diff --git a/Directory.Build.props b/Directory.Build.props
index 5f038860..8d70e562 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -9,7 +9,7 @@
true$(MSBuildThisFileDirectory)eng\CodeAnalysis.rulesettrue
- ar;es;fr;gu;hi;it;ru;tr;uk;zh-Hans;zh-Hant
+ ar;de;es;fr;gu;hi;it;ru;tr;uk;zh-Hans;zh-Hant
diff --git a/src/OpenIddict.Abstractions/Resources/xlf/OpenIddictResources.de.xlf b/src/OpenIddict.Abstractions/Resources/xlf/OpenIddictResources.de.xlf
new file mode 100644
index 00000000..eb241059
--- /dev/null
+++ b/src/OpenIddict.Abstractions/Resources/xlf/OpenIddictResources.de.xlf
@@ -0,0 +1,602 @@
+
+
+
+
+
+ The security token is missing.
+ The security token is missing.
+
+
+
+ The specified authorization code is invalid.
+ The specified authorization code is invalid.
+
+
+
+ The specified device code is invalid.
+ The specified device code is invalid.
+
+
+
+ The specified refresh token is invalid.
+ The specified refresh token is invalid.
+
+
+
+ The specified token is invalid.
+ The specified token is invalid.
+
+
+
+ The specified token is not an authorization code.
+ The specified token is not an authorization code.
+
+
+
+ The specified token is not an device code.
+ The specified token is not an device code.
+
+
+
+ The specified token is not a refresh token.
+ The specified token is not a refresh token.
+
+
+
+ The specified token is not an access token.
+ The specified token is not an access token.
+
+
+
+ The specified identity token is invalid.
+ The specified identity token is invalid.
+
+
+
+ The specified authorization code has already been redeemed.
+ The specified authorization code has already been redeemed.
+
+
+
+ The specified device code has already been redeemed.
+ The specified device code has already been redeemed.
+
+
+
+ The specified refresh token has already been redeemed.
+ The specified refresh token has already been redeemed.
+
+
+
+ The specified token has already been redeemed.
+ The specified token has already been redeemed.
+
+
+
+ The authorization has not been granted yet by the end user.
+ The authorization has not been granted yet by the end user.
+
+
+
+ The authorization was denied by the end user.
+ The authorization was denied by the end user.
+
+
+
+ The specified authorization code is no longer valid.
+ The specified authorization code is no longer valid.
+
+
+
+ The specified device code is no longer valid.
+ The specified device code is no longer valid.
+
+
+
+ The specified refresh token is no longer valid.
+ The specified refresh token is no longer valid.
+
+
+
+ The specified token is no longer valid.
+ The specified token is no longer valid.
+
+
+
+ The authorization associated with the authorization code is no longer valid.
+ The authorization associated with the authorization code is no longer valid.
+
+
+
+ The authorization associated with the device code is no longer valid.
+ The authorization associated with the device code is no longer valid.
+
+
+
+ The authorization associated with the refresh token is no longer valid.
+ The authorization associated with the refresh token is no longer valid.
+
+
+
+ The authorization associated with the token is no longer valid.
+ The authorization associated with the token is no longer valid.
+
+
+
+ The token request was rejected by the authentication server.
+ The token request was rejected by the authentication server.
+
+
+
+ The user information access demand was rejected by the authentication server.
+ The user information access demand was rejected by the authentication server.
+
+
+
+ The specified user code is no longer valid.
+ The specified user code is no longer valid.
+
+
+
+ The '{0}' parameter is not supported.
+ The '{0}' parameter is not supported.
+
+
+
+ The mandatory '{0}' parameter is missing.
+ The mandatory '{0}' parameter is missing.
+
+
+
+ The '{0}' parameter must be a valid absolute URL.
+ The '{0}' parameter must be a valid absolute URL.
+
+
+
+ The '{0}' parameter must not include a fragment.
+ The '{0}' parameter must not include a fragment.
+
+
+
+ The specified '{0}' is not supported.
+ The specified '{0}' is not supported.
+
+
+
+ The specified '{0}'/'{1}' combination is invalid.
+ The specified '{0}'/'{1}' combination is invalid.
+
+
+
+ The mandatory '{0}' scope is missing.
+ The mandatory '{0}' scope is missing.
+
+
+
+ The '{0}' scope is not allowed.
+ The '{0}' scope is not allowed.
+
+
+
+ The client identifier cannot be null or empty.
+ The client identifier cannot be null or empty.
+
+
+
+ The '{0}' parameter cannot be used without '{1}'.
+ The '{0}' parameter cannot be used without '{1}'.
+
+
+
+ The status cannot be null or empty.
+ The status cannot be null or empty.
+
+
+
+ Scopes cannot be null or empty.
+ Scopes cannot be null or empty.
