      <trans-unit id="s33d48fb745f4d4ae">
+        <source>Minimum amount of Uppercase Characters</source>
+        <target>대문자의 최소 개수</target>
+        
+      </trans-unit>
+      <trans-unit id="s883b544e2b4aa3b5">
+        <source>Minimum amount of Lowercase Characters</source>
+        <target>소문자의 최소 개수</target>
+        
+      </trans-unit>
+      <trans-unit id="s43be3ce2439ffe9c">
+        <source>Minimum amount of Digits</source>
+        <target>숫자의 최소 수</target>
+        
+      </trans-unit>
+      <trans-unit id="sb3651834cca86735">
+        <source>Minimum amount of Symbols Characters</source>
+        <target>특수 문자의 최소 수</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2f116c0ea77d58a">
+        <source>Error message</source>
+        <target>오류 메시지</target>
+        
+      </trans-unit>
+      <trans-unit id="s21d0e290c51a8ef9">
+        <source>Symbol charset</source>
+        <target>기호 문자셋</target>
+        
+      </trans-unit>
+      <trans-unit id="s545d99afa61e4095">
+        <source>Characters which are considered as symbols.</source>
+        <target>심볼로 간주되는 문자입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1293ad87acc7a609">
+        <source>HaveIBeenPwned settings</source>
+        <target>HaveIBeenPwned 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sdf4e1c6a2f072600">
+        <source>Allowed count</source>
+        <target>허용된 횟수</target>
+        
+      </trans-unit>
+      <trans-unit id="scd8062ff5e1326d8">
+        <source>Allow up to N occurrences in the HIBP database.</source>
+        <target>HIBP 데이터베이스에서 최대 N개의 항목을 허용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3fd219b045193507">
+        <source>zxcvbn settings</source>
+        <target>zxcvbn 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s28d84abfbaf555ea">
+        <source>Score threshold</source>
+        <target>점수 기준점</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b3148ffba9f4527">
+        <source>If the password's score is less than or equal this value, the policy will fail.</source>
+        <target>비밀번호의 점수가 이 값보다 작거나 같으면 정책이 실패합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd6cd7ce2310a73a4">
+        <source>Checks the value from the policy request against several rules, mostly used to ensure password strength.</source>
+        <target>정책 요청의 값을 여러 규칙과 비교하여 확인하며, 주로 비밀번호 강도를 보장하는 데 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a957e843960b604">
+        <source>Password field</source>
+        <target>비밀번호 입력란</target>
+        
+      </trans-unit>
+      <trans-unit id="se8a81c75b6e30a33">
+        <source>Field key to check, field keys defined in Prompt stages are available.</source>
+        <target>확인하려는 필드 키, 프롬프트 스테이지에서 정의된 필드 키를 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2f8c4cf12350a36c">
+        <source>Check static rules</source>
+        <target>정적 규칙 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="sd75a9a71309fb387">
+        <source>Check haveibeenpwned.com</source>
+        <target>haveibeenpwned.com에서 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="se5cb18408df3284e">
+        <source>For more info see:</source>
+        <target>자세한 내용은 다음을 참조하세요:</target>
+        
+      </trans-unit>
+      <trans-unit id="scef7abb8456b06d6">
+        <source>Check zxcvbn</source>
+        <target>zxcvbn 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="sdfdb58cd232b363d">
+        <source>Password strength estimator created by Dropbox, see:</source>
+        <target>Dropbox에서 만든 비밀번호 강도 추정기를 참조하세요:</target>
+        
+      </trans-unit>
+      <trans-unit id="s40b034801fcb843b">
+        <source>Allows/denys requests based on the users and/or the IPs reputation.</source>
+        <target>사용자 및/또는 IP 평판에 따라 요청을 허용/거부합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scf4afecb0f1e69b2">
+        <source>Invalid login attempts will decrease the score for the client's IP, and the
+username they are attempting to login as, by one.</source>
+        <target>잘못된 로그인 시도는 클라이언트의 IP와 로그인을 시도하는 사용자 아이디의 사용자명에 대한 점수가 하나씩 감소합니다.</target>
+      </trans-unit>
+      <trans-unit id="s8323a9af28e10502">
+        <source>The policy passes when the reputation score is below the threshold, and
+doesn't pass when either or both of the selected options are equal or above the threshold.</source>
+        <target>평판 점수가 임계값보다 낮으면 정책이 통과되며, 선택한 옵션이 모두 임계값보다 높으면 는 선택한 옵션 중 하나 또는 둘 다 임계값 이상이면 통과하지 않습니다.</target>
+      </trans-unit>
+      <trans-unit id="s1828fbfc2c56379c">
+        <source>Check IP</source>
+        <target>IP 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s4751df77cfd8a5f9">
+        <source>Check Username</source>
+        <target>사용자명 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="se19cc57dd8675498">
+        <source>Threshold</source>
+        <target>임계값</target>
+        
+      </trans-unit>
+      <trans-unit id="sdbccb39a658f0e45">
+        <source>New policy</source>
+        <target>새 정책</target>
+        
+      </trans-unit>
+      <trans-unit id="sf693300708a40d2c">
+        <source>Create a new policy.</source>
+        <target>새 정책을 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5b1fb0d4c0daeba8">
+        <source>Create Binding</source>
+        <target>바인딩 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s9fb28be12e2c6317">
+        <source>Superuser</source>
+        <target>슈퍼유저</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f5a5f23312798f0">
+        <source>Members</source>
+        <target>멤버</target>
+        
+      </trans-unit>
+      <trans-unit id="s7eb3d239e0b491ab">
+        <source>Select groups to add user to</source>
+        <target>사용자를 추가할 그룹 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="sec5cdfa358f9dbf7">
+        <source>Warning: Adding the user to the selected group(s) will give them superuser permissions.</source>
+        <target>경고: 선택한 그룹에 사용자를 추가하면 해당 사용자에게 슈퍼유저 권한이 부여됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scab2900019953050">
+        <source>Successfully updated user.</source>
+        <target>사용자 업데이트에 성공했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9c3c272944dcfca3">
+        <source>Successfully created user.</source>
+        <target>사용자를 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s03f42eea72154959">
+        <source>Username</source>
+        <target>사용자명</target>
+        
+      </trans-unit>
+      <trans-unit id="s5a802e46a033c8af">
+        <source>User's primary identifier. 150 characters or fewer.</source>
+        <target>사용자의 기본 식별자입니다. 150자 이하.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd34be0d0fcb39971">
+        <source>User's display name.</source>
+        <target>사용자의 표시 이름입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd1f44f1a8bc20e67">
+        <source>Email</source>
+        <target>이메일</target>
+        
+      </trans-unit>
+      <trans-unit id="sbe3b416a356f1c91">
+        <source>Is active</source>
+        <target>활성화</target>
+        
+      </trans-unit>
+      <trans-unit id="s35fac2e5677d55cd">
+        <source>Designates whether this user should be treated as active. Unselect this instead of deleting accounts.</source>
+        <target>이 사용자를 활성 상태로 처리할지 여부를 지정합니다. 계정을 삭제하는 대신 이 옵션을 선택 취소합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2e532e19ed477a56">
+        <source>Path</source>
+        <target>경로</target>
+        
+      </trans-unit>
+      <trans-unit id="s67560d7e37d984c3">
+        <source>Policy / User / Group</source>
+        <target>정책 / 사용자 / 그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="s030ac0829bb50a49">
+        <source>Policy <x id="0" equiv-text="${item.policyObj?.name}"/></source>
+        <target><x id="0" equiv-text="${item.policyObj?.name}"/> 정책</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a64d2dca3da9b0e">
+        <source>Group <x id="0" equiv-text="${item.groupObj?.name}"/></source>
+        <target><x id="0" equiv-text="${item.groupObj?.name}"/> 그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="se5dc026819a32ff8">
+        <source>User <x id="0" equiv-text="${item.userObj?.name}"/></source>
+        <target><x id="0" equiv-text="${item.userObj?.name}"/> 사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="s50c312bea93b6925">
+        <source>Edit Policy</source>
+        <target>정책 편집</target>
+        
+      </trans-unit>
+      <trans-unit id="s0b55a57f473ab8af">
+        <source>Update Group</source>
+        <target>그룹 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s494e1ed913d9351a">
+        <source>Edit Group</source>
+        <target>그룹 편집</target>
+        
+      </trans-unit>
+      <trans-unit id="sad130c2d925fb7bf">
+        <source>Update User</source>
+        <target>사용자 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s5cd31f4a88adf180">
+        <source>Edit User</source>
+        <target>사용자 편집</target>
+        
+      </trans-unit>
+      <trans-unit id="se291dfd2a59d7842">
+        <source>Policy binding(s)</source>
+        <target>정책 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s7e87ab366c199345">
+        <source>Update Binding</source>
+        <target>바인딩 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s40b80eb4cc1f0e0c">
+        <source>Edit Binding</source>
+        <target>바인딩 편집</target>
+        
+      </trans-unit>
+      <trans-unit id="sbad5b96fb855ef36">
+        <source>No Policies bound.</source>
+        <target>정책 바인딩 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc15d60377cc8aaac">
+        <source>No policies are currently bound to this object.</source>
+        <target>현재 이 오브젝트에 바인딩된 정책이 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sddb040c47daae56b">
+        <source>Bind existing policy</source>
+        <target>기존 정책 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="saa855c61e0403fe6">
+        <source>Warning: Application is not used by any Outpost.</source>
+        <target>경고: 애플리케이션이 어떤 Outpost에서도 사용하지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6cbd4f92ebaf5d8">
+        <source>Related</source>
+        <target>관련</target>
+        
+      </trans-unit>
+      <trans-unit id="sc92ea8fbf9ba06a7">
+        <source>Backchannel Providers</source>
+        <target>백채널 공급자</target>
+        
+      </trans-unit>
+      <trans-unit id="sd71081c23d1cd38b">
+        <source>Check access</source>
+        <target>액세스 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s42cbd8dca939a9c7">
+        <source>Check</source>
+        <target>확인</target>
+        
+      </trans-unit>
+      <trans-unit id="sf22f7f8a9309b4ed">
+        <source>Check Application access</source>
+        <target>애플리케이션 액세스 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s2474e7fb1aec9f05">
+        <source>Test</source>
+        <target>테스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s512957aa09384646">
+        <source>Launch</source>
+        <target>실행</target>
+        
+      </trans-unit>
+      <trans-unit id="sed02f831e653deb3">
+        <source>Logins over the last week (per 8 hours)</source>
+        <target>지난 한 주 동안의 로그인 횟수(8시간당)</target>
+        
+      </trans-unit>
+      <trans-unit id="s2b1bc31276c4c477">
+        <source>Policy / Group / User Bindings</source>
+        <target>정책 / 그룹 / 사용자 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s473f0143efa3f706">
+        <source>These policies control which users can access this application.</source>
+        <target>이러한 정책은 이 애플리케이션에 액세스할 수 있는 사용자를 제어합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s24875d5475e82526">
+        <source>Successfully updated source.</source>
+        <target>소스를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s60d891ed3ee9ebc5">
+        <source>Successfully created source.</source>
+        <target>소스를 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8af7239354f7e7b6">
+        <source>Sync users</source>
+        <target>사용자 동기화</target>
+        
+      </trans-unit>
+      <trans-unit id="sd80b0b8aeae3abe3">
+        <source>User password writeback</source>
+        <target>사용자 비밀번호 재설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s2b952e9dc99cbded">
+        <source>Login password is synced from LDAP into authentik automatically. Enable this option only to write password changes in authentik back to LDAP.</source>
+        <target>로그인 비밀번호가 LDAP에서 인증으로 자동 동기화됩니다. 이 옵션은 인증에서 변경된 비밀번호를 LDAP에 다시 쓰려는 경우에만 사용하도록 설정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="saf7ce4165a1025f6">
+        <source>Sync groups</source>
+        <target>그룹 동기화</target>
+        
+      </trans-unit>
+      <trans-unit id="s2035f889f576bca6">
+        <source>Connection settings</source>
+        <target>연결 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a72e65aef45b1e8">
+        <source>Server URI</source>
+        <target>서버 URI</target>
+        
+      </trans-unit>
+      <trans-unit id="sa599dbe5776897ad">
+        <source>Specify multiple server URIs by separating them with a comma.</source>
+        <target>여러 서버 URI를 쉼표로 구분하여 지정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se36b55dfcf5dc80b">
+        <source>Enable StartTLS</source>
+        <target>StartTLS 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s33683c3b1dbaf264">
+        <source>To use SSL instead, use 'ldaps://' and disable this option.</source>
+        <target>대신 SSL을 사용하려면 'ldaps://'를 사용하고 이 옵션을 비활성화하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2221fef80f4753a2">
+        <source>TLS Verification Certificate</source>
+        <target>TLS 인증 인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8c13bd58191cea2">
+        <source>When connecting to an LDAP Server with TLS, certificates are not checked by default. Specify a keypair to validate the remote certificate.</source>
+        <target>TLS를 사용하여 LDAP 서버에 연결할 때 인증서는 기본적으로 확인되지 않습니다. 원격 인증서의 유효성을 검사할 키쌍을 지정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb7684e2910a33a1f">
+        <source>Bind CN</source>
+        <target>CN 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s3de6db803012016a">
+        <source>LDAP Attribute mapping</source>
+        <target>LDAP 특성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s7c05ee41d634aa45">
+        <source>Property mappings used to user creation.</source>
+        <target>사용자 생성에 사용되는 특성 매핑입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s94333971a07803b9">
+        <source>Additional settings</source>
+        <target>추가 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sd14a19a19d507f9e">
+        <source>Parent group for all the groups imported from LDAP.</source>
+        <target>LDAP에서 가져온 모든 그룹의 상위 그룹입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfbc59ff17a73503d">
+        <source>User path</source>
+        <target>사용자 경로</target>
+        
+      </trans-unit>
+      <trans-unit id="sd18170637295bace">
+        <source>Addition User DN</source>
+        <target>사용자 DN 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ae089fd248e72db">
+        <source>Additional user DN, prepended to the Base DN.</source>
+        <target>기본 DN 앞에 추가 사용자 DN을 추가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5944355d69db1fb8">
+        <source>Addition Group DN</source>
+        <target>추가 그룹 DN</target>
+        
+      </trans-unit>
+      <trans-unit id="sfae9f4ea5749a36b">
+        <source>Additional group DN, prepended to the Base DN.</source>
+        <target>기본 DN 앞에 추가 그룹 DN을 붙입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s66ffc06300964849">
+        <source>User object filter</source>
+        <target>사용자 오브젝트 필터</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c2a173db0e1ec61">
+        <source>Consider Objects matching this filter to be Users.</source>
+        <target>이 필터와 일치하는 오브젝트를 사용자로 간주합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2ec94a7c7f5bcd1b">
+        <source>Group object filter</source>
+        <target>그룹 오브젝트 필터</target>
+        
+      </trans-unit>
+      <trans-unit id="saf5eb7596b3a355b">
+        <source>Consider Objects matching this filter to be Groups.</source>
+        <target>이 필터와 일치하는 오브젝트를 그룹으로 간주합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf325a4adba4d6278">
+        <source>Group membership field</source>
+        <target>그룹 구성원 필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s76768bebabb7d543">
+        <source>Field which contains members of a group. Note that if using the &quot;memberUid&quot; field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
+        <target>그룹 구성원이 포함된 필드입니다. 'memberUid' 필드를 사용하는 경우 값에 상대적인 고유 이름이 포함된 것으로 가정합니다 (예:'memberUid=some-user' 대신 'memberUid=cn=some-user,ou=groups,...').</target>
+        
+      </trans-unit>
+      <trans-unit id="s026555347e589f0e">
+        <source>Object uniqueness field</source>
+        <target>오브젝트 고유 필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s24211f319e5b7e98">
+        <source>Field which contains a unique Identifier.</source>
+        <target>고유 식별자가 포함된 필드입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s900b0d85b872d134">
+        <source>Link users on unique identifier</source>
+        <target>고유 식별자에 사용자 연결</target>
+        
+      </trans-unit>
+      <trans-unit id="s6c70a73265e14521">
+        <source>Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses</source>
+        <target>이메일 주소가 동일한 사용자에게 링크합니다. 소스에서 이메일 주소의 유효성을 검사하지 않을 경우 보안에 영향을 미칠 수 있습니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s995535e7af30d754">
+        <source>Use the user's email address, but deny enrollment when the email address already exists</source>
+        <target>사용자의 이메일 주소를 사용하되, 이메일 주소가 이미 존재하는 경우 등록을 거부합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s542ecb4130f6cea5">
+        <source>Link to a user with identical username. Can have security implications when a username is used with another source</source>
+        <target>동일한 사용자 아이디를 가진 사용자와 연결합니다. 사용자 아이디가 다른 소스와 함께 사용될 경우 보안에 영향을 미칠 수 있습니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a1debf34e5aeba4">
+        <source>Use the user's username, but deny enrollment when the username already exists</source>
+        <target>사용자의 사용자 아이디를 사용하되, 사용자 아이디가 이미 존재하는 경우 등록을 거부합니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s81ce0d54727f42d2">
+        <source>Unknown user matching mode</source>
+        <target>알 수 없는 사용자 매칭 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="sd04376c4216c921f">
+        <source>URL settings</source>
+        <target>URL 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s872d0e88ab34ed83">
+        <source>Authorization URL</source>
+        <target>인가(Authorization) URL</target>
+        
+      </trans-unit>
+      <trans-unit id="see3ff55262fd6500">
+        <source>URL the user is redirect to to consent the authorization.</source>
+        <target>사용자가 승인을 위해 리디렉션되는 URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb932dead79567c7b">
+        <source>Access token URL</source>
+        <target>액세스 토큰 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s88b8a2892635a2fc">
+        <source>URL used by authentik to retrieve tokens.</source>
+        <target>토큰을 검색하기 위해 authentik에서 사용하는 URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s69bd313dd12fc2f3">
+        <source>Profile URL</source>
+        <target>프로필 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sa8d83cd8023e8e4d">
+        <source>URL used by authentik to get user information.</source>
+        <target>사용자 정보를 가져오기 위해 authentik에서 사용하는 URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc7707b3ba3a2a7ca">
+        <source>Request token URL</source>
+        <target>토큰 요청 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s3926da5b20cdf3b6">
+        <source>URL used to request the initial token. This URL is only required for OAuth 1.</source>
+        <target>초기 토큰을 요청하는 데 사용되는 URL입니다. 이 URL은 OAuth 1에서만 필요합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s199b55513a739f43">
+        <source>OIDC Well-known URL</source>
+        <target>OIDC Well-known URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s8b149b30b5b523ef">
+        <source>OIDC well-known configuration URL. Can be used to automatically configure the URLs above.</source>
+        <target>OIDC의 well-known 구성 URL입니다. 위의 URL을 자동으로 구성하는 데 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9db2c836ade1339c">
+        <source>OIDC JWKS URL</source>
+        <target>OIDC JWKS URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s4b2a1b657c160f5b">
+        <source>JSON Web Key URL. Keys from the URL will be used to validate JWTs from this source.</source>
+        <target>JSON 웹 키 URL입니다. URL의 키는 이 소스의 JWT를 검증하는 데 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2df0b65125600de9">
+        <source>OIDC JWKS</source>
+        <target>OIDC JWKS</target>
+        
+      </trans-unit>
+      <trans-unit id="s02de8d9e8583b480">
+        <source>Raw JWKS data.</source>
+        <target>Raw JWKS 데이터.</target>
+        
+      </trans-unit>
+      <trans-unit id="s81a87652ade099e4">
+        <source>User matching mode</source>
+        <target>사용자 매칭 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="s485c05d34eb00415">
+        <source>Delete currently set icon.</source>
+        <target>현재 설정한 아이콘을 삭제합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se8987bdfb35e46b2">
+        <source>Consumer key</source>
+        <target>고객 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sabaf0061f7e41b0b">
+        <source>Consumer secret</source>
+        <target>고객 비밀</target>
+        
+      </trans-unit>
+      <trans-unit id="sa61966cd83b4924c">
+        <source>Additional scopes to be passed to the OAuth Provider, separated by space. To replace existing scopes, prefix with *.</source>
+        <target>OAuth 공급자에게 전달할 추가 범위를 공백으로 구분하여 입력합니다. 기존 범위를 바꾸려면 접두사 앞에 *를 붙입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1cc0e66dbd2b5502">
+        <source>Flow settings</source>
+        <target>플로우 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe6977a3aea3ee6e">
+        <source>Flow to use when authenticating existing users.</source>
+        <target>기존 사용자를 인증할 때 사용할 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2801a48ceac691b3">
+        <source>Enrollment flow</source>
+        <target>등록 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s5d0a14d29ebad561">
+        <source>Flow to use when enrolling new users.</source>
+        <target>새 사용자를 등록할 때 사용할 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s91f389c796720a81">
+        <source>Load servers</source>
+        <target>서버 로드</target>
+        
+      </trans-unit>
+      <trans-unit id="s24f405197ede5ebb">
+        <source>Re-authenticate with plex</source>
+        <target>Plex로 다시 인증하기</target>
+        
+      </trans-unit>
+      <trans-unit id="sc297b2e13c28ecf9">
+        <source>Allow friends to authenticate via Plex, even if you don't share any servers</source>
+        <target>친구들이 Plex를 통해 인증할 수 있도록 허용하십시오. 심지어 서버를 공유하지 않는 경우에도 해당됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfee91e08b8b47477">
+        <source>Allowed servers</source>
+        <target>Allowed servers</target>
+        
+      </trans-unit>
+      <trans-unit id="s216eb300543edd91">
+        <source>Select which server a user has to be a member of to be allowed to authenticate.</source>
+        <target>사용자가 인증을 허용받기 위해 구성원이어야 하는 서버를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s31d7f3ba04d306a5">
+        <source>SSO URL</source>
+        <target>SSO URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s1d9d6c5b424fdc1f">
+        <source>URL that the initial Login request is sent to.</source>
+        <target>초기 로그인 요청을 전송할 URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd94db2b8c85d10a6">
+        <source>SLO URL</source>
+        <target>SLO URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sc764ddf60b5149de">
+        <source>Optional URL if the IDP supports Single-Logout.</source>
+        <target>IDP가 단일 로그아웃을 지원하는 경우 선택적 URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se7430794fa89005a">
+        <source>Also known as Entity ID. Defaults the Metadata URL.</source>
+        <target>Entity ID라고도 합니다. 기본값은 Metadata URL입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5615bb595ad6ded6">
+        <source>Binding Type</source>
+        <target>바인딩 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="sa2e4d6830226d3ec">
+        <source>Redirect binding</source>
+        <target>리디렉션 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s6f96a78d81ef277c">
+        <source>Post-auto binding</source>
+        <target>Post-auto 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2c70fd56f5d0b48">
+        <source>Post binding but the request is automatically sent and the user doesn't have to confirm.</source>
+        <target>바인딩을 게시하지만 요청이 자동으로 전송되므로 사용자가 확인할 필요가 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s968c90258dcf7562">
+        <source>Post binding</source>
+        <target>Post 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="se10bbf4cf861c81b">
+        <source>Signing keypair</source>
+        <target>서명 키쌍</target>
+        
+      </trans-unit>
+      <trans-unit id="s838ed611b533b19e">
+        <source>Keypair which is used to sign outgoing requests. Leave empty to disable signing.</source>
+        <target>보내는 요청에 서명하는 데 사용되는 키쌍입니다. 서명을 사용하지 않으려면 비워 둡니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s39c8c0bf4d927c9f">
+        <source> Allow IDP-initiated logins</source>
+        <target> IDP-initiated login 허용</target>
+        
+      </trans-unit>
+      <trans-unit id="s65d507f1513c2f03">
+        <source>Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.</source>
+        <target>IdP에 의해 시작된 인증 플로우를 허용합니다. 요청 ID에 대한 유효성 검사가 수행되지 않으므로 보안 위험이 있을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s297a2075bd7e40db">
+        <source>NameID Policy</source>
+        <target>NameID 정책</target>
+        
+      </trans-unit>
+      <trans-unit id="s004e9a2c90f23900">
+        <source>Persistent</source>
+        <target>Persistent(영구)</target>
+        
+      </trans-unit>
+      <trans-unit id="s38887b94b3320533">
+        <source>Email address</source>
+        <target>이메일 주소</target>
+        
+      </trans-unit>
+      <trans-unit id="s2d34c87f67f66c6a">
+        <source>Windows</source>
+        <target>Windows</target>
+        
+      </trans-unit>
+      <trans-unit id="s1665454e31e14941">
+        <source>X509 Subject</source>
+        <target>X509 Subject</target>
+        
+      </trans-unit>
+      <trans-unit id="s0c3ac7f9383a8cfd">
+        <source>Transient</source>
+        <target>Transient(임시)</target>
+        
+      </trans-unit>
+      <trans-unit id="s20a0ce62823bfa97">
+        <source>Delete temporary users after</source>
+        <target>다음 이후 임시 사용자를 삭제합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3198c384c2f68b08">
+        <source>Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually.</source>
+        <target>임시 사용자를 삭제해야 하는 시간 오프셋입니다. 이 설정은 IDP가 'Transient' NameID 형식을 사용하고 사용자가 수동으로 로그아웃하지 않는 경우에만 적용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb32e9c1faa0b8673">
+        <source>Pre-authentication flow</source>
+        <target>사전 인증 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="sa3c1f6ac5e63a70f">
+        <source>Flow used before authentication.</source>
+        <target>사전 인증에 사용되는 플로우입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se12969ade44cd2b6">
+        <source>New source</source>
+        <target>새 소스</target>
+        
+      </trans-unit>
+      <trans-unit id="s19b09f4fc72175d1">
+        <source>Create a new source.</source>
+        <target>새 소스를 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6152026c364ad974">
+        <source>Sources of identities, which can either be synced into authentik's database, or can be used by users to authenticate and enroll themselves.</source>
+        <target>신원 소스는 인증 데이터베이스에 동기화하거나 사용자가 자신을 인증하고 등록하는 데 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a0ca63b967f1630">
+        <source>Source(s)</source>
+        <target>소스</target>
+        
+      </trans-unit>
+      <trans-unit id="s66722bc2ea775e05">
+        <source>Disabled</source>
+        <target>비활성화됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s4ff2c202b4e5bdc5">
+        <source>Built-in</source>
+        <target>Built-in</target>
+        
+      </trans-unit>
+      <trans-unit id="s52b500138a2d2b8a">
+        <source>Update LDAP Source</source>
+        <target>LDAP 소스 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s31a2d43bc1cf1790">
+        <source>Not synced yet.</source>
+        <target>아직 동기화되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s388ee787bbf2271b">
+        <source>Task finished with warnings</source>
+        <target>작업 완료(경고)</target>
+        
+      </trans-unit>
+      <trans-unit id="s949826fad0fe0909">
+        <source>Task finished with errors</source>
+        <target>작업 완료(오류)</target>
+        
+      </trans-unit>
+      <trans-unit id="sbedb77365a066648">
+        <source>Last sync: <x id="0" equiv-text="${task.taskFinishTimestamp.toLocaleString()}"/></source>
+        <target><x id="0" equiv-text="${task.taskFinishTimestamp.toLocaleString()}"/>에 마지막으로 동기화 됨</target>
+        
+      </trans-unit>
+      <trans-unit id="sf3fec8353106ac2f">
+        <source>OAuth Source <x id="0" equiv-text="${this.source.name}"/></source>
+        <target>OAuth 소스 <x id="0" equiv-text="${this.source.name}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="se09d055771f3a11d">
+        <source>Generic OpenID Connect</source>
+        <target>일반 OpenID Connect</target>
+        
+      </trans-unit>
+      <trans-unit id="s5c1dc164c89ac13e">
+        <source>Unknown provider type</source>
+        <target>Unknown provider type</target>
+        
+      </trans-unit>
+      <trans-unit id="s355b21b89ce5d9c5">
+        <source>Details</source>
+        <target>상세</target>
+        
+      </trans-unit>
+      <trans-unit id="s01088b6625d2443b">
+        <source>Callback URL</source>
+        <target>콜백 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6d5146d5efb3058">
+        <source>Access Key</source>
+        <target>액세스 Key</target>
+        
+      </trans-unit>
+      <trans-unit id="s065604a41e9d1584">
+        <source>Update OAuth Source</source>
+        <target>OAuth 소스 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b576aa71acb36a6">
+        <source>Diagram</source>
+        <target>Diagram</target>
+        
+      </trans-unit>
+      <trans-unit id="s587ba266269297ab">
+        <source>Policy Bindings</source>
+        <target>정책 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s2feae323f46479f8">
+        <source>These bindings control which users can access this source.
+            You can only use policies here as access is checked before the user is authenticated.</source>
+        <target>이러한 바인딩은 이 소스에 액세스할 수 있는 사용자를 제어합니다.
+            사용자가 인증되기 전에 액세스가 확인되므로 여기에서만 정책을 사용할 수 있습니다.
+  </target>
+      </trans-unit>
+      <trans-unit id="se17fcb1f159ee382">
+        <source>Update Plex Source</source>
+        <target>Plex 소스 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="saa10777250a6deca">
+        <source>Update SAML Source</source>
+        <target>SAML 소스 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s643d8f2e5e5e930d">
+        <source>Successfully updated mapping.</source>
+        <target>매핑을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sffeef5b119d8625c">
+        <source>Successfully created mapping.</source>
+        <target>매핑을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c33d22492029aba">
+        <source>Object field</source>
+        <target>오브젝트 필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s06df3c3b6a503da8">
+        <source>Field of the user object this value is written to.</source>
+        <target>이 값을 기록하는 사용자 객체의 필드입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd39c5e998efecf93">
+        <source>SAML Attribute Name</source>
+        <target>SAML 특성 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="scf2790cf3ad89283">
+        <source>Attribute name used for SAML Assertions. Can be a URN OID, a schema reference, or a any other string. If this property mapping is used for NameID Property, this field is discarded.</source>
+        <target>SAML 어설션에 사용되는 특성(Attribute) 이름입니다. URN OID, 스키마 참조 또는 기타 문자열일 수 있습니다. 이 속성(Property) 매핑이 NameID 속성(Property)에 사용되는 경우 이 필드는 삭제됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sab6d24c5ec8dc361">
+        <source>Friendly Name</source>
+        <target>Friendly Name</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f8aac89fe318acc">
+        <source>Optionally set the 'FriendlyName' value of the Assertion attribute.</source>
+        <target>선택적으로 어설션 특성(Attribute)의 'FriendlyName' 값을 설정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s851c108679653d2a">
+        <source>Scope name</source>
+        <target>범위 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="s23fd4411419fca06">
+        <source>Scope which the client can specify to access these properties.</source>
+        <target>클라이언트가 이러한 속성(Property)에 액세스하도록 지정할 수 있는 범위입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7754f0e34f27fb6e">
+        <source>Description shown to the user when consenting. If left empty, the user won't be informed.</source>
+        <target>동의 시 사용자에게 표시되는 설명입니다. 비워두면 사용자에게 알림이 표시되지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6c3bf5489d7556e">
+        <source>Example context data</source>
+        <target>컨텍스트 데이터 예시</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a697f0b36c4fe83">
+        <source>Active Directory User</source>
+        <target>Active Directory 사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="s9277b90db38e1983">
+        <source>Active Directory Group</source>
+        <target>Active Directory 그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2e03590269d5a10">
+        <source>New property mapping</source>
+        <target>새로운 속성(Property) 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s713e8666ed70f8b3">
+        <source>Create a new property mapping.</source>
+        <target>새 속성(Property) 매핑을 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sce106606ae84d46f">
+        <source>Property Mappings</source>
+        <target>속성 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s271a7e04ff9865b1">
+        <source>Control how authentik exposes and interprets information.</source>
+        <target>Authentik이 정보를 표시하고 해석하는 방법을 제어합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s59dc0eda07f9e2b6">
+        <source>Property Mapping(s)</source>
+        <target>속성(Property) 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="sa57c393736e2732c">
+        <source>Test Property Mapping</source>
+        <target>테스트 속성(Property) 매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="sc39fb3ff3753d5ab">
+        <source>Hide managed mappings</source>
+        <target>관리되는 매핑 숨김</target>
+        
+      </trans-unit>
+      <trans-unit id="s476ffc07e6d66f18">
+        <source>Successfully updated token.</source>
+        <target>토큰을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s93c1e5fbe8184895">
+        <source>Successfully created token.</source>
+        <target>토큰을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5fc4269c2addee61">
+        <source>Unique identifier the token is referenced by.</source>
+        <target>토큰이 참조하는 고유 식별자입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8bc2b8376c96a6b">
+        <source>Intent</source>
+        <target>인텐트</target>
+        
+      </trans-unit>
+      <trans-unit id="sbd34d118bcb1aaf2">
+        <source>API Token</source>
+        <target>API 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="se31d92bea7f3a186">
+        <source>Used to access the API programmatically</source>
+        <target>프로그래밍 방식으로 API에 액세스하는 데 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfd586951c75eb291">
+        <source>App password.</source>
+        <target>앱 비밀번호.</target>
+        
+      </trans-unit>
+      <trans-unit id="s59bf194136d0d13a">
+        <source>Used to login using a flow executor</source>
+        <target>플로우 실행기를 사용하여 로그인하는 데 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b14062c44e5ef45">
+        <source>Expiring</source>
+        <target>만료 예정</target>
+        
+      </trans-unit>
+      <trans-unit id="safcc54b2aedb1a17">
+        <source>If this is selected, the token will expire. Upon expiration, the token will be rotated.</source>
+        <target>이 옵션을 선택하면 토큰이 만료됩니다. 토큰이 만료되면 토큰이 회전됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4165cd175bc4c0c4">
+        <source>Expires on</source>
+        <target>만료일</target>
+        
+      </trans-unit>
+      <trans-unit id="s1cd198d689c66e4b">
+        <source>API Access</source>
+        <target>API 액세스</target>
+        
+      </trans-unit>
+      <trans-unit id="sf29883ac9ec43085">
+        <source>App password</source>
+        <target>앱 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe211545fd02f73e">
+        <source>Verification</source>
+        <target>Verification</target>
+        
+      </trans-unit>
+      <trans-unit id="sd73b202ec04eefd9">
+        <source>Unknown intent</source>
+        <target>intent를 알 수 없음 (Unknown intent)</target>
+        
+      </trans-unit>
+      <trans-unit id="s78fd8c03f8c967f3">
+        <source>Tokens</source>
+        <target>토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sdcc7b2c109ce9775">
+        <source>Tokens are used throughout authentik for Email validation stages, Recovery keys and API access.</source>
+        <target>토큰은 이메일 유효성 검사 스테이지, 복구 키 및 API 액세스를 위해 인증 전반에 걸쳐 사용됩니다..</target>
+        
+      </trans-unit>
+      <trans-unit id="sf71dba2c30283a54">
+        <source>Expires?</source>
+        <target>만료?</target>
+        
+      </trans-unit>
+      <trans-unit id="sc7be80a7f8ec597e">
+        <source>Expiry date</source>
+        <target>만료일</target>
+        
+      </trans-unit>
+      <trans-unit id="s71dcd9cf808449aa">
+        <source>Token(s)</source>
+        <target>토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sb15e8daacf26bdfc">
+        <source>Create Token</source>
+        <target>토큰 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s8d7ecd944ebe834b">
+        <source>Token is managed by authentik.</source>
+        <target>토큰은 Authentik에서 관리합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd1288ca57e221cf9">
+        <source>Update Token</source>
+        <target>토큰 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s0af6301e76e2a2a5">
+        <source>Successfully updated tenant.</source>
+        <target>테넌트를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf55c7c06dbc2c8c6">
+        <source>Successfully created tenant.</source>
+        <target>테넌트를 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s41706a202b6c40f1">
+        <source>Domain</source>
+        <target>도메인</target>
+        
+      </trans-unit>
+      <trans-unit id="se74ce42d41e392ba">
+        <source>Matching is done based on domain suffix, so if you enter domain.tld, foo.domain.tld will still match.</source>
+        <target>도메인 접미사를 기준으로 매칭이 이루어지므로 도메인.tld를 입력해도 foo.domain.tld가 매칭됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s11326fd2590f4e5e">
+        <source>Default</source>
+        <target>기본</target>
+        
+      </trans-unit>
+      <trans-unit id="se1c85959463f53df">
+        <source>Use this tenant for each domain that doesn't have a dedicated tenant.</source>
+        <target>전용 테넌트가 없는 각 도메인에 이 테넌트를 사용하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc19838ca8c135c1b">
+        <source>Branding settings</source>
+        <target>브랜딩 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s99f110d27e30b289">
+        <source>Title</source>
+        <target>Title</target>
+        
+      </trans-unit>
+      <trans-unit id="sab6bad52985c6676">
+        <source>Branding shown in page title and several other places.</source>
+        <target>페이지 제목 및 기타 여러 위치에 브랜딩이 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4f1af2b48a5e249a">
+        <source>Logo</source>
+        <target>로고</target>
+        
+      </trans-unit>
+      <trans-unit id="sd6b8b4156f7df696">
+        <source>Icon shown in sidebar/header and flow executor.</source>
+        <target>사이드바/헤더 및 플로우 실행기에 표시되는 아이콘입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3626433940124897">
+        <source>Favicon</source>
+        <target>파비콘</target>
+        
+      </trans-unit>
+      <trans-unit id="se99efc0873031976">
+        <source>Icon shown in the browser tab.</source>
+        <target>브라우저 탭에 표시되는 아이콘입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s10356fd921037fbf">
+        <source>Default flows</source>
+        <target>기본 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="sd216b08bafb297ee">
+        <source>Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used.</source>
+        <target>사용자 인증에 사용되는 플로우입니다. 비워두면 슬러그에 의해 정렬된 첫 번째 적용 가능한 플로우가 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s35e6e60e83a8c003">
+        <source>Invalidation flow</source>
+        <target>무효 처리 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s7989db5f4819af89">
+        <source>Flow used to logout. If left empty, the first applicable flow sorted by the slug is used.</source>
+        <target>로그아웃에 사용되는 플로우입니다. 비워 두면 슬러그를 기준으로 정렬된 첫 번째 적용 가능한 플로우가 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfeb779d4ccbc5a0e">
+        <source>Recovery flow</source>
+        <target>복구 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c2fd8097e14a608">
+        <source>Recovery flow. If left empty, the first applicable flow sorted by the slug is used.</source>
+        <target>복구 플로우. 비워두면 슬러그별로 정렬된 첫 번째 적용 가능한 플로우가 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s836aa192b30c21da">
+        <source>Unenrollment flow</source>
+        <target>등록 취소 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s081d3c4b47a6ff83">
+        <source>If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown.</source>
+        <target>설정된 경우 사용자는 이 플로우를 사용하여 등록을 취소할 수 있습니다. 플로우가 설정되어 있지 않으면 옵션이 표시되지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="secbfd13bdae95a59">
+        <source>User settings flow</source>
+        <target>사용자 설정 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s523160b433311521">
+        <source>If set, users are able to configure details of their profile.</source>
+        <target>이 옵션을 설정하면 사용자가 프로필의 세부 정보를 구성할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s134177568525dbc8">
+        <source>Device code flow</source>
+        <target>디바이스 코드 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b298427bdea81ae">
+        <source>If set, the OAuth Device Code profile can be used, and the selected flow will be used to enter the code.</source>
+        <target>설정하면 OAuth 디바이스 코드 프로필을 사용할 수 있으며, 선택한 플로우를 사용하여 코드를 입력할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f4e4054fbe132e1">
+        <source>Other global settings</source>
+        <target>기타 전역 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sbadde673052efc02">
+        <source>Web Certificate</source>
+        <target>웹 인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="s84c5a011acd608c9">
+        <source>Event retention</source>
+        <target>이력 보존</target>
+        
+      </trans-unit>
+      <trans-unit id="s2536ac8d32d2e63f">
+        <source>Duration after which events will be deleted from the database.</source>
+        <target>이력이 데이터베이스에서 삭제되는 기간입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b1fba26d245cb1c">
+        <source>When using an external logging solution for archiving, this can be set to &quot;minutes=5&quot;.</source>
+        <target>아카이브에 외부 로깅 솔루션을 사용하는 경우, 이 값을 &quot;minutes=5&quot;로 설정할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s44536d20bb5c8257">
+        <source>This setting only affects new Events, as the expiration is saved per-event.</source>
+        <target>T만료는 이벤트별로 저장되므로 설정은 새 이벤트에만 영향을 줍니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3bb51cabb02b997e">
+        <source>Format: &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</source>
+        <target>서식: &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</target>
+        
+      </trans-unit>
+      <trans-unit id="s04bfd02201db5ab8">
+        <source>Set custom attributes using YAML or JSON. Any attributes set here will be inherited by users, if the request is handled by this tenant.</source>
+        <target>YAML 또는 JSON을 사용하여 사용자 지정 속성을 설정합니다. 이 테넌트가 요청을 처리하는 경우 여기에서 설정한 모든 속성은 사용자가 상속받게 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f9e79189a3d19e2">
+        <source>Tenants</source>
+        <target>테넌트</target>
+        
+      </trans-unit>
+      <trans-unit id="s164be9a7537b99f6">
+        <source>Configure visual settings and defaults for different domains.</source>
+        <target>다양한 도메인에 대한 시각적 설정 및 기본값을 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4802636d55022ed3">
+        <source>Default?</source>
+        <target>기본값?</target>
+        
+      </trans-unit>
+      <trans-unit id="s69a56a3022c4be7f">
+        <source>Tenant(s)</source>
+        <target>테넌트</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b606acd76ba2c4c">
+        <source>Update Tenant</source>
+        <target>테넌트 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s773aa6621d7e37b7">
+        <source>Create Tenant</source>
+        <target>테넌트 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s8cb7bb82e96d5d77">
+        <source>Policies</source>
+        <target>정책</target>
+        
+      </trans-unit>
+      <trans-unit id="sec1808532fe107b9">
+        <source>Allow users to use Applications based on properties, enforce Password Criteria and selectively apply Stages.</source>
+        <target>사용자가 속성(Property)을 기반으로 애플리케이션을 사용하고, 비밀번호 기준을 적용하고, 스테이지를 선택적으로 적용할 수 있도록 허용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se16ac750b81fa93d">
+        <source>Assigned to <x id="0" equiv-text="${item.boundTo}"/> object(s).</source>
+        <target><x id="0" equiv-text="${item.boundTo}"/>에 오브젝트 할당.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5a48d5171e1a1522">
+        <source>Warning: Policy is not assigned.</source>
+        <target>경고: 정책이 할당되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s544142ce35050751">
+        <source>Test Policy</source>
+        <target>정책 테스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s00c8354318addfa0">
+        <source>Policy / Policies</source>
+        <target>정책</target>
+        
+      </trans-unit>
+      <trans-unit id="s76da2c978dcc5ef4">
+        <source>Successfully cleared policy cache</source>
+        <target>정책 캐시를 성공적으로 지웠습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa717841a602fe7d8">
+        <source>Failed to delete policy cache</source>
+        <target>정책 캐시 삭제에 실패했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3ed5607ad78d4224">
+        <source>Clear cache</source>
+        <target>캐시 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b07757762cda372">
+        <source>Clear Policy cache</source>
+        <target>정책 캐시 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s15b46b78edebb20a">
+        <source>Are you sure you want to clear the policy cache? This will cause all policies to be re-evaluated on their next usage.</source>
+        <target>정책 캐시를 지우시겠습니까? 이렇게 하면 다음 사용 시 모든 정책이 재평가됩니다.</target>
+      </trans-unit>
+      <trans-unit id="s62ddcbaaa91d120d">
+        <source>Reputation scores</source>
+        <target>평판 점수</target>
+        
+      </trans-unit>
+      <trans-unit id="sd080b2370aa82967">
+        <source>Reputation for IP and user identifiers. Scores are decreased for each failed login and increased for each successful login.</source>
+        <target>IP 및 사용자 식별자에 대한 평판. 로그인에 실패할 때마다 점수가 감소하고 로그인에 성공할 때마다 점수가 증가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s09242207b5b8f83c">
+        <source>IP</source>
+        <target>IP</target>
+        
+      </trans-unit>
+      <trans-unit id="s7d684b6257284e55">
+        <source>Score</source>
+        <target>점수</target>
+        
+      </trans-unit>
+      <trans-unit id="s10d2dbc4613397f0">
+        <source>Updated</source>
+        <target>업데이트됨</target>
+        
+      </trans-unit>
+      <trans-unit id="sa33d061d2ade20aa">
+        <source>Reputation</source>
+        <target>평판</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f26843287bb592d">
+        <source>Groups</source>
+        <target>그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="s4dcb9288f7e9e4d7">
+        <source>Group users together and give them permissions based on the membership.</source>
+        <target>사용자를 그룹화하고 멤버십에 따라 권한을 부여합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s62f93cfcb45d5a06">
+        <source>Superuser privileges?</source>
+        <target>슈퍼유저 권한?</target>
+        
+      </trans-unit>
+      <trans-unit id="s9fdda7ea4642306c">
+        <source>Group(s)</source>
+        <target>그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="s416a540b16275f2e">
+        <source>Create Group</source>
+        <target>그룹 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s7c5774fad9d050ce">
+        <source>Create group</source>
+        <target>그룹 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a12e0b5527ff99a">
+        <source>Enabling this toggle will create a group named after the user, with the user as member.</source>
+        <target>이 토글을 활성화하면 사용자의 이름을 딴 그룹이 생성되며, 이 그룹에는 해당 사용자가 멤버로 포함됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6b6e6eb037aef7da">
+        <source>Use the username and password below to authenticate. The password can be retrieved later on the Tokens page.</source>
+        <target>아래의 사용자 아이디와 비밀번호를 사용하여 인증합니다. 비밀번호는 나중에 토큰 페이지에서 검색할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf6e1665c7022a1f8">
+        <source>Password</source>
+        <target>비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sbb57cd8a3ed12915">
+        <source>Valid for 360 days, after which the password will automatically rotate. You can copy the password from the Token List.</source>
+        <target>360일 동안 유효하며, 그 이후에는 비밀번호가 자동으로 회전합니다. 토큰 목록에서 비밀번호를 복사할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4414164d120de61a">
+        <source>The following objects use <x id="0" equiv-text="${objName}"/></source>
+        <target>다음 오브젝트는 <x id="0" equiv-text="${objName}"/> 을(를) 사용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s92e241c9f3c101a2">
+        <source>connecting object will be deleted</source>
+        <target>연결 오브젝트가 삭제됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se6a13beff646557b">
+        <source>Successfully updated <x id="0" equiv-text="${this.objectLabel} ${this.obj?.name}"/></source>
+        <target><x id="0" equiv-text="${this.objectLabel} ${this.obj?.name}"/> 을(를) 성공적으로 업데이트했습니다</target>
+      </trans-unit>
+      <trans-unit id="s14401ff4a0cba208">
+        <source>Failed to update <x id="0" equiv-text="${this.objectLabel}"/>: <x id="1" equiv-text="${e.toString()}"/></source>
+        <target><x id="0" equiv-text="${this.objectLabel}"/>: <x id="1" equiv-text="${e.toString()}"/> 을(를) 업데이트하는데 실패했습니다</target>
+        
+      </trans-unit>
+      <trans-unit id="sa95a538bfbb86111">
+        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> &quot;<x id="1" equiv-text="${this.obj?.name}"/>&quot;?</source>
+        <target>정말 <x id="0" equiv-text="${this.objectLabel}"/> &quot;<x id="1" equiv-text="${this.obj?.name}"/>&quot; 을(를) 업데이트 하시겠습니까?</target>
+        
+      </trans-unit>
+      <trans-unit id="sc92d7cfb6ee1fec6">
+        <source>Successfully updated password.</source>
+        <target>비밀번호를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se5498954255620b4">
+        <source>Successfully sent email.</source>
+        <target>이메일을 성공적으로 전송했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s44ea4e9a81ce730d">
+        <source>Email stage</source>
+        <target>이메일 스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="sdb53ccdd6174e6e3">
+        <source>Successfully added user(s).</source>
+        <target>사용자를 성공적으로 추가했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s306a35df5d0d38bb">
+        <source>Users to add</source>
+        <target>추가할 사용자를 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="s7d499be3b781a3ca">
+        <source>User(s)</source>
+        <target>사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="s7220fcf4fec4e0df">
+        <source>Remove Users(s)</source>
+        <target>사용자 제거</target>
+        
+      </trans-unit>
+      <trans-unit id="s5d7748b1d2363478">
+        <source>Are you sure you want to remove the selected users from the group <x id="0" equiv-text="${this.targetGroup?.name}"/>?</source>
+        <target>그룹 <x id="0" equiv-text="${this.targetGroup?.name}"/>에서 
+선택한 사용자를 제거하시겠습니까?</target>
+        
+      </trans-unit>
+      <trans-unit id="sea4f08110bb8f15d">
+        <source>Remove</source>
+        <target>제거</target>
+        
+      </trans-unit>
+      <trans-unit id="sf466142da6a65052">
+        <source>Impersonate</source>
+        <target>사용자 위장</target>
+        
+      </trans-unit>
+      <trans-unit id="s58888ef1ee9b5bb8">
+        <source>User status</source>
+        <target>사용자 상태</target>
+        
+      </trans-unit>
+      <trans-unit id="sf9e61f4f8e90f0f1">
+        <source>Change status</source>
+        <target>상태 변경</target>
+        
+      </trans-unit>
+      <trans-unit id="sf56998949bdf6b33">
+        <source>Deactivate</source>
+        <target>비활성화</target>
+        
+      </trans-unit>
+      <trans-unit id="s3794c596ee7964ad">
+        <source>Update password</source>
+        <target>비밀번호 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sce8d867ca5f35304">
+        <source>Set password</source>
+        <target>비밀번호 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s0ae3395d8f48e624">
+        <source>Successfully generated recovery link</source>
+        <target>복구 링크가 성공적으로 생성되었습니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s8ca0dbaec5d48563">
+        <source>No recovery flow is configured.</source>
+        <target>복구 플로우가 구성되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb69119c9f0547bed">
+        <source>Copy recovery link</source>
+        <target>복구 링크 복사</target>
+        
+      </trans-unit>
+      <trans-unit id="s7fa236d26b798301">
+        <source>Send link</source>
+        <target>링크 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="sa9dbe2fb284e26fe">
+        <source>Send recovery link to user</source>
+        <target>사용자에게 복구 링크 보내기</target>
+        
+      </trans-unit>
+      <trans-unit id="s03fd2c252ad7972a">
+        <source>Email recovery link</source>
+        <target>이메일 복구 링크</target>
+        
+      </trans-unit>
+      <trans-unit id="sd7fa99e4d82b374a">
+        <source>Recovery link cannot be emailed, user has no email address saved.</source>
+        <target>복구 링크를 이메일로 보낼 수 없습니다. 사용자가 저장한 이메일 주소가 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s63d89a6ae0969c30">
+        <source>To let a user directly reset a their password, configure a recovery flow on the currently active tenant.</source>
+        <target>사용자가 직접 비밀번호를 재설정할 수 있도록 하려면 현재 활성 상태인 테넌트에서 복구 플로우를 구성하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s720594461542943f">
+        <source>Add User</source>
+        <target>사용자 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s4c41f3f4c23e8eaa">
+        <source>Warning: This group is configured with superuser access. Added users will have superuser access.</source>
+        <target>경고: 이 그룹은 수퍼유저 액세스 권한으로 구성됩니다. 추가된 사용자는 수퍼유저 액세스 권한을 갖게 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scee721983b1c28d0">
+        <source>Add existing user</source>
+        <target>기존 사용자 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="sd600334ec2c39b74">
+        <source>Create user</source>
+        <target>사용자 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s53ad3455d9523b54">
+        <source>Create User</source>
+        <target>사용자 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s06c163334767a381">
+        <source>Create Service account</source>
+        <target>서비스 계정 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="sc744f3691efe310d">
+        <source>Hide service-accounts</source>
+        <target>서비스 계정 숨김</target>
+        
+      </trans-unit>
+      <trans-unit id="secdb4b4c4e66aa38">
+        <source>Group Info</source>
+        <target>그룹 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="s005053d82b712e0a">
+        <source>Notes</source>
+        <target>참고</target>
+        
+      </trans-unit>
+      <trans-unit id="s634448e4942cf452">
+        <source>Edit the notes attribute of this group to add notes here.</source>
+        <target>이 그룹의 노트 속성(Attribute)을 수정하여 여기에 노트를 추가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s586d6bd2eca2da93">
+        <source>Users</source>
+        <target>사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="sca7cfe2bef51b2a5">
+        <source>Root</source>
+        <target>Root</target>
+        
+      </trans-unit>
+      <trans-unit id="s3616cc78631f5893">
+        <source>Warning: You're about to delete the user you're logged in as (<x id="0" equiv-text="${shouldShowWarning.username}"/>). Proceed at your own risk.</source>
+        <target>경고: 현재 로그인한(<x id="0" equiv-text="${shouldShowWarning.username}"/>) 사용자를 삭제하려고 합니다. 본인 책임하에 진행하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s510c7add9e24c306">
+        <source>Hide deactivated user</source>
+        <target>비활성화된 사용자 숨기기</target>
+        
+      </trans-unit>
+      <trans-unit id="s94055b4eb957dc8f">
+        <source>User folders</source>
+        <target>사용자 폴더</target>
+        
+      </trans-unit>
+      <trans-unit id="sa982875b258fea07">
+        <source>Successfully added user to group(s).</source>
+        <target>그룹에 사용자를 성공적으로 추가했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1bd5920d8adf2bd5">
+        <source>Groups to add</source>
+        <target>추가할 그룹</target>
+        
+      </trans-unit>
+      <trans-unit id="s5f71fa3c53828e30">
+        <source>Remove from Group(s)</source>
+        <target>그룹에서 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="sb4c9ed2a487b238f">
+        <source>Are you sure you want to remove user <x id="0" equiv-text="${this.targetUser?.username}"/> from the following groups?</source>
+        <target>정말 <x id="0" equiv-text="${this.targetUser?.username}"/> 이 사용자를 다음의 그룹에서 삭제하시겠습니까?</target>
+        
+      </trans-unit>
+      <trans-unit id="s964f6725aeb7662f">
+        <source>Add Group</source>
+        <target>그룹 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s65ca2f256ea09c11">
+        <source>Add to existing group</source>
+        <target>기존 그룹에 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s505fbbdcbc6aa921">
+        <source>Add new group</source>
+        <target>새 그룹 추가</target>
+        
+      </trans-unit>
+      <trans-unit id="s506beb486fa41241">
+        <source>Application authorizations</source>
+        <target>애플리케이션 인가</target>
+        
+      </trans-unit>
+      <trans-unit id="s7301a7069b7bc83e">
+        <source>Revoked?</source>
+        <target>취소되었나요?</target>
+        
+      </trans-unit>
+      <trans-unit id="sd924045605feea63">
+        <source>Expires</source>
+        <target>만료</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c8916418c334935">
+        <source>ID Token</source>
+        <target>ID 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="s90760e5e02e95dfe">
+        <source>Refresh Tokens(s)</source>
+        <target>토큰 갱신</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b88fa3df4423292">
+        <source>Last IP</source>
+        <target>마지막 IP</target>
+        
+      </trans-unit>
+      <trans-unit id="se63f9d833700af49">
+        <source>Session(s)</source>
+        <target>세션</target>
+        
+      </trans-unit>
+      <trans-unit id="sf679b7a62808287e">
+        <source>Expiry</source>
+        <target>만료</target>
+        
+      </trans-unit>
+      <trans-unit id="sde1907073fd96017">
+        <source>(Current session)</source>
+        <target>(현재 세션)</target>
+        
+      </trans-unit>
+      <trans-unit id="se8dca0132c66ae03">
+        <source>Permissions</source>
+        <target>권한</target>
+        
+      </trans-unit>
+      <trans-unit id="s76881c01b6a3a8c7">
+        <source>Consent(s)</source>
+        <target>동의 사항</target>
+        
+      </trans-unit>
+      <trans-unit id="sea2f00b34b385a43">
+        <source>Successfully updated device.</source>
+        <target>디바이스를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s858e7ac4b3cf955f">
+        <source>Static tokens</source>
+        <target>정적 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sfcfcf85a57eea78a">
+        <source>TOTP Device</source>
+        <target>TOTP 디바이스</target>
+        
+      </trans-unit>
+      <trans-unit id="s6a406aecb2c0e5c5">
+        <source>Enroll</source>
+        <target>등록</target>
+        
+      </trans-unit>
+      <trans-unit id="sa0b01f479f40c52d">
+        <source>Device(s)</source>
+        <target>디바이스</target>
+        
+      </trans-unit>
+      <trans-unit id="sabb56f74492e7e96">
+        <source>Update Device</source>
+        <target>디바이스 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sf05c700a1250824e">
+        <source>Confirmed</source>
+        <target>확인됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s64a33dcdaf90af26">
+        <source>User Info</source>
+        <target>사용자 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="sc44bae5cde0083fa">
+        <source>Actions over the last week (per 8 hours)</source>
+        <target>지난 한 주 동안의 액션 (8시간당)</target>
+        
+      </trans-unit>
+      <trans-unit id="sb57dbcda1929c642">
+        <source>Edit the notes attribute of this user to add notes here.</source>
+        <target>이 사용자의 참고 특성(Attribute)을 편집하여 여기에 참고를 추가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5c18cae48b93138c">
+        <source>Sessions</source>
+        <target>세션</target>
+        
+      </trans-unit>
+      <trans-unit id="s27586544c447d9e3">
+        <source>User events</source>
+        <target>사용자 이력</target>
+        
+      </trans-unit>
+      <trans-unit id="s4d31797d81e9cea3">
+        <source>Explicit Consent</source>
+        <target>명시적 동의</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6770fa90be6d8b3">
+        <source>OAuth Refresh Tokens</source>
+        <target>OAuth 토큰 갱신</target>
+        
+      </trans-unit>
+      <trans-unit id="s28b3de1561da72b3">
+        <source>MFA Authenticators</source>
+        <target>MFA 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="s7a322c89298dd27c">
+        <source>Successfully updated invitation.</source>
+        <target>초대를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc554339ffc7b04e7">
+        <source>Successfully created invitation.</source>
+        <target>초대를 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfcebd18506f1e535">
+        <source>Flow</source>
+        <target>플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="sa84a7fd11ba85e88">
+        <source>When selected, the invite will only be usable with the flow. By default the invite is accepted on all flows with invitation stages.</source>
+        <target>이 옵션을 선택하면 해당 플로우에서만 초대를 사용할 수 있습니다. 기본적으로 초대는 초대 스테이지가 있는 모든 플로우에서 수락됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7520286c8419a266">
+        <source>Optional data which is loaded into the flow's 'prompt_data' context variable. YAML or JSON.</source>
+        <target>플로우의 'prompt_data' 컨텍스트 변수에 로드되는 선택적 데이터입니다. YAML 또는 JSON입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8795b799c70776a">
+        <source>Single use</source>
+        <target>일회용</target>
+        
+      </trans-unit>
+      <trans-unit id="sf232d42142eacc23">
+        <source>When enabled, the invitation will be deleted after usage.</source>
+        <target>활성화하면, 한 번만 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa4a8086275475714">
+        <source>Select an enrollment flow</source>
+        <target>등록 플로우 선택</target>
+        
+      </trans-unit>
+      <trans-unit id="s839cb09cb2193da9">
+        <source>Link to use the invitation.</source>
+        <target>초대를 사용할 링크를 클릭합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8226f48cb1a80997">
+        <source>Invitations</source>
+        <target>초대</target>
+        
+      </trans-unit>
+      <trans-unit id="s57448f10eb973100">
+        <source>Create Invitation Links to enroll Users, and optionally force specific attributes of their account.</source>
+        <target>초대 링크를 생성하여 사용자를 등록하고 선택적으로 계정의 특정 특성(Attribute)을 강제로 적용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4aee34a672e5cfc0">
+        <source>Created by</source>
+        <target>작성자</target>
+        
+      </trans-unit>
+      <trans-unit id="sd5ba2d61ee4796fe">
+        <source>Invitation(s)</source>
+        <target>초대</target>
+        
+      </trans-unit>
+      <trans-unit id="s96dcf7ec8342c335">
+        <source>Invitation not limited to any flow, and can be used with any enrollment flow.</source>
+        <target>초대는 특정 플로우에 국한되지 않으며 모든 등록 플로우에서 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1b42b49e7b392013">
+        <source>Update Invitation</source>
+        <target>초대 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s38c72e1cf120b8d8">
+        <source>Create Invitation</source>
+        <target>초대 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s802826db4e2c852e">
+        <source>Warning: No invitation stage is bound to any flow. Invitations will not work as expected.</source>
+        <target>경고: 초대 스테이지는 어떤 플로우에도 바인딩 되어있지 않습니다. 초대가 예상대로 작동하지 않을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2f995efbb1e46b18">
+        <source>Auto-detect (based on your browser)</source>
+        <target>자동-감지 (브라우저 기반)</target>
+        
+      </trans-unit>
+      <trans-unit id="s296fbffaaa7c910a">
+        <source>Required.</source>
+        <target>필수.</target>
+        
+      </trans-unit>
+      <trans-unit id="s81ecf2d4386b8e84">
+        <source>Continue</source>
+        <target>계속</target>
+        
+      </trans-unit>
+      <trans-unit id="s8b2b2a43fcf688a3">
+        <source>Successfully updated prompt.</source>
+        <target>프롬프트가 성공적으로 업데이트되었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5572ac4d2208f5ec">
+        <source>Successfully created prompt.</source>
+        <target>프롬프트가 성공적으로 생성되었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s54e7a23a95d99649">
+        <source>Text: Simple Text input</source>
+        <target>텍스트: 간단한 텍스트 입력</target>
+        
+      </trans-unit>
+      <trans-unit id="s63e54b86e2a2cc43">
+        <source>Text Area: Multiline text input</source>
+        <target>텍스트 영역: 여러 줄 텍스트 입력</target>
+        
+      </trans-unit>
+      <trans-unit id="s12de1c06a1e18cc5">
+        <source>Text (read-only): Simple Text input, but cannot be edited.</source>
+        <target>텍스트(읽기 전용): 간단한 텍스트 입력이 가능하지만 편집은 불가능합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4e5646b23e41231f">
+        <source>Text Area (read-only): Multiline text input, but cannot be edited.</source>
+        <target>텍스트 영역(읽기 전용): 여러 줄 텍스트 입력이 가능하지만 편집은 불가능합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1e4c3de6e12cd87b">
+        <source>Username: Same as Text input, but checks for and prevents duplicate usernames.</source>
+        <target>사용자이름: 텍스트 입력과 동일하지만 중복된 사용자이름을 확인하고 방지합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5462c7f56ed65e6c">
+        <source>Email: Text field with Email type.</source>
+        <target>이메일: 이메일 유형이 있는 텍스트 필드입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c5574968b29ab1c">
+        <source>Password: Masked input, multiple inputs of this type on the same prompt need to be identical.</source>
+        <target>비밀번호: 마스킹 입력, 동일한 프롬프트에서 이 유형의 입력을 여러 번 입력할 경우 동일해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbb97b1c63507dc0">
+        <source>Number</source>
+        <target>번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sdae649fae731e838">
+        <source>Checkbox</source>
+        <target>체크박스</target>
+        
+      </trans-unit>
+      <trans-unit id="s34edeb18f887161d">
+        <source>Radio Button Group (fixed choice)</source>
+        <target>라디오 버튼 그룹(고정 선택 항목)</target>
+        
+      </trans-unit>
+      <trans-unit id="s57730b6870e8916c">
+        <source>Dropdown (fixed choice)</source>
+        <target>드롭다운(고정 선택 항목)</target>
+        
+      </trans-unit>
+      <trans-unit id="sac8252732f2edb19">
+        <source>Date</source>
+        <target>날짜</target>
+        
+      </trans-unit>
+      <trans-unit id="s45960273852a61b2">
+        <source>Date Time</source>
+        <target>날짜 및 시간</target>
+        
+      </trans-unit>
+      <trans-unit id="sd1f81284eeb7b503">
+        <source>File</source>
+        <target>파일</target>
+        
+      </trans-unit>
+      <trans-unit id="s21e3c227cc2c5873">
+        <source>Separator: Static Separator Line</source>
+        <target>구분자: 정적 구분선</target>
+        
+      </trans-unit>
+      <trans-unit id="s706af57c1af42c6d">
+        <source>Hidden: Hidden field, can be used to insert data into form.</source>
+        <target>숨김: 숨겨진 필드로, 양식에 데이터를 삽입하는 데 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s40e2c72dae905a50">
+        <source>Static: Static value, displayed as-is.</source>
+        <target>Static: 정적 값, 있는 그대로 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sdd4bd4224c4e943d">
+        <source>authentik: Locale: Displays a list of locales authentik supports.</source>
+        <target>authentik: 로캘: authentik이 지원하는 로캘 목록을 표시합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="saf84e7732a9e1336">
+        <source>Preview errors</source>
+        <target>미리보기 오류</target>
+        
+      </trans-unit>
+      <trans-unit id="sb71ace8e9b35c749">
+        <source>Data preview</source>
+        <target>데이터 미리보기</target>
+        
+      </trans-unit>
+      <trans-unit id="s4d53f4b7ff33bedd">
+        <source>Unique name of this field, used for selecting fields in prompt stages.</source>
+        <target>프롬프트 스테이지에서 필드를 선택하는 데 사용되는 스테이지의 고유 이름입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3b58f8d2155ae90c">
+        <source>Field Key</source>
+        <target>필드 키</target>
+        
+      </trans-unit>
+      <trans-unit id="s2b088ba65eb69b7e">
+        <source>Name of the form field, also used to store the value.</source>
+        <target>값을 저장하는 데 사용되는 양식 필드의 이름입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s662fcb3761ad9df7">
+        <source>When used in conjunction with a User Write stage, use attributes.foo to write attributes.</source>
+        <target>사용자 작성 스테이지와 함께 사용하는 경우 attributes.foo를 사용하여 속성을 작성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5590dbf7e425789d">
+        <source>Label</source>
+        <target>라벨</target>
+        
+      </trans-unit>
+      <trans-unit id="s0c135eba6017d94f">
+        <source>Label shown next to/above the prompt.</source>
+        <target>프롬프트 옆/위에 표시되는 라벨입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sae5d87e99fe081e0">
+        <source>Required</source>
+        <target>필수</target>
+        
+      </trans-unit>
+      <trans-unit id="s37dbfe2133b74d2d">
+        <source>Interpret placeholder as expression</source>
+        <target>자리 표시자를 정규표현식으로 해석</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a953e6234cb4808">
+        <source>When checked, the placeholder will be evaluated in the same way a property mapping is.
+            If the evaluation fails, the placeholder itself is returned.</source>
+        <target>이 옵션을 선택하면 특성(Attribute) 매핑과 동일한 방식으로 플레이스홀더가 평가됩니다.
+            평가에 실패하면 플레이스홀더 자체가 반환됩니다.</target>
+      </trans-unit>
+      <trans-unit id="sf90be97cb08f3d5a">
+        <source>Placeholder</source>
+        <target>Placeholder</target>
+        
+      </trans-unit>
+      <trans-unit id="sf76ead4c4708dd06">
+        <source>Optionally provide a short hint that describes the expected input value.
+            When creating a fixed choice field, enable interpreting as expression and return a
+        list to return multiple choices.</source>
+        <target>옵션으로 예상되는 입력값을 설명하는 짧은 힌트를 제공할 수 있습니다.
+            고정 선택 필드를 만들 때, 식으로 해석을 활성화하고 여러 선택지를 반환하려면
+        목록을 반환하세요.</target>
+      </trans-unit>
+      <trans-unit id="saa7ba2057bd524a1">
+        <source>Interpret initial value as expression</source>
+        <target>초기값을 정규표현식으로 해석</target>
+        
+      </trans-unit>
+      <trans-unit id="sd60415c7666859f0">
+        <source>When checked, the initial value will be evaluated in the same way a property mapping is.
+            If the evaluation fails, the initial value itself is returned.</source>
+        <target>선택한 경우, 초기 값은 속성 매핑과 동일한 방식으로 평가됩니다.
+            평가가 실패하면 초기 값 자체가 반환됩니다.</target>
+      </trans-unit>
+      <trans-unit id="sa9c7044d9fd1f3e6">
+        <source>Initial value</source>
+        <target>Initial value</target>
+        
+      </trans-unit>
+      <trans-unit id="seab35681cbf36755">
+        <source>Optionally pre-fill the input with an initial value.
+            When creating a fixed choice field, enable interpreting as expression and
+        return a list to return multiple default choices.</source>
+        <target>옵션으로 입력을 초기 값으로 채울 수 있습니다. 
+            고정 선택 필드를 만들 때 정규표현식으로 해석을 활성화하고
+        목록을 반환하여 여러 개의 기본 선택지를 반환합니다.</target>
+      </trans-unit>
+      <trans-unit id="s72c1c17a9bdc76ad">
+        <source>Help text</source>
+        <target>도움말 텍스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s584d1c38ad20d560">
+        <source>Any HTML can be used.</source>
+        <target>어떤 HTML이든 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2be6121210e2a2f8">
+        <source>Prompts</source>
+        <target>프롬프트</target>
+        
+      </trans-unit>
+      <trans-unit id="s42fc6f4b64eff5d9">
+        <source>Single Prompts that can be used for Prompt Stages.</source>
+        <target>프롬프트 스테이지에 사용할 수 있는 단일 프롬프트입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s42a1ebe17efda727">
+        <source>Field</source>
+        <target>필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s41b105819b67ee7a">
+        <source>Stages</source>
+        <target>스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="sec7443a45fd141e5">
+        <source>Prompt(s)</source>
+        <target>프롬프트</target>
+        
+      </trans-unit>
+      <trans-unit id="scc733ba98740038a">
+        <source>Update Prompt</source>
+        <target>프롬프트 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s61b6f3e6bc59c6dd">
+        <source>Create Prompt</source>
+        <target>프롬프트 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="sff5bb7742c2896c8">
+        <source>Target</source>
+        <target>타겟</target>
+        
+      </trans-unit>
+      <trans-unit id="sae5da213b7f896ed">
+        <source>Stage</source>
+        <target>스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a61796c1956d32c">
+        <source>Evaluate when flow is planned</source>
+        <target>플로우가 계획될 때 평가</target>
+        
+      </trans-unit>
+      <trans-unit id="sf533f13321fee530">
+        <source>Evaluate policies during the Flow planning process.</source>
+        <target>플로우 계획 프로세스 중에 정책을 평가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6336fa345e96dde9">
+        <source>Evaluate when stage is run</source>
+        <target>스테이지가 실행될 때 평가</target>
+        
+      </trans-unit>
+      <trans-unit id="sff3b708e23bb96b2">
+        <source>Evaluate policies before the Stage is present to the user.</source>
+        <target>스테이지가 사용자에게 표시되기 전에 정책을 평가합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0dc46deb8f181baf">
+        <source>Invalid response behavior</source>
+        <target>유효하지 않은 응답 동작</target>
+        
+      </trans-unit>
+      <trans-unit id="seb0805249661d15b">
+        <source>Returns the error message and a similar challenge to the executor</source>
+        <target>실행자에게 오류 메시지와 유사한 챌린지를 반환합니다</target>
+        
+      </trans-unit>
+      <trans-unit id="sd891d8463d0ebace">
+        <source>Restarts the flow from the beginning</source>
+        <target>플로우를 처음부터 다시 시작</target>
+        
+      </trans-unit>
+      <trans-unit id="s6b9a1dd402750a8a">
+        <source>Restarts the flow from the beginning, while keeping the flow context</source>
+        <target>플로우 컨텍스트를 유지하면서 플로우를 처음부터 다시 시작합니다</target>
+        
+      </trans-unit>
+      <trans-unit id="sbc88fb27a4c3b894">
+        <source>Configure how the flow executor should handle an invalid response to a challenge given by this bound stage.</source>
+        <target>이 바운드 스테이지에서 제공된 챌린지에 대한 유효하지 않은 응답을 플로우 실행기가 어떻게 처리해야 하는지 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s916b32ac64ea2b05">
+        <source>Successfully updated stage.</source>
+        <target>스테이지를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s14c8f36e180d6bbc">
+        <source>Successfully created stage.</source>
+        <target>스테이지를 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf22a28f83cc45fcc">
+        <source>Stage used to configure a duo-based authenticator. This stage should be used for configuration flows.</source>
+        <target>duo-based 인증기를 구성하는 데 사용되는 스테이지입니다. 이 스테이지는 구성 플로우에 사용해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5adafce329aaa853">
+        <source>Authenticator type name</source>
+        <target>인증기 유형 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="s23e6a57201fba25e">
+        <source>Display name of this authenticator, used by users when they enroll an authenticator.</source>
+        <target>사용자가 인증기를 등록할 때 사용하는 이 인증가의 표시 이름입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s276d751eb7a186cc">
+        <source>API Hostname</source>
+        <target>API 호스트명</target>
+        
+      </trans-unit>
+      <trans-unit id="s5b6b6e2cb884d59f">
+        <source>Duo Auth API</source>
+        <target>Duo Auth API</target>
+        
+      </trans-unit>
+      <trans-unit id="s240ff02ce3a53dee">
+        <source>Integration key</source>
+        <target>연동 키</target>
+        
+      </trans-unit>
+      <trans-unit id="s56fd9ed596c724fa">
+        <source>Secret key</source>
+        <target>비밀 키</target>
+        
+      </trans-unit>
+      <trans-unit id="s88870d7e499e848b">
+        <source>Duo Admin API (optional)</source>
+        <target>Duo 관리자 API (선택사항)</target>
+        
+      </trans-unit>
+      <trans-unit id="s7f13f4a2d0370cf6">
+        <source>When using a Duo MFA, Access or Beyond plan, an Admin API application can be created.
+            This will allow authentik to import devices automatically.</source>
+        <target>Duo MFA, Access 또는 Beyond 요금제를 사용하는 경우 관리자 API 애플리케이션을 만들 수 있습니다.
+            인증을 통해 디바이스를 자동으로 가져올 수 있습니다.</target>
+      </trans-unit>
+      <trans-unit id="s9a34d1520e320465">
+        <source>Stage-specific settings</source>
+        <target>스테이지별 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s0dfc6838c9d07677">
+        <source>Configuration flow</source>
+        <target>플로우 구성</target>
+        
+      </trans-unit>
+      <trans-unit id="sebf44d2471b608ad">
+        <source>Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage.</source>
+        <target>인증된 사용자가 이 스테이지를 구성하는 데 사용하는 플로우입니다. 비어 있으면 사용자가 이 스테이지를 구성할 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3baf512851453712">
+        <source>Twilio Account SID</source>
+        <target>Twilio 계정 SID</target>
+        
+      </trans-unit>
+      <trans-unit id="sa738ce390bc24875">
+        <source>Get this value from https://console.twilio.com</source>
+        <target>이 값은 다음에서 가져오세요. https://console.twilio.com</target>
+        
+      </trans-unit>
+      <trans-unit id="sa7b56a80ab1801f0">
+        <source>Twilio Auth Token</source>
+        <target>Twilio Auth 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe99a8caa70232ab">
+        <source>Authentication Type</source>
+        <target>인증 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="safd0363143a46a91">
+        <source>Basic Auth</source>
+        <target>Basic Auth</target>
+        
+      </trans-unit>
+      <trans-unit id="sd06b47084fec0ec5">
+        <source>Bearer Token</source>
+        <target>Bearer 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sb1751a1411d6874f">
+        <source>External API URL</source>
+        <target>외부 API URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sbdc1176ff9f93da2">
+        <source>This is the full endpoint to send POST requests to.</source>
+        <target>POST 요청을 전송할 전체 엔드포인트입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s51da4de00984fe51">
+        <source>API Auth Username</source>
+        <target>API 인증 사용자명</target>
+        
+      </trans-unit>
+      <trans-unit id="s293ab4331c1dd387">
+        <source>This is the username to be used with basic auth or the token when used with bearer token</source>
+        <target>Basic 인증에 사용할 사용자명 또는 무기명 토큰과 함께 사용할 경우 토큰입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s634d041fd954ab20">
+        <source>API Auth password</source>
+        <target>API Auth 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sb635ad3c2e357d3c">
+        <source>This is the password to be used with basic auth</source>
+        <target>Basic auth에 사용할 비밀번호입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa92398dba8b12d85">
+        <source>Mapping</source>
+        <target>매핑</target>
+        
+      </trans-unit>
+      <trans-unit id="s38162f615710c7b4">
+        <source>Modify the payload sent to the custom provider.</source>
+        <target>사용자 지정 공급자로 전송되는 페이로드를 수정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5e830ae7688d1219">
+        <source>Stage used to configure an SMS-based TOTP authenticator.</source>
+        <target>SMS 기반 TOTP 인증기를 구성하는 데 사용되는 스테이지입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0d5d05bf3d122ced">
+        <source>Twilio</source>
+        <target>Twilio</target>
+        
+      </trans-unit>
+      <trans-unit id="sc3c74f5273df459a">
+        <source>Generic</source>
+        <target>일반</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbb2180b6aed196e">
+        <source>From number</source>
+        <target>발신 번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sc647dcb91f6958dd">
+        <source>Number the SMS will be sent from.</source>
+        <target>SMS를 발송할 번호입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0ae0072614320ae2">
+        <source>Hash phone number</source>
+        <target>해시한 전화 번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ca3310e1999fd5b">
+        <source>If enabled, only a hash of the phone number will be saved. This can be done for data-protection reasons. Devices created from a stage with this enabled cannot be used with the authenticator validation stage.</source>
+        <target>활성화하면 휴대폰 번호의 해시만 저장됩니다. 이는 데이터 보호를 위해 설정할 수 있습니다. 이 옵션을 활성화한 단계에서 만든 디바이스는 인증기 유효성 검사 스테이지에서 사용할 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s128e7f5f34bfa155">
+        <source>Stage used to configure a static authenticator (i.e. static tokens). This stage should be used for configuration flows.</source>
+        <target>정적 인증자(즉, 정적 토큰)를 구성하는 데 사용되는 스테이지입니다. 이 단계는 구성 플로우에 사용해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sabf67834e35dede5">
+        <source>Token count</source>
+        <target>토큰 수</target>
+        
+      </trans-unit>
+      <trans-unit id="sc5a4711395ffb043">
+        <source>Stage used to configure a TOTP authenticator (i.e. Authy/Google Authenticator).</source>
+        <target>TOTP 인증자를 구성하는 데 사용되는 단계(예: Authy/Google 인증자)입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9d8ad4b85287131f">
+        <source>Digits</source>
+        <target>PIN(Digits)</target>
+        
+      </trans-unit>
+      <trans-unit id="sc04e92d753742189">
+        <source>6 digits, widely compatible</source>
+        <target>6자리 숫자, 폭넓은 호환성</target>
+        
+      </trans-unit>
+      <trans-unit id="sdc70195469e83e3f">
+        <source>8 digits, not compatible with apps like Google Authenticator</source>
+        <target>8자리 숫자, Google 인증기와 같은 앱과 호환되지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s0e15f678445dfc45">
+        <source>Stage used to validate any authenticator. This stage should be used during authentication or authorization flows.</source>
+        <target>인증기의 유효성을 검사하는 데 사용되는 스테이지입니다. 이 스테이지는 인증 또는 인가 플로우 중에 사용해야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s73c13e5a6f5e38a3">
+        <source>Device classes</source>
+        <target>디바이스 클래스</target>
+        
+      </trans-unit>
+      <trans-unit id="s97d1b0070f50c07f">
+        <source>Static Tokens</source>
+        <target>정적 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8168ae309c66abc">
+        <source>TOTP Authenticators</source>
+        <target>TOTP 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sde47e4d8b9b21b59">
+        <source>WebAuthn Authenticators</source>
+        <target>WebAuthn 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="s8da88a8a5750bce1">
+        <source>Duo Authenticators</source>
+        <target>Duo 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="s4d182bae8a578010">
+        <source>SMS-based Authenticators</source>
+        <target>SMS-기반 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sd8d9451f86502d1a">
+        <source>Device classes which can be used to authenticate.</source>
+        <target>인증에 사용할 수 있는 디바이스 클래스입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se2e9f5a32c93e5f7">
+        <source>Last validation threshold</source>
+        <target>최종 유효성 검사 임계치</target>
+        
+      </trans-unit>
+      <trans-unit id="s951281efc92b03fc">
+        <source>If any of the devices user of the types selected above have been used within this duration, this stage will be skipped.</source>
+        <target>위에서 선택한 유형의 사용자가 이 기간 내에 사용한 적이 있는 디바이스가 있으면 이 단계는 건너뛰게 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s681074b6c1f19c08">
+        <source>Not configured action</source>
+        <target>구성되지 않은 액션</target>
+        
+      </trans-unit>
+      <trans-unit id="sa2c29dc5ed47b26d">
+        <source>Force the user to configure an authenticator</source>
+        <target>사용자가 인증기를 구성하도록 강제</target>
+        
+      </trans-unit>
+      <trans-unit id="sa30c58514a3dc0fb">
+        <source>Deny the user access</source>
+        <target>사용자 액세스 거부</target>
+        
+      </trans-unit>
+      <trans-unit id="s1e0de9c4f66dc371">
+        <source>WebAuthn User verification</source>
+        <target>WebAuthn 사용자 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="sdb7b2173869822bc">
+        <source>User verification must occur.</source>
+        <target>사용자 확인이 이루어져야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7683363cdf78cf31">
+        <source>User verification is preferred if available, but not required.</source>
+        <target>가능한 경우 사용자 확인이 선호되지만 필수는 아닙니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scb43f5faeb6a7ca9">
+        <source>User verification should not occur.</source>
+        <target>사용자 확인이 이루어지지 않아야 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scae166352a31032c">
+        <source>Configuration stages</source>
+        <target>스테이지 구성</target>
+        
+      </trans-unit>
+      <trans-unit id="s6941a67f0038ba4c">
+        <source>Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again.</source>
+        <target>사용자에게 호환되는 디바이스가 없는 경우 인증기를 구성하는 데 사용되는 단계입니다. 이 구성 스테이지를 통과한 후에는 사용자에게 다시 메시지가 표시되지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7e5af9c6ba6f5cc6">
+        <source>When multiple stages are selected, the user can choose which one they want to enroll.</source>
+        <target>여러 스테이지를 선택한 경우 사용자는 등록할 스테이지를 선택할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s34b23ebbac9f6ab9">
+        <source>User verification</source>
+        <target>사용자 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ea472b555374771">
+        <source>Resident key requirement</source>
+        <target>Resident Key 요구 사항</target>
+        
+      </trans-unit>
+      <trans-unit id="s5fbaeb14f42815e5">
+        <source>Authenticator Attachment</source>
+        <target>인증기 첨부</target>
+        
+      </trans-unit>
+      <trans-unit id="s502d2473587032e1">
+        <source>No preference is sent</source>
+        <target>기본 설정이 전송되지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s60cc554fde2676cb">
+        <source>A non-removable authenticator, like TouchID or Windows Hello</source>
+        <target>TouchID 또는 Windows Hello와 같은 제거할 수 없는 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sdf1d8edef27236f0">
+        <source>A &quot;roaming&quot; authenticator, like a YubiKey</source>
+        <target>YubiKey 같은 &quot;로밍&quot; 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sfffba7b23d8fb40c">
+        <source>This stage checks the user's current session against the Google reCaptcha (or compatible) service.</source>
+        <target>이 스테이지에서는 사용자의 현재 세션을 Google 리캡차(또는 호환) 서비스와 비교하여 확인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfd1af96798dd8a5f">
+        <source>Public Key</source>
+        <target>공개 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sf339673f0f76a8bd">
+        <source>Public key, acquired from https://www.google.com/recaptcha/intro/v3.html.</source>
+        <target>공개 키는, https://www.google.com/recaptcha/intro/v3.html 에서 얻을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s83d0f62ad1731a03">
+        <source>Private Key</source>
+        <target>개인 키</target>
+        
+      </trans-unit>
+      <trans-unit id="s892d2731a6f22e59">
+        <source>Private key, acquired from https://www.google.com/recaptcha/intro/v3.html.</source>
+        <target>개인 키는, https://www.google.com/recaptcha/intro/v3.html 에서 얻을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scb6620fcd5bff04c">
+        <source>Advanced settings</source>
+        <target>고급 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s39e436de1dc4df4f">
+        <source>JS URL</source>
+        <target>JS URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s170b705c55ecb2ae">
+        <source>URL to fetch JavaScript from, defaults to recaptcha. Can be replaced with any compatible alternative.</source>
+        <target>JavaScript를 가져올 URL입니다. 기본값은 recaptcha입니다. 호환되는 대체 사이트로 교체할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s275021658614ce9e">
+        <source>API URL</source>
+        <target>API URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sc8a79fddea3ab4a9">
+        <source>URL used to validate captcha response, defaults to recaptcha. Can be replaced with any compatible alternative.</source>
+        <target>보안 문자 응답의 유효성을 검사하는 데 사용되는 URL로, 기본값은 리캡차입니다. 호환 가능한 다른 것으로 대체할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1cd617e7bbe278d0">
+        <source>Prompt for the user's consent. The consent can either be permanent or expire in a defined amount of time.</source>
+        <target>사용자의 동의를 요청하는 프롬포트를 표시합니다. 동의는 영구적이거나 정해진 시간 후에 만료할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s26513c9dd154f041">
+        <source>Always require consent</source>
+        <target>항상 동의 요청</target>
+        
+      </trans-unit>
+      <trans-unit id="s8ce8bdc9cc9c8604">
+        <source>Consent given last indefinitely</source>
+        <target>비한정으로 동의 지속</target>
+        
+      </trans-unit>
+      <trans-unit id="sb986f15fa9b17805">
+        <source>Consent expires.</source>
+        <target>동의가 만료됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6f328f2d8382d998">
+        <source>Consent expires in</source>
+        <target>동의가 만료되는 시점</target>
+        
+      </trans-unit>
+      <trans-unit id="se0c660020d9cf5b7">
+        <source>Offset after which consent expires.</source>
+        <target>동의가 만료되는 오프셋입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s22b10ed263b96194">
+        <source>Dummy stage used for testing. Shows a simple continue button and always passes.</source>
+        <target>테스트에 사용되는 더미 스테이지입니다. 간단한 계속 버튼을 표시하고 항상 통과합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sdb861d9906f18ac2">
+        <source>Throw error?</source>
+        <target>오류 발생?</target>
+        
+      </trans-unit>
+      <trans-unit id="s31ebc5431d677f5d">
+        <source>SMTP Host</source>
+        <target>SMTP 호스트</target>
+        
+      </trans-unit>
+      <trans-unit id="s289fce7e694b98ac">
+        <source>SMTP Port</source>
+        <target>SMTP 포트</target>
+        
+      </trans-unit>
+      <trans-unit id="se4a9da0295597e73">
+        <source>SMTP Username</source>
+        <target>SMTP 사용자명</target>
+        
+      </trans-unit>
+      <trans-unit id="s593db2c00d6516a2">
+        <source>SMTP Password</source>
+        <target>SMTP 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s0d4268408182491d">
+        <source>Use TLS</source>
+        <target>TLS 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s480c6c40a248f7d2">
+        <source>Use SSL</source>
+        <target>SSL 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1feadd25659c94d">
+        <source>From address</source>
+        <target>발신자 주소</target>
+        
+      </trans-unit>
+      <trans-unit id="sa248e1021d2c27b5">
+        <source>Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity.</source>
+        <target>일회성 링크를 전송하여 사용자의 이메일 주소를 확인합니다. 사용자의 진위 여부를 확인하기 위한 복구용으로도 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s87b7e3bc944c728c">
+        <source>Activate pending user on success</source>
+        <target>성공 시 보류 중인 사용자 활성화</target>
+        
+      </trans-unit>
+      <trans-unit id="s9e9c8d99f4c26baf">
+        <source>When a user returns from the email successfully, their account will be activated.</source>
+        <target>사용자가 이메일에서 성공적으로 돌아오면 계정이 활성화됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s618d4e53f455c834">
+        <source>Use global settings</source>
+        <target>전역 설정 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="sae1e1a59d22609c4">
+        <source>When enabled, global Email connection settings will be used and connection settings below will be ignored.</source>
+        <target>활성화하면, 전역 이메일 연결 설정이 사용되며 아래의 연결 설정은 무시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb1fe947f9ad27b9d">
+        <source>Token expiry</source>
+        <target>토큰 유효기간</target>
+        
+      </trans-unit>
+      <trans-unit id="s1c6ba8d100453392">
+        <source>Time in minutes the token sent is valid.</source>
+        <target>전송한 토큰이 유효한 시간입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se47baf2fd16b9d2b">
+        <source>Template</source>
+        <target>템플릿</target>
+        
+      </trans-unit>
+      <trans-unit id="s4af8a3ce5a600855">
+        <source>Let the user identify themselves with their username or Email address.</source>
+        <target>사용자가 사용자 아이디 또는 이메일 주소로 신원을 확인할 수 있도록 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s592ab7d2bc1b8973">
+        <source>User fields</source>
+        <target>사용자 필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s61e48919db20538a">
+        <source>UPN</source>
+        <target>UPN</target>
+        
+      </trans-unit>
+      <trans-unit id="s4cdae7635e757555">
+        <source>Fields a user can identify themselves with. If no fields are selected, the user will only be able to use sources.</source>
+        <target>사용자가 자신을 식별할 수 있는 필드입니다. 필드를 선택하지 않으면 사용자는 소스만 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3380d7cbcebe50f6">
+        <source>Password stage</source>
+        <target>비밀번호 스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="s08c91cb1a2cd3d97">
+        <source>When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks.</source>
+        <target>이 옵션을 선택하면 비밀번호 필드가 별도의 페이지가 아닌 같은 페이지에 표시됩니다. 이렇게 하면 사용자명 무차별 입력 공격을 방지할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd97d8d0906e6cc47">
+        <source>Case insensitive matching</source>
+        <target>대소문자를 구분하지 않는 매칭</target>
+        
+      </trans-unit>
+      <trans-unit id="s8aaad223e954f9ca">
+        <source>When enabled, user fields are matched regardless of their casing.</source>
+        <target>활성화하면 사용자 필드를 대소문자에 관계없이 매치합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbab723b98dcfe23f">
+        <source>Show matched user</source>
+        <target>일치하는 사용자 표시</target>
+        
+      </trans-unit>
+      <trans-unit id="se50a08ab71bb96ed">
+        <source>When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown.</source>
+        <target>유효한 사용자 아이디/이메일을 입력하고 이 옵션을 활성화하면 사용자의 사용자 아이디와 아바타가 표시됩니다. 그렇지 않으면 사용자가 입력한 텍스트가 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0295ce5d6f635d75">
+        <source>Source settings</source>
+        <target>소스 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s91e3a47599412f51">
+        <source>Sources</source>
+        <target>소스</target>
+        
+      </trans-unit>
+      <trans-unit id="s17a679298216aca9">
+        <source>Select sources should be shown for users to authenticate with. This only affects web-based sources, not LDAP.</source>
+        <target>사용자가 인증할 소스를 선택할 수 있도록 표시해야 합니다. 이는 웹 기반 소스에만 영향을 미치며 LDAP에는 영향을 미치지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa41aee3ae04c9216">
+        <source>Show sources' labels</source>
+        <target>소스의 라벨 표시</target>
+        
+      </trans-unit>
+      <trans-unit id="s54cd35e6224ba65d">
+        <source>By default, only icons are shown for sources. Enable this to show their full names.</source>
+        <target>기본적으로 소스에는, 아이콘만 표시됩니다. 전체 이름을 표시하려면 이 옵션을 활성화합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ee20003cb116abf">
+        <source>Passwordless flow</source>
+        <target>비밀번호 없는 플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s0c8c4d2bb0a9162a">
+        <source>Optional passwordless flow, which is linked at the bottom of the page. When configured, users can use this flow to authenticate with a WebAuthn authenticator, without entering any details.</source>
+        <target>페이지 하단에 링크된 선택적 비밀번호 없는 플로우입니다. 이 플로우를 구성하면 사용자는 세부 정보를 입력하지 않고도 이 플로우를 사용하여 WebAuthn 인증기로 인증할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s01a3a7f48ee4edaf">
+        <source>Optional enrollment flow, which is linked at the bottom of the page.</source>
+        <target>페이지 하단에 링크된, 선택적 등록 플로우를 참조하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s82188c9542510212">
+        <source>Optional recovery flow, which is linked at the bottom of the page.</source>
+        <target>페이지 하단에 링크된,  선택적 복구 플로우를 참조하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3e59b8b2debf0209">
+        <source>This stage can be included in enrollment flows to accept invitations.</source>
+        <target>이 스테이지는 등록 플로우에 포함시켜 초대를 수락할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s79ad406777feab1f">
+        <source>Continue flow without invitation</source>
+        <target>초대 없이 플로우 계속</target>
+        
+      </trans-unit>
+      <trans-unit id="s61ccefd661ac2296">
+        <source>If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given.</source>
+        <target>이 플래그를 설정하면 초대를 받지 못했을 때 이 스테이지가 다음 스테이지로 이동합니다. 기본적으로 이 스테이지는 초대를 받지 못하면 플로우를 취소합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sdc30bddeda2f0225">
+        <source>Validate the user's password against the selected backend(s).</source>
+        <target>선택한 백엔드에 대해 사용자의 비밀번호를 검증합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb8d4f44a1d5b9a14">
+        <source>Backends</source>
+        <target>백엔드</target>
+        
+      </trans-unit>
+      <trans-unit id="sba42248f3f27955c">
+        <source>User database + standard password</source>
+        <target>사용자 데이터베이스 + 표준 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s3330adb3f0922f7b">
+        <source>User database + app passwords</source>
+        <target>사용자 데이터베이스 + 앱 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sc10db51c9bb77d5c">
+        <source>User database + LDAP password</source>
+        <target>사용자 데이터베이스 + LDAP 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sd35ae4be63df1f9f">
+        <source>Selection of backends to test the password against.</source>
+        <target>비밀번호를 테스트할 백엔드를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s482ae78809a6822b">
+        <source>Flow used by an authenticated user to configure their password. If empty, user will not be able to configure change their password.</source>
+        <target>인증된 사용자가 비밀번호를 구성하는 데 사용하는 플로우입니다. 비어 있으면 사용자가 비밀번호 변경을 구성할 수 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s77994108c886b965">
+        <source>Failed attempts before cancel</source>
+        <target>취소 전 실패 시도 횟수</target>
+        
+      </trans-unit>
+      <trans-unit id="sa9020b93c3bd7235">
+        <source>How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage.</source>
+        <target>플로우가 취소되기 전에 사용자가 시도할 수 있는 횟수입니다. 사용자를 잠그려면 평판 정책과 user_write 단계를 사용하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5170f9ef331949c0">
+        <source>Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable.</source>
+        <target>예를 들어, 등록 시 사용자에게 임의의 입력 필드를 표시합니다. 데이터는 플로우 컨텍스트의 'prompt_data' 변수 아래에 저장됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s36cb242ac90353bc">
+        <source>Fields</source>
+        <target>필드</target>
+        
+      </trans-unit>
+      <trans-unit id="s2d5f69929bb7221d">
+        <source><x id="0" equiv-text="${prompt.name}"/> (&quot;<x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, of type <x id="2" equiv-text="${prompt.type}"/>)</source>
+        <target><x id="0" equiv-text="${prompt.name}"/> (&quot;<x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, of type <x id="2" equiv-text="${prompt.type}"/>)</target>
+        
+      </trans-unit>
+      <trans-unit id="s3b7b519444181264">
+        <source>Validation Policies</source>
+        <target>유효성 검사 정책</target>
+        
+      </trans-unit>
+      <trans-unit id="s59691290a232c687">
+        <source>Selected policies are executed when the stage is submitted to validate the data.</source>
+        <target>데이터 유효성 검사를 위해 스테이지가 제출될 때 선택한 정책이 실행됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbf4ef82e04772a4e">
+        <source>Delete the currently pending user. CAUTION, this stage does not ask for confirmation. Use a consent stage to ensure the user is aware of their actions.</source>
+        <target>현재 대기 중인 사용자를 삭제합니다. 주의: 이 단계에서는 확인을 요청하지 않습니다. 동의 단계를 사용하여 사용자가 자신의 행동에 대해 인지하도록 하세요.</target>
+      </trans-unit>
+      <trans-unit id="s8cc920e6a8430a0d">
+        <source>Log the currently pending user in.</source>
+        <target>현재 대기 중인 사용자를 로그인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb85ffe141d7c229d">
+        <source>Session duration</source>
+        <target>세션 지속시간</target>
+        
+      </trans-unit>
+      <trans-unit id="sece294cd51a85745">
+        <source>Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed.</source>
+        <target>세션이 지속되는 시간을 결정합니다. 기본값인 0초는 브라우저가 닫힐 때까지 세션이 지속된다는 의미입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf7949fbbab2eb566">
+        <source>Different browsers handle session cookies differently, and might not remove them even when the browser is closed.</source>
+        <target>브라우저마다 세션 쿠키를 처리하는 방식이 다르기 때문에 브라우저를 닫아도 세션 쿠키가 제거되지 않을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s53bbc3ae4b5fa1d0">
+        <source>See here.</source>
+        <target>여기를 참조하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2512334108f06a5a">
+        <source>Stay signed in offset</source>
+        <target>로그인 상태 유지 오프셋</target>
+        
+      </trans-unit>
+      <trans-unit id="s1608b2f94fa0dbd4">
+        <source>If set to a duration above 0, the user will have the option to choose to &quot;stay signed in&quot;, which will extend their session by the time specified here.</source>
+        <target>기간을 0 이상으로 설정하면, 사용자에게 '로그인 상태 유지'를 선택할 수 있는 옵션이 제공되며, 이 경우 세션이 여기에 지정된 시간만큼 연장됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s542a71bb8f41e057">
+        <source>Terminate other sessions</source>
+        <target>다른 세션 종료</target>
+        
+      </trans-unit>
+      <trans-unit id="sa920231366378c90">
+        <source>When enabled, all previous sessions of the user will be terminated.</source>
+        <target>활성화하면 사용자의 이전 세션이 모두 종료됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfee06600c15082a9">
+        <source>Remove the user from the current session.</source>
+        <target>현재 세션에서 사용자를 제거합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s927398c400970760">
+        <source>Write any data from the flow's context's 'prompt_data' to the currently pending user. If no user
+        is pending, a new user is created, and data is written to them.</source>
+        <target>플로우 컨텍스트의 'prompt_data'에 있는 데이터를 현재 대기 중인 사용자에게 씁니다. 대기 중인 사용자가
+        없는 경우 새 사용자가 생성되고 해당 사용자에게 데이터가 기록됩니다.</target>
+      </trans-unit>
+      <trans-unit id="sb379d861cbed0b47">
+        <source>Never create users</source>
+        <target>사용자 생성 안 함</target>
+        
+      </trans-unit>
+      <trans-unit id="s81d673755a86a4f0">
+        <source>When no user is present in the flow context, the stage will fail.</source>
+        <target>플로우 컨텍스트에 사용자가 없으면 스테이지가 실패합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9940e3f073fbdbd4">
+        <source>Create users when required</source>
+        <target>필요할 때 사용자 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s5414356cc10e80fe">
+        <source>When no user is present in the the flow context, a new user is created.</source>
+        <target>플로우 컨텍스트에 사용자가 없는 경우 새 사용자를 생성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s57337099d96ce6d2">
+        <source>Always create new users</source>
+        <target>항상 새 사용자 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="se80dd66f23b4fc39">
+        <source>Create a new user even if a user is in the flow context.</source>
+        <target>사용자가 플로우 컨텍스트에 있는 경우에도 새 사용자를 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sed3512fe4560c7f4">
+        <source>Create users as inactive</source>
+        <target>사용자를 비활성 상태로 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s9193ef1a39a6c872">
+        <source>Mark newly created users as inactive.</source>
+        <target>새로 생성된 사용자를 비활성으로 표시합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s89d1847b5e4ad225">
+        <source>User path template</source>
+        <target>사용자 경로 템플릿</target>
+        
+      </trans-unit>
+      <trans-unit id="s18269e3889d6fa54">
+        <source>Path new users will be created under. If left blank, the default path will be used.</source>
+        <target>새 사용자가 생성될 경로입니다. 비워 두면 기본 경로가 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1cb0eef9ed94e6a">
+        <source>Newly created users are added to this group, if a group is selected.</source>
+        <target>그룹이 선택되어 있으면 새로 생성된 사용자가 이 그룹에 추가됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd8417b41ca27bc8f">
+        <source>New stage</source>
+        <target>새 스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="s293801033f9fc0d0">
+        <source>Create a new stage.</source>
+        <target>새 스테이지를 만듭니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s71633a67e0d7c0e4">
+        <source>Successfully imported device.</source>
+        <target>디바이스를 성공적으로 가져왔습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7d61705dfb120d7b">
+        <source>The user in authentik this device will be assigned to.</source>
+        <target>이 디바이스를 할당할 Authentik의 사용자입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s5eaf1d304e03ed4b">
+        <source>Duo User ID</source>
+        <target>Duo 사용자 ID</target>
+        
+      </trans-unit>
+      <trans-unit id="s003847d8bc01c676">
+        <source>The user ID in Duo, can be found in the URL after clicking on a user.</source>
+        <target>Duo의 사용자 ID는, 사용자를 클릭한 후 URL에서 찾을 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbc806ea3987c781">
+        <source>Automatic import</source>
+        <target>자동으로 가져오기</target>
+        
+      </trans-unit>
+      <trans-unit id="s77299a9d3dd932cd">
+        <source>Successfully imported <x id="0" equiv-text="${res.count}"/> devices.</source>
+        <target>성공적으로 <x id="0" equiv-text="${res.count}"/> 디바이스를 가져왔습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6a615f6165ef01c9">
+        <source>Start automatic import</source>
+        <target>자동으로 가져오기 시작</target>
+        
+      </trans-unit>
+      <trans-unit id="s9f83d7768aea548a">
+        <source>Or manually import</source>
+        <target>혹은 수동으로 가져오기</target>
+        
+      </trans-unit>
+      <trans-unit id="sddc8efe94cb8c210">
+        <source>Stages are single steps of a Flow that a user is guided through. A stage can only be executed from within a flow.</source>
+        <target>스테이지는 사용자에게 안내되는 플로우의 단일 단계입니다. 스테이지는 플로우 내에서만 실행할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb69a4b0acd0895f2">
+        <source>Flows</source>
+        <target>플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s0eaf755fa88c8d97">
+        <source>Stage(s)</source>
+        <target>스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="s3914cb410fca44d4">
+        <source>Import</source>
+        <target>가져오기</target>
+        
+      </trans-unit>
+      <trans-unit id="s8a67b33a0d70d322">
+        <source>Import Duo device</source>
+        <target>Duo 디바이스 가져오기</target>
+        
+      </trans-unit>
+      <trans-unit id="s48cf8fd56b1237ed">
+        <source>Successfully updated flow.</source>
+        <target>플로우를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc3e0c240b159fbce">
+        <source>Successfully created flow.</source>
+        <target>플로우를 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s925936f647ae52cc">
+        <source>Shown as the Title in Flow pages.</source>
+        <target>플로우 페이지에서 제목으로 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s50719dda8f90abf4">
+        <source>Visible in the URL.</source>
+        <target>URL에 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0f4c6540c30bd8b4">
+        <source>Designation</source>
+        <target>지정</target>
+        
+      </trans-unit>
+      <trans-unit id="sb25d9afe10941425">
+        <source>Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.</source>
+        <target>이 플로우가 사용되는 용도를 결정합니다. 예를 들어, 인증되지 않은 사용자가 authentik을 방문할 때 인증 플로우가 리디렉션됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb36e4c05244278c1">
+        <source>No requirement</source>
+        <target>필수 조건 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b105164d209f670">
+        <source>Require authentication</source>
+        <target>인증 필요</target>
+        
+      </trans-unit>
+      <trans-unit id="s239c2a351cde6d39">
+        <source>Require no authentication.</source>
+        <target>인증 필요 없음.</target>
+        
+      </trans-unit>
+      <trans-unit id="s98beadfeeb3acb66">
+        <source>Require superuser.</source>
+        <target>슈퍼유저권한이 필요합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfad9279cc42c6b61">
+        <source>Required authentication level for this flow.</source>
+        <target>플로우에 필요한 인증 레벨을 요구합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb56674c9ea4f0588">
+        <source>Behavior settings</source>
+        <target>동작 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sb6d7d58cb0a1544e">
+        <source>Compatibility mode</source>
+        <target>호환성 모드</target>
+        
+      </trans-unit>
+      <trans-unit id="s14ace18ccf4fb86d">
+        <source>Increases compatibility with password managers and mobile devices.</source>
+        <target>비밀번호 관리자 및 모바일 디바이스와의 호환성을 높입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scfbc2f1396ee8550">
+        <source>Denied action</source>
+        <target>거부 조치</target>
+        
+      </trans-unit>
+      <trans-unit id="sff38031cf061e3ae">
+        <source>Will follow the ?next parameter if set, otherwise show a message</source>
+        <target>?next 매개변수가 설정되어 있으면 이를 따르고, 그렇지 않으면 메시지를 표시</target>
+        
+      </trans-unit>
+      <trans-unit id="s936bf4342b182ad4">
+        <source>Will either follow the ?next parameter or redirect to the default interface</source>
+        <target>?next 매개변수를 따르거나 기본 인터페이스로 리디렉션</target>
+        
+      </trans-unit>
+      <trans-unit id="s22b0e8c5277dd5a9">
+        <source>Will notify the user the flow isn't applicable</source>
+        <target>사용자에게 해당 플로우가 적용되지 않음을 알림</target>
+        
+      </trans-unit>
+      <trans-unit id="s2eeca5cfc99ef19b">
+        <source>Decides the response when a policy denies access to this flow for a user.</source>
+        <target>정책에서 사용자의 이 플로우에 대한 액세스를 거부할 때 응답을 결정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbaf20067de176c90">
+        <source>Appearance settings</source>
+        <target>외형 설정</target>
+        
+      </trans-unit>
+      <trans-unit id="s2e4818861000b13f">
+        <source>Layout</source>
+        <target>레이아웃</target>
+        
+      </trans-unit>
+      <trans-unit id="s1efbfc3937d565bd">
+        <source>Background</source>
+        <target>배경</target>
+        
+      </trans-unit>
+      <trans-unit id="s374abf1a54d87b67">
+        <source>Background shown during execution.</source>
+        <target>실행 중 배경이 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3ebf4c166058afce">
+        <source>Clear background</source>
+        <target>배경 지우기</target>
+        
+      </trans-unit>
+      <trans-unit id="sb24755ea94bef31d">
+        <source>Delete currently set background image.</source>
+        <target>현재 설정된 배경 이미지를 삭제합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb904f23f17b60c3a">
+        <source>Successfully imported flow.</source>
+        <target>플로우를 성공적으로 가져왔습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s344c4a2a48997e18">
+        <source>.yaml files, which can be found on goauthentik.io and can be exported by authentik.</source>
+        <target>.yaml 파일로 내보낼 수 있으며, 이 파일은 goauthentik.io에서 찾을 수 있고 authentik을 통해 내보낼 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc816360d6f5a1eeb">
+        <source>Flows describe a chain of Stages to authenticate, enroll or recover a user. Stages are chosen based on policies applied to them.</source>
+        <target>플로우는 사용자를 인증, 등록 또는 복구하기 위한 일련의 단계를 설명합니다. 스테이지에 적용되는 정책에 따라 스테이지가 선택됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6f857299d5db1ecf">
+        <source>Flow(s)</source>
+        <target>플로우</target>
+        
+      </trans-unit>
+      <trans-unit id="s9e830cbc0b42a514">
+        <source>Update Flow</source>
+        <target>플로우 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s2f1bcfcc5cae94c3">
+        <source>Create Flow</source>
+        <target>플로우 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s832282d415294df4">
+        <source>Import Flow</source>
+        <target>플로우 가져오기</target>
+        
+      </trans-unit>
+      <trans-unit id="s098237f7ccb4dc4a">
+        <source>Successfully cleared flow cache</source>
+        <target>플로우 캐시를 성공적으로 지웠습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s59572c1be31a812e">
+        <source>Failed to delete flow cache</source>
+        <target>플로우 캐시를 삭제하지 못했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa2b727168b090d34">
+        <source>Clear Flow cache</source>
+        <target>플로우 캐시 지우기</target>
+        
+      </trans-unit>
+      <trans-unit id="sf12d588a76ba7e51">
+        <source>Are you sure you want to clear the flow cache?
+            This will cause all flows to be re-evaluated on their next usage.</source>
+        <target>플로우 캐시를 지우시겠습니까?
+            이렇게 하면 다음 사용 시 모든 플로우가 재평가됩니다.</target>
+      </trans-unit>
+      <trans-unit id="sbe47a5bdeec19ab0">
+        <source>Stage binding(s)</source>
+        <target>스테이지 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="sfa88f413e287bb0f">
+        <source>Stage type</source>
+        <target>스테이지 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="s04440099d97c0bef">
+        <source>Edit Stage</source>
+        <target>스테이지 편집</target>
+        
+      </trans-unit>
+      <trans-unit id="s980270d0fab7ecb3">
+        <source>Update Stage binding</source>
+        <target>스테이지 바인딩 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe938c1585e0bf68">
+        <source>These bindings control if this stage will be applied to the flow.</source>
+        <target>이러한 바인딩은 이 단계가 플로우에 적용될지 여부를 제어합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sfac6f995c7670559">
+        <source>No Stages bound</source>
+        <target>스테이지 바인딩 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="s955c1fec1c6fb970">
+        <source>No stages are currently bound to this flow.</source>
+        <target>현재 이 흐름에 바인딩된 스테이지가 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9a393a04eaf1eb0e">
+        <source>Create Stage binding</source>
+        <target>스테이지 바인딩 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s207e8b106806d7e4">
+        <source>Bind stage</source>
+        <target>스테이지 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="scc2e420c54dc8089">
+        <source>Bind existing stage</source>
+        <target>기존 스테이지 바인드</target>
+        
+      </trans-unit>
+      <trans-unit id="s30d1f50f476c3f48">
+        <source>Flow Overview</source>
+        <target>플로우 개요</target>
+        
+      </trans-unit>
+      <trans-unit id="s77099d752f1ab773">
+        <source>Related actions</source>
+        <target>관련 액션</target>
+        
+      </trans-unit>
+      <trans-unit id="sd07866d9f38b2c50">
+        <source>Execute flow</source>
+        <target>플로우 실행</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ff3121d30f88d52">
+        <source>Normal</source>
+        <target>Normal</target>
+        
+      </trans-unit>
+      <trans-unit id="s6e4c997a101b6abf">
+        <source>with current user</source>
+        <target>현재 사용자로</target>
+        
+      </trans-unit>
+      <trans-unit id="s8ecdbff1a7329b64">
+        <source>with inspector</source>
+        <target>감사관과 함께</target>
+        
+      </trans-unit>
+      <trans-unit id="s3576aead3e68c5c9">
+        <source>Export flow</source>
+        <target>플로우 내보내기</target>
+        
+      </trans-unit>
+      <trans-unit id="s293aa6a6446fb153">
+        <source>Export</source>
+        <target>내보내기</target>
+        
+      </trans-unit>
+      <trans-unit id="se2c3cbf2ed1403f1">
+        <source>Stage Bindings</source>
+        <target>스테이지 바인딩</target>
+        
+      </trans-unit>
+      <trans-unit id="s78c08391ffbfb8c0">
+        <source>These bindings control which users can access this flow.</source>
+        <target>이러한 바인딩은 이 플로우에 액세스할 수 있는 사용자를 제어합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1a1ff47c058bb09">
+        <source>Event Log</source>
+        <target>이력 로그</target>
+        
+      </trans-unit>
+      <trans-unit id="s65d67612999165e9">
+        <source>Event <x id="0" equiv-text="${this.event.pk}"/></source>
+        <target>이력 <x id="0" equiv-text="${this.event.pk}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s455de2f740b073fd">
+        <source>Event info</source>
+        <target>이력 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="sb41b2cfbbc52565b">
+        <source>Created</source>
+        <target>생성됨</target>
+        
+      </trans-unit>
+      <trans-unit id="s037bc6d25a03c3c8">
+        <source>Successfully updated transport.</source>
+        <target>전송을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s1575a15cee001915">
+        <source>Successfully created transport.</source>
+        <target>전송을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4acf840bc792c3ae">
+        <source>Local (notifications will be created within authentik)</source>
+        <target>로컬 (통지는 Authentik 내에 생성됩니다.)</target>
+        
+      </trans-unit>
+      <trans-unit id="sede0abbf2b612812">
+        <source>Webhook (generic)</source>
+        <target>웹훅 (일반)</target>
+        
+      </trans-unit>
+      <trans-unit id="s76f5dca6404a1210">
+        <source>Webhook (Slack/Discord)</source>
+        <target>웹훅 (Slack/Discord)</target>
+        
+      </trans-unit>
+      <trans-unit id="s6873bdbfa24615fb">
+        <source>Webhook URL</source>
+        <target>웹훅 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="s25ec2846f6b88214">
+        <source>Webhook Mapping</source>
+        <target>웹훅 맵핑</target>
+        
+      </trans-unit>
+      <trans-unit id="sca2879d96f58a39c">
+        <source>Send once</source>
+        <target>한 번만 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="s2430e000b7cfefd0">
+        <source>Only send notification once, for example when sending a webhook into a chat channel.</source>
+        <target>예를 들어 채팅 채널로 웹훅을 보낼 때 알림을 한 번만 보내세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s819509c33a7534ac">
+        <source>Notification Transports</source>
+        <target>통지 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="s57072ffb92b6c9c8">
+        <source>Define how notifications are sent to users, like Email or Webhook.</source>
+        <target>이메일 또는 웹훅과 같이 사용자에게 알림을 보내는 방법을 정의합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s624256f8a4bb4c89">
+        <source>Notification transport(s)</source>
+        <target>통지 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="sac1332e6f421526e">
+        <source>Update Notification Transport</source>
+        <target>통지 전송 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="s6b5002c605b39d6d">
+        <source>Create Notification Transport</source>
+        <target>통지 전송 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s0a39e4f61ccafacb">
+        <source>Successfully updated rule.</source>
+        <target>규칙을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s72e102414fec81a4">
+        <source>Successfully created rule.</source>
+        <target>규칙을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa55ee64c5c51df0f">
+        <source>Select the group of users which the alerts are sent to. If no group is selected the rule is disabled.</source>
+        <target>알림을 전송할 사용자 그룹을 선택합니다. 그룹을 선택하지 않으면 규칙이 비활성화됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sffa171e11d4ae513">
+        <source>Transports</source>
+        <target>전송</target>
+        
+      </trans-unit>
+      <trans-unit id="s7b18721be331241e">
+        <source>Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI.</source>
+        <target>사용자에게 통지를 보내는 데 사용할 전송을 선택합니다. 아무것도 선택하지 않으면 통지는 authentik UI에만 표시됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="scd0cfe87af6f2ff2">
+        <source>Severity</source>
+        <target>심각도</target>
+        
+      </trans-unit>
+      <trans-unit id="s98c3bdf4fd5cdf65">
+        <source>Notification Rules</source>
+        <target>통지 규칙</target>
+        
+      </trans-unit>
+      <trans-unit id="s107bf77afb93c9b8">
+        <source>Send notifications whenever a specific Event is created and matched by policies.</source>
+        <target>특정 이력이 생성되고 정책과 일치할 때마다 통지를 보냅니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf3f9a0feaf083207">
+        <source>Sent to group</source>
+        <target>그룹에게 전송</target>
+        
+      </trans-unit>
+      <trans-unit id="sc92ed9d5e01d3f24">
+        <source>Notification rule(s)</source>
+        <target>통지 규칙</target>
+        
+      </trans-unit>
+      <trans-unit id="s5140d157642d7362">
+        <source>None (rule disabled)</source>
+        <target>없음 (규칙 비활성화)</target>
+        
+      </trans-unit>
+      <trans-unit id="sd1146418b344f81f">
+        <source>Update Notification Rule</source>
+        <target>통지 규칙 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbc1de43ab6c1f76">
+        <source>Create Notification Rule</source>
+        <target>통지 규칙 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s5795b310ab271d20">
+        <source>These bindings control upon which events this rule triggers.
+Bindings to groups/users are checked against the user of the event.</source>
+        <target>이러한 바인딩은 이 규칙이 격발되는 이력을 제어합니다.
+그룹/사용자에 대한 바인딩은 이벤트의 사용자에 대해 확인됩니다.</target>
+      </trans-unit>
+      <trans-unit id="s90c3b62194fe8508">
+        <source>Outpost Deployment Info</source>
+        <target>Outpost 배포 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="s35f9df7668d5fa79">
+        <source>View deployment documentation</source>
+        <target>배포 보기</target>
+        
+      </trans-unit>
+      <trans-unit id="sad09c62cb4ebae68">
+        <source>Click to copy token</source>
+        <target>토큰을 복사하려면 클릭</target>
+        
+      </trans-unit>
+      <trans-unit id="s0e03fe2dc5b9164b">
+        <source>If your authentik Instance is using a self-signed certificate, set this value.</source>
+        <target>Authentik 인스턴스에서 자체 서명 인증서를 사용하는 경우, 이 값을 설정합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc21032b0d37882a0">
+        <source>If your authentik_host setting does not match the URL you want to login with, add this setting.</source>
+        <target>authentik_host 설정이 로그인하려는 URL과 일치하지 않는 경우, 이 설정을 추가하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6f270e1668c036e9">
+        <source>Successfully updated outpost.</source>
+        <target>Outpost를 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s79aed8154d7c472c">
+        <source>Successfully created outpost.</source>
+        <target>Outpost를 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8afc8c5aafb392d3">
+        <source>Radius</source>
+        <target>Radius</target>
+        
+      </trans-unit>
+      <trans-unit id="s03970aa76a09982d">
+        <source>Integration</source>
+        <target>통합</target>
+        
+      </trans-unit>
+      <trans-unit id="s9c29565c5ae1cc92">
+        <source>Selecting an integration enables the management of the outpost by authentik.</source>
+        <target>통합을 선택하면 authentik을 통해 outpost를 관리할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s554ce268e9727e79">
+        <source>You can only select providers that match the type of the outpost.</source>
+        <target>Outpost 유형과 일치하는 공급자만 선택할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf9b1c0661a02d9f9">
+        <source>Configuration</source>
+        <target>구성</target>
+        
+      </trans-unit>
+      <trans-unit id="s3abecf1e778c9625">
+        <source>See more here:</source>
+        <target>자세한 내용은 여기를 참조하세요:</target>
+        
+      </trans-unit>
+      <trans-unit id="s74cb3d66f6a668e1">
+        <source>Documentation</source>
+        <target>문서</target>
+        
+      </trans-unit>
+      <trans-unit id="saa8939ac88a76f98">
+        <source>Last seen</source>
+        <target>마지막 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s1ac2653a6492b435">
+        <source><x id="0" equiv-text="${this.outpostHealth.version}"/>, should be <x id="1" equiv-text="${this.outpostHealth.versionShould}"/></source>
+        <target><x id="0" equiv-text="${this.outpostHealth.version}"/>은, <x id="1" equiv-text="${this.outpostHealth.versionShould}"/> 이어야 합니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s1e176e35c828318c">
+        <source>Hostname</source>
+        <target>호스트명</target>
+        
+      </trans-unit>
+      <trans-unit id="s322e34cfcba47155">
+        <source>Not available</source>
+        <target>사용 불가</target>
+        
+      </trans-unit>
+      <trans-unit id="s02b632a9ac24a824">
+        <source>Last seen: <x id="0" equiv-text="${this.outpostHealth.lastSeen?.toLocaleTimeString()}"/></source>
+        <target>마지막 확인: <x id="0" equiv-text="${this.outpostHealth.lastSeen?.toLocaleTimeString()}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="sa43153d53ae65063">
+        <source>Unknown type</source>
+        <target>알 수 없는 유형</target>
+        
+      </trans-unit>
+      <trans-unit id="s5e169e1bac20b4a6">
+        <source>Outposts</source>
+        <target>Outposts</target>
+        
+      </trans-unit>
+      <trans-unit id="s8802553bc57617ee">
+        <source>Outposts are deployments of authentik components to support different environments and protocols, like reverse proxies.</source>
+        <target>Outposts는 리버스 프록시와 같이 다양한 환경과 프로토콜을 지원하기 위한 인증 구성 요소의 배포입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s84d7d6ebbedcb586">
+        <source>Health and Version</source>
+        <target>상태 및 버전</target>
+        
+      </trans-unit>
+      <trans-unit id="s9bf48a89367282cd">
+        <source>Warning: authentik Domain is not configured, authentication will not work.</source>
+        <target>경고: authentik 도메인이 구성되지 않아, 인증이 불가능할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbf5f4c5ba679e847">
+        <source>Logging in via <x id="0" equiv-text="${item.config.authentik_host}"/>.</source>
+        <target><x id="0" equiv-text="${item.config.authentik_host}"/>를 통해 로그인 함.</target>
+        
+      </trans-unit>
+      <trans-unit id="s59b6028f19d15cda">
+        <source>No integration active</source>
+        <target>활성화된 통합 없음</target>
+        
+      </trans-unit>
+      <trans-unit id="s9bd59e0ea70a3e4a">
+        <source>Update Outpost</source>
+        <target>Outpost 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sc8f286ac783c385d">
+        <source>View Deployment Info</source>
+        <target>배포 정보 보기</target>
+        
+      </trans-unit>
+      <trans-unit id="s9ee92717d7f63247">
+        <source>Detailed health (one instance per column, data is cached so may be out of date)</source>
+        <target>상세 상태 (열당 하나의 인스턴스, 데이터는 캐시되므로 최신 정보가 아닐 수 있음)</target>
+        
+      </trans-unit>
+      <trans-unit id="s1d49ec5030447643">
+        <source>Outpost(s)</source>
+        <target>Outpost(s)</target>
+        
+      </trans-unit>
+      <trans-unit id="s1a2f8f4b3861583b">
+        <source>Create Outpost</source>
+        <target>Outpost 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="sdc1ef94016f0d855">
+        <source>Successfully updated integration.</source>
+        <target>통합을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2a1a40a1b4b0170">
+        <source>Successfully created integration.</source>
+        <target>통합을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="se9b1fec72ffd8f48">
+        <source>Local</source>
+        <target>로컬</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1231049879b8d33">
+        <source>If enabled, use the local connection. Required Docker socket/Kubernetes Integration.</source>
+        <target>활성화된 경우, 로컬 연결을 사용합니다. 도커/쿠버네티스 통합에 필수적입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s13de04774ff0f210">
+        <source>Docker URL</source>
+        <target>도커 URL</target>
+        
+      </trans-unit>
+      <trans-unit id="sa7fcf026bd25f231">
+        <source>Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system.</source>
+        <target>로컬 도커 데몬에 연결할 때는 'unix://', SSH를 통해 연결할 때는 'ssh://', 원격 시스템에 연결할 때는 'https://:2376'의 형식을 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="saf1d289e3137c2ea">
+        <source>CA which the endpoint's Certificate is verified against. Can be left empty for no validation.</source>
+        <target>엔드포인트의 인증서를 검증하는 CA입니다. 검증을 수행하지 않으려면 비워둘 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0f2e070d38cd36df">
+        <source>TLS Authentication Certificate/SSH Keypair</source>
+        <target>TLS 인증 인증서/SSH 키쌍</target>
+        
+      </trans-unit>
+      <trans-unit id="s2f58bb9905d2b76f">
+        <source>Certificate/Key used for authentication. Can be left empty for no authentication.</source>
+        <target>인증에 사용되는 인증서/키입니다. 인증이 필요하지 않은 경우 비워 둘 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8b33660e2ed7212c">
+        <source>When connecting via SSH, this keypair is used for authentication.</source>
+        <target>SSH를 통해 연결할 때 이 키쌍은 인증에 사용됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa668bd79645c3e06">
+        <source>Kubeconfig</source>
+        <target>쿠브설정</target>
+        
+      </trans-unit>
+      <trans-unit id="sa85cfb884c17d85d">
+        <source>Verify Kubernetes API SSL Certificate</source>
+        <target>쿠버네티스 API SSL 인증서 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="se78364ee913ae2bd">
+        <source>New outpost integration</source>
+        <target>새 outpost 통합</target>
+        
+      </trans-unit>
+      <trans-unit id="s68d69ad0271c8ef6">
+        <source>Create a new outpost integration.</source>
+        <target>새 outpost 통합을 생성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sae239213b7c70376">
+        <source>State</source>
+        <target>상태</target>
+        
+      </trans-unit>
+      <trans-unit id="sb96629f50f2e7fab">
+        <source>Unhealthy</source>
+        <target>불량함</target>
+        
+      </trans-unit>
+      <trans-unit id="sa8e255492bb6ae0d">
+        <source>Outpost integration(s)</source>
+        <target>Outpost 통합</target>
+        
+      </trans-unit>
+      <trans-unit id="s9d18948d25c68d66">
+        <source>Successfully generated certificate-key pair.</source>
+        <target>인증서-키 쌍을 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd4ac926e4ebb1cd7">
+        <source>Common Name</source>
+        <target>일반 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="s592425143c4f5834">
+        <source>Subject-alt name</source>
+        <target>주체 대체 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="se9d0f12f95b14095">
+        <source>Optional, comma-separated SubjectAlt Names.</source>
+        <target>추가적으로, 주체 대체 이름을 콤마로 구분할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7609ee54e8a7b05a">
+        <source>Validity days</source>
+        <target>유효 기간</target>
+        
+      </trans-unit>
+      <trans-unit id="s4c24b2baa377e870">
+        <source>Successfully updated certificate-key pair.</source>
+        <target>인증서-키 쌍을 성공적으로 업데이트했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s122f308b5f198ba7">
+        <source>Successfully created certificate-key pair.</source>
+        <target>인증서-키 쌍을 성공적으로 만들었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s08a8716c214a0efb">
+        <source>PEM-encoded Certificate data.</source>
+        <target>PEM 인코딩된 인증서 데이터.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6e612e5a6a359bbb">
+        <source>Optional Private Key. If this is set, you can use this keypair for encryption.</source>
+        <target>선택적 개인 키. 이 옵션을 설정하면 이 키쌍을 암호화에 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s27ac7a47b390e3cb">
+        <source>Certificate-Key Pairs</source>
+        <target>인증서-키 쌍</target>
+        
+      </trans-unit>
+      <trans-unit id="sb72ebab438cb2983">
+        <source>Import certificates of external providers or create certificates to sign requests with.</source>
+        <target>외부 공급자의 인증서를 가져오거나 요청에 서명할 인증서를 만들 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4b5af7736aedd6c1">
+        <source>Private key available?</source>
+        <target>개인 키를 사용할 수 있나요?</target>
+        
+      </trans-unit>
+      <trans-unit id="s1d6e16d86961c782">
+        <source>Certificate-Key Pair(s)</source>
+        <target>인증서 키 쌍</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1ce2f758935ff48">
+        <source>Managed by authentik</source>
+        <target>Authentik에서 관리</target>
+        
+      </trans-unit>
+      <trans-unit id="sf53a78d889b6c775">
+        <source>Managed by authentik (Discovered)</source>
+        <target>Authentik에서 관리(발견함)</target>
+        
+      </trans-unit>
+      <trans-unit id="sef50d248448e0df1">
+        <source>Yes (<x id="0" equiv-text="${item.privateKeyType?.toUpperCase()}"/>)</source>
+        <target>(<x id="0" equiv-text="${item.privateKeyType?.toUpperCase()}"/>) 예</target>
+        
+      </trans-unit>
+      <trans-unit id="s09205907b5b56cda">
+        <source>No</source>
+        <target>아니오</target>
+        
+      </trans-unit>
+      <trans-unit id="s33aa05f435c29753">
+        <source>Update Certificate-Key Pair</source>
+        <target>인증서-키 쌍 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="seffdf887fed7f668">
+        <source>Certificate Fingerprint (SHA1)</source>
+        <target>인증서 지문(SHA1)</target>
+        
+      </trans-unit>
+      <trans-unit id="sdd6b8b56a811080e">
+        <source>Certificate Fingerprint (SHA256)</source>
+        <target>인증서 지문(SHA256)</target>
+        
+      </trans-unit>
+      <trans-unit id="s2a2d3e7c379e9518">
+        <source>Certificate Subject</source>
+        <target>인증서 주제</target>
+        
+      </trans-unit>
+      <trans-unit id="s351246c52548086a">
+        <source>Download Certificate</source>
+        <target>인증서 다운로드</target>
+        
+      </trans-unit>
+      <trans-unit id="s47bd537a3bcebf19">
+        <source>Download Private key</source>
+        <target>개인 키 다운로드</target>
+        
+      </trans-unit>
+      <trans-unit id="s3a5fec3d73ac9edc">
+        <source>Create Certificate-Key Pair</source>
+        <target>인증서-키 쌍 만들기</target>
+        
+      </trans-unit>
+      <trans-unit id="s45cb501abd43ba52">
+        <source>Generate</source>
+        <target>발행</target>
+        
+      </trans-unit>
+      <trans-unit id="sf9bddaf910f4eea5">
+        <source>Generate Certificate-Key Pair</source>
+        <target>인증서-키 쌍 발행</target>
+        
+      </trans-unit>
+      <trans-unit id="see2bcbc11bb91960">
+        <source>Successfully updated instance.</source>
+        <target>인스턴스 업데이트에 성공했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9e51d6de369f320b">
+        <source>Successfully created instance.</source>
+        <target>인스턴스를 성공적으로 생성했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s92e91071c6a45eb4">
+        <source>Disabled blueprints are never applied.</source>
+        <target>비활성화된 블루프린트는 적용되지 않습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf63c89c0604c288f">
+        <source>Local path</source>
+        <target>로컬 경로</target>
+        
+      </trans-unit>
+      <trans-unit id="sd6422f7004036cdd">
+        <source>OCI Registry</source>
+        <target>OCI 레지스트리</target>
+        
+      </trans-unit>
+      <trans-unit id="se2d65e13768468e0">
+        <source>Internal</source>
+        <target>내부</target>
+        
+      </trans-unit>
+      <trans-unit id="scbb7d3154da629f3">
+        <source>OCI URL, in the format of oci://registry.domain.tld/path/to/manifest.</source>
+        <target>OCI URL은, oci://registry.domain.tld/path/to/manifest 형식입니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s0195c0df7294228a">
+        <source>See more about OCI support here:</source>
+        <target>OCI 지원에 대한 자세한 내용은 여기를 참조하세요:</target>
+        
+      </trans-unit>
+      <trans-unit id="sfae395b94a5a0040">
+        <source>Blueprint</source>
+        <target>블루프린트트</target>
+        
+      </trans-unit>
+      <trans-unit id="s7e1342d37124b65b">
+        <source>Configure the blueprint context, used for templating.</source>
+        <target>템플릿에 사용되는 Blueprint 컨텍스트를 구성합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6ec8c9d11310300a">
+        <source>Orphaned</source>
+        <target>독립적</target>
+        
+      </trans-unit>
+      <trans-unit id="saab79cd956ee56a9">
+        <source>Blueprints</source>
+        <target>블루프린트</target>
+        
+      </trans-unit>
+      <trans-unit id="s6835db03209b4f94">
+        <source>Automate and template configuration within authentik.</source>
+        <target>Authentik 내에서 구성을 자동화하고 템플릿을 작성하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s23de62f931f7d754">
+        <source>Last applied</source>
+        <target>마지막 적용</target>
+        
+      </trans-unit>
+      <trans-unit id="s2708cac1f4942708">
+        <source>Blueprint(s)</source>
+        <target>블루프린트</target>
+        
+      </trans-unit>
+      <trans-unit id="s880b8b70b22f9977">
+        <source>Update Blueprint</source>
+        <target>블루프린트 업데이트</target>
+        
+      </trans-unit>
+      <trans-unit id="sef3d102324bf8561">
+        <source>Create Blueprint Instance</source>
+        <target>블루프린트 인스턴스 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s32a3efa23718e713">
+        <source>API Requests</source>
+        <target>API 요청</target>
+        
+      </trans-unit>
+      <trans-unit id="sddb3b0176f437721">
+        <source>Open API Browser</source>
+        <target>API 브라우저 열기</target>
+        
+      </trans-unit>
+      <trans-unit id="s5be3c6d61cd9182f">
+        <source>Notifications</source>
+        <target>알림</target>
+        
+      </trans-unit>
+      <trans-unit id="sa3438c7bb4e9cce8">
+        <source><x id="0" equiv-text="${this.unread}"/> unread</source>
+        <target><x id="0" equiv-text="${this.unread}"/> 읽지 않음</target>
+        
+      </trans-unit>
+      <trans-unit id="s6e6e737601f44b2c">
+        <source>Successfully cleared notifications</source>
+        <target>알림을 성공적으로 지웠습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8cda828dac449ea5">
+        <source>Clear all</source>
+        <target>모두 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s4207178ba0b99418">
+        <source>A newer version of the frontend is available.</source>
+        <target>새로운 버전의 프론트엔드를 사용할 수 있습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s96b3cddf33e1c853">
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
+        <target>현재 <x id="0" equiv-text="${this.impersonation}"/>로 가장(impersonating)하고 있습니다. 클릭해서 정지.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7031e6928c44cedd">
+        <source>User interface</source>
+        <target>사용자 인터페이스</target>
+        
+      </trans-unit>
+      <trans-unit id="s8849ece8c65e3a18">
+        <source>Dashboards</source>
+        <target>대시보드</target>
+        
+      </trans-unit>
+      <trans-unit id="sc265a3e29e1206e4">
+        <source>Events</source>
+        <target>이력</target>
+        
+      </trans-unit>
+      <trans-unit id="s4f1ad6b48a5df506">
+        <source>Logs</source>
+        <target>로그</target>
+        
+      </trans-unit>
+      <trans-unit id="s1823625e6f831d73">
+        <source>Customisation</source>
+        <target>사용자 정의</target>
+        
+      </trans-unit>
+      <trans-unit id="sc0829ee663ced008">
+        <source>Directory</source>
+        <target>디렉토리</target>
+        
+      </trans-unit>
+      <trans-unit id="sa81e2cdaf6921adc">
+        <source>System</source>
+        <target>시스템</target>
+        
+      </trans-unit>
+      <trans-unit id="s5515a897ae98bed9">
+        <source>Certificates</source>
+        <target>인증서</target>
+        
+      </trans-unit>
+      <trans-unit id="s6b79e73ca77148a0">
+        <source>Outpost Integrations</source>
+        <target>Outpost 통합</target>
+        
+      </trans-unit>
+      <trans-unit id="sab85321d3b0840b7">
+        <source>API request failed</source>
+        <target>API 요청 실패</target>
+        
+      </trans-unit>
+      <trans-unit id="sa3599457b9418bc5">
+        <source>User's avatar</source>
+        <target>사용자 아바타</target>
+        
+      </trans-unit>
+      <trans-unit id="s9bd9ba84819493d4">
+        <source>Something went wrong! Please try again later.</source>
+        <target>문제가 발생했습니다! 나중에 다시 시도해 주세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s4090dd0c0e45988b">
+        <source>Request ID</source>
+        <target>요청 ID</target>
+        
+      </trans-unit>
+      <trans-unit id="s4d7fe7be1c49896c">
+        <source>You may close this page now.</source>
+        <target>이제 이 페이지를 닫아도 됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf8c76d5fb408de7b">
+        <source>You're about to be redirect to the following URL.</source>
+        <target>다음 URL로 리디렉션됩니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s197420b40df164f8">
+        <source>Follow redirect</source>
+        <target>리디렉션 따라가기</target>
+        
+      </trans-unit>
+      <trans-unit id="sa11e92683c5860c7">
+        <source>Request has been denied.</source>
+        <target>요청이 거부되었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8939f574b096054a">
+        <source>Not you?</source>
+        <target>본인이 아닌가요?</target>
+        
+      </trans-unit>
+      <trans-unit id="sc4eedb434536bdb4">
+        <source>Need an account?</source>
+        <target>계정이 필요하신가요?</target>
+        
+      </trans-unit>
+      <trans-unit id="s38f774cd7e9b9dad">
+        <source>Sign up.</source>
+        <target>가입.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa03aa46068460c95">
+        <source>Forgot username or password?</source>
+        <target>사용자명이나 비밀번호를 잊으셨나요?</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a87445f3108db7c">
+        <source>Select one of the sources below to login.</source>
+        <target>아래 중 하나를 선택하여 로그인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s091d5407b5b32e84">
+        <source>Or</source>
+        <target>혹은</target>
+        
+      </trans-unit>
+      <trans-unit id="se5fd752dbbc3cd28">
+        <source>Use a security key</source>
+        <target>보안 키 사용</target>
+        
+      </trans-unit>
+      <trans-unit id="s670ad066cc0e50a3">
+        <source>Login to continue to <x id="0" equiv-text="${this.challenge.applicationPre}"/>.</source>
+        <target><x id="0" equiv-text="${this.challenge.applicationPre}"/>로 계속해서 로그인하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="scf5ce91bfba10a61">
+        <source>Please enter your password</source>
+        <target>비밀번호를 입력하세요</target>
+        
+      </trans-unit>
+      <trans-unit id="s85366fac18679f28">
+        <source>Forgot password?</source>
+        <target>비밀번호를 잊으셨나요?</target>
+        
+      </trans-unit>
+      <trans-unit id="s14c552fb0a4c0186">
+        <source>Application requires following permissions:</source>
+        <target>애플리케이션에는 다음 권한이 필요합니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="s7073489bb01b3c24">
+        <source>Application already has access to the following permissions:</source>
+        <target>애플리케이션에 이미 다음 권한에 대한 액세스 권한이 있습니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="s98dc556f8bf707dc">
+        <source>Application requires following new permissions:</source>
+        <target>애플리케이션에는 다음과 같은 새로운 권한이 필요합니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="sbd19064fc3f405c1">
+        <source>Check your Inbox for a verification email.</source>
+        <target>받은 편지함에서 인증 이메일을 확인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s8aff572e64b7936b">
+        <source>Send Email again.</source>
+        <target>이메일을 다시 보냅니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sdc323c6af4ae9f01">
+        <source>Successfully copied TOTP Config.</source>
+        <target>TOTP 구성을 성공적으로 복사했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3687049d1af562c4">
+        <source>Copy</source>
+        <target>복사</target>
+        
+      </trans-unit>
+      <trans-unit id="s3643189d1abbb7f4">
+        <source>Code</source>
+        <target>코드</target>
+        
+      </trans-unit>
+      <trans-unit id="sfe1c86b42ba13376">
+        <source>Please enter your TOTP Code</source>
+        <target>TOTP 코드를 입력하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc2ec367e3108fe65">
+        <source>Duo activation QR code</source>
+        <target>Duo 활성화 QR 코드</target>
+        
+      </trans-unit>
+      <trans-unit id="sc5668cb23167e9bb">
+        <source>Alternatively, if your current device has Duo installed, click on this link:</source>
+        <target>대안으로, 현재 디바이스에 Duo가 설치되어 있는 경우 이 링크를 클릭합니다:</target>
+        
+      </trans-unit>
+      <trans-unit id="s721d94ae700b5dfd">
+        <source>Duo activation</source>
+        <target>Duo 활성화</target>
+        
+      </trans-unit>
+      <trans-unit id="s708d9a4a0db0be8f">
+        <source>Check status</source>
+        <target>상태 확인</target>
+        
+      </trans-unit>
+      <trans-unit id="s31fba571065f2c87">
+        <source>Make sure to keep these tokens in a safe place.</source>
+        <target>이 토큰은 반드시 안전한 곳에 보관하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="sc0a0c87d5c556c38">
+        <source>Phone number</source>
+        <target>전화 번호</target>
+        
+      </trans-unit>
+      <trans-unit id="s04c1210202f48dc9">
+        <source>Please enter your Phone number.</source>
+        <target>전화번호를 입력하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="seb0c08d9f233bbfe">
+        <source>Please enter the code you received via SMS</source>
+        <target>SMS로 받은 코드를 입력하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s2b7dbba348234a36">
+        <source>A code has been sent to you via SMS.</source>
+        <target>SMS로 코드가 전송되었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sa84adff85b5e505c">
+        <source>Open your two-factor authenticator app to view your authentication code.</source>
+        <target>2단계 인증 앱을 열어 인증 코드를 확인합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7abc9d08b0f70fd6">
+        <source>Static token</source>
+        <target>정적 토큰</target>
+        
+      </trans-unit>
+      <trans-unit id="s844fea0bfb10a72a">
+        <source>Authentication code</source>
+        <target>인증 코드</target>
+        
+      </trans-unit>
+      <trans-unit id="s3cd84e82e83e35ad">
+        <source>Please enter your code</source>
+        <target>코드를 입력하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s18b910437b73e8e8">
+        <source>Return to device picker</source>
+        <target>디바이스 선택기로 돌아가기</target>
+        
+      </trans-unit>
+      <trans-unit id="sbcf8604929b6a27a">
+        <source>Sending Duo push notification</source>
+        <target>Duo 푸시 알림 보내기</target>
+        
+      </trans-unit>
+      <trans-unit id="s3b68883dda2682ed">
+        <source>Assertions is empty</source>
+        <target>어설션이 비어 있음</target>
+        
+      </trans-unit>
+      <trans-unit id="sbbb7318812d64e51">
+        <source>Error when creating credential: <x id="0" equiv-text="${err}"/></source>
+        <target>자격 증명 생성 시 오류 발생: <x id="0" equiv-text="${err}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="sfe199b2564b66054">
+        <source>Error when validating assertion on server: <x id="0" equiv-text="${err}"/></source>
+        <target>서버에서 어설션 유효성 검사 시 오류 발생: <x id="0" equiv-text="${err}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="se409d01b52c4e12f">
+        <source>Retry authentication</source>
+        <target>인증 다시 시도</target>
+        
+      </trans-unit>
+      <trans-unit id="s8d857061510fe794">
+        <source>Duo push-notifications</source>
+        <target>Duo push-알림</target>
+        
+      </trans-unit>
+      <trans-unit id="s47490298c17b753a">
+        <source>Receive a push notification on your device.</source>
+        <target>디바이스에서 푸시 알림을 받습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s16bc281dce5685e8">
+        <source>Authenticator</source>
+        <target>인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sdefec5401bf67eba">
+        <source>Use a security key to prove your identity.</source>
+        <target>보안 키를 사용하여 신원을 증명하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="sd6a025d66f2637d1">
+        <source>Traditional authenticator</source>
+        <target>전통적 인증기</target>
+        
+      </trans-unit>
+      <trans-unit id="sb25e689e00c61829">
+        <source>Use a code-based authenticator.</source>
+        <target>코드 기반 인증기를 사용합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s9e568afec3810bfe">
+        <source>Recovery keys</source>
+        <target>복구 키</target>
+        
+      </trans-unit>
+      <trans-unit id="sb17e8c70f9a05c77">
+        <source>In case you can't access any other method.</source>
+        <target>다른 방법으로 액세스할 수 없는 경우.</target>
+        
+      </trans-unit>
+      <trans-unit id="s97f2dc19fa556a6a">
+        <source>SMS</source>
+        <target>SMS</target>
+        
+      </trans-unit>
+      <trans-unit id="s0e516232f2ab4e04">
+        <source>Tokens sent via SMS.</source>
+        <target>SMS를 통해 토큰을 전송했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s6ae0d087036e6d6d">
+        <source>Select an authentication method.</source>
+        <target>인증 방법을 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sac17f177f884e238">
+        <source>Stay signed in?</source>
+        <target>로그인을 유지하시겠습니까?</target>
+        
+      </trans-unit>
+      <trans-unit id="s859b2e00391da380">
+        <source>Select Yes to reduce the number of times you're asked to sign in.</source>
+        <target>로그인 요청 횟수를 줄이려면 예를 선택합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s420d2cdedcaf8cd0">
+        <source>Authenticating with Plex...</source>
+        <target>Plex로 인증...</target>
+        
+      </trans-unit>
+      <trans-unit id="s2ddbebcb8a49b005">
+        <source>Waiting for authentication...</source>
+        <target>인증을 기다리는 중...</target>
+        
+      </trans-unit>
+      <trans-unit id="sb15fe7b9d09bb419">
+        <source>If no Plex popup opens, click the button below.</source>
+        <target>Plex 팝업이 열리지 않으면 아래 버튼을 클릭하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="sbc625b4c669b9ce8">
+        <source>Open login</source>
+        <target>로그인 열기</target>
+        
+      </trans-unit>
+      <trans-unit id="sd766cdc29b25ff95">
+        <source>Authenticating with Apple...</source>
+        <target>Apple로 인증...</target>
+        
+      </trans-unit>
+      <trans-unit id="s2c8189544e3ea679">
+        <source>Retry</source>
+        <target>재시도</target>
+        
+      </trans-unit>
+      <trans-unit id="sc1589121ae2f5f92">
+        <source>Enter the code shown on your device.</source>
+        <target>디바이스에 표시된 코드를 입력합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s67664f8ee9aea98d">
+        <source>Please enter your Code</source>
+        <target>코드를 입력하세요.</target>
+        
+      </trans-unit>
+      <trans-unit id="s455a8fc21077e7f9">
+        <source>You've successfully authenticated your device.</source>
+        <target>디바이스 인증에 성공했습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3ab772345f78aee0">
+        <source>Flow inspector</source>
+        <target>플로우 검사기</target>
+        
+      </trans-unit>
+      <trans-unit id="s502884e1977b2c06">
+        <source>Next stage</source>
+        <target>다음 스테이지</target>
+        
+      </trans-unit>
+      <trans-unit id="sb3fa80ccfa97ee54">
+        <source>Stage name</source>
+        <target>스테이지 이름</target>
+        
+      </trans-unit>
+      <trans-unit id="sbea3c1e4f2fd623d">
+        <source>Stage kind</source>
+        <target>스테이지 종류</target>
+        
+      </trans-unit>
+      <trans-unit id="s2bc8aa1740d3da34">
+        <source>Stage object</source>
+        <target>스테이지 오브젝트</target>
+        
+      </trans-unit>
+      <trans-unit id="sc3e1c4f1fff8e1ca">
+        <source>This flow is completed.</source>
+        <target>이 플로우는 완료되었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s342eccabf83c9bde">
+        <source>Plan history</source>
+        <target>플랜 내역</target>
+        
+      </trans-unit>
+      <trans-unit id="sb2f307e79d20bb56">
+        <source>Current plan context</source>
+        <target>현재 플랜 컨텍스트</target>
+        
+      </trans-unit>
+      <trans-unit id="sa13e6c8310000e30">
+        <source>Session ID</source>
+        <target>세션 ID</target>
+        
+      </trans-unit>
+      <trans-unit id="s6fe64b4625517333">
+        <source>Powered by authentik</source>
+        <target>Powered by authentik</target>
+        
+      </trans-unit>
+      <trans-unit id="sdf34a5599d66f85c">
+        <source>Background image</source>
+        <target>배경 이미지</target>
+        
+      </trans-unit>
+      <trans-unit id="s7fa4e5e409d43573">
+        <source>Error creating credential: <x id="0" equiv-text="${err}"/></source>
+        <target>자격 증명 생성 오류: <x id="0" equiv-text="${err}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s9d95f09deb601f34">
+        <source>Server validation of credential failed: <x id="0" equiv-text="${err}"/></source>
+        <target>자격 증명의 서버 유효성 검사 실패: <x id="0" equiv-text="${err}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="s6c8f05e3be04f62a">
+        <source>Register device</source>
+        <target>디바이스 등록</target>
+        
+      </trans-unit>
+      <trans-unit id="s3fb39fc45e840f78">
+        <source>Refer to documentation</source>
+        <target>문서 참조</target>
+      </trans-unit>
+      <trans-unit id="sc741dfb09d3395f0">
+        <source>No Applications available.</source>
+        <target>사용 가능한 애플리케이션이 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sf34026321b35315c">
+        <source>Either no applications are defined, or you don’t have access to any.</source>
+        <target>정의된 애플리케이션이 없거나 애플리케이션에 대한 액세스 권한이 없는 경우입니다.</target>
+      </trans-unit>
+      <trans-unit id="s1cf2298d92c327a6">
+        <source>My Applications</source>
+        <target>내 애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="s2656433a3b1f7e86">
+        <source>My applications</source>
+        <target>내 애플리케이션</target>
+        
+      </trans-unit>
+      <trans-unit id="s06c92148da82be0d">
+        <source>Change your password</source>
+        <target>비밀번호 변경</target>
+        
+      </trans-unit>
+      <trans-unit id="sff50532a2d85e32e">
+        <source>Change password</source>
+        <target>비밀번호 변경</target>
+        
+      </trans-unit>
+      <trans-unit id="saf63d34c8601dd41">
+        <source><x id="0" equiv-text="${prompt.label}"/></source>
+        <target>
+          <x id="0" equiv-text="${prompt.label}"/>
+        </target>
+        
+      </trans-unit>
+      <trans-unit id="s33f85f24c0f5f008">
+        <source>Save</source>
+        <target>저장</target>
+        
+      </trans-unit>
+      <trans-unit id="s045c3b86aae073c1">
+        <source>Delete account</source>
+        <target>계정 삭제</target>
+        
+      </trans-unit>
+      <trans-unit id="s4a6aa26413287069">
+        <source>Successfully updated details</source>
+        <target>세부 정보를 성공적으로 업데이트했습니다</target>
+        
+      </trans-unit>
+      <trans-unit id="s6fcd9b5a87ceccd6">
+        <source>Open settings</source>
+        <target>설정 열기</target>
+        
+      </trans-unit>
+      <trans-unit id="s8c05cccd470f6b5f">
+        <source>No settings flow configured.</source>
+        <target>설정 플로우가 구성되지 않았습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="sb546eb04425e07fa">
+        <source>Update details</source>
+        <target>업데이트 세부 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="s30205d424e710818">
+        <source>Successfully disconnected source</source>
+        <target>소스 연결을 성공적으로 끊었습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s67dedada007d4067">
+        <source>Failed to disconnected source: <x id="0" equiv-text="${exc}"/></source>
+        <target>소스 연결 끊기 실패: <x id="0" equiv-text="${exc}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="sd2208cd1a767644b">
+        <source>Disconnect</source>
+        <target>연결 해제</target>
+        
+      </trans-unit>
+      <trans-unit id="s7a4f059aaa029719">
+        <source>Connect</source>
+        <target>연결</target>
+        
+      </trans-unit>
+      <trans-unit id="sababff57115130a0">
+        <source>Error: unsupported source settings: <x id="0" equiv-text="${source.component}"/></source>
+        <target>오류: 지원되지 않는 소스 설정입니다: <x id="0" equiv-text="${source.component}"/></target>
+        
+      </trans-unit>
+      <trans-unit id="sd1031bddc66dc495">
+        <source>Connect your user account to the services listed below, to allow you to login using the service instead of traditional credentials.</source>
+        <target>사용자 계정을 아래 나열된 서비스에 연결하여 기존 자격증명 대신 서비스를 사용하여 로그인할 수 있도록 합니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s7968dbed9b106c29">
+        <source>No services available.</source>
+        <target>사용 가능한 서비스가 없습니다.</target>
+        
+      </trans-unit>
+      <trans-unit id="s3a135682bd30bdbb">
+        <source>Create App password</source>
+        <target>앱 비밀번호 생성</target>
+        
+      </trans-unit>
+      <trans-unit id="s588796ee929a2e4c">
+        <source>User details</source>
+        <target>사용자 세부 정보</target>
+        
+      </trans-unit>
+      <trans-unit id="s332a5235948c1a1d">
+        <source>Consent</source>
+        <target>동의</target>
+        
+      </trans-unit>
+      <trans-unit id="sff945d3f59b93c5e">
+        <source>MFA Devices</source>
+        <target>MFA 디바이스</target>
+        
+      </trans-unit>
+      <trans-unit id="sc54aafeea9c9bab0">
+        <source>Connected services</source>
+        <target>연결된 서비스</target>
+        
+      </trans-unit>
+      <trans-unit id="sc6b4ebd37b7a91c7">
+        <source>Tokens and App passwords</source>
+        <target>토큰 및 앱 비밀번호</target>
+        
+      </trans-unit>
+      <trans-unit id="sba65ae54d6585c1a">
+        <source>Unread notifications</source>
+        <target>읽지 않은 통지</target>
+        
+      </trans-unit>
+      <trans-unit id="s5599c62bb78c631f">
+        <source>Admin interface</source>
+        <target>관리자 인터페이스</target>
+        
+      </trans-unit>
+      <trans-unit id="s1298e361e40ee1c5">
+        <source>Stop impersonation</source>
+        <target>가장(impersonation) 중지</target>
+        
+      </trans-unit>
+      <trans-unit id="s6abff64e7ff7fde9">
+        <source>Avatar image</source>
+        <target>아바타 이미지</target>
+        
+      </trans-unit>
+      <trans-unit id="sbf9c5c5a8e5efad4">
+        <source>Failed</source>
+        <target>실패</target>
+        
+      </trans-unit>
+      <trans-unit id="se4cd073c125382af">
+        <source>Unsynced / N/A</source>
+        <target>비동기화 / N/A</target>
+        
+      </trans-unit>
+      <trans-unit id="s21b3058faf874368">
+        <source>Outdated outposts</source>
+        <target>구식 outpost</target>
+        
+      </trans-unit>
+      <trans-unit id="s51f92b6fa76656ca">
+        <source>Unhealthy outposts</source>
+        <target>불량한 outposts</target>
+        
+      </trans-unit>
+      <trans-unit id="s0fbf6dc6a1966408">
+        <source>Next</source>
+        <target>다음</target>
+        
+      </trans-unit>
+      <trans-unit id="s4409ada9c5c2a7f8">
+        <source>Inactive</source>
+        <target>비활성</target>
+        
+      </trans-unit>
+      <trans-unit id="s7ec7036b249f4f22">
+        <source>Regular user</source>
+        <target>일반 사용자</target>
+        
+      </trans-unit>
+      <trans-unit id="s27976e94b05c6970">
+        <source>Activate</source>
+        <target>활성화</target>
+        
+      </trans-unit>
+<trans-unit id="s1024166475850a65">
+  <source>Use Server URI for SNI verification</source>
+  <target>SNI 확인에 서버 URI 사용</target>
+</trans-unit>
+<trans-unit id="se65beb94fffc3c4b">
+  <source>Required for servers using TLS 1.3+</source>
+  <target>TLS 1.3 이상을 사용하는 서버에 필요</target>
+</trans-unit>
+<trans-unit id="s5506b35a1bceb141">
+  <source>Client certificate keypair to authenticate against the LDAP Server's Certificate.</source>
+  <target>클라이언트 인증서 키쌍으로 LDAP 서버의 인증서에 대해 인증합니다.</target>
+</trans-unit>
+<trans-unit id="s4647b2c92638d6fd">
+  <source>The certificate for the above configured Base DN. As a fallback, the provider uses a self-signed certificate.</source>
+  <target>위에 구성된 기본 DN에 대한 인증서입니다. 공급자는 대체 수단으로 자체 서명된 인증서를 사용합니다.</target>
+</trans-unit>
+<trans-unit id="scd247ffad6e04ac0">
+  <source>TLS Server name</source>
+  <target>TLS 서버 이름</target>
+</trans-unit>
+<trans-unit id="s2acef4f6ba39bf11">
+  <source>DNS name for which the above configured certificate should be used. The certificate cannot be detected based on the base DN, as the SSL/TLS negotiation happens before such data is exchanged.</source>
+  <target>위에 구성된 인증서를 사용해야 하는 DNS 이름입니다. SSL/TLS 협상이 발생하기 전에 이러한 데이터가 교환되기 때문에 기본 Distinguished Name(DN)을 기준으로 인증서를 감지할 수 없습니다.</target>
+</trans-unit>
+<trans-unit id="s000ee3e634868b3c">
+  <source>TLS Client authentication certificate</source>
+  <target>TLS 클라이언트 인증 인증서</target>
+</trans-unit>
+<trans-unit id="s5da52af9b083c29a">
+  <source>Model</source>
+  <target>모델</target>
+</trans-unit>
+<trans-unit id="s3ba9b8aeb686d9f7">
+  <source>Match events created by selected model. When left empty, all models are matched.</source>
+  <target>선택한 모델에 의해 생성된 이벤트와 일치시킵니다. 비워두면 모든 모델이 일치합니다.</target>
+</trans-unit>
+<trans-unit id="s254d527e3a53dbb7">
+  <source>Code-based MFA Support</source>
+  <target>코드 기반 다중 인증 (MFA) 지원</target>
+</trans-unit>
+<trans-unit id="s1889ba2eaeec2f1e">
+  <source>When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.</source>
+  <target>이 옵션을 활성화하면, 비밀번호에 세미콜론과 TOTP 코드를 추가하여 코드 기반 멀티팩터 인증을 사용할 수 있습니다. 비밀번호에 세미콜론이 포함되어 있으면 비밀번호가 거부될 수 있으므로, 이 공급자에 바인딩할 모든 사용자가 TOTP 디바이스를 구성한 경우에만 이 기능을 사용하도록 설정해야 합니다.</target>
+</trans-unit>
+<trans-unit id="s9f9492d30a96b9c6">
+  <source>User type</source>
+  <target>사용자 유형</target>
+</trans-unit>
+<trans-unit id="s0e427111d750cc02">
+  <source>Successfully updated license.</source>
+  <target>라이선스 업데이트에 성공했습니다.</target>
+</trans-unit>
+<trans-unit id="s06ae64e621f302eb">
+  <source>Successfully created license.</source>
+  <target>라이선스를 성공적으로 생성했습니다.</target>
+</trans-unit>
+<trans-unit id="s2905c425adae99bd">
+  <source>Install ID</source>
+  <target>설치 ID</target>
+</trans-unit>
+<trans-unit id="sb18ec434a8a3aafb">
+  <source>License key</source>
+  <target>라이선스 키</target>
+</trans-unit>
+<trans-unit id="s2e109263b73c12d5">
+  <source>Licenses</source>
+  <target>라이선스</target>
+</trans-unit>
+<trans-unit id="sd49099e9522635f4">
+  <source>License(s)</source>
+  <target>라이선스</target>
+</trans-unit>
+<trans-unit id="s3be1d90ffa46b7f1">
+  <source>Enterprise is in preview.</source>
+  <target>Enterprise는 현재 미리보기 입니다.</target>
+</trans-unit>
+<trans-unit id="sd22bd01bdf28c548">
+  <source>Cumulative license expiry</source>
+  <target>누적 라이선스 만료 기간</target>
+</trans-unit>
+<trans-unit id="sdeb6cee42435dd07">
+  <source>Update License</source>
+  <target>라이선스 업데이트</target>
+</trans-unit>
+<trans-unit id="s7df5b92a3f93544f">
+  <source>Warning: The current user count has exceeded the configured licenses.</source>
+  <target>경고: 현재 사용자 수가 구성된 라이선스를 초과했습니다.</target>
+</trans-unit>
+<trans-unit id="s0141f42936495787">
+  <source>Click here for more info.</source>
+  <target>자세한 내용을 보려면 여기를 클릭하세요.</target>
+</trans-unit>
+<trans-unit id="s7be2df39f727faa2">
+  <source>Enterprise</source>
+  <target>Enterprise</target>
+</trans-unit>
+<trans-unit id="s9ce7cc01fb9b5b53">
+  <source>Manage enterprise licenses</source>
+  <target>Enterprise 라이선스 관리</target>
+</trans-unit>
+<trans-unit id="sf9ebf11ac2645820">
+  <source>No licenses found.</source>
+  <target>라이선스를 찾을 수 없습니다.</target>
+</trans-unit>
+<trans-unit id="sa1db89262360550b">
+  <source>Send us feedback!</source>
+  <target>feedback 부탁드립니다!</target>
+</trans-unit>
+<trans-unit id="s4015746f55a8d89f">
+  <source>Get a license</source>
+  <target>라이선스 얻기</target>
+</trans-unit>
+<trans-unit id="sb2cbd06f8e25b47e">
+  <source>Go to Customer Portal</source>
+  <target>고객 포털로 가기</target>
+</trans-unit>
+<trans-unit id="sf58825457d61c429">
+  <source>Forecast internal users</source>
+  <target>내부 사용자 예측</target>
+</trans-unit>
+<trans-unit id="sde9a3f41977ec1f8">
+  <source>Estimated user count one year from now based on <x id="0" equiv-text="${this.forecast?.internalUsers}"/> current internal users and <x id="1" equiv-text="${this.forecast?.forecastedInternalUsers}"/> forecasted internal users.</source>
+  <target><x id="0" equiv-text="${this.forecast?.internalUsers}"/> 명의 내부 사용자를 기준으로 예상하는 일 년후 예상 사용자수는 <x id="1" equiv-text="${this.forecast?.forecastedInternalUsers}"/> 입니다.</target>
+</trans-unit>
+<trans-unit id="s4557b6b9da258643">
+  <source>Forecast external users</source>
+  <target>외부 사용자 예측</target>
+</trans-unit>
+<trans-unit id="sf52479d6daa0a4a8">
+  <source>Estimated user count one year from now based on <x id="0" equiv-text="${this.forecast?.externalUsers}"/> current external users and <x id="1" equiv-text="${this.forecast?.forecastedExternalUsers}"/> forecasted external users.</source>
+  <target><x id="0" equiv-text="${this.forecast?.externalUsers}"/> 명의 외부 사용자를 기준으로 예상하는 일 년후 예상 사용자수는 <x id="1" equiv-text="${this.forecast?.forecastedExternalUsers}"/> 입니다.</target>
+</trans-unit>
+<trans-unit id="s6196153c4b0c1ea0">
+  <source>Install</source>
+  <target>설치</target>
+</trans-unit>
+<trans-unit id="s0285b4bd69130fa3">
+  <source>Install License</source>
+  <target>라이선스 설치</target>
+</trans-unit>
+<trans-unit id="scef2eb6a2bfe3110">
+  <source>Internal users might be users such as company employees, which will get access to the full Enterprise feature set.</source>
+  <target>내부 사용자는 회사 직원과 같은 사용자로, 전체 엔터프라이즈 기능 세트에 액세스할 수 있습니다.</target>
+</trans-unit>
+<trans-unit id="sf66389b04fcc219c">
+  <source>External users might be external consultants or B2C customers. These users don't get access to enterprise features.</source>
+  <target>외부 사용자는 외부 컨설턴트나 B2C 고객일 수 있습니다. 이러한 사용자는 엔터프라이즈 기능에 액세스할 수 없습니다.</target>
+</trans-unit>
+<trans-unit id="s77e8668a27dbc402">
+  <source>Service accounts should be used for machine-to-machine authentication or other automations.</source>
+  <target>서비스 계정은 M2M(기계 간 인증) 또는 기타 자동화에 사용되어야 합니다.</target>
+</trans-unit>
+<trans-unit id="s28cbd874ba450b4e">
+  <source>Less details</source>
+  <target>적게 보기</target>
+</trans-unit>
+<trans-unit id="s8fa26f65aed77c96">
+  <source>More details</source>
+  <target>자세히 보기</target>
+</trans-unit>
+<trans-unit id="s08df8d0a773a3ea0">
+  <source>Remove item</source>
+  <target>항목 제거</target>
+</trans-unit>
+<trans-unit id="s364c4f177a2f8322">
+  <source>Open API drawer</source>
+  <target>API 서랍 열기</target>
+</trans-unit>
+<trans-unit id="s9ba989e69344ff29">
+  <source>Open Notification drawer</source>
+  <target>통지 서랍 열기</target>
+</trans-unit>
+<trans-unit id="s14bf17e2a1a2c381">
+  <source>Restart task</source>
+  <target>작업 다시 시작</target>
+</trans-unit>
+<trans-unit id="s19409e8712ddd369">
+  <source>Add provider</source>
+  <target>공급자 추가</target>
+</trans-unit>
+<trans-unit id="s1f7698c061c208c9">
+  <source>Open</source>
+  <target>열기</target>
+</trans-unit>
+<trans-unit id="scc3487e74c5a3e89">
+  <source>Copy token</source>
+  <target>토큰 복사</target>
+</trans-unit>
+<trans-unit id="s424f57afae0caac4">
+  <source>Add users</source>
+  <target>사용자 추가</target>
+</trans-unit>
+<trans-unit id="sd9f67fbf3f86efcf">
+  <source>Add group</source>
+  <target>그룹 추가</target>
+</trans-unit>
+<trans-unit id="s254a9a23dc1635df">
+  <source>Import devices</source>
+  <target>디바이스 가져오기</target>
+</trans-unit>
+<trans-unit id="sc4fdeccf14be5378">
+  <source>Execute</source>
+  <target>실행</target>
+</trans-unit>
+<trans-unit id="s3b3c333481944862">
+  <source>Show details</source>
+  <target>세부 정보 표시</target>
+</trans-unit>
+<trans-unit id="sb8f855b49234b81b">
+  <source>Apply</source>
+  <target>적용</target>
+</trans-unit>
+<trans-unit id="s9d8b8aa2b404c2c8">
+  <source>Settings</source>
+  <target>설정</target>
+</trans-unit>
+<trans-unit id="s7cfe12cd14df9950">
+  <source>Sign out</source>
+  <target>로그아웃</target>
+</trans-unit>
+<trans-unit id="s7caa8f7edb920909">
+  <source>The number of tokens generated whenever this stage is used. Every token generated per stage execution will be attached to a single static device.</source>
+  <target>이 스테이지가 사용될 때마다 생성되는 토큰의 수입니다. 스테이지가 실행될 때마다 생성되는 모든 토큰은 하나의 정적 디바이스에 연결됩니다.</target>
+</trans-unit>
+<trans-unit id="s4aacc4e0277c1042">
+  <source>Token length</source>
+  <target>토큰 길이</target>
+</trans-unit>
+<trans-unit id="s6931695c4f563bc4">
+  <source>The length of the individual generated tokens. Can be increased to improve security.</source>
+  <target>개별적으로 생성된 토큰의 길이입니다. 보안을 강화하기 위해 늘릴 수 있습니다.</target>
+</trans-unit>
+<trans-unit id="s0dd031b58ed4017c">
+  <source>Internal: <x id="0" equiv-text="${item.internalUsers}"/></source>
+  <target>내부: <x id="0" equiv-text="${item.internalUsers}"/></target>
+</trans-unit>
+<trans-unit id="s57b07e524f8f5c2a">
+  <source>External: <x id="0" equiv-text="${item.externalUsers}"/></source>
+  <target>외부: <x id="0" equiv-text="${item.externalUsers}"/></target>
+</trans-unit>
+<trans-unit id="s7f68101a50f526ee">
+  <source>Statically deny the flow. To use this stage effectively, disable *Evaluate when flow is planned* on the respective binding.</source>
+  <target>플로우를 정적으로 거부합니다. 이 스테이지를 효과적으로 사용하려면 각 바인딩에서 *플로우가 계획될 때 평가*를 비활성화하세요.</target>
+</trans-unit>
+<trans-unit id="s911a27022aba349f">
+  <source>Create and bind Policy</source>
+  <target>정책 생성 및 바인드</target>
+</trans-unit>
+<trans-unit id="sb1a4e9b288e2f005">
+  <source>Federation and Social login</source>
+  <target>연합 및 소셜 로그인</target>
+</trans-unit>
+<trans-unit id="s6f367f5604d5056d">
+  <source>Create and bind Stage</source>
+  <target>바인드 스테이지 생성</target>
+</trans-unit>
+<trans-unit id="s1a65ee08832fbfe2">
+  <source>Flows and Stages</source>
+  <target>플로우 및 스테이지</target>
+</trans-unit>
+<trans-unit id="s4ba4473f3d4ec896">
+  <source>New version available</source>
+  <target>새 버전 사용가능</target>
+</trans-unit>
+<trans-unit id="s6b1ed7507f26cb4a">
+  <source>Failure result</source>
+  <target>실패한 결과</target>
+</trans-unit>
+<trans-unit id="s2e422519ed38f7d8">
+  <source>Pass</source>
+  <target>통과</target>
+</trans-unit>
+<trans-unit id="s81a45c4fd11e8e1a">
+  <source>Don't pass</source>
+  <target>미통과</target>
+</trans-unit>
+<trans-unit id="s95b73e0f4e47eb9a">
+  <source>Result used when policy execution fails.</source>
+  <target>정책 실행이 실패할 때 사용되는 결과입니다.</target>
+</trans-unit>
+<trans-unit id="s6a3cf855140b9511">
+  <source>Required: User verification must occur.</source>
+  <target>필수: 사용자 확인이 이루어져야 합니다.</target>
+</trans-unit>
+<trans-unit id="sc498a3b05cfe2b08">
+  <source>Preferred: User verification is preferred if available, but not required.</source>
+  <target>선호: 가능한 경우 사용자 확인이 선호되지만 필수는 아닙니다.</target>
+</trans-unit>
+<trans-unit id="s9d2239d2b0402795">
+  <source>Discouraged: User verification should not occur.</source>
+  <target>비권장: 사용자 확인이 이루어지지 않아야 합니다.</target>
+</trans-unit>
+<trans-unit id="s428b7859907f6db2">
+  <source>Required: The authenticator MUST create a dedicated credential. If it cannot, the RP is prepared for an error to occur</source>
+  <target>필수: 인증기는 반드시 전용 자격 증명을 만들어야 합니다. 생성할 수 없는 경우, RP는 오류 발생에 대비해야 합니다</target>
+</trans-unit>
+<trans-unit id="s33e3766d4a02b042">
+  <source>Preferred: The authenticator can create and store a dedicated credential, but if it doesn't that's alright too</source>
+  <target>선호: 인증기는 특별한 자격 증명을 생성하고 저장할 수 있지만, 그렇지 않아도 괜찮습니다</target>
+</trans-unit>
+<trans-unit id="sfb852dd507c25c24">
+  <source>Discouraged: The authenticator should not create a dedicated credential</source>
+  <target>비권장: 인증기는 특별한 자격 증명을 생성하지 않아야 합니다</target>
+</trans-unit>
+<trans-unit id="s028d385389b5aac0">
+  <source>Lock the user out of this system</source>
+  <target>이 시스템에서 사용자 잠금</target>
+</trans-unit>
+<trans-unit id="sd2122c514f0778b5">
+  <source>Allow the user to log in and use this system</source>
+  <target>사용자가 로그인하여 이 시스템을 사용할 수 있도록 허용</target>
+</trans-unit>
+<trans-unit id="s43fe853bf219a9b8">
+  <source>Temporarily assume the identity of this user</source>
+  <target>일시적으로 이 사용자의 신원을 가정</target>
+</trans-unit>
+<trans-unit id="se28b5f3fcadaeeb1">
+  <source>Enter a new password for this user</source>
+  <target>이 사용자에 대한 새 비밀번호 입력</target>
+</trans-unit>
+<trans-unit id="s6f5bb31e2733ecd5">
+  <source>Create a link for this user to reset their password</source>
+  <target>이 사용자가 비밀번호를 재설정할 수 있는 링크 생성</target>
+</trans-unit>
+<trans-unit id="s67ac11d47f1ce794">
+  <source>WebAuthn requires this page to be accessed via HTTPS.</source>
+  <target>WebAuthn을 사용하려면 이 페이지에 HTTPS를 통해 액세스해야 합니다.</target>
+</trans-unit>
+<trans-unit id="se9e9e1d6799b86a5">
+  <source>WebAuthn not supported by browser.</source>
+  <target>브라우저에서 WebAuthn을 지원하지 않습니다.</target>
+</trans-unit>
+<trans-unit id="sff0ac1ace2d90709">
+  <source>Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you).</source>
+  <target>Nginx의 auth_request 또는 Traefik의 forwardAuth와 함께 이 공급자를 사용합니다. 각 응용 프로그램/도메인은 자체 공급자가 필요하며, 각 도메인에서는 /outpost.goauthentik.io가 아웃포스트로 라우팅되어야 합니다 (관리되는 아웃포스트를 사용하는 경우 이 작업은 자동으로 수행됩니다).</target>
+</trans-unit>
+<trans-unit id="scb58b8a60cad8762">
+  <source>Default relay state</source>
+  <target>기본 릴레이 상태</target>
+</trans-unit>
+<trans-unit id="s6827a456c9dfc6ee">
+  <source>When using IDP-initiated logins, the relay state will be set to this value.</source>
+  <target>IDP-initiated 로그인을 사용하는 경우, 릴레이 상태가 이 값으로 설정됩니다.</target>
+</trans-unit>
+<trans-unit id="s01794c0ee3629c1b">
+  <source>Flow Info</source>
+  <target>플로우 정보</target>
+</trans-unit>
+<trans-unit id="s24bce955914b1f0a">
+  <source>Stage used to configure a WebAuthn authenticator (i.e. Yubikey, FaceID/Windows Hello).</source>
+  <target>WebAuthn 인증기를 구성하는 데 사용되는 스테이지(예: Yubikey, FaceID/Windows Hello).</target>
+</trans-unit>
+&lt;&lt;&lt;&lt;&lt;&lt;&lt; HEAD
+<trans-unit id="s1cffe58249b04669">
+  <source>Internal application name used in URLs.</source>
+  <target>URL에 사용되는 내부 애플리케이션 이름입니다.</target>
+</trans-unit>
+<trans-unit id="sb3d4f79d9d8b71e5">
+  <source>Submit</source>
+  <target>제출</target>
+</trans-unit>
+<trans-unit id="se2b29e6cfe59414c">
+  <source>UI Settings</source>
+  <target>UI 설정</target>
+</trans-unit>
+<trans-unit id="s836148f721d8913b">
+  <source>Transparent Reverse Proxy</source>
+  <target>투명 리버스 프록시</target>
+</trans-unit>
+<trans-unit id="s945a6b94361ee45b">
+  <source>For transparent reverse proxies with required authentication</source>
+  <target>인증이 필요한 투명한 리버스 프록시의 경우</target>
+</trans-unit>
+<trans-unit id="s40830ec037f34626">
+  <source>Configure SAML provider manually</source>
+  <target>SAML 공급자를 수동으로 구성</target>
+</trans-unit>
+<trans-unit id="sea9fc40dfd1d18b1">
+  <source>Configure RADIUS provider manually</source>
+  <target>RADIUS 공급자를 수동으로 구성</target>
+</trans-unit>
+<trans-unit id="sa1b0052ae095b9b3">
+  <source>Configure SCIM provider manually</source>
+  <target>SCIM 공급자를 수동으로 구성</target>
+</trans-unit>
+<trans-unit id="s15831fa50a116545">
+  <source>Saving Application...</source>
+  <target>Saving Application...</target>
+</trans-unit>
+<trans-unit id="s823abdb61543a826">
+  <source>Authentik was unable to save this application:</source>
+  <target>authentik이 이 애플리케이션을 저장하지 못했습니다:</target>
+</trans-unit>
+<trans-unit id="s848288f8c2265aad">
+  <source>Your application has been saved</source>
+  <target>애플리케이션 저장됨</target>
+</trans-unit>
+<trans-unit id="s67d858051b34c38b">
+  <source>Method's display Name.</source>
+  <target>Method의 표시 이름.</target>
+</trans-unit>
+<trans-unit id="h10ef80d434185070">
+  <source>Use this provider with nginx's <x id="0" equiv-text="&lt;code&gt;"/>auth_request<x id="1" equiv-text="&lt;/code&gt;"/> or traefik's
+                    <x id="2" equiv-text="&lt;code&gt;"/>forwardAuth<x id="3" equiv-text="&lt;/code&gt;"/>. Each application/domain needs its own provider.
+                    Additionally, on each domain, <x id="4" equiv-text="&lt;code&gt;"/>/outpost.goauthentik.io<x id="5" equiv-text="&lt;/code&gt;"/> must be
+                    routed to the outpost (when using a managed outpost, this is done for you).</source>
+  <target>Use this provider with nginx's <x id="0" equiv-text="&lt;code&gt;"/>auth_request<x id="1" equiv-text="&lt;/code&gt;"/> or traefik's
+                    <x id="2" equiv-text="&lt;code&gt;"/>forwardAuth<x id="3" equiv-text="&lt;/code&gt;"/>. Each application/domain needs its own provider.
+                    Additionally, on each domain, <x id="4" equiv-text="&lt;code&gt;"/>/outpost.goauthentik.io<x id="5" equiv-text="&lt;/code&gt;"/> must be
+                    routed to the outpost (when using a managed outpost, this is done for you).</target>
+</trans-unit>
+<trans-unit id="sd18b18f91b804c3f">
+  <source>Custom attributes</source>
+  <target>사용자 정의 속성(Attribute)</target>
+</trans-unit>
+<trans-unit id="s71c5d51d5a357dbd">
+  <source>Don't show this message again.</source>
+  <target>이 메시지를 다시 표시하지 마세요.</target>
+</trans-unit>
+<trans-unit id="s3e99ea082ca5ade9">
+  <source>Failed to fetch</source>
+  <target>가져오지 못함</target>
+</trans-unit>
+<trans-unit id="s98327528f00365a7">
+  <source>Failed to fetch data.</source>
+  <target>데이터를 가져오지 못했습니다.</target>
+</trans-unit>
+<trans-unit id="sf485014051ad0cf7">
+  <source>Successfully assigned permission.</source>
+  <target>권한을 성공적으로 할당했습니다.</target>
+</trans-unit>
+<trans-unit id="sca7fed2bef53cb99">
+  <source>Role</source>
+  <target>역할</target>
+</trans-unit>
+<trans-unit id="sc92c1a54034e21cc">
+  <source>Assign</source>
+  <target>할당</target>
+</trans-unit>
+<trans-unit id="scd84d10ee9137070">
+  <source>Assign permission to role</source>
+  <target>역할에 권한 할당</target>
+</trans-unit>
+<trans-unit id="s5ee6f1b84e9ebc69">
+  <source>Assign to new role</source>
+  <target>새 역할에 할당</target>
+</trans-unit>
+<trans-unit id="s4afb26a8fae257e9">
+  <source>Directly assigned</source>
+  <target>직접 할당됨</target>
+</trans-unit>
+<trans-unit id="sd8051c26e155f043">
+  <source>Assign permission to user</source>
+  <target>사용자에 권한 부여</target>
+</trans-unit>
+<trans-unit id="sf79f8681e5ffaee2">
+  <source>Assign to new user</source>
+  <target>새 사용자에 할당</target>
+</trans-unit>
+<trans-unit id="saabeb4cab074b0b9">
+  <source>User Object Permissions</source>
+  <target>사용자 오브젝트 권한</target>
+</trans-unit>
+<trans-unit id="s8489d5559dda260c">
+  <source>Role Object Permissions</source>
+  <target>역할 오브젝트 권한</target>
+</trans-unit>
+<trans-unit id="s6b2beba7ab637e9e">
+  <source>Roles</source>
+  <target>역할</target>
+</trans-unit>
+<trans-unit id="s96d2bb4be3f5e8aa">
+  <source>Select roles to grant this groups' users' permissions from the selected roles.</source>
+  <target>선택한 역할에서 이 그룹의 사용자에게 권한을 부여할 역할을 선택합니다.</target>
+</trans-unit>
+<trans-unit id="sb37880a2a7288ef0">
+  <source>Update Permissions</source>
+  <target>권한 업데이트</target>
+</trans-unit>
+<trans-unit id="se9c07cf256774d81">
+  <source>Editing is disabled for managed tokens</source>
+  <target>관리되는 토큰의 경우 편집이 비활성화됩니다.</target>
+</trans-unit>
+<trans-unit id="s78ab26da7f067de8">
+  <source>Select permissions to grant</source>
+  <target>부여할 권한 선택</target>
+</trans-unit>
+<trans-unit id="sdeb90bfd8a80b86b">
+  <source>Permissions to add</source>
+  <target>추가할 권한</target>
+</trans-unit>
+<trans-unit id="s36247910d67421e1">
+  <source>Select permissions</source>
+  <target>권한 선택</target>
+</trans-unit>
+<trans-unit id="s67e136af8fc1107b">
+  <source>Assign permission</source>
+  <target>권한 할당</target>
+</trans-unit>
+<trans-unit id="sb923723d27df40ba">
+  <source>Permission(s)</source>
+  <target>권한</target>
+</trans-unit>
+<trans-unit id="sc5fb00b25c7f5a02">
+  <source>Permission</source>
+  <target>권한</target>
+</trans-unit>
+<trans-unit id="s1455753daa00f1bc">
+  <source>User doesn't have view permission so description cannot be retrieved.</source>
+  <target>사용자에게 보기 권한이 없으므로 설명을 검색할 수 없습니다.</target>
+</trans-unit>
+<trans-unit id="sa3a3e09b88ed9791">
+  <source>Assigned permissions</source>
+  <target>할당된 권한</target>
+</trans-unit>
+<trans-unit id="s9cc631505c17b028">
+  <source>Assigned global permissions</source>
+  <target>전역 권한 할당</target>
+</trans-unit>
+<trans-unit id="s8f85a0e678846080">
+  <source>Assigned object permissions</source>
+  <target>할당된 오브젝트 권한</target>
+</trans-unit>
+<trans-unit id="s9103a949a3963aa9">
+  <source>Successfully updated role.</source>
+  <target>역할을 성공적으로 업데이트했습니다.</target>
+</trans-unit>
+<trans-unit id="sdf87c5661b31359e">
+  <source>Successfully created role.</source>
+  <target>역할을 성공적으로 만들었습니다.</target>
+</trans-unit>
+<trans-unit id="s3484b1e6d0b5335f">
+  <source>Manage roles which grant permissions to objects within authentik.</source>
+  <target>Authentik 내에서 개체에 권한을 부여하는 역할을 관리합니다.</target>
+</trans-unit>
+<trans-unit id="s259de999919316db">
+  <source>Role(s)</source>
+  <target>역할</target>
+</trans-unit>
+<trans-unit id="s2ffad156e8332f04">
+  <source>Update Role</source>
+  <target>역할 업데이트</target>
+</trans-unit>
+<trans-unit id="sc5f923729564fbf3">
+  <source>Create Role</source>
+  <target>역할 생성</target>
+</trans-unit>
+<trans-unit id="s14bfa8fd1bec8889">
+  <source>Role doesn't have view permission so description cannot be retrieved.</source>
+  <target>역할에 보기 권한이 없으므로 설명을 검색할 수 없습니다.</target>
+</trans-unit>
+<trans-unit id="s7e796fe83982863f">
+  <source>Role <x id="0" equiv-text="${this._role?.name || &quot;&quot;}"/></source>
+  <target><x id="0" equiv-text="${this._role?.name || &quot;&quot;}"/> 역할</target>
+</trans-unit>
+<trans-unit id="s526e2c66bd51ff5f">
+  <source>Role Info</source>
+  <target>역할 정보</target>
+</trans-unit>
+<trans-unit id="s2da4aa7a9abeb653">
+  <source>Pseudolocale (for testing)</source>
+  <target>가짜-로캘 (테스트용)</target>
+</trans-unit>
+<trans-unit id="s4bd386db7302bb22">
+  <source>Create With Wizard</source>
+  <target>authentik 마법사로 생성</target>
+</trans-unit>
+<trans-unit id="s070fdfb03034ca9b">
+  <source>One hint, 'New Application Wizard', is currently hidden</source>
+  <target>힌트, '새 애플리케이션 마법사'는 현재, 숨겨져 있습니다.</target>
+</trans-unit>
+<trans-unit id="s61bd841e66966325">
+  <source>External applications that use authentik as an identity provider via protocols like OAuth2 and SAML. All applications are shown here, even ones you cannot access.</source>
+  <target>OAuth2 및 SAML과 같은 프로토콜을 통해 인증서를 ID 공급자로 사용하는 외부 애플리케이션. 액세스할 수 없는 애플리케이션을 포함한 모든 애플리케이션이 여기에 표시됩니다.</target>
+</trans-unit>
+<trans-unit id="s1cc306d8e28c4464">
+  <source>Deny message</source>
+  <target>거부 메시지</target>
+</trans-unit>
+<trans-unit id="s6985c401e1100122">
+  <source>Message shown when this stage is run.</source>
+  <target>이 스테이지가 실행될 때 표시되는 메시지입니다.</target>
+</trans-unit>
+<trans-unit id="s09f0c100d0ad2fec">
+  <source>Open Wizard</source>
+  <target>마법사 열기</target>
+</trans-unit>
+<trans-unit id="sf2ef885f7d0a101d">
+  <source>Demo Wizard</source>
+  <target>데모 마법사</target>
+</trans-unit>
+<trans-unit id="s77505ee5d2e45e53">
+  <source>Run the demo wizard</source>
+  <target>데모 마법사 실행</target>
+</trans-unit>
+<trans-unit id="s4498e890d47a8066">
+  <source>OAuth2/OIDC (Open Authorization/OpenID Connect)</source>
+  <target>OAuth2/OIDC (Open Authorization/OpenID Connect)</target>
+</trans-unit>
+<trans-unit id="s4f2e195d09e2868c">
+  <source>LDAP (Lightweight Directory Access Protocol)</source>
+  <target>LDAP (Lightweight Directory Access Protocol)</target>
+</trans-unit>
+<trans-unit id="s7f5bb0c9923315ed">
+  <source>Forward Auth (Single Application)</source>
+  <target>Forward Auth (단일 애플리케이션)</target>
+</trans-unit>
+<trans-unit id="sf8008d2d6b064b95">
+  <source>Forward Auth (Domain Level)</source>
+  <target>Forward Auth (도메인 레벨)</target>
+</trans-unit>
+<trans-unit id="sfa8a1ffa9fee07d3">
+  <source>SAML (Security Assertion Markup Language)</source>
+  <target>SAML (Security Assertion Markup Language)</target>
+</trans-unit>
+<trans-unit id="s848a23972e388662">
+  <source>RADIUS (Remote Authentication Dial-In User Service)</source>
+  <target>RADIUS (Remote Authentication Dial-In User Service)</target>
+</trans-unit>
+<trans-unit id="s3e902999ddf7b50e">
+  <source>SCIM (System for Cross-domain Identity Management)</source>
+  <target>SCIM (System for Cross-domain Identity Management)</target>
+</trans-unit>
+<trans-unit id="sdc5690be4a342985">
+  <source>The token has been copied to your clipboard</source>
+  <target>토큰이 클립보드에 복사되었습니다.</target>
+</trans-unit>
+<trans-unit id="s7f3edfee24690c9f">
+  <source>The token was displayed because authentik does not have permission to write to the clipboard</source>
+  <target>authentik이 클립보드에 쓸 수 있는 권한이 없기 때문에 토큰이 표시되었습니다.</target>
+</trans-unit>
+<trans-unit id="saf6097bfa25205b8">
+  <source>A copy of this recovery link has been placed in your clipboard</source>
+  <target>이 복구 링크의 사본이 클립보드에 저장되었습니다.</target>
+</trans-unit>
+<trans-unit id="s5b8ee296ed258568">
+  <source>The current tenant must have a recovery flow configured to use a recovery link</source>
+  <target>현재 테넌트에 복구 링크를 사용하도록 구성된 복구 플로우가 있어야 합니다.</target>
+</trans-unit>
+<trans-unit id="s895514dda9cb9c94">
+  <source>Create recovery link</source>
+  <target>복구 링크 생성</target>
+</trans-unit>
+<trans-unit id="se5c795faf2c07514">
+  <source>Create Recovery Link</source>
+  <target>이 사용자가 비밀번호를 재설정할 수 있는 링크 생성</target>
+</trans-unit>
+<trans-unit id="s84fcddede27b8e2a">
+  <source>External</source>
+  <target>외부</target>
+</trans-unit>
+<trans-unit id="s1a635369edaf4dc3">
+  <source>Service account</source>
+  <target>서비스 계정</target>
+</trans-unit>
+<trans-unit id="sff930bf2834e2201">
+  <source>Service account (internal)</source>
+  <target>서비스 계정 (내부)</target>
+</trans-unit>
+<trans-unit id="s66313b45b69cfc88">
+  <source>Check the release notes</source>
+  <target>릴리스 정보 확인</target>
+</trans-unit>
+<trans-unit id="sb4d7bae2440d9781">
+  <source>User Statistics</source>
+  <target>사용자 통계</target>
+</trans-unit>
+<trans-unit id="s0924f51b028233a3">
+  <source>&lt;No name set&gt;</source>
+  <target>&lt;설정된 이름 없음&gt;</target>
+</trans-unit>
+<trans-unit id="sdc9a6ad1af30572c">
+  <source>For nginx's auth_request or traefik's forwardAuth</source>
+  <target>Nginx의 auth_request 또는 Traefik의 forwardAuth의 경우</target>
+</trans-unit>
+<trans-unit id="sfc31264ef7ff86ef">
+  <source>For nginx's auth_request or traefik's forwardAuth per root domain</source>
+  <target>루트 도메인 당 Nginx의 auth_request 또는 Traefik의 forwardAuth 경우</target>
+</trans-unit>
+<trans-unit id="sc615309d10a9228c">
+  <source>RBAC is in preview.</source>
+  <target>RBAC 는 현재 프리뷰입니다.</target>
+</trans-unit>
+<trans-unit id="s32babfed740fd3c1">
+  <source>User type used for newly created users.</source>
+  <target>새로 생성된 사용자에 사용되는 사용자 유형입니다.</target>
+</trans-unit>
+<trans-unit id="s4a34a6be4c68ec87">
+  <source>Users created</source>
+  <target>유서 생성됨</target>
+</trans-unit>
+<trans-unit id="s275c956687e2e656">
+  <source>Failed logins</source>
+  <target>실패한 로그인</target>
+</trans-unit>
+<trans-unit id="sb35c08e3a541188f">
+  <source>Also known as Client ID.</source>
+  <target>클라이언트 ID로도 알려져 있습니다.</target>
+</trans-unit>
+<trans-unit id="sd46fd9b647cfea10">
+  <source>Also known as Client Secret.</source>
+  <target>클라이언트 비밀이라고도 합니다.</target>
+</trans-unit>
+<trans-unit id="s4476e9c50cfd13f4">
+  <source>Global status</source>
+  <target>전역 상태</target>
+</trans-unit>
+<trans-unit id="sd21a971eea208533">
+  <source>Vendor</source>
+  <target>Vendor</target>
+</trans-unit>
+<trans-unit id="sadadfe9dfa06d7dd">
+  <source>No sync status.</source>
+  <target>동기화 상태가 없습니다.</target>
+</trans-unit>
+<trans-unit id="s2b1c81130a65a55b">
+  <source>Sync currently running.</source>
+  <target>현재 동기화가 실행 중입니다.</target>
+</trans-unit>
+<trans-unit id="sf36170f71cea38c2">
+  <source>Connectivity</source>
+  <target>Connectivity</target>
+</trans-unit>
+<trans-unit id="sd94e99af8b41ff54">
+  <source>0: Too guessable: risky password. (guesses &amp;lt; 10^3)</source>
+  <target>0: 너무 추측하기 쉬움: 위험한 비밀번호. (guesses &amp;lt; 10^3)</target>
+</trans-unit>
+<trans-unit id="sc926385d1a624c3a">
+  <source>1: Very guessable: protection from throttled online attacks. (guesses &amp;lt; 10^6)</source>
+  <target>1: 매우 예측 가능함: 제한된 온라인 공격으로부터의 보호. (guesses &amp;lt; 10^6)</target>
+</trans-unit>
+<trans-unit id="s8aae61c41319602c">
+  <source>2: Somewhat guessable: protection from unthrottled online attacks. (guesses &amp;lt; 10^8)</source>
+  <target>2: 다소 예측 가능함: 제한되지 않은 온라인 공격으로부터의 보호. (guesses &amp;lt; 10^8)</target>
+</trans-unit>
+<trans-unit id="sc1f4b57e722a89d6">
+  <source>3: Safely unguessable: moderate protection from offline slow-hash scenario. (guesses &amp;lt; 10^10)</source>
+  <target>3: 예측하기 어려움: 오프라인 느린 해시 시나리오로부터의 중간 수준의 보호. (guesses &amp;lt; 10^10)</target>
+</trans-unit>
+<trans-unit id="sd47f3d3c9741343d">
+  <source>4: Very unguessable: strong protection from offline slow-hash scenario. (guesses &amp;gt;= 10^10)</source>
+  <target>4: 매우 예측하기 어려움: 오프라인 느린 해시 시나리오로부터의 강력한 보호. (guesses &amp;gt;= 10^10)</target>
+</trans-unit>
+<trans-unit id="s3d2a8b86a4f5a810">
+  <source>Successfully created user and added to group <x id="0" equiv-text="${this.group.name}"/></source>
+  <target>사용자 생성과 <x id="0" equiv-text="${this.group.name}"/> 그룹 추가에 성공했습니다.</target>
+</trans-unit>
+<trans-unit id="s824e0943a7104668">
+  <source>This user will be added to the group &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot;.</source>
+  <target>이 사용자는 &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot; 그룹에 추가됩니다.</target>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+  <target>사용자가 존재하는 것처럼 가장</target>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
+  <target>활성화되면 해당 스테이지는 항상 제공된 사용자 식별자를 수락하고 계속 진행합니다.</target>
+</trans-unit>
+<trans-unit id="scda8dc24b561e205">
+  <source>There was an error in the application.</source>
+  <target>애플리케이션에 오류가 발생했습니다.</target>
+</trans-unit>
+<trans-unit id="sdaca9c2c0361ed3a">
+  <source>Review the application.</source>
+  <target>애플리케이션 검토하기.</target>
+</trans-unit>
+<trans-unit id="sb50000a8fada5672">
+  <source>There was an error in the provider.</source>
+  <target>공급자에 오류가 발생했습니다.</target>
+</trans-unit>
+<trans-unit id="s21f95eaf151d4ce3">
+  <source>Review the provider.</source>
+  <target>공급자 검토하기.</target>
+</trans-unit>
+<trans-unit id="s9fd39a5cb20b4e61">
+  <source>There was an error</source>
+  <target>오류가 발생함</target>
+</trans-unit>
+<trans-unit id="s7a6b3453209e1066">
+  <source>There was an error creating the application, but no error message was sent. Please review the server logs.</source>
+  <target>애플리케이션을 만드는 동안 오류가 발생했지만, 오류 메시지는 전송되지 않았습니다. 서버 로그를 검토해 보세요.</target>
+</trans-unit>
+<trans-unit id="s1a711c19cda48375">
+  <source>Configure LDAP Provider</source>
+  <target>LDAP 공급자 구성</target>
+</trans-unit>
+<trans-unit id="s9368e965b5c292ab">
+  <source>Configure OAuth2/OpenId Provider</source>
+  <target>OAuth2/OpenId 공급자 구성</target>
+</trans-unit>
+<trans-unit id="sf5cbccdc6254c8dc">
+  <source>Configure Proxy Provider</source>
+  <target>프록시 공급자 구성</target>
+</trans-unit>
+<trans-unit id="sf6d46bb442b77e91">
+  <source>AdditionalScopes</source>
+  <target>추가 사용성</target>
+</trans-unit>
+<trans-unit id="s2c8c6f89089b31d4">
+  <source>Configure Radius Provider</source>
+  <target>Radius 제공자 구성</target>
+</trans-unit>
+<trans-unit id="sfe906cde5dddc041">
+  <source>Configure SAML Provider</source>
+  <target>SAML 공급자 구성</target>
+</trans-unit>
+<trans-unit id="sb3defbacd01ad972">
+  <source>Property mappings used for user mapping.</source>
+  <target>사용자 매핑에 사용되는 속성 매핑입니다.</target>
+</trans-unit>
+<trans-unit id="s7ccce0ec8d228db6">
+  <source>Configure SCIM Provider</source>
+  <target>SCIM 공급자 구성</target>
+</trans-unit>
+<trans-unit id="sd7728d2b6e1d25e9">
+  <source>Property mappings used for group creation.</source>
+  <target>그룹을 만드는데 사용할 속성 매핑입니다.</target>
+</trans-unit>
+<trans-unit id="s7513372fe60f6387">
+  <source>Event volume</source>
+  <target>이력 규모</target>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+  <target>Outpost필요 (플로우는 Outpost에서만 실행할 수 있음).</target>
+</trans-unit>
+    </body>
+  </file>
+</xliff>
\ No newline at end of file
diff --git a/web/xliff/pl.xlf b/web/xliff/pl.xlf
index 7aae5340d..664ee86ff 100644
--- a/web/xliff/pl.xlf
+++ b/web/xliff/pl.xlf
@@ -1714,9 +1714,6 @@
       <trans-unit id="sc6c575c5ff64cdb1">
         <source>Update SCIM Provider</source>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>Uruchom ponownie synchronizację</target>
@@ -6241,6 +6238,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/pseudo-LOCALE.xlf b/web/xliff/pseudo-LOCALE.xlf
index 3839422ba..7fd1fd51f 100644
--- a/web/xliff/pseudo-LOCALE.xlf
+++ b/web/xliff/pseudo-LOCALE.xlf
@@ -2196,11 +2196,6 @@
         <source>Update SCIM Provider</source>
   <target>Ũƥďàţē ŚĆĨM Ƥŕōvĩďēŕ</target>
         