+
+
+
+ The '{0}' and '{1}' parameters can only be used with a response type containing '{2}'.
+ The '{0}' and '{1}' parameters can only be used with a response type containing '{2}'.
+
+
+
+ The specified '{0}' is not allowed when using PKCE.
+ The specified '{0}' is not allowed when using PKCE.
+
+
+
+ Scopes cannot contain spaces.
+ Scopes cannot contain spaces.
+
+
+
+ The specified '{0}' is not valid for this client application.
+ The specified '{0}' is not valid for this client application.
+
+
+
+ The scope name cannot be null or empty.
+ The scope name cannot be null or empty.
+
+
+
+ The scope name cannot contain spaces.
+ The scope name cannot contain spaces.
+
+
+
+ This client application is not allowed to use the authorization endpoint.
+ This client application is not allowed to use the authorization endpoint.
+
+
+
+ The client application is not allowed to use the authorization code flow.
+ The client application is not allowed to use the authorization code flow.
+
+
+
+ The client application is not allowed to use the implicit flow.
+ The client application is not allowed to use the implicit flow.
+
+
+
+ The client application is not allowed to use the hybrid flow.
+ The client application is not allowed to use the hybrid flow.
+
+
+
+ This client application is not allowed to use the specified scope.
+ This client application is not allowed to use the specified scope.
+
+
+
+ The specified '{0}' is invalid.
+ The specified '{0}' is invalid.
+
+
+
+ The '{0}' parameter is not valid for this client application.
+ The '{0}' parameter is not valid for this client application.
+
+
+
+ The '{0}' parameter required for this client application is missing.
+ The '{0}' parameter required for this client application is missing.
+
+
+
+ The specified client credentials are invalid.
+ The specified client credentials are invalid.
+
+
+
+ This client application is not allowed to use the device endpoint.
+ This client application is not allowed to use the device endpoint.
+
+
+
+ The '{0}' and '{1}' parameters are required when using the client credentials grant.
+ The '{0}' and '{1}' parameters are required when using the client credentials grant.
+
+
+
+ The '{0}' parameter is required when using the device code grant.
+ The '{0}' parameter is required when using the device code grant.
+
+
+
+ The mandatory '{0}' and/or '{1}' parameters are missing.
+ The mandatory '{0}' and/or '{1}' parameters are missing.
+
+
+
+ A scope with the same name already exists.
+ A scope with the same name already exists.
+
+
+
+ This client application is not allowed to use the token endpoint.
+ This client application is not allowed to use the token endpoint.
+
+
+
+ This client application is not allowed to use the specified grant type.
+ This client application is not allowed to use the specified grant type.
+
+
+
+ The client application is not allowed to use the '{0}' scope.
+ The client application is not allowed to use the '{0}' scope.
+
+
+
+ The specified authorization code cannot be used without sending a client identifier.
+ The specified authorization code cannot be used without sending a client identifier.
+
+
+
+ The specified device code cannot be used without sending a client identifier.
+ The specified device code cannot be used without sending a client identifier.
+
+
+
+ The specified refresh token cannot be used without sending a client identifier.
+ The specified refresh token cannot be used without sending a client identifier.
+
+
+
+ The specified authorization code cannot be used by this client application.
+ The specified authorization code cannot be used by this client application.
+
+
+
+ The specified device code cannot be used by this client application.
+ The specified device code cannot be used by this client application.
+
+
+
+ The specified refresh token cannot be used by this client application.
+ The specified refresh token cannot be used by this client application.
+
+
+
+ The specified '{0}' parameter doesn't match the client redirection address the authorization code was initially sent to.
+ The specified '{0}' parameter doesn't match the client redirection address the authorization code was initially sent to.
+
+
+
+ The '{0}' parameter cannot be used when no '{1}' was specified in the authorization request.
+ The '{0}' parameter cannot be used when no '{1}' was specified in the authorization request.
+
+
+
+ The '{0}' parameter is not valid in this context.
+ The '{0}' parameter is not valid in this context.
+
+
+
+ This client application is not allowed to use the introspection endpoint.
+ This client application is not allowed to use the introspection endpoint.
+
+
+
+ The specified token cannot be introspected.
+ The specified token cannot be introspected.
+
+
+
+ The client application is not allowed to introspect the specified token.
+ The client application is not allowed to introspect the specified token.
+
+
+
+ This client application is not allowed to use the revocation endpoint.
+ This client application is not allowed to use the revocation endpoint.
+
+
+
+ This token cannot be revoked.
+ This token cannot be revoked.
+
+
+
+ The client application is not allowed to revoke the specified token.
+ The client application is not allowed to revoke the specified token.
+
+
+
+ The mandatory '{0}' header is missing.
+ The mandatory '{0}' header is missing.