-      </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-  <target>Śŷńć ńōţ ŕũń ŷēţ.</target>
-        
       </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
@@ -7981,4 +7976,139 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
 </trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
+</trans-unit>
 </body></file></xliff>
diff --git a/web/xliff/tr.xlf b/web/xliff/tr.xlf
index 188474957..d1d4dcd55 100644
--- a/web/xliff/tr.xlf
+++ b/web/xliff/tr.xlf
@@ -1659,9 +1659,6 @@
       <trans-unit id="sc6c575c5ff64cdb1">
         <source>Update SCIM Provider</source>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>Eşzamanlamayı tekrar çalıştır</target>
@@ -6026,6 +6023,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index efcf25576..387f668c8 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -2217,11 +2217,6 @@
         <source>Update SCIM Provider</source>
         <target>更新 SCIM 提供程序</target>
         
-      </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-        <target>尚未同步过。</target>
-        
       </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
@@ -8044,6 +8039,184 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
   <target>事件容量</target>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+  <target>需要前哨（流程只能从前哨执行）。</target>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+  <target>连接设置。</target>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+  <target>已成功更新端点。</target>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+  <target>已成功创建端点。</target>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+  <target>协议</target>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+  <target>RDP</target>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+  <target>SSH</target>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+  <target>VNC</target>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+  <target>主机</target>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+  <target>要连接的主机名/IP。</target>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+  <target>端点</target>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+  <target>更新端点</target>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+  <target>这些绑定控制哪些用户能够访问此端点。用户必须也能访问此应用程序。</target>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+  <target>创建端点</target>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+  <target>RAC 目前处于预览状态。</target>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+  <target>更新 RAC 提供程序</target>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+  <target>端点</target>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+  <target>常规设置</target>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+  <target>RDP 设置</target>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+  <target>忽略服务器证书</target>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+  <target>启用壁纸</target>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+  <target>启用字体平滑</target>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+  <target>启用完整窗口拖拽</target>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+  <target>网络绑定</target>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+  <target>无绑定</target>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+  <target>绑定 ASN</target>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+  <target>绑定 ASN 和网络</target>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+  <target>绑定 ASN、网络和 IP</target>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+  <target>配置由此阶段创建的会话是否应该绑定到创建它们的网络。</target>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+  <target>GeoIP 绑定</target>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+  <target>绑定大陆</target>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+  <target>绑定大陆和国家</target>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+  <target>绑定大陆、国家和城市</target>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+  <target>配置由此阶段创建的会话是否应该绑定到基于 GeoIP 的位置。</target>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+  <target>RAC</target>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+  <target>连接在 <x id="0" equiv-text="${this.connectionAttempt}"/> 次尝试后失败。</target>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+  <target>将在 <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> 秒后重新连接。</target>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+  <target>正在连接…</target>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+  <target>选择要连接到的端点</target>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+  <target>连接过期</target>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+  <target>设置会话在被断开连接并需要重新授权之前持续的时间。</target>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+  <target>提供程序需要企业版。</target>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+  <target>了解更多</target>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh-Hant.xlf b/web/xliff/zh-Hant.xlf
index 1b85d0ee3..4895e7c21 100644
--- a/web/xliff/zh-Hant.xlf
+++ b/web/xliff/zh-Hant.xlf
@@ -1673,9 +1673,6 @@
       <trans-unit id="sc6c575c5ff64cdb1">
         <source>Update SCIM Provider</source>
       </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-      </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
         <target>再次运行同步</target>
@@ -6074,6 +6071,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf
index 9bf67b95b..3bbeaddb9 100644
--- a/web/xliff/zh_CN.xlf
+++ b/web/xliff/zh_CN.xlf
@@ -2217,11 +2217,6 @@
         <source>Update SCIM Provider</source>
         <target>更新 SCIM 提供程序</target>
         
-      </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-        <target>尚未同步过。</target>
-        
       </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
@@ -8044,6 +8039,178 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
   <target>事件容量</target>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+  <target>需要前哨（流程只能从前哨执行）。</target>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+  <target>连接设置。</target>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+  <target>已成功更新端点。</target>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+  <target>已成功创建端点。</target>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+  <target>协议</target>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+  <target>RDP</target>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+  <target>SSH</target>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+  <target>VNC</target>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+  <target>主机</target>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+  <target>要连接的主机名/IP。</target>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+  <target>端点</target>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+  <target>更新端点</target>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+  <target>这些绑定控制哪些用户能够访问此端点。用户必须也能访问此应用程序。</target>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+  <target>创建端点</target>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+  <target>RAC 目前处于预览状态。</target>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+  <target>更新 RAC 提供程序</target>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+  <target>端点</target>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+  <target>常规设置</target>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+  <target>RDP 设置</target>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+  <target>忽略服务器证书</target>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+  <target>启用壁纸</target>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+  <target>启用字体平滑</target>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+  <target>启用完整窗口拖拽</target>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+  <target>网络绑定</target>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+  <target>无绑定</target>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+  <target>绑定 ASN</target>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+  <target>绑定 ASN 和网络</target>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+  <target>绑定 ASN、网络和 IP</target>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+  <target>配置由此阶段创建的会话是否应该绑定到创建它们的网络。</target>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+  <target>GeoIP 绑定</target>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+  <target>绑定大陆</target>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+  <target>绑定大陆和国家</target>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+  <target>绑定大陆、国家和城市</target>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+  <target>配置由此阶段创建的会话是否应该绑定到基于 GeoIP 的位置。</target>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+  <target>RAC</target>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+  <target>连接在 <x id="0" equiv-text="${this.connectionAttempt}"/> 次尝试后失败。</target>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+  <target>将在 <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> 秒后重新连接。</target>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+  <target>正在连接…</target>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+  <target>选择要连接到的端点</target>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+  <target>连接过期</target>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+  <target>设置会话在被断开连接并需要重新授权之前持续的时间。</target>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+  <target>提供程序需要企业版。</target>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+  <target>了解更多</target>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh_TW.xlf b/web/xliff/zh_TW.xlf
index 05818f770..c9cb3fb1e 100644
--- a/web/xliff/zh_TW.xlf
+++ b/web/xliff/zh_TW.xlf
@@ -2198,11 +2198,6 @@
         <source>Update SCIM Provider</source>
         <target>更新 SCIM 供應商</target>
         