+
+
+
+ The specified '{0}' header is invalid.
+ The specified '{0}' header is invalid.
+
+
+
+ This server only accepts HTTPS requests.
+ This server only accepts HTTPS requests.
+
+
+
+ The specified HTTP method is not valid.
+ The specified HTTP method is not valid.
+
+
+
+ A token with the same reference identifier already exists.
+ A token with the same reference identifier already exists.
+
+
+
+ The token type cannot be null or empty.
+ The token type cannot be null or empty.
+
+
+
+ Multiple client credentials cannot be specified.
+ Multiple client credentials cannot be specified.
+
+
+
+ The issuer associated to the specified token is not valid.
+ The issuer associated to the specified token is not valid.
+
+
+
+ The specified token is not of the expected type.
+ The specified token is not of the expected type.
+
+
+
+ The signing key associated to the specified token was not found.
+ The signing key associated to the specified token was not found.
+
+
+
+ The signature associated to the specified token is not valid.
+ The signature associated to the specified token is not valid.
+
+
+
+ This resource server is currently unavailable.
+ This resource server is currently unavailable.
+
+
+
+ The specified token doesn't contain any audience.
+ The specified token doesn't contain any audience.
+
+
+
+ The specified token cannot be used with this resource server.
+ The specified token cannot be used with this resource server.
+
+
+
+ The user represented by the token is not allowed to perform the requested action.
+ The user represented by the token is not allowed to perform the requested action.
+
+
+
+ No issuer could be found in the server configuration.
+ No issuer could be found in the server configuration.
+
+
+
+ A server configuration containing an invalid issuer was returned.
+ A server configuration containing an invalid issuer was returned.
+
+
+
+ The issuer returned in the server configuration is not valid.
+ The issuer returned in the server configuration is not valid.
+
+
+
+ No JWKS endpoint could be found in the server configuration.
+ No JWKS endpoint could be found in the server configuration.
+
+
+
+ A server configuration containing an invalid JWKS endpoint URL was returned.
+ A server configuration containing an invalid JWKS endpoint URL was returned.
+
+
+
+ A server configuration containing an invalid introspection endpoint URL was returned.
+ A server configuration containing an invalid introspection endpoint URL was returned.
+
+
+
+ The JWKS document didn't contain a valid '{0}' node with at least one key.
+ The JWKS document didn't contain a valid '{0}' node with at least one key.
+
+
+
+ A JWKS response containing an unsupported key was returned.
+ A JWKS response containing an unsupported key was returned.
+
+
+
+ A JWKS response containing an invalid key was returned.
+ A JWKS response containing an invalid key was returned.
+
+
+
+ The mandatory '{0}' parameter couldn't be found in the introspection response.
+ The mandatory '{0}' parameter couldn't be found in the introspection response.
+
+
+
+ The token was rejected by the remote authentication server.
+ The token was rejected by the remote authentication server.
+
+
+
+ The '{0}' claim is malformed or isn't of the expected type.
+ The '{0}' claim is malformed or isn't of the expected type.
+
+
+
+ An introspection response containing a malformed issuer was returned.
+ An introspection response containing a malformed issuer was returned.
+
+
+
+ The issuer returned in the introspection response is not valid.
+ The issuer returned in the introspection response is not valid.
+
+
+
+ The type of the introspected token doesn't match the expected type.
+ The type of the introspected token doesn't match the expected type.
+
+
+
+ An application with the same client identifier already exists.
+ An application with the same client identifier already exists.
+
+
+
+ Only confidential, hybrid or public applications are supported by the default application manager.
+ Only confidential, hybrid or public applications are supported by the default application manager.
+
+
+
+ The client secret cannot be null or empty for a confidential application.
+ The client secret cannot be null or empty for a confidential application.
+
+
+
+ A client secret cannot be associated with a public application.
+ A client secret cannot be associated with a public application.
+
+
+
+ Callback URLs cannot contain a fragment.
+ Callback URLs cannot contain a fragment.
+
+
+
+ The authorization type cannot be null or empty.
+ The authorization type cannot be null or empty.
+
+
+
+ The specified authorization type is not supported by the default token manager.
+ The specified authorization type is not supported by the default token manager.
+
+
+
+ The client type cannot be null or empty.
+ The client type cannot be null or empty.
+
+
+
+ Callback URLs cannot be null or empty.
+ Callback URLs cannot be null or empty.
+
+
+
+ Callback URLs must be valid absolute URLs.
+ Callback URLs must be valid absolute URLs.
+
+
+
+ Removes orphaned tokens and authorizations from the database.
+ Removes orphaned tokens and authorizations from the database.
+
+
+
+ Starts the scheduled task at regular intervals.
+ Starts the scheduled task at regular intervals.
+
+
+
+
+
\ No newline at end of file