-      </trans-unit>
-      <trans-unit id="s7da38af36522ff6a">
-        <source>Sync not run yet.</source>
-        <target>尚未執行同步。</target>
-        
       </trans-unit>
       <trans-unit id="sbecf8dc03c978d15">
         <source>Run sync again</source>
@@ -7965,6 +7960,141 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s7513372fe60f6387">
   <source>Event volume</source>
+</trans-unit>
+<trans-unit id="s047a5f0211fedc72">
+  <source>Require Outpost (flow can only be executed from an outpost).</source>
+</trans-unit>
+<trans-unit id="s3271da6c18c25b18">
+  <source>Connection settings.</source>
+</trans-unit>
+<trans-unit id="s2f4ca2148183d692">
+  <source>Successfully updated endpoint.</source>
+</trans-unit>
+<trans-unit id="s5adee855dbe191d9">
+  <source>Successfully created endpoint.</source>
+</trans-unit>
+<trans-unit id="s61e136c0658e27d5">
+  <source>Protocol</source>
+</trans-unit>
+<trans-unit id="sa062b019ff0c8809">
+  <source>RDP</source>
+</trans-unit>
+<trans-unit id="s97f9bf19fa5b57d1">
+  <source>SSH</source>
+</trans-unit>
+<trans-unit id="s7c100119e9ffcc32">
+  <source>VNC</source>
+</trans-unit>
+<trans-unit id="s6b05f9d8801fc14f">
+  <source>Host</source>
+</trans-unit>
+<trans-unit id="sb474f652a2c2fc76">
+  <source>Hostname/IP to connect to.</source>
+</trans-unit>
+<trans-unit id="s8276649077e8715c">
+  <source>Endpoint(s)</source>
+</trans-unit>
+<trans-unit id="sf1dabfe0fe8a75ad">
+  <source>Update Endpoint</source>
+</trans-unit>
+<trans-unit id="s008496c7716b9812">
+  <source>These bindings control which users will have access to this endpoint. Users must also have access to the application.</source>
+</trans-unit>
+<trans-unit id="s38e7cd1a24e70faa">
+  <source>Create Endpoint</source>
+</trans-unit>
+<trans-unit id="s4770c10e5b1c028c">
+  <source>RAC is in preview.</source>
+</trans-unit>
+<trans-unit id="s168565f5ac74a89f">
+  <source>Update RAC Provider</source>
+</trans-unit>
+<trans-unit id="s8465a2caa2d9ea5d">
+  <source>Endpoints</source>
+</trans-unit>
+<trans-unit id="s9857d883d8eb98fc">
+  <source>General settings</source>
+</trans-unit>
+<trans-unit id="sd2066881798a1b96">
+  <source>RDP settings</source>
+</trans-unit>
+<trans-unit id="sb864dc36a463a155">
+  <source>Ignore server certificate</source>
+</trans-unit>
+<trans-unit id="s20366a8d1eaaca54">
+  <source>Enable wallpaper</source>
+</trans-unit>
+<trans-unit id="s1e44c5350ef7598c">
+  <source>Enable font-smoothing</source>
+</trans-unit>
+<trans-unit id="s04ff5d6ae711e6d6">
+  <source>Enable full window dragging</source>
+</trans-unit>
+<trans-unit id="s663ccbfdf27e8dd0">
+  <source>Network binding</source>
+</trans-unit>
+<trans-unit id="sb108a06693c67753">
+  <source>No binding</source>
+</trans-unit>
+<trans-unit id="s5aab90c74f1233b8">
+  <source>Bind ASN</source>
+</trans-unit>
+<trans-unit id="s488303b048afe83b">
+  <source>Bind ASN and Network</source>
+</trans-unit>
+<trans-unit id="s3268dcfe0c8234dc">
+  <source>Bind ASN, Network and IP</source>
+</trans-unit>
+<trans-unit id="s226381aca231644f">
+  <source>Configure if sessions created by this stage should be bound to the Networks they were created in.</source>
+</trans-unit>
+<trans-unit id="s2555a1f20f3fd93e">
+  <source>GeoIP binding</source>
+</trans-unit>
+<trans-unit id="s3d63c78f93c9a92e">
+  <source>Bind Continent</source>
+</trans-unit>
+<trans-unit id="s395d5863b3a259b5">
+  <source>Bind Continent and Country</source>
+</trans-unit>
+<trans-unit id="s625ea0c32b4b136c">
+  <source>Bind Continent, Country and City</source>
+</trans-unit>
+<trans-unit id="s4bc7a1a88961be90">
+  <source>Configure if sessions created by this stage should be bound to their GeoIP-based location</source>
+</trans-unit>
+<trans-unit id="sa06cd519ff151b6d">
+  <source>RAC</source>
+</trans-unit>
+<trans-unit id="s28b99b59541f54ca">
+  <source>Connection failed after <x id="0" equiv-text="${this.connectionAttempt}"/> attempts.</source>
+</trans-unit>
+<trans-unit id="s7c7d956418e1c8c8">
+  <source>Re-connecting in <x id="0" equiv-text="${Math.max(1, delay / 1000)}"/> second(s).</source>
+</trans-unit>
+<trans-unit id="sfc003381f593d943">
+  <source>Connecting...</source>
+</trans-unit>
+<trans-unit id="s31aa94a0b3c7edb2">
+  <source>Select endpoint to connect to</source>
+</trans-unit>
+<trans-unit id="sa2ea0fcd3ffa80e0">
+  <source>Connection expiry</source>
+</trans-unit>
+<trans-unit id="s6dd297c217729828">
+  <source>Determines how long a session lasts before being disconnected and requiring re-authorization.</source>
+</trans-unit>
+<trans-unit id="scc7f34824150bfb8">
+  <source>Provider require enterprise.</source>
+</trans-unit>
+<trans-unit id="s31f1afc1bfe1cb3a">
+  <source>Learn more</source>
+</trans-unit>
+<trans-unit id="sc39f6abf0daedb0f">
+  <source>Maximum concurrent connections</source>
+</trans-unit>
+<trans-unit id="s62418cbcd2a25498">
+  <source>Maximum concurrent allowed connections to this endpoint. Can be set to -1 to disable the limit.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/website/blog/2023-11-1-happy-birthday-to-us/item.md b/website/blog/2023-11-1-happy-birthday-to-us/item.md
index 684975a1b..a49487d74 100644
--- a/website/blog/2023-11-1-happy-birthday-to-us/item.md
+++ b/website/blog/2023-11-1-happy-birthday-to-us/item.md
@@ -1,6 +1,6 @@
 ---
-title: “Happy Birthday to Us!”
-description: “We are celebrating our one-year anniversary since the founding of Authentik Security..”
+title: "Happy Birthday to Us!"
+description: "We are celebrating our one-year anniversary since the founding of Authentik Security.."
 slug: 2023-11-1-happy-birthday-to-us
 authors:
     - name: Jens Langhammer and the authentik team
@@ -56,7 +56,7 @@ Once you get to know Jens, you won’t be surprised to his answer about what he
 
 That task alone will scare most of us. In software, team work is most definitely what makes the dream work, so finding the right talents and skills sets and experiences to compliment Jens’ deep technical skills and full-stack experience was of paramount importance. We now have developers with expertise in frontend and backend development, infrastructure, and security, a well as a content editor.
 
-Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call “technical curiosity”.
+Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call "technical curiosity".
 
 > How does this thing work, from whom can I learn more, and with whom can I share my knowledge?
 
@@ -90,10 +90,10 @@ An interesting offset to our shared love of building is the shared sense of humi
 
 The tone and espirit of the company is one reason it’s so meaningful to celebrate our 1-year birthday; we can happily celebrate a hard year of doing things with full, enthusiastic engagement. At authentik, nerdiness is embraced, technical curiosity flourishes, and transparency is a big part of our nature. Speaking of how we communicate with our community, our Discord forum is (in addition to GitHub) an important place where transparency matters. For example, we recently asked our community what they preferred for a release cycle. Based on the answers, we lengthened the release time from from monthly to every two or three months.
 
-Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is “What’s been the hardest thing about building a company?” His answers:
+Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is "What’s been the hardest thing about building a company?" His answers:
 
--   “Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… “
--   “Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself.”
+-   "Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… "
+-   "Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself."
 
 ### What’s up next?
 
diff --git a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
index ff1e0bf24..6814a8857 100644
--- a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
+++ b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
@@ -1,6 +1,6 @@
 ---
 title: Automated security versus the security mindset
-description: “Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?”
+description: "Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?"
 slug: 2023-11-30-automated-security-versus-the-security-mindset
 authors:
     - name: Jens Langhammer
@@ -142,7 +142,7 @@ Once new and significant threats are detected by the automated security, it is h
 
 ### Human-centered cybersecurity
 
-Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset.
+Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the "Blue Team" and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset.
 
 -   The human ability to think creatively and rapidly adapt to changing situations is invaluable to good security processes.
 -   The higher the security risk, the more you need skilled security professionals to supervise the security process.
diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/item.md b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md
new file mode 100644
index 000000000..24284f79a
--- /dev/null
+++ b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md
@@ -0,0 +1,93 @@
+---
+title: "Okta's October breach part two: a delayed but slightly better response"
+description: "Okta continues to revel more information about the HAR files breach first revealed in October; now we know that a service account was involved, and 100% of their customer support users were impacted."
+slug: 2023-12-12-oktas-october-breach-part-two
+authors:
+    - name: Jens Langhammer
+      title: CTO at Authentik Security Inc
+      url: https://github.com/BeryJu
+      image_url: https://github.com/BeryJu.png
+tags:
+    - authentik
+    - security mindset
+    - incident response
+    - service account
+    - Okta
+    - SSO
+    - HAR files
+    - identity provider
+    - authentication
+    - Authentik Security
+hide_table_of_contents: false
+image: ./okta-timeline.png
+---
+
+> **_authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a [public benefit company](https://github.com/OpenCoreVentures/ocv-public-benefit-company/blob/main/ocv-public-benefit-company-charter.md) building on top of the open source project._**
+
+---
+
+On November 29th, 2023, Okta [revealed](https://sec.okta.com/harfiles) that a breach they announced in October was much worse than originally conveyed. The number of impacted users went from less than 1% of customers to every single customer who had every opened a Support ticket in the Okta Help Center.
+
+> So the impact leapt from [134 users](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause) to [18,400 users](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update).
+
+We wrote in October about Okta’s poor response to breaches (see [Okta got breached again](https://goauthentik.io/blog/2023-10-23-another-okta-breach)), but since our blog doesn’t seem to be changing Okta’s behaviour, let’s take a closer look at the new revelations from Okta about what happened back in October, how it is impacting users now, and why Okta is still dealing with it in December.
+
+> Now all of Okta’s customers are paying the price… with increased phishing and spam.
+
+Our take is that any company can be hacked, but it is the response that matters. How quick is the response, how transparent are the details, how forthright are the acknowledgments? Okta’s initial announcement about the October breach (remember the [HAR file](https://goauthentik.io/blog/2023-10-23-another-okta-breach) that contained a session token?) was less-than-timely, devoid of details, and titled with one of the worst titles ever given such a serious announcement.
+
+![screenshot of the timeline that Okta published](./okta-timeline.png)
+
+<!--truncate-->
+
+## Looking back at October’s breach
+
+With the original incident, probably what most people now recall is not only the technical details of the session tokens that were exposed in HAR files, but also the very slow response time. Turns out 1Password reported the breach to Okta on September 29, and [BeyondTrust](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach) reported the breach to Okta on October 2. But Okta waited three weeks before announcing the breach on October 20th.
+
+In this October 20th announcement, Okta CISO David Bradbury stated that the malicious actor had gained access to Okta’s Support dashboard and retrieved only names and emails addresses for a very small number of customers. He explained that the hacker used session tokens that were not scrubbed from a HAR file (which Okta support routinely asks their customers to submit, for troubleshooting purposes) to gain access to specific customer’s accounts. But what wasn’t revealed at the time (because Okta themselves did not yet know) was _how_ the hacker obtained access to the Customer Support dashboard to access customer accounts and then download associated HAR files.
+
+### The second **Okta shoe fell in early November**
+
+As mentioned above, the new information revealed by Okta came from their security team retracing the steps of the original malicious actor. Okta’s research and analysis was greatly aided by the fact that [BeyondTrust shared a suspicious IP address with Okta](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update); the IP address that BeyondTrust believed to be the hacker’s.
+
+**Initial access gained via a service account**
+
+This new finding, based on retracing the steps of that IP address, show that the initial breach occurred when the hacker obtained the credentials for a service account "stored in the system", which provided access to the Customer Support dashboard and had permissions to view and update customer support cases. The hacker then reviewed customer support cases, downloaded the associated HAR files, and retrieved the session tokens.
+
+From the [November 3rd announcement](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause), we now know that the service account credentials were exposed through an Okta employee’s personal Google account, which the employee had accessed on the Okta-issued work laptop.
+
+In announcing the service account’s role in the breach, Okta’s CISO stated:
+
+> "During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account."
+
+The use of the service account was discovered on October 16, by examining the activities of the IP address of the hacker that BeyondTrust had supplied Okta. This begs the question of why Okta did not revel the malicious use of the service account in their October 20th announcement. Perhaps they did not yet want to show details of their internal investigation?
+
+### And a third shoe in late November
+
+Now fast-forward to Okta’s [November 29th announcement](https://sec.okta.com/harfiles). Back in October, it was known that after the hacker accessed Okta’s Support dashboard they ran queries on the support database to create reports containing customer data. In the November 3rd announcement Okta shared that the report was thought to be quite small is scope; this is the infamous "less than 1% of Okta customers" statement.
+
+But after more internal investigation and recreating the reports that the malicious actor ran, Okta announced on November 29th that their original statement that less than 1% of their users were impacted by the October breach was incorrect. Instead, Okta revealed that the scope of the report was much larger, and indeed concluded that "[the report contained a list of all customer support system users](https://sec.okta.com/harfiles)". A total of 18,400 users. The only customers that were not impacted are those in FedRAMP and DoD IL4 environments, who are on a separate support platform.
+
+> An aside, perhaps, but the timing of Okta’s update is interesting; the announcement was released on the same date as the quarterly earnings report. This could be seen as transparency, or it could be seen as damage control. (Also, why in the heck is Nov 29th within Okta’s 3rd quarter of **fiscal year 2024**? But we aren’t writing here about Okta’s financial schedules; I digress.)
+
+**Filters removed from report**
+
+Apparently when the hacker ran queries to gather customer data, they used a standard template available from the dashboard. However, they removed all filters on the templated report, thus grabbing much more data then the original template would have returned.
+
+In addition to removing all filters on the report, it seems that Okta’s original analysis of the logs pertaining to the breach failed to take in to account exactly HOW the hacker accessed and downloaded data:
+
+> "For a period of 14 days, while actively investigating, Okta did not identify suspicious downloads in our logs. When a user opens and views files attached to a support case, a specific log event type and ID is generated tied to that file. If a user instead navigates directly to the Files tab in the customer support system, as the threat actor did in this attack, they will instead generate an **entirely different log event** with a different record ID."
+
+## Now what?
+
+The third shoe has dropped, but it feels like there might still be a fourth. Maybe even more data was stolen, beyond just email addresses. Perhaps the malicious actor gained more sensitive customer data when they were able to log into specific customer’s accounts, but are sitting on it waiting to use it. Perhaps the explorations by the hacker form within the customer support system reveled other weaknesses that have yet to be exploited.
+
+So while we are all waiting with baited breath to see if Okta can squeeze even more drama into 2023, here are a few tips to consider:
+
+-   If you are an Okta customer, do indeed follow each and every one of their recommendations, listed under the "**Implementing recommended best practices**" section of their [November 29th announcement](https://sec.okta.com/harfiles).
+-   Be aware of Okta’s plan for a 90-day pause on new features. During the [earning report call](https://seekingalpha.com/article/4655057-okta-inc-okta-q3-2024-earnings-call-transcript) on November 29th CEO Todd McKinnon stated "During this hyper-focused phase, no other project or even product development area is more important. In fact, the launch dates for the new products and features that we highlighted at Oktane last month will be pushed out approximately 90 days."
+-   As Okta advises, be on the lookout for more phishing attempts and stay hyper-vigilant.
+-   In general, across the board, be vigilant and adopt a "[security mindset](https://goauthentik.io/blog/2023-11-30-automated-security-versus-the-security-mindset)" (as valuable and maybe more than any technology).
+-   Consider breaking out of vendor lock-in and using an on-premise, open core solution such as [authentik](https://goauthentik.io/). We realize change is hard, but continual breaches and uncertainty around when a breach has been fully contained is also painful.
+
+We’d be happy to talk with you more about your security and identity management needs; reach out to us with an email to [hello@goauthentik.io](mailto:hello@goauthentik.io) or on [Discord](https://discord.com/channels/809154715984199690/809154716507963434).
diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png b/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png
new file mode 100644
index 000000000..69e0a8aa2
Binary files /dev/null and b/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png differ
diff --git a/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/item.md b/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/item.md
new file mode 100644
index 000000000..4f18882e4
--- /dev/null
+++ b/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/item.md
@@ -0,0 +1,164 @@
+---
+title: "Building the dream infrastructure stack for a security startup: preparing for human and technical scaling"
+description: "What's in our stack: the tools we use to build authentik (and why we chose them)."
+slug: 2023-12-21-five-lessons-from-choosing-infrastructure-tooling
+authors:
+    - name: Marc Schmitt
+      title: Infrastructure Engineer at Authentik Security Inc
+      url: https://github.com/rissson
+      image_url: https://github.com/rissson.png
+    - name: Rebecca Dodd
+      title: Contributing Writer
+      url: https://www.thebasementoffice.co.uk
+      image_url: https://github.com/rebeccadee.png
+tags:
+    - authentik
+    - startups
+    - infrastructure tooling
+    - tools
+    - technology stack
+    - Loki
+    - Argo CD
+    - Prometheus
+    - Thanos
+    - Transifex
+    - Lit
+    - Redis
+    - Grafana
+    - authentication
+    - Authentik Security
+hide_table_of_contents: false
+image: ./tech-stack1.png
+---
+
+> **_authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a [public benefit company](https://github.com/OpenCoreVentures/ocv-public-benefit-company/blob/main/ocv-public-benefit-company-charter.md) building on top of the open source project._**
+
+---
+
+With great power (to choose your own tools) comes great responsibility. Not inheriting a legacy toolchain is an infrastructure engineer’s dream, but it can be hard to know where to start.
+
+As the first infrastructure engineer hired to work on authentik, I saw the greenfield opportunities, but also the responsibility and long-term importance of choosing the best stack of tools and build processes. From my past roles, I already knew many of the considerations we would need to factor in.
+
+For example, we know that ease of maintenance is a primary consideration, as is the stability and probable longevity of the tool, how well the tools integrate, and of course the level of support we were likely to get for each tool.
+
+In this post we share some of what we are using to build authentik, and the lessons behind those choices.
+![technology stack for startups](./tech-stack1.png)
+
+<!--truncate-->
+
+## #1 Choices are often human, not technical
+
+If there isn’t much difference between two tools, the choice isn’t a technical decision. It’s going to come down to human factors like ease of use or the team’s familiarity with the tool. This is why we use [GitHub Actions](https://docs.github.com/en/actions) for our CI—[we’re already on GitHub](https://github.com/goauthentik) so it just makes sense.
+
+> Familiarity with a tool means that you and your team can move faster, leading to higher business efficiency and a happier team.
+
+### We use Argo CD for GitOps
+
+When I joined Authentik Security, we were using [Flux CD](https://fluxcd.io/). Jens, our founder and CTO, had set up a small Kubernetes cluster to run an authentik instance for us to log into different services (some monitoring tools), and he was deploying all of this using Flux CD.
+
+If you’re not familiar, Flux and [Argo CD](https://argo-cd.readthedocs.io/en/stable/) enable you to do GitOps: whatever you want to deploy, you push that to a Git repository and then synchronize whatever is in production from that Git repository. Everything is committed and tracked in the Git history (helping you to understand what has changed and why).
+
+You also don’t need to do anything manually on the production servers or clusters—it’s all done in Git. This helps with auditing, as history is tracked, and you can easily find who made a change. You don’t need to give access to your production servers and cluster to whoever is conducting the audit, since they can see how everything is configured in the Git repo.
+
+#### Flux and Argo CD essentially do the same thing
+
+Despite Flux and Argo CD both being good at what they do, I advocated for switching to Argo CD because I have always worked with it and that familiarity with the tool meant I’d be able to work with much greater efficiency and velocity.
+
+Since switching to Argo CD, we’ve automated deployment of new pull requests with the `deploy me` label. A developer can add that label to one of their open PRs, and the changes get deployed to a production-like environment so they can test those changes with a real domain and real certificates—it’s exactly the same as how a client would interact with those changes. It’s especially useful for mobile app development because instead of launching an authentik instance locally, you can test the mobile app against a production-like environment. This ability to access this “test deployment” is great for QA, tech writers, technical marketing teams, and anyone else who needs early access to a feature before it even gets merged.
+
+#### Setting us up to scale
+
+Argo CD also comes with a built-in UI, which Flux does not. This is useful because as we grow as a company, we will have more developers and we want to enable self-service and a culture of “you build it, you run it.”
+
+With the Argo CD UI, a developer can make changes in Git, view the changes in the UI, and validate if the application started correctly and if everything is running. There’s no need to build another tool or set up Grafana dashboards or some other solution for developers to check if the application is running correctly.
+
+“You build it, you run it” in this case isn’t about operations or infrastructure leaving developers to figure things out on their own. What we actually want is to empower devs to run things themselves so that:
+
+1. Everyone shares the burden of production.
+2. Developers have a shorter feedback loop to see how their app behaves in production.
+
+This type of choice is about setting things up for scalability down the road, which leads me to our next lesson.
+
+## #2 Build with scale in mind
+
+Our founder, Jens, has written before about [building apps with scale in mind](https://goauthentik.io/blog/2023-06-13-building-apps-with-scale-in-mind) and [doing things the ‘right’ way first time](https://goauthentik.io/blog/2023/10/26/you-might-be-doing-containers-wrong/).
+
+As an infrastructure engineer especially, it can be so hard to deal with legacy tools and solutions (sometimes you just want to burn it all down and start over). It’s just so much easier to maintain things if you do it properly from the beginning. Part of why I wanted to join Authentik Security was because there wasn’t any legacy to deal with!
+
+Yes, premature optimization is the root of all evil, but that doesn’t mean you can’t think about scalability when designing something. Having a design that can scale up if we need it to, but that can also run with few resources (human or machine)—even if a few compromises are necessary to allow it to do so—is oftentimes better that having a design that wasn’t built with scale in mind. This can spare you having to redesign it later (and then on top of that, migrate the old one).
+
+### We use Transifex for translation
+
+Internationalization isn’t often high on the list for open source projects or developer tool companies, but we’ve been doing it with [Transifex](https://www.transifex.com/).
+
+If your users are developers they are probably used to working with tools in English. Whoever administers authentik for a company in France, for example, probably knows enough English to get by. But that company’s users may not need to speak English at all in their role because they’re on the legal or finance side. Those users still need to log in using authentik, so it’s great to be able to provide it in their language.
+
+We use [Lit](https://lit.dev/) for our frontend (Jens has written about [choosing Lit over React](https://goauthentik.io/blog/2023-05-04-i-gambled-against-react-and-lost)), which supports translation by default:
+
+-   With Lit, we’re able to extract strings of text that we want to translate.
+-   Those strings are sent to Transifex, where we can crowdsource translations.
+-   We do this by marking strings as “source strings” with just three extra characters per string, which is not that much of an effort if you’re doing it from the outset vs implementing afterwards.
+
+Native speakers of a given language can help us polish our translations; this is a great way to enable people to contribute to the project (not everyone can or wants to contribute code, for example).
+
+## #3 Think about product-specific requirements
+
+As a security company, some of our choices are influenced by product- and industry-specific needs.
+
+As you’re building your own stack, you may need to think about the requirements of your own product space or industry. You might have customer expectations to meet or compliance requirements, for example.
+
+### We use Redis for reputation data
+
+Most of our storage is done in [PostgreSQL](https://www.postgresql.org/), but for some types of storage we use [Redis](https://redis.io/) for latency reasons, as it’s much faster to fetch data from.
+
+We have two use cases for Redis:
+
+#### Reputation data
+
+If someone tries to log in and fails, we temporarily store ‘bad reputation’ weights associated with their IP address in Redis. This enables authentik admins to manage logins more securely; if someone has a reputation of less than a certain threshold (because they tried bad login details a few too many times), the authentik admin can block them.
+
+That data is stored in Redis temporarily; we have a subsequent task that fetches it from Redis and stores it in the database. That way, if you want to keep updating the reputation data for a user (because they keep trying to log in with bad inputs), we’re just updating Redis and not PostgreSQL every time. Then when that data is moved from Redis to PostgreSQL, it’s compacted.
+
+#### Session data
+
+This use case is more common: with every request, we check that the user is still logged in or if they need to log in. Again, we store this data in Redis for latency reasons.
+
+# #4 Your choices will cost you, one way or another
+
+Of course, budget is going to play a role in the tools you choose. You have to balance your investments of money OR time spent on your tooling.
+
+### We use Loki for logging
+
+We talked about this in our recent [post about building a security stack with mostly free and open source software](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k). As we wrote, [Loki](https://grafana.com/oss/loki/) is free, open source, and cheap to run. We could have gone with something like Elasticsearch (and the whole Elastic Stack) but it’s so expensive to run in terms of processing power and memory resources. Loki isn’t as easy to run, but we save on costs.
+
+> It comes back to the idea of “you either pay in time or money” for software, and for most of authentik’s tooling I’ve already paid in time for it.
+
+## #5 Optimize for stability and support
+
+Infrastructure people just want to be able to sleep at night and not get paged at all hours (for that we use [Alertmanager](https://prometheus.io/docs/alerting/latest/alertmanager/), just in case). I just wanted to set up things that work and are reliable—pragmatic reasons similar to [why we chose Python and Django](https://goauthentik.io/blog/2023-03-16-authentik-on-django-500-slower-to-run-but-200-faster-to-build).
+
+These next tools (all open source) were easy choices because I’ve already used them and know how to configure them properly and what pitfalls to watch out for.
+
+### We use Grafana and Prometheus for monitoring and metrics
+
+[Grafana](https://grafana.com/grafana/) is widely used and comes with a lot of existing resources, so we don’t have to build everything ourselves. We use it to display our logs and metrics in dashboards so we can view and correlate data from Loki and [Prometheus](https://grafana.com/oss/prometheus/) together. Prometheus scrapes metrics from our infrastructure tools, authentik instances, and other applications.
+
+#### We use Thanos to manage metrics data
+
+I used Thanos for a large-scale deployment in a previous role—storing something like 20TB of metrics per six months—so I knew it would work for us now and later as we scale.
+
+Prometheus stores metrics for ~1 day before [Thanos](https://thanos.io/) fetches them and pushes to S3 storage for longer-term retention. We do this because Prometheus doesn’t do well storing large amounts of data. We’re also running Prometheus in highly available fashion, which would mean storing the data twice, which would be expensive.
+
+Thanos compresses the metrics data and also does downsampling:
+
+-   For 30 days we keep everything that’s scraped (every 30/60 seconds)
+-   Beyond that, for 90 days we keep only a metric point every five minutes
+-   For a year, we keep just one metric point per hour
+
+By retaining less data as time passes, queries are faster and storage is cheaper. Why keep metrics for such a long time? It gives us a view of the seasonality of traffic so we can do better capacity planning.
+
+## Final thoughts
+
+This isn’t a groundbreaking stack. We aren’t optimizing for the latest edge technology. (The only somewhat controversial choice we’ve made has been moving to an [IPv6 only](https://goauthentik.io/blog/2023-11-09-IPv6-addresses) network.) For the most part we’ve gone with options that are tried and tested, well known to the team, and play nicely with the other parts of our stack.
+
+As always, we would be interested in hearing your thoughts about the stack we use, and about the tools that you and your team have chosen and the reasons behind those choices. Send us an email to hello@goauthentik.io or chime in on [Discord](https://discord.com/channels/809154715984199690/809154716507963434).
diff --git a/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/tech-stack1.png b/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/tech-stack1.png
new file mode 100644
index 000000000..5010a16f0
Binary files /dev/null and b/website/blog/2023-12-21-five-lessons-from-choosing-infrastructure-tooling/tech-stack1.png differ
diff --git a/website/developer-docs/api/browser.mdx b/website/developer-docs/api/browser.mdx
index 7aa35b209..4ea697cfe 100644
--- a/website/developer-docs/api/browser.mdx
+++ b/website/developer-docs/api/browser.mdx
@@ -1,38 +1,9 @@
+---
+hide_table_of_contents: true
+---
+
 # API Browser
 
-import useDocusaurusContext from "@docusaurus/useDocusaurusContext";
-import useBaseUrl from "@docusaurus/useBaseUrl";
-import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly";
-import { useColorMode } from "@docusaurus/theme-common";
-
-export function APIBrowser() {
-    const context = useDocusaurusContext();
-    const { siteConfig = {} } = context;
-    const { colorMode, setColorMode } = useColorMode();
-    let bg = "#1b1b1d";
-    if (colorMode === "light") {
-        bg = "#fff";
-    }
-    return (
-        <BrowserOnly>
-            {() => {
-                import("rapidoc");
-                return (
-                    <rapi-doc
-                        spec-url={useBaseUrl("schema.yaml")}
-                        allow-try="false"
-                        show-header="false"
-                        theme={colorMode}
-                        bg-color={bg}
-                        render-style="view"
-                        primary-color="#fd4b2d"
-                        allow-spec-url-load="false"
-                        allow-spec-file-load="false"
-                    ></rapi-doc>
-                );
-            }}
-        </BrowserOnly>
-    );
-}
+import APIBrowser from "../../src/components/APIBrowser";
 
 <APIBrowser />
diff --git a/website/docs/core/applications.md b/website/docs/core/applications.md
index 9908cdfa9..d27d51097 100644
--- a/website/docs/core/applications.md
+++ b/website/docs/core/applications.md
@@ -27,6 +27,8 @@ The following aspects can be configured:
 
     Starting with authentik 2022.2, you can use placeholders in the launch url to build them dynamically based on logged in user. For example, you can set the Launch URL to `https://goauthentik.io/%(username)s`, which will be replaced with the currently logged in user's username.
 
+    Only applications whose launch URL starts with `http://` or `https://` or are relative URLs are shown on the users's **My applications** page. This can also be used to hide applications that shouldn't be visible on the **My applications** page but are still accessible by users, by setting the _Launch URL_ to `hidden://`.
+
 -   _Icon (URL)_: Optionally configure an Icon for the application
 
     If the authentik server does not have a volume mounted under `/media`, you'll get a text input. This accepts absolute URLs. If you've mounted single files into the container, you can reference them using `https://authentik.company/media/my-file.png`.
diff --git a/website/docs/core/geoip.mdx b/website/docs/core/geoip.mdx
index b3cedbe47..ff73e7a39 100644
--- a/website/docs/core/geoip.mdx
+++ b/website/docs/core/geoip.mdx
@@ -27,7 +27,8 @@ import TabItem from "@theme/TabItem";
 Add the following block to your `.env` file:
 
 ```shell
-AUTHENTIK_GEOIP=/tmp/non-existent-file
+AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__GEOIP=/tmp/non-existent-file
+AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__ASN=/tmp/non-existent-file
 ```
 
 Afterwards, run the upgrade commands from the latest release notes.
@@ -38,7 +39,10 @@ Add the following block to your `values.yml` file:
 
 ```yaml
 authentik:
-    geoip: /tmp/non-existent-file
+    events:
+        context_processors:
+            geoip: "/tmp/non-existent-file"
+            asn: "/tmp/non-existent-file"
 ```
 
 Afterwards, run the upgrade commands from the latest release notes.
@@ -74,7 +78,7 @@ services:
         volumes:
             - "geoip:/usr/share/GeoIP"
         environment:
-            GEOIPUPDATE_EDITION_IDS: "GeoLite2-City"
+            GEOIPUPDATE_EDITION_IDS: "GeoLite2-City GeoLite2-ASN"
             GEOIPUPDATE_FREQUENCY: "8"
             GEOIPUPDATE_ACCOUNT_ID: "*your account ID*"
             GEOIPUPDATE_LICENSE_KEY: "*your license key*"
@@ -94,7 +98,7 @@ geoip:
     enabled: true
     accountId: "*your account ID*"
     licenseKey: "*your license key*"
-    editionIds: "GeoLite2-City"
+    editionIds: "GeoLite2-City GeoLite2-ASN"
     image: maxmindinc/geoipupdate:v4.8
     updateInterval: 8
 ```
diff --git a/website/docs/events/index.md b/website/docs/events/index.md
index 49705c0f1..76c0cbf07 100644
--- a/website/docs/events/index.md
+++ b/website/docs/events/index.md
@@ -231,6 +231,11 @@ A user authorizes an application.
     "action": "authorize_application",
     "app": "authentik.providers.oauth2.views.authorize",
     "context": {
+        "asn": {
+            "asn": 6805,
+            "as_org": "Telefonica Germany",
+            "network": "5.4.0.0/14"
+        },
         "geo": {
             "lat": 42.0,
             "city": "placeholder",
diff --git a/website/docs/flow/index.md b/website/docs/flow/index.md
index d13ea1e5e..0fd0c510c 100644
--- a/website/docs/flow/index.md
+++ b/website/docs/flow/index.md
@@ -65,4 +65,6 @@ This designates a flow for general setup. This designation doesn't have any cons
 
 Flows can be imported and exported to share with other people, the community and for troubleshooting. Flows can be imported to apply new functionality and apply existing workflows.
 
+Download our [Example flows](./examples/flows.md) and then import them into your authentik instance.
+
 Starting with authentik 2022.8, flows will be exported as YAML, but JSON-based flows can still be imported.
diff --git a/website/docs/flow/stages/authenticator_validate/index.md b/website/docs/flow/stages/authenticator_validate/index.md
index b72afa47a..9a7df4e0e 100644
--- a/website/docs/flow/stages/authenticator_validate/index.md
+++ b/website/docs/flow/stages/authenticator_validate/index.md
@@ -46,7 +46,7 @@ As first stage, add an _Authentication validation_ stage, with the WebAuthn devi
 After this stage you can bind any additional verification stages.
 As final stage, bind a _User login_ stage.
 
-Users can either access this flow directly via it's URL, or you can modify any Identification stage to add a direct link to this flow.
+Users can either access this flow directly via its URL, or you can modify any Identification stage's _Passwordless flow_ setting to add a direct link to this flow.
 
 ### Logging
 
diff --git a/website/docs/flow/stages/email/email_recovery.png b/website/docs/flow/stages/email/email_recovery.png
index 1dc5dbbc4..0bc14bafd 100644
Binary files a/website/docs/flow/stages/email/email_recovery.png and b/website/docs/flow/stages/email/email_recovery.png differ
diff --git a/website/docs/flow/stages/email/index.mdx b/website/docs/flow/stages/email/index.mdx
index 1064d8f13..a7751e295 100644
--- a/website/docs/flow/stages/email/index.mdx
+++ b/website/docs/flow/stages/email/index.mdx
@@ -25,6 +25,10 @@ return True
 
 You can also use custom email templates, to use your own design or layout.
 
+:::info
+Starting with authentik 2024.1, it is possible to create `.txt` files with the same name as the `.html` template. If a matching `.txt` file exists, the email sent will be a multipart email with both the text and HTML template.
+:::
+
 import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
 
@@ -81,13 +85,17 @@ Templates are rendered using Django's templating engine. The following variables
 -   `user`: The pending user object.
 -   `expires`: The timestamp when the token expires.
 
+<!-- prettier-ignore-start -->
+
 ```html
-{# This is how you can write comments which aren't rendered. #} {# Extend this
-template from the base email template, which includes base layout and CSS. #} {%
-extends "email/base.html" %} {# Load the internationalization module to
-translate strings, and humanize to show date-time #} {% load i18n %} {% load
-humanize %} {# The email/base.html template uses a single "content" block #} {%
-block content %}
+{# This is how you can write comments which aren't rendered. #}
+{# Extend this template from the base email template, which includes base layout and CSS. #}
+{% extends "email/base.html" %}
+{# Load the internationalization module to translate strings, and humanize to show date-time #}
+{% load i18n %}
+{% load humanize %}
+{# The email/base.html template uses a single "content" block #}
+{% block content %}
 <tr>
     <td class="alert alert-success">
         {% blocktrans with username=user.username %} Hi {{ username }}, {%
@@ -99,9 +107,9 @@ block content %}
         <table width="100%" cellpadding="0" cellspacing="0">
             <tr>
                 <td class="content-block">
-                    {% blocktrans %} You recently requested to change your
-                    password for you authentik account. Use the button below to
-                    set a new password. {% endblocktrans %}
+                    {% blocktrans %}
+                    You recently requested to change your password for you authentik account. Use the button below to set a new password.
+                    {% endblocktrans %}
                 </td>
             </tr>
             <tr>
@@ -130,8 +138,7 @@ block content %}
                                                         href="{{ url }}"
                                                         rel="noopener noreferrer"
                                                         target="_blank"
-                                                        >{% trans 'Reset
-                                                        Password' %}</a
+                                                        >{% trans 'Reset Password' %}</a
                                                     >
                                                 </td>
                                             </tr>
@@ -145,9 +152,9 @@ block content %}
             </tr>
             <tr>
                 <td class="content-block">
-                    {% blocktrans with expires=expires|naturaltime %} If you did
-                    not request a password change, please ignore this Email. The
-                    link above is valid for {{ expires }}. {% endblocktrans %}
+                    {% blocktrans with expires=expires|naturaltime %}
+                    If you did not request a password change, please ignore this Email. The link above is valid for {{ expires }}.
+                    {% endblocktrans %}
                 </td>
             </tr>
         </table>
@@ -155,3 +162,5 @@ block content %}
 </tr>
 {% endblock %}
 ```
+
+<!-- prettier-ignore-end -->
diff --git a/website/docs/flow/stages/identification/index.md b/website/docs/flow/stages/identification/index.md
index f2f6cbb98..f911fc4f8 100644
--- a/website/docs/flow/stages/identification/index.md
+++ b/website/docs/flow/stages/identification/index.md
@@ -14,10 +14,6 @@ Select which fields the user can use to identify themselves. Multiple fields can
 
     UPN will attempt to identify the user based on the `upn` attribute, which can be imported with an [LDAP Source](/integrations/sources/ldap/index)
 
-:::info
-Starting with authentik 2023.5, when no user fields are selected and only one source is selected, authentik will automatically redirect the user to that source.
-:::
-
 ## Password stage
 
 To prompt users for their password on the same step as identifying themselves, a password stage can be selected here. If a password stage is selected in the Identification stage, the password stage should not be bound to the flow.
@@ -33,3 +29,29 @@ Requires authentik 2024.1
 :::
 
 When enabled, any user identifier will be accepted as valid (as long as they match the correct format, i.e. when [User fields](#user-fields) is set to only allow Emails, then the identifier still needs to be an Email). The stage will succeed and the flow will continue to the next stage. Stages like the [Password stage](../password/index.md) and [Email stage](../email/index.mdx) are aware of this "pretend" user and will behave the same as if the user would exist.
+
+## Source settings
+
+Some sources (like the [OAuth Source](../../../../integrations/sources/oauth/) and [SAML Source](../../../../integrations/sources/saml/)) require user interaction. To make these sources available to users, they can be selected in the Identification stage settings, which will show them below the selected [user field](#user-fields).
+
+By default, sources are only shown with their icon, which can be changed with the _Show sources' labels_ option.
+
+Furthermore, it is also possible to deselect any [user field option](#user-fields) for an Identification stage, which will result in users only being able to use currently configured sources.
+
+:::info
+Starting with authentik 2023.5, when no user fields are selected and only one source is selected, authentik will automatically redirect the user to that source. This only applies when the **Passwordless flow** option is _not_ configured.
+:::
+
+## Flow settings
+
+### Passwordless flow
+
+See [Passwordless authentication](../authenticator_validate/index.md#passwordless-authentication).
+
+### Enrollment flow
+
+Optionally can be set to a flow with the designation of _Enrollment_, which will allow users to sign up.
+
+### Recovery flow
+
+Optionally can be set to a flow with the designation of _Recovery_, which will allow users to recover their credentials.
diff --git a/website/docs/flow/stages/user_login/index.md b/website/docs/flow/stages/user_login/index.md
index 324aff1a4..92d655093 100644
--- a/website/docs/flow/stages/user_login/index.md
+++ b/website/docs/flow/stages/user_login/index.md
@@ -32,6 +32,51 @@ When this is set to a higher value than the default _seconds=0_, a prompt is sho
 
 ![](./stay_signed_in.png)
 
+## Network binding/GeoIP binding
+
+When configured, all sessions authenticated by this stage will be bound to the selected network/GeoIP criteria.
+
+Sessions which break this binding will be terminated on use. The created [`logout`](../../../events/index.md#logout) event will contain additional data related to what caused the binding to be broken:
+
+```json
+
+Context
+{
+    "asn": {
+        "asn": 6805,
+        "as_org": "Telefonica Germany",
+        "network": "5.4.0.0/14"
+    },
+    "geo": {
+        "lat": 51.2993,
+        "city": "",
+        "long": 9.491,
+        "country": "DE",
+        "continent": "EU"
+    },
+    "binding": {
+        "reason": "network.missing",
+        "new_value": {
+            "asn": 6805,
+            "as_org": "Telefonica Germany",
+            "network": "5.4.0.0/14"
+        },
+        "previous_value": {}
+    },
+    "ip": {
+        "previous": "1.2.3.4",
+        "new": "5.6.7.8",
+    },
+    "http_request": {
+        "args": {},
+        "path": "/if/admin/",
+        "method": "GET",
+        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
+    },
+    "logout_reason": "Session binding broken"
+}
+```
+
 ## Terminate other sessions
 
 When enabled, previous sessions of the user logging in will be revoked. This has no affect on OAuth refresh tokens.
diff --git a/website/docs/installation/configuration.mdx b/website/docs/installation/configuration.mdx
index 28d8e5f50..6201467f1 100644
--- a/website/docs/installation/configuration.mdx
+++ b/website/docs/installation/configuration.mdx
@@ -154,9 +154,13 @@ Defaults to `info`.
 
 Which domain the session cookie should be set to. By default, the cookie is set to the domain authentik is accessed under.
 
-### `AUTHENTIK_GEOIP`
+### `AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__GEOIP`
 
-Path to the GeoIP database. Defaults to `/geoip/GeoLite2-City.mmdb`. If the file is not found, authentik will skip GeoIP support.
+Path to the GeoIP City database. Defaults to `/geoip/GeoLite2-City.mmdb`. If the file is not found, authentik will skip GeoIP support.
+
+### `AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__ASN`
+
+Path to the GeoIP ASN database. Defaults to `/geoip/GeoLite2-ASN.mmdb`. If the file is not found, authentik will skip GeoIP support.
 
 ### `AUTHENTIK_DISABLE_UPDATE_CHECK`
 
diff --git a/website/docs/outposts/_config.md b/website/docs/outposts/_config.md
index f1b3e8792..ce013b625 100644
--- a/website/docs/outposts/_config.md
+++ b/website/docs/outposts/_config.md
@@ -64,9 +64,17 @@ kubernetes_image_pull_secrets: []
 # (Available with 2022.11.0+)
 # Applies to: proxy outposts
 kubernetes_ingress_class_name: null
-# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects. This value expects
-# a mapping of a key which can be any of the values from `kubernetes_disabled_components`,
-# which configures which component the patches are applied to. For example:
+# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects.
+# For an understanding of how this works, refer to the link below:
+# https://github.com/kubernetes-sigs/kustomize/blob/master/examples/jsonpatch.md
+#
+# This value expects a mapping where the key represents
+# the Kubernetes component that shall be patched.
+# It can be any of the same values supported by `kubernetes_disabled_components`.
+#
+# For example use this patch to add custom resource requests and limits
+# to the outpost deployment:
+#
 # deployment:
 #   - op: add
 #     path: "/spec/template/spec/containers/0/resources"
diff --git a/website/docs/outposts/index.mdx b/website/docs/outposts/index.mdx
index bd3d7744c..b5ffe1c25 100644
--- a/website/docs/outposts/index.mdx
+++ b/website/docs/outposts/index.mdx
@@ -7,6 +7,7 @@ An outpost is a single deployment of an authentik component, which can be deploy
 -   [LDAP Provider](../providers/ldap/index.md)
 -   [Proxy Provider](../providers/proxy/index.md)
 -   [RADIUS Provider](../providers/radius/index.md)
+-   [RAC Provider](../providers/rac/index.md)
 
 ![](outposts.png)
 
diff --git a/website/docs/outposts/integrations/kubernetes.md b/website/docs/outposts/integrations/kubernetes.md
index 0a94f9893..f50d48a50 100644
--- a/website/docs/outposts/integrations/kubernetes.md
+++ b/website/docs/outposts/integrations/kubernetes.md
@@ -2,7 +2,7 @@
 title: Kubernetes
 ---
 
-The kubernetes integration with automatically deploy outposts on any Kubernetes Cluster.
+The kubernetes integration will automatically deploy outposts on any Kubernetes Cluster.
 
 This integration has the advantage over manual deployments of automatic updates (whenever authentik is updated, it updates the outposts), and authentik can (in a future version) automatically rotate the token that the outpost uses to communicate with the core authentik server.
 
diff --git a/website/docs/policies/expression.mdx b/website/docs/policies/expression.mdx
index 2200cc96f..aaf850608 100644
--- a/website/docs/policies/expression.mdx
+++ b/website/docs/policies/expression.mdx
@@ -54,6 +54,11 @@ import Objects from "../expressions/_objects.md";
     -   `request.context`: A dictionary with dynamic data. This depends on the origin of the execution.
 
 -   `geoip`: GeoIP object, see [GeoIP](https://geoip2.readthedocs.io/en/latest/#geoip2.models.City)
+
+    ```python
+    return context["geoip"].country.iso_code == "US"
+    ```
+
 -   `ak_is_sso_flow`: Boolean which is true if request was initiated by authenticating through an external provider.
 -   `ak_client_ip`: Client's IP Address or 255.255.255.255 if no IP Address could be extracted. Can be [compared](#comparing-ip-addresses), for example
 
diff --git a/website/docs/providers/oauth2/index.md b/website/docs/providers/oauth2/index.md
index 0eba63765..90ce75778 100644
--- a/website/docs/providers/oauth2/index.md
+++ b/website/docs/providers/oauth2/index.md
@@ -35,12 +35,20 @@ To access the user's email address, a scope of `user:email` is required. To acce
 
 ### `authorization_code`:
 
-This grant is used to convert an authorization code to a refresh token. The authorization code is retrieved through the Authorization flow, and can only be used once, and expires quickly.
+This grant is used to convert an authorization code to an access token (and optionally refresh token). The authorization code is retrieved through the Authorization flow, and can only be used once, and expires quickly.
+
+:::info
+Starting with authentik 2024.1, applications only receive an access token. To receive a refresh token, applications must be allowed to request the `offline_access` scope in authentik and also be configured to request the scope.
+:::
 
 ### `refresh_token`:
 
 Refresh tokens can be used as long-lived tokens to access user data, and further renew the refresh token down the road.
 
+:::info
+Starting with authentik 2024.1, this grant requires the `offline_access` scope.
+:::
+
 ### `client_credentials`:
 
 See [Machine-to-machine authentication](./client_credentials)
diff --git a/website/docs/providers/rac/index.md b/website/docs/providers/rac/index.md
new file mode 100644
index 000000000..67e3b74da
--- /dev/null
+++ b/website/docs/providers/rac/index.md
@@ -0,0 +1,47 @@
+---
+title: Remote Access (RAC) Provider
+---
+
+<span class="badge badge--primary">Enterprise</span>
+
+---
+
+:::info
+This feature is in technical preview, so please report any Bugs you run into on [GitHub](https://github.com/goauthentik/authentik/issues)
+:::
+
+The Remote access provider allows users to access Windows/macOS/Linux machines via [RDP](https://en.wikipedia.org/wiki/Remote_Desktop_Protocol)/[SSH](https://en.wikipedia.org/wiki/Secure_Shell)/[VNC](https://en.wikipedia.org/wiki/Virtual_Network_Computing).
+
+:::info
+This provider requires the deployment of the [RAC Outpost](../../outposts/)
+:::
+
+## Endpoints
+
+Unlike other providers, where one provider-application pair must be created for each resource you wish to access, the RAC provider handles this slightly differently. For each machine (computer/server) that should be accessible, an _Endpoint_ object must be created within an RAC provider.
+
+The _Endpoint_ object specifies the hostname/IP of the machine to connect to, as well as the protocol to use. Additionally it is possible to bind policies to _endpoint_ objects to restrict access. Users must have access to both the application the RAC Provider is using as well as the individual endpoint.
+
+Configuration like credentials can be specified through _settings_, which can be specified on different levels and are all merged together when connecting:
+
+1. Provider settings
+2. Endpoint settings
+3. Connection settings (see [Connections](#connections))
+4. Provider property mapping settings
+5. Endpoint property mapping settings
+
+## Connections
+
+Each connection is authorized through the policies bound to the application and the endpoint, and additional verification can be done with the authorization flow.
+
+Additionally it is possible to modify the connection settings through the authorization flow. Configuration set in `connection_settings` in the flow plan context will be merged with other settings as shown above.
+
+A new connection is created every time an endpoint is selected in the [User Interface](../../interfaces/user/customization.mdx). Once the user's authentik session expires, the connection is terminated. Additionally, the connection timeout can be specified in the provider, which applies even if the user is still authenticated. The connection can also be terminated manually.
+
+## Capabilities
+
+The following features are currently supported:
+
+-   Bi-directional clipboard
+-   Audio redirection (from remote machine to browser)
+-   Resizing
diff --git a/website/docs/providers/radius/index.md b/website/docs/providers/radius/index.md
index f9f0b5403..f7966ef2f 100644
--- a/website/docs/providers/radius/index.md
+++ b/website/docs/providers/radius/index.md
@@ -2,10 +2,6 @@
 title: Radius Provider
 ---
 
-:::info
-This feature is still in technical preview, so please report any Bugs you run into on [GitHub](https://github.com/goauthentik/authentik/issues)
-:::
-
 You can configure a Radius Provider for applications that don't support any other protocols or require Radius.
 
 :::info
diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md
index a1f74470c..1034d0115 100644
--- a/website/docs/releases/2023/v2023.10.md
+++ b/website/docs/releases/2023/v2023.10.md
@@ -165,6 +165,22 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
 -   stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) (#7584)
 -   web/admin: fix admins not able to delete MFA devices (#7660)
 
+## Fixed in 2023.10.5
+
+-   blueprints: improve file change handler (cherry-pick #7813) (#7934)
+-   events: add better fallback for sanitize_item to ensure everything can be saved as JSON (cherry-pick #7694) (#7937)
+-   events: fix lint (#7700)
+-   events: include user agent in events (cherry-pick #7693) (#7938)
+-   providers/scim: change familyName default (cherry-pick #7904) (#7930)
+-   root: don't show warning when app has no URLs to import (cherry-pick #7765) (#7935)
+-   root: Fix cache related image build issues (cherry-pick #7831) (#7932)
+-   stages/email: improve error handling for incorrect template syntax (cherry-pick #7758) (#7936)
+-   tests: fix flaky tests (cherry-pick #7676) (#7939)
+-   web: dark/light theme fixes (#7872)
+-   web: fix overflow glitch on ak-page-header (cherry-pick #7883) (#7931)
+-   web/admin: always show oidc well-known URL fields when they're set (#7560)
+-   web/user: fix search not updating app (cherry-pick #7825) (#7933)
+
 ## API Changes
 
 #### What's New
diff --git a/website/docs/releases/2024/v2024.1.md b/website/docs/releases/2024/v2024.1.md
index c6ffd0f28..e9f31fc55 100644
--- a/website/docs/releases/2024/v2024.1.md
+++ b/website/docs/releases/2024/v2024.1.md
@@ -17,6 +17,12 @@ slug: "/releases/2024.1"
     -   `authentik_outpost_radius_requests_rejected` -> `authentik_outpost_radius_requests_rejected_total`
     -   `authentik_main_requests` -> `authentik_main_request_duration_seconds`
 
+-   Required `offline_access` scope for Refresh tokens
+
+    The OAuth2 provider ships with a new default scope called `offline_access`, which must be requested by applications that need a refresh token. Previously, authentik would always issue a refresh token for the _Authorization code_ and _Device code_ OAuth grants.
+
+    Applications which require will need their configuration update to include the `offline_access` scope mapping.
+
 ## New features
 
 -   "Pretend user exists" option for Identification stage
diff --git a/website/docs/security/2023-06-cure53.md b/website/docs/security/2023-06-cure53.md
index 3df339e81..55d65d12d 100644
--- a/website/docs/security/2023-06-cure53.md
+++ b/website/docs/security/2023-06-cure53.md
@@ -1,8 +1,8 @@
 # 2023-06 Cure53 Code audit
 
-In May/June of 2023, we've had a Pen-test conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues.
+In May/June of 2023, we've had a Pentest conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues.
 
-From the complete report, these are the points we're addressing with this update:
+From the [complete report](https://cure53.de/pentest-report_authentik.pdf), these are the points we're addressing with this update:
 
 ### ATH-01-001: Path traversal on blueprints allows arbitrary file-read (Medium)
 
diff --git a/website/docs/user-group-role/user/invitations.md b/website/docs/user-group-role/user/invitations.md
index 7387543f5..e3e58f42e 100644
--- a/website/docs/user-group-role/user/invitations.md
+++ b/website/docs/user-group-role/user/invitations.md
@@ -18,7 +18,7 @@ The fastest way to create an invitation is to use our pre-defined `default-enrol
 To download the `default-enrollment-flow` file, run this command:
 
 ```
-wget https://raw.githubusercontent.com/goauthentik/authentik/main/website/developer-docs/blueprints/example/flows-enrollment-2-stage.yaml
+wget https://goauthentik.io/blueprints/example/flows-enrollment-2-stage.yaml
 ```
 
 Alternatively, use this [link](/blueprints/example/flows-enrollment-2-stage.yaml) to view and save the file. For more details, refer to the [documentation](https://goauthentik.io/docs/flow/examples/flows#enrollment-2-stage).
diff --git a/website/integrations/services/dokuwiki/index.md b/website/integrations/services/dokuwiki/index.md
index 7b7e27e4c..b84dd50a2 100644
--- a/website/integrations/services/dokuwiki/index.md
+++ b/website/integrations/services/dokuwiki/index.md
@@ -17,7 +17,7 @@ The following placeholders will be used:
 -   `dokuwiki.company` is the FQDN of the DokiWiki install.
 -   `authentik.company` is the FQDN of the authentik install.
 
-## Service Configuration
+## DokuWiki configuration
 
 In DokuWiki, navigate to the _Extension Manager_ section in the _Administration_ interface and install
 
diff --git a/website/integrations/services/grafana/index.mdx b/website/integrations/services/grafana/index.mdx
index e6cc7a5a8..2de91535a 100644
--- a/website/integrations/services/grafana/index.mdx
+++ b/website/integrations/services/grafana/index.mdx
@@ -24,6 +24,16 @@ Create an application in authentik. Create an OAuth2/OpenID provider with the fo
 -   Signing Key: Select any available key
 -   Redirect URIs: `https://grafana.company/login/generic_oauth`
 
+Additionally, because Grafana has its own concept of groups, we need to create a custom Scope Mapping to ensure Grafana can read the user's groups assigned within authentik. It should contain the following expression:
+
+```json
+return {
+  "info": { "groups": [group.name for group in request.user.ak_groups.all()] },
+}
+```
+
+This ensures that groups are available under `info.groups[]`, which can be used later in [Role Mapping](#role-mappings).
+
 Note the Client ID and Client Secret values. Create an application, using the provider you've created above. Note the slug of the application you've created.
 
 ## Terraform provider
@@ -46,6 +56,16 @@ data "authentik_scope_mapping" "scope-openid" {
   name = "authentik default OAuth Mapping: OpenID 'openid'"
 }
 
+resource "authentik_scope_mapping" "scope-grafana-roles" {
+  name = "Grafana Groups"
+  scope_name = "grafana-groups"
+  expression = <<EOF
+return {
+  "info": { "groups": [group.name for group in request.user.ak_groups.all()] },
+}
+EOF
+}
+
 resource "authentik_provider_oauth2" "grafana" {
   name          = "Grafana"
   #  Required. You can use the output of:
@@ -63,6 +83,7 @@ resource "authentik_provider_oauth2" "grafana" {
     data.authentik_scope_mapping.scope-email.id,
     data.authentik_scope_mapping.scope-profile.id,
     data.authentik_scope_mapping.scope-openid.id,
+    authentik_scope_mapping.scope-grafana-roles.id,
   ]
 }
 
@@ -86,7 +107,7 @@ resource "authentik_group" "grafana_viewers" {
 
 ```
 
-## Grafana
+## Grafana configuration
 
 import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
@@ -115,7 +136,7 @@ environment:
     # Optionally enable auto-login (bypasses Grafana login screen)
     GF_AUTH_OAUTH_AUTO_LOGIN: "true"
     # Optionally map user groups to Grafana roles
-    GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'"
+    GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(info.groups[*], 'Grafana Admins') && 'Admin' || contains(info.groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'"
 ```
 
   </TabItem>
@@ -138,7 +159,7 @@ auth_url = https://authentik.company/application/o/authorize/
 token_url = https://authentik.company/application/o/token/
 api_url = https://authentik.company/application/o/userinfo/
 # Optionally map user groups to Grafana roles
-role_attribute_path = contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
+role_attribute_path = contains(info.groups[*], 'Grafana Admins') && 'Admin' || contains(info.groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
 ```
 
   </TabItem>
@@ -160,7 +181,7 @@ grafana.ini:
         token_url: "https://authentik.company/application/o/token/"
         api_url: "https://authentik.company/application/o/userinfo/"
         # Optionally map user groups to Grafana roles
-        role_attribute_path: contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
+        role_attribute_path: contains(info.groups[*], 'Grafana Admins') && 'Admin' || contains(info.groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
 ```
 
 :::note
@@ -178,8 +199,8 @@ In the example shown above, one of the specified group names is "Grafana Admins"
 If the user is not a member of the "Grafana Admins" group, it moves on to see if the user is a member of the "Grafana Editors" group. If they are, they are granted the "Editor" role. Finally, if the user is not found to be a member of either of these groups, it fails back to granting the "Viewer" role.
 
 ```text
-contains(groups[*], 'Grafana Admins') && 'Admin' || contains(groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
-^ attribute to search  ^ group to search for  ^ role to grant                                           ^ or grant "Viewer" role.
+contains(info.groups[*], 'Grafana Admins') && 'Admin' || contains(info.groups[*], 'Grafana Editors') && 'Editor' || 'Viewer'
+         ^ attribute     ^ group to search for^ role to grant                                                       ^ or grant "Viewer" role.
 ```
 
 For more information on group/role mappings, see [Grafana's docs](https://grafana.com/docs/grafana/latest/auth/generic-oauth/#role-mapping).
diff --git a/website/integrations/services/immich/index.md b/website/integrations/services/immich/index.md
new file mode 100644
index 000000000..88554d302
--- /dev/null
+++ b/website/integrations/services/immich/index.md
@@ -0,0 +1,48 @@
+---
+title: Immich
+---
+
+<span class="badge badge--secondary">Support level: Community</span>
+
+## What is Immich
+
+> Immich is a self-hosted backup solution for photos and videos on mobile devices.
+>
+> -- https://immich.app/
+
+## Preparation
+
+The following placeholders will be used:
+
+-   `https://immich.company` is the URL used to access the Immich instance.
+-   `authentik.company` is the FQDN of the authentik install.
+
+## authentik configuration
+
+1. Create a new OAuth2/OpenID Provider using the following settings:
+    - **Name**: Immich
+    - **Authentication flow**: default-authentication-flow
+    - **Authorization flow**: default-provider-authorization-explicit-consent
+    - **Client type**: Confidential
+    - **Client ID**: Either create your own Client ID or make a note of the auto-populated one
+    - **Client Secret**: Either create your own Client Secret or make a note of the auto-populated one
+    - **Redirect URIs/Origins (RegEx)**:
+      _Please note that the following URIs are just examples. Be sure to include all of the domains / URLs that you will use to access Immich._
+        - app.immich:/
+        - https://immich.company/auth/login
+        - https://immich.company/user-settings
+    - **Signing Key**: authentik Self-signed Certificate
+    - Leave everything else as default
+2. Open the new provider you've just created.
+3. Make a note of the **OpenID Configuration Issuer**.
+
+## Immich Configuration
+
+Immich documentation can be found here: https://immich.app/docs/administration/oauth
+
+1. In Immich, navigate to **Administration** > **Settings** > **OAuth Authentication**
+2. Configure Immich as follows:
+    - **Issuer URL**: Populate this field with the `OpenID Configuration Issuer`
+    - **Client ID**: Enter your Client ID from authentik
+    - **Client Secret**: Enter your Client Secret from authentik
+    - **Scope**: `openid email profile`
diff --git a/website/integrations/services/jellyfin/index.md b/website/integrations/services/jellyfin/index.md
index c92e21f52..ef66efd27 100644
--- a/website/integrations/services/jellyfin/index.md
+++ b/website/integrations/services/jellyfin/index.md
@@ -15,7 +15,7 @@ Jellyfin does not have any native external authentication support as of the writ
 :::
 
 :::note
-Currently there are two plugins for Jelyfin that provide external authenticaion, an OIDC plugin and an LDAP plugin. This guide focuses on the use of the LDAP plugin.
+Currently, there are two plugins for Jellyfin that provide external authentication, an OIDC plugin and an LDAP plugin. This guide focuses on the use of the LDAP plugin.
 :::
 
 :::caution
@@ -32,51 +32,51 @@ The following placeholders will be used:
 -   `dc=company,dc=com` the Base DN of the LDAP outpost.
 -   `ldap_bind_user` the username of the desired LDAP Bind User
 
-## Service Configuration
+## Jellyfin configuration
 
-1. If you don't have one already create an LDAP bind user before starting these steps.
+1. If you don't have one already, create an LDAP bind user before starting these steps.
     - Ideally, this user doesn't have any permissions other than the ability to view other users. However, some functions do require an account with permissions.
     - This user must be part of the group that is specified in the "Search group" in the LDAP outpost.
 2. Navigate to your Jellyfin installation and log in with the admin account or currently configured local admin.
 3. Open the administrator dashboard and go to the "Plugins" section.
 4. Click "Catalog" at the top of the page, and locate the "LDAP Authentication Plugin"
 5. Install the plugin. You may need to restart Jellyfin to finish installation.
-6. Once finished navigate back to the plugins section of the admin dashboard, click the 3 dots on the "LDAP-Auth Plugin" card, and click settings.
+6. Once finished, navigate back to the plugins section of the admin dashboard, click the 3 dots on the "LDAP-Auth Plugin" card, and click settings.
 7. Configure the LDAP Settings as follows:
     - `LDAP Server`: `ldap.company.com`
     - `LDAP Port`: 636
     - `Secure LDAP`: **Checked**
     - `StartTLS`: Unchecked
     - `Skip SSL/TLS Verification`:
-        - If using a certificate issued by a certificate authority Jellyfin trusts, leave this unchecked.
-        - If you're using a self signed certificate, check this box.
+        - If using a certificate issued by a certificate authority, Jellyfin trusts, leave this unchecked.
+        - If you're using a self-signed certificate, check this box.
     - `Allow password change`: Unchecked
-        - Since authentik already has a frontend for password resets, its not necessary to include this in Jellyfin, especially since it requires bind user to have privileges.
+        - Since authentik already has a frontend for password resets, it's not necessary to include this in Jellyfin, especially since it requires bind user to have privileges.
     - `Password Reset URL`: Empty
-    - `LDAP Bind User`: Set this to a the user you want to bind to in authentik. By default the path will be `ou=users,dc=company,dc=com` so the LDAP Bind user will be `cn=ldap_bind_user,ou=users,dc=company,dc=com`.
+    - `LDAP Bind User`: Set this to a user you want to bind to in authentik. By default, the path will be `ou=users,dc=company,dc=com` so the LDAP Bind user will be `cn=ldap_bind_user,ou=users,dc=company,dc=com`.
     - `LDAP Bind User Password`: The Password of the user. If using a Service account, this is the token.
-    - `LDAP Base DN for Searches`: the base DN for LDAP queries. To query all users set this to `dc=company,dc=com`.
+    - `LDAP Base DN for Searches`: the base DN for LDAP queries. To query all users, set this to `dc=company,dc=com`.
         - You can specify an OU if you divide your users up into different OUs and only want to query a specific OU.
 
-At this point click `Save and Test LDAP Server Settings`. If the settings are correct you will see:
+At this point, click `Save and Test LDAP Server Settings`. If the settings are correct, you will see:
 `Connect(Success); Bind(Success); Base Search (Found XY Entities)`
 
 -   `LDAP User Filter`: This is used to a user filter on what users are allowed to login. **This must be set**
     -   To allow all users: `(objectClass=user)`
     -   To only allow users in a specific group: `(memberOf=cn=jellyfin_users,ou=groups,dc=company,dc=com)`
     -   Good Docs on LDAP Filters: [atlassian.com](https://confluence.atlassian.com/kb/how-to-write-ldap-search-filters-792496933.html)
--   `LDAP Admin Base DN`: All of the users in this DN are automatically set as admins.
-    -   This can be left blank. Admins can be set manually outside of this filter
+-   `LDAP Admin Base DN`: All the users in this DN are automatically set as admins.
+    -   This can be left blank. Admins can be set manually outside this filter
 -   `LDAP Admin Filter`: Similar to the user filter, but every matched user is set as admin.
-    -   This can be left blank. Admins can be set manually outside of this filter
+    -   This can be left blank. Admins can be set manually outside this filter
 
-At this point click `Save and Test LDAP Filter Settings`. If the settings are correct you will see:
+At this point, click `Save and Test LDAP Filter Settings`. If the settings are correct, you will see:
 `Found X user(s), Y admin(s)`
 
 -   `LDAP Attributes`: `uid, cn, mail, displayName`
 -   `Enable case Insensitive Username`: **Checked**
 
-At this point, enter in a username and click "Save Search Attribute Settings and Query User". If the settings are correct you will see:
+At this point, enter a username and click "Save Search Attribute Settings and Query User". If the settings are correct, you will see:
 `Found User: cn=test,ou=users,dc=company,dc=com`
 
 -   `Enabled User Creation`: **Checked**
diff --git a/website/integrations/services/jenkins/index.md b/website/integrations/services/jenkins/index.md
new file mode 100644
index 000000000..a8b4388ab
--- /dev/null
+++ b/website/integrations/services/jenkins/index.md
@@ -0,0 +1,53 @@
+---
+title: Jenkins
+---
+
+<span class="badge badge--secondary">Support level: Community</span>
+
+## What is Jenkins
+
+> The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.
+>
+> -- https://www.jenkins.io/
+
+## Preparation
+
+The following placeholders will be used:
+
+-   `jenkins.company` is the FQDN of the Service install.
+-   `authentik.company` is the FQDN of the authentik install.
+
+Create an OAuth2/OpenID provider with the following parameters:
+
+-   **Client Type**: `Confidential`
+-   Scopes: OpenID, Email and Profile
+-   **Signing Key**: Select any available key
+
+Note the Client ID and Client Secret values for the provider.
+
+Next, create an application, using the provider you've created above. Note the slug of the application you create.
+
+## Jenkins Configuration
+
+Navigate to the Jenkins plugin manager: **Manage Jenkins** -> **Plugins** -> **Available plugins**. Search for the plugin `oic-auth` in the search field, and install the plugin. Jenkins must be restarted afterwards to ensure the plugin is loaded.
+
+After the restart, navigate to **Manage Jenkins** again, and click **Security**.
+
+Modify the **Security Realm** option to select `Login with Openid Connect`.
+
+In the **Client id** and **Client secret** fields, enter the Client ID and Client Secret values from the provider you created.
+
+Set the configuration mode to **Automatic configuration** and set the **Well-known configuration endpoint** to `https://authentik.company/application/o/<Slug of the application from above>/.well-known/openid-configuration`
+
+Check the checkbox **Override scopes** and input the scopes `openid profile email` into the new input field.
+
+Further down the page, expand the **Advanced** section and input the following values:
+
+-   **User name field name**: `preferred_username`
+-   **Full name field name**: `name`
+-   **Email field name**: `email`
+-   **Groups field name**: `groups`
+
+We also recommend enabling the option **Enable Proof Key for Code Exchange** further down the page.
+
+Additionally, as a fallback to regain access to Jenkins in the case of misconfiguration, we recommend configuring the **Configure 'escape hatch' for when the OpenID Provider is unavailable** option below. How to configure this option is beyond the scope of this document, and is explained by the OpenID Plugin.
diff --git a/website/integrations/services/sharepoint-se/index.md b/website/integrations/services/sharepoint-se/index.md
new file mode 100644
index 000000000..1ec243598
--- /dev/null
+++ b/website/integrations/services/sharepoint-se/index.md
@@ -0,0 +1,376 @@
+---
+title: SharePoint Server SE
+---
+
+<span class="badge badge--secondary">Support level: Community</span>
+
+## What is Microsoft SharePoint
+
+> SharePoint is a proprietary, web-based collaborative platform that integrates natively with Microsoft 365.
+>
+> Launched in 2001, SharePoint is primarily sold as a document management and storage system, although it is also used for sharing information through an intranet, implementing internal applications, and for implementing business processes.
+>
+> -- https://en.wikipedia.org/wiki/SharePoint
+
+> Organizations use Microsoft SharePoint to create websites.
+>
+> You can use it as a secure place to store, organize, share, and access information from any device.
+> All you need is a web browser, such as Microsoft Edge, Internet Explorer, Chrome, or Firefox.
+>
+> -- https://support.microsoft.com/en-us/office/what-is-sharepoint-97b915e6-651b-43b2-827d-fb25777f446f
+
+:::note
+There are many ways to implement SSO mechanism within Microsoft SharePoint Server Subscription Edition.
+
+These guidelines provides the procedure to integrate authentik with an OIDC provider based on Microsoft documentation.
+(cf. https://learn.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/set-up-oidc-auth-in-sharepoint-server-with-msaad)
+
+In addition, it provides the procedure to enable claims augmentations in order to resolve group memberships.
+
+For all other integration models, read Microsoft official documentation.
+(cf. https://learn.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/plan-user-authentication)
+:::
+
+:::caution
+This setup only works starting with **authentik** version **2023.10** and Microsoft **SharePoint** Subscription Edition starting with the **Cumulative Updates** of **September 2023**.
+:::
+
+## Preparation
+
+When you configure OIDC with authentik, you need the following resources:
+
+1. A SharePoint Server Subscription Edition farm starting with CU of September 2023
+2. An authentik instance starting with version 2023.10
+3. (Optional) [LDAPCP](https://www.ldapcp.com/docs/overview/introduction/) installed on the target SharePoint farm
+
+:::info
+Ensure that the authentik and SharePoint Server clocks are synchronized.
+:::
+
+These guidelines use the following placeholders for the overall setup:
+
+| Name                                               | Placeholder                          | Sample value                                                                           |
+| -------------------------------------------------- | ------------------------------------ | -------------------------------------------------------------------------------------- |
+| authentik Application Name                         | `auth.applicationName`               | SharePoint SE                                                                          |
+| authentik Application Slug                         | `auth.applicationSlug`               | sharepoint-se                                                                          |
+| authentik OIDC Name                                | `auth.providerName`                  | OIDC-SP                                                                                |
+| authentik OIDC Configuration URL                   | `auth.providerConfigURL`             | https://authentik.company/application/o/sharepoint-se/.well-known/openid-configuration |
+| authentik OIDC Client ID                           | `auth.providerClientID`              | 0ab1c234d567ef8a90123bc4567890e12fa3b45c                                               |
+| authentik OIDC Redirect URIs                       | `auth.providerRedirectURI`           | https://sharepoint.company/.\*                                                         |
+| (Optional) authentik LDAP Outpost URI              | `ldap.outpostURI`                    | ak-outpost-ldap.authentik.svc.cluster.local                                            |
+| (Optional) authentik LDAP Service Account          | `ldap.outpostServiceAccount`         | cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io                                   |
+| (Optional) authentik LDAP Service Account Password | `ldap.outpostServiceAccountPassword` | mystrongpassword                                                                       |
+| SharePoint Default Web Application URL             | `sp.webAppURL`                       | https://sharepoint.company                                                             |
+| SharePoint Trusted Token Issuer Name               | `sp.issuerName`                      | Authentik                                                                              |
+| SharePoint Trusted Token Issuer Description        | `sp.issuerDesc`                      | authentik IDP                                                                          |
+
+## authentik configuration
+
+### Step 1: Create authentik OpenID Property Mappings
+
+SharePoint requires additional properties within the OpenID and profile scopes in order to operate OIDC properly and be able to map incoming authentik OID Claims with Microsoft Claims.
+
+Additional information from Microsoft documentation:
+
+-   https://learn.microsoft.com/en-us/entra/identity-platform/id-tokens#validate-tokens
+-   https://learn.microsoft.com/en-us/entra/identity-platform/id-token-claims-reference#payload-claims
+
+#### Add an OpenID scope mapping for SharePoint
+
+From the authentik Admin Dashboard:
+
+1. Open **Customisation > Property Mappings** page from the sidebar.
+2. Click **Create** from the property mapping list command bar.
+3. Within the new property mapping form, select **Scope Mapping**.
+4. Click **Next** and enter the following values:
+    - **Name**: SPopenid
+    - **Scope name**: openid
+    - **Expression**:
+
+```python
+return {
+  "nbf": "0",           # Identifies the time before which the JWT can't be accepted for processing.
+                        # 0 stand for the date 1970-01-01 in unix timestamp
+  "oid": user.uid,      # This ID uniquely identifies the user across applications - two different applications signing in the same user receives the same value in the oid claim.
+  "upn": user.username  # (Optional) User Principal Name, used for troubleshooting within JWT tokens or to setup SharePoint like ADFS
+}
+```
+
+5. Click **Finish**.
+
+#### Add a profile scope mapping for SharePoint
+
+From the authentik Admin Dashboard:
+
+1. Open **Customisation > Property Mappings** page from the sidebar.
+2. Click **Create** from the property mapping list command bar.
+3. Within the new property mapping form, select **Scope Mapping**.
+4. Click **Next** and enter the following values:
+    - **Name**: SPprofile
+    - **Scope name**: profile
+    - **Expression**:
+
+```python
+return {
+    "name": request.user.name,                                         # The name claim provides a human-readable value that identifies the subject of the token.
+    "given_name": request.user.name,                                   # Interoperability with Microsoft Entra ID
+    "unique_name": request.user.name,                                  # (Optional) Used for troubleshooting within JWT tokens or to setup SharePoint like ADFS
+    "preferred_username": request.user.username,                       # (Optional) The primary username that represents the user.
+    "nickname": request.user.username,                                 # (Optional) Used for troubleshooting within JWT tokens or to setup SharePoint like ADFS
+    "roles": [group.name for group in request.user.ak_groups.all()],   # The set of roles that were assigned to the user who is logging in.
+}
+```
+
+5. Click **Finish**.
+
+### Step 2: Create authentik Open ID Connect Provider
+
+From the authentik Admin Dashboard:
+
+1. Open **Applications > Providers** page from the sidebar.
+2. Click **Create** from the provider list command bar.
+3. Within the new provider form, select **OAuth2/OpenID Provider**.
+4. Click **Next** and enter the following values:
+    - **Name**: `auth.providerName`
+    - **Authentication flow**: default-authentication-flow
+    - **Authorization flow**: default-provider-authorization-implicit-consent
+      :::note
+      use the explicit flow if user consents are required
+      :::
+    - **Redirect URIs / Origins**: `auth.providerRedirectURI`
+    - **Signing Key**: authentik Self-signed Certificate
+      :::note
+      The certificate is used for signing JWT tokens;, if you change it after the integration do not forget to update your SharePoint Trusted Certificate.
+      :::
+    - **Access code validity**: minutes=5
+      :::note
+      The minimum is 5 minutes, otherwise SharePoint backend might consider the access code expired.
+      :::
+    - **Access Token validity**: minutes=15
+      :::note
+      The minimum is 15 minutes, otherwise SharePoint backend will consider the access token expired.
+      :::
+    - **Scopes**: select default email, SPopenid and SPprofile
+    - **Subject mode**: Based on the User's hashed ID
+5. Click **Finish**.
+
+### Step 3: Create an application in authentik
+
+From the authentik Admin Dashboard:
+
+1. Open **Applications > Applications** page from the sidebar.
+2. Click **Create** from the application list command bar.
+3. Within the new application form, enter the following values:
+    - **Name**: `auth.applicationName`
+    - **Slug**: `auth.applicationSlug`
+    - **Provider**: `auth.providerName`
+    - (Optional) **Launch URL**: `sp.webAppURL`
+    - (Optional) **Icon**: https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/brand-icons/product/svg/sharepoint_48x1.svg
+4. Click **Create**.
+
+### Step 4: Setup OIDC authentication in SharePoint Server
+
+#### Pre-requisites
+
+##### Update SharePoint farm properties
+
+The following PowerShell script must be updated according to your environment and executed as **Farm Admin account** with **elevated privileges** on a SharePoint Server.
+
+:::caution
+
+-   Update placeholders
+-   Read all script's comments
+
+:::
+
+```PowerShell
+Add-PSSnapin microsoft.sharepoint.powershell
+
+# Setup farm properties to work with OIDC
+$cert = New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider' -Subject "CN=SharePoint Cookie Cert"
+$rsaCert = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert)
+$fileName = $rsaCert.key.UniqueName
+
+#If you have multiple SharePoint servers in the farm, you need to export certificate by Export-PfxCertificate and import certificate to all other SharePoint servers in the farm by Import-PfxCertificate and apply the same permissions as below.
+
+#After certificate is successfully imported to SharePoint Server, we will need to grant access permission to certificate private key.
+
+$path = "$env:ALLUSERSPROFILE\Microsoft\Crypto\RSA\MachineKeys\$fileName"
+$permissions = Get-Acl -Path $path
+
+#Please replace the <web application pool account> with the real application pool account of your web application.
+$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$($env:computername)\WSS_WPG", 'Read', 'None', 'None', 'Allow')
+$permissions.AddAccessRule($access_rule)
+Set-Acl -Path $path -AclObject $permissions
+
+#Then we update farm properties only once.
+$f = Get-SPFarm
+$f.Farm.Properties['SP-NonceCookieCertificateThumbprint']=$cert.Thumbprint
+$f.Farm.Properties['SP-NonceCookieHMACSecretKey']='seed'
+$f.Farm.Update()
+```
+
+##### SharePoint settings in case of SSL offloading
+
+Update the SharePoint farm to accept OAuth authentication over HTTP.
+
+The following PowerShell script must be updated according to your environment and executed as **Farm Admin account** with **elevated privileges** on a SharePoint Server.
+
+```PowerShell
+Add-PSSnapin microsoft.sharepoint.powershell
+$c = get-spsecuritytokenserviceconfig
+$c.AllowOAuthOverHttp = $true
+$c.update()
+```
+
+#### Create SharePoint authentication provider
+
+The following PowerShell script must be updated according to your environment and executed as **Farm Admin account** with **elevated privileges** on a SharePoint Server.
+
+:::caution
+
+-   Update placeholders
+-   Read all script's comments.
+
+:::
+
+```PowerShell
+Add-PSSnapin microsoft.sharepoint.powershell
+
+# OIDC Settings
+$metadataendpointurl = "auth.providerConfigURL"
+$clientIdentifier = "auth.providerClientID"
+$trustedTokenIssuerName = "sp.issuerName"
+$trustedTokenIssuerDescription = "sp.issuerDesc"
+
+# OIDC Claims Mapping
+## Identity claim: oid => defined within the Authentik scope mapping
+$idClaim = New-SPClaimTypeMapping "http://schemas.microsoft.com/identity/claims/objectidentifier" -IncomingClaimTypeDisplayName "oid" -SameAsIncoming
+
+## User claims mappings
+$claims = @(
+    $idClaim
+    ## User Roles (Group membership)
+    ,(New-SPClaimTypeMapping ([System.Security.Claims.ClaimTypes]::Role) -IncomingClaimTypeDisplayName "Role" -SameAsIncoming)
+    ## User email
+    ,(New-SPClaimTypeMapping ([System.Security.Claims.ClaimTypes]::Email) -IncomingClaimTypeDisplayName "Email" -SameAsIncoming)
+    ## User given_name
+    ,(New-SPClaimTypeMapping ([System.Security.Claims.ClaimTypes]::GivenName) -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming )
+    ## (Optional) User account name
+    #,(New-SPClaimTypeMapping ([System.Security.Claims.ClaimTypes]::NameIdentifier) -IncomingClaimTypeDisplayName "Username" -SameAsIncoming)
+
+)
+
+# Trust 3rd party identity token issuer
+$trustedTokenIssuer = New-SPTrustedIdentityTokenIssuer -Name $trustedTokenIssuerName -Description $trustedTokenIssuerDescription -ClaimsMappings $claims -IdentifierClaim $idClaim.InputClaimType -DefaultClientIdentifier $clientIdentifier -MetadataEndPoint $metadataendpointurl -Scope "openid email profile"
+#Note: Remove the profile scope if you plan to use the LDAPCP claims augmentation.
+
+# Create the SharePoint authentication provider based on the trusted token issuer
+New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $trustedTokenIssuer
+
+```
+
+#### Configure SharePoint web applications
+
+From the Central Administration opened as a Farm Administrator:
+
+1. Open the **Application Management > Manage web applications** page.
+2. Select your web application `sp.webAppURL`.
+3. Click **Authentication Providers** from the ribbon bar.
+4. According to your environment, click on the target zone such as "Default".
+5. Update the authentication provider form as following:
+    - Check **Trusted Identity Provider**
+    - Check the newly created provider named `sp.issuerName`
+    - (Optional) Set **Custom Sign In Page**: /\_trust/default.aspx
+6. Click **Save**.
+
+Repeat all steps for each target web applications that matches with `auth.providerRedirectURI`.
+
+## (Optional) SharePoint enhancements
+
+Objectives :
+
+-   Integrate SharePoint People Picker with authentik to search users and groups
+-   Augment SharePoint user claims at login stage
+-   Resolve user's membership
+
+:::caution
+[LDAPCP](https://www.ldapcp.com/docs/overview/introduction/) must be installed on the target SharePoint farm.
+:::
+
+### Step 1: Assign LDAPCP as claim provider for the identity token issuer
+
+The following PowerShell script must be updated according to your environment and executed as **Farm Admin account** with **elevated privileges** on a SharePoint Server.
+
+:::caution
+
+-   Update placeholders
+-   Read all script's comments
+
+:::
+
+```PowerShell
+Add-PSSnapin microsoft.sharepoint.powershell
+$trustedTokenIssuerName = "sp.issuerName"
+
+$sptrust = Get-SPTrustedIdentityTokenIssuer $trustedTokenIssuerName
+$sptrust.ClaimProviderName = "LDAPCP"
+$sptrust.Update()
+```
+
+### Step 2: Configure LDAPCP claim types
+
+From the SharePoint Central Administration opened as a Farm Administrator:
+
+1. Open **Security > LDAPCP Configuration > Claim types configuration** page.
+2. Update the mapping table to match these value:
+
+| Claim type                                                    | Entity type | LDAP class | LDAP Attribute to query | LDAP attribute to display | PickerEntity metadata |
+| ------------------------------------------------------------- | ----------- | ---------- | ----------------------- | ------------------------- | --------------------- |
+| http://schemas.microsoft.com/identity/claims/objectidentifier | User        | user       | uid                     | sn                        | UserId                |
+| LDAP attribute linked to the main mapping for object User     | User        | user       | mail                    |                           | Email                 |
+| LDAP attribute linked to the main mapping for object User     | User        | user       | sn                      |                           | DisplayName           |
+| http://schemas.microsoft.com/ws/2008/06/identity/claims/role  | Group       | group      | cn                      |                           | DisplayName           |
+| LDAP attribute linked to the main mapping for object Group    | Group       | group      | uid                     |                           | SPGroupID             |
+
+### Step 3: Create an authentik LDAP Outpost
+
+From the authentik Admin Dashboard:
+
+:::note
+The following procedure apply to an authentik deployment within Kubernetes.
+
+For other kinds of deployment, please refer to the [authentik documentation](https://goauthentik.io/docs/).
+:::
+
+1. Follow authentik [LDAP Provider Generic Setup](https://version-2023-10.goauthentik.io/docs/providers/ldap/generic_setup) with the following steps :
+    - **Create User/Group** to create a "service account" for `ldap.outpostServiceAccount` and a searchable group of users & groups
+    - **LDAP Flow** to create the authentication flow for the LDAP Provider
+    - **LDAP Provider** to create an LDAP provider which can be consumed by the LDAP Application
+2. Open **Applications > Applications** page from the sidebar.
+3. Open the edit form of your application `auth.applicationName`.
+4. In the edit form:
+    - **Backchannel Providers**: add the LDAP provider previously created
+5. Click **Update**.
+
+### Step 4: Configure LDAPCP global configuration
+
+From the SharePoint Central Administration opened as a Farm Administrator:
+
+1. Open the **Security > LDAPCP Configuration > Global configuration** page.
+2. Add an LDAP connection with th following properties:
+    - **LDAP Path**: LDAP://`ldap.outpostURI`/dc=ldap,dc=goauthentik,dc=io
+    - **Username**: `ldap.outpostServiceAccount`
+    - **Password**: `ldap.outpostServiceAccountPassword`
+    - **Authentication types**: check ServerBind
+3. Augmentation - Check **Enable augmentation**
+4. Augmentation - Select the Role claim "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"
+5. Augmentation - Check only "**Query this server**" for your `ldap.outpostURI`
+6. User identifier properties:
+    - **LDAP class**: user
+    - **LDAP attribute**: uid
+7. Display of user identifier results:
+    - Tick **Show the value of another LDAP attribute**: sn
+8. Click on "**OK**"
+
+_Note: The `ldap.outpostURI` should be the IP, hostname, or FQDN of the LDAP Outpost service deployed accessible by your SharePoint farm_.
diff --git a/website/integrations/sources/azure-ad/authentik_01.png b/website/integrations/sources/azure-ad/authentik_01.png
index 55404f986..89d54aee7 100644
Binary files a/website/integrations/sources/azure-ad/authentik_01.png and b/website/integrations/sources/azure-ad/authentik_01.png differ
diff --git a/website/integrations/sources/azure-ad/index.md b/website/integrations/sources/azure-ad/index.md
index a90a78c6b..7c9088a6b 100644
--- a/website/integrations/sources/azure-ad/index.md
+++ b/website/integrations/sources/azure-ad/index.md
@@ -38,10 +38,9 @@ Use the following settings:
 -   Consumer key: `*Application (client) ID* value from above`
 -   Consumer secret: `*Value* of the secret from above`
 
-If you kept the default _Supported account types_ selection of _Single tenant_, then you must change the URLs below as well:
+If you kept the default _Supported account types_ selection of _Single tenant_, then you must change the URL below as well:
 
--   Authorization URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/authorize`
--   Access token URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/oauth2/v2.0/token`
+-   OIDC Well-known URL: `https://login.microsoftonline.com/*Directory (tenant) ID* from above/v2.0/.well-known/openid-configuration`
 
 ![](./authentik_01.png)
 
diff --git a/website/package-lock.json b/website/package-lock.json
index 5b1300f37..e03cb069b 100644
--- a/website/package-lock.json
+++ b/website/package-lock.json
@@ -16,24 +16,24 @@
                 "@docusaurus/theme-common": "^3.0.1",
                 "@docusaurus/theme-mermaid": "^3.0.1",
                 "@mdx-js/react": "^3.0.0",
-                "clsx": "^2.0.0",
+                "clsx": "^2.1.0",
                 "disqus-react": "^1.1.5",
-                "postcss": "^8.4.32",
-                "prism-react-renderer": "^2.3.0",
+                "postcss": "^8.4.33",
+                "prism-react-renderer": "^2.3.1",
                 "rapidoc": "^9.3.4",
                 "react": "^18.2.0",
                 "react-before-after-slider-component": "^1.1.8",
                 "react-dom": "^18.2.0",
                 "react-feather": "^2.0.10",
                 "react-toggle": "^4.1.3",
-                "react-tooltip": "^5.25.0",
+                "react-tooltip": "^5.25.1",
                 "remark-github": "^12.0.0"
             },
             "devDependencies": {
                 "@docusaurus/module-type-aliases": "3.0.1",
                 "@docusaurus/tsconfig": "3.0.1",
                 "@docusaurus/types": "3.0.1",
-                "@types/react": "^18.2.43",
+                "@types/react": "^18.2.47",
                 "prettier": "3.1.1",
                 "typescript": "~5.3.3"
             },
@@ -4373,9 +4373,9 @@
             "integrity": "sha512-+0autS93xyXizIYiyL02FCY8N+KkKPhILhcUSA276HxzreZ16kl+cmwvV2qAM/PuCCwPXzOXOWhiPcw20uSFcA=="
         },
         "node_modules/@types/react": {
-            "version": "18.2.43",
-            "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.43.tgz",
-            "integrity": "sha512-nvOV01ZdBdd/KW6FahSbcNplt2jCJfyWdTos61RYHV+FVv5L/g9AOX1bmbVcWcLFL8+KHQfh1zVIQrud6ihyQA==",
+            "version": "18.2.47",
+            "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.47.tgz",
+            "integrity": "sha512-xquNkkOirwyCgoClNk85BjP+aqnIS+ckAJ8i37gAbDs14jfW/J23f2GItAf33oiUPQnqNMALiFeoM9Y5mbjpVQ==",
             "dependencies": {
                 "@types/prop-types": "*",
                 "@types/scheduler": "*",
@@ -5696,9 +5696,9 @@
             }
         },
         "node_modules/clsx": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/clsx/-/clsx-2.0.0.tgz",
-            "integrity": "sha512-rQ1+kcj+ttHG0MKVGBUXwayCCF1oh39BF5COIpRzuCEv8Mwjv0XucrI2ExNTOn9IlLifGClWQcU9BrZORvtw6Q==",
+            "version": "2.1.0",
+            "resolved": "https://registry.npmjs.org/clsx/-/clsx-2.1.0.tgz",
+            "integrity": "sha512-m3iNNWpd9rl3jvvcBnu70ylMdrXt8Vlq4HYadnU5fwcOtvkSQWPmj7amUcDT2qYI7risszBjI5AUIUox9D16pg==",
             "engines": {
                 "node": ">=6"
             }
@@ -13137,9 +13137,9 @@
             }
         },
         "node_modules/postcss": {
-            "version": "8.4.32",
-            "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.32.tgz",
-            "integrity": "sha512-D/kj5JNu6oo2EIy+XL/26JEDTlIbB8hw85G8StOE6L74RQAVVP5rej6wxCNqyMbR4RkPfqvezVbPw81Ngd6Kcw==",
+            "version": "8.4.33",
+            "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.33.tgz",
+            "integrity": "sha512-Kkpbhhdjw2qQs2O2DGX+8m5OVqEcbB9HRBvuYM9pgrjEFUg30A9LmXNlTAUj4S9kgtGyrMbTzVjH7E+s5Re2yg==",
             "funding": [
                 {
                     "type": "opencollective",
@@ -13786,9 +13786,9 @@
             }
         },
         "node_modules/prism-react-renderer": {
-            "version": "2.3.0",
-            "resolved": "https://registry.npmjs.org/prism-react-renderer/-/prism-react-renderer-2.3.0.tgz",
-            "integrity": "sha512-UYRg2TkVIaI6tRVHC5OJ4/BxqPUxJkJvq/odLT/ykpt1zGYXooNperUxQcCvi87LyRnR4nCh81ceOA+e7nrydg==",
+            "version": "2.3.1",
+            "resolved": "https://registry.npmjs.org/prism-react-renderer/-/prism-react-renderer-2.3.1.tgz",
+            "integrity": "sha512-Rdf+HzBLR7KYjzpJ1rSoxT9ioO85nZngQEoFIhL07XhtJHlCU3SOz0GJ6+qvMyQe0Se+BV3qpe6Yd/NmQF5Juw==",
             "dependencies": {
                 "@types/prismjs": "^1.26.0",
                 "clsx": "^2.0.0"
@@ -14365,9 +14365,9 @@
             }
         },
         "node_modules/react-tooltip": {
-            "version": "5.25.0",
-            "resolved": "https://registry.npmjs.org/react-tooltip/-/react-tooltip-5.25.0.tgz",
-            "integrity": "sha512-/eGhmlwbHlJrVoUe75fb58rJfAy9aZnTvQAK9ZUPM0n9mmBGpEk13vDPiQVCeUuax+fBej+7JPsUXlhzaySc7w==",
+            "version": "5.25.1",
+            "resolved": "https://registry.npmjs.org/react-tooltip/-/react-tooltip-5.25.1.tgz",
+            "integrity": "sha512-GDD0hrfbwGr2C6zEzVzzDzXSKeHM55cRFZQv2/EFmiFKVxWZk8hzOO5FNcwCpPyqVxQKUtYckReU5bXMd63alQ==",
             "dependencies": {
                 "@floating-ui/dom": "^1.0.0",
                 "classnames": "^2.3.0"
diff --git a/website/package.json b/website/package.json
index 154632203..37ba114a8 100644
--- a/website/package.json
+++ b/website/package.json
@@ -23,16 +23,16 @@
         "@docusaurus/theme-common": "^3.0.1",
         "@docusaurus/theme-mermaid": "^3.0.1",
         "@mdx-js/react": "^3.0.0",
-        "clsx": "^2.0.0",
+        "clsx": "^2.1.0",
         "disqus-react": "^1.1.5",
-        "postcss": "^8.4.32",
-        "prism-react-renderer": "^2.3.0",
+        "postcss": "^8.4.33",
+        "prism-react-renderer": "^2.3.1",
         "rapidoc": "^9.3.4",
         "react-before-after-slider-component": "^1.1.8",
         "react-dom": "^18.2.0",
         "react-feather": "^2.0.10",
         "react-toggle": "^4.1.3",
-        "react-tooltip": "^5.25.0",
+        "react-tooltip": "^5.25.1",
         "react": "^18.2.0",
         "remark-github": "^12.0.0"
     },
@@ -52,7 +52,7 @@
         "@docusaurus/module-type-aliases": "3.0.1",
         "@docusaurus/tsconfig": "3.0.1",
         "@docusaurus/types": "3.0.1",
-        "@types/react": "^18.2.43",
+        "@types/react": "^18.2.47",
         "prettier": "3.1.1",
         "typescript": "~5.3.3"
     },
diff --git a/website/sidebars.js b/website/sidebars.js
index fe1b6725e..25c08ea1b 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -110,6 +110,7 @@ const docsSidebar = {
                     items: ["providers/ldap/generic_setup"],
                 },
                 "providers/scim/index",
+                "providers/rac/index",
             ],
         },
         {
diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js
index bc857116b..3735e3b32 100644
--- a/website/sidebarsIntegrations.js
+++ b/website/sidebarsIntegrations.js
@@ -32,6 +32,7 @@ module.exports = {
                         "services/paperless-ng/index",
                         "services/rocketchat/index",
                         "services/roundcube/index",
+                        "services/sharepoint-se/index",
                         "services/vikunja/index",
                         "services/wekan/index",
                         "services/wiki-js/index",
@@ -75,6 +76,7 @@ module.exports = {
                         "services/fortimanager/index",
                         "services/harbor/index",
                         "services/hashicorp-vault/index",
+                        "services/jenkins/index",
                         "services/minio/index",
                         "services/netbox/index",
                         "services/opnsense/index",
@@ -99,6 +101,7 @@ module.exports = {
                         "services/freshrss/index",
                         "services/gravitee/index",
                         "services/home-assistant/index",
+                        "services/immich/index",
                         "services/jellyfin/index",
                         "services/node-red/index",
                         "services/sonar-qube/index",
diff --git a/website/src/components/APIBrowser/index.tsx b/website/src/components/APIBrowser/index.tsx
new file mode 100644
index 000000000..25c43b743
--- /dev/null
+++ b/website/src/components/APIBrowser/index.tsx
@@ -0,0 +1,40 @@
+import React from "react";
+import useDocusaurusContext from "@docusaurus/useDocusaurusContext";
+import useBaseUrl from "@docusaurus/useBaseUrl";
+import BrowserOnly from "@docusaurus/BrowserOnly";
+import { useColorMode } from "@docusaurus/theme-common";
+
+export function APIBrowser() {
+    const context = useDocusaurusContext();
+    const { siteConfig = {} } = context;
+    const { colorMode, setColorMode } = useColorMode();
+    let bg = "#1b1b1d";
+    if (colorMode === "light") {
+        bg = "#fff";
+    }
+    return (
+        <BrowserOnly>
+            {() => {
+                require("rapidoc");
+                return (
+                    <rapi-doc
+                        spec-url={useBaseUrl("schema.yaml")}
+                        allow-try="false"
+                        show-header="false"
+                        theme={colorMode}
+                        bg-color={bg}
+                        render-style="view"
+                        primary-color="#fd4b2d"
+                        allow-spec-url-load="false"
+                        allow-spec-file-load="false"
+                        allow-authentication="false"
+                        allow-server-selection="false"
+                        show-info="false"
+                    ></rapi-doc>
+                );
+            }}
+        </BrowserOnly>
+    );
+}
+
+export default APIBrowser;
diff --git a/website/src/pages/api/index.jsx b/website/src/pages/api/index.jsx
index 8e6647dc0..5ba633bdb 100644
--- a/website/src/pages/api/index.jsx
+++ b/website/src/pages/api/index.jsx
@@ -1,7 +1,7 @@
 import React from "react";
 import Layout from "@theme/Layout";
 import Head from "@docusaurus/Head";
-import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly";
+import BrowserOnly from "@docusaurus/BrowserOnly";
 
 function APIPage() {
     return (
diff --git a/website/src/pages/api/v3.jsx b/website/src/pages/api/v3.jsx
index 7cdd45289..8ea704650 100644
--- a/website/src/pages/api/v3.jsx
+++ b/website/src/pages/api/v3.jsx
@@ -1,7 +1,7 @@
 import React from "react";
 import Layout from "@theme/Layout";
 import Head from "@docusaurus/Head";
-import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly";
+import BrowserOnly from "@docusaurus/BrowserOnly";
 
 function APIPage() {
     return (
diff --git a/website/src/pages/index.jsx b/website/src/pages/index.jsx
index feea2b292..fcbf951fd 100644
--- a/website/src/pages/index.jsx
+++ b/website/src/pages/index.jsx
@@ -3,7 +3,7 @@ import clsx from "clsx";
 import Layout from "@theme/Layout";
 import Link from "@docusaurus/Link";
 import Head from "@docusaurus/Head";
-import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly";
+import BrowserOnly from "@docusaurus/BrowserOnly";
 import useDocusaurusContext from "@docusaurus/useDocusaurusContext";
 import useBaseUrl from "@docusaurus/useBaseUrl";
 import styles from "./styles.module.css";
diff --git a/website/src/pages/terraform-provider.jsx b/website/src/pages/terraform-provider.jsx
index 47bfa52f1..e930a8a56 100644
--- a/website/src/pages/terraform-provider.jsx
+++ b/website/src/pages/terraform-provider.jsx
@@ -1,7 +1,7 @@
 import React from "react";
 import Layout from "@theme/Layout";
 import Head from "@docusaurus/Head";
-import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly";
+import BrowserOnly from "@docusaurus/BrowserOnly";
 
 function TerraformProviderPage() {
     return (