diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
index 0cbd43c80..5c0cbb34a 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
@@ -68,7 +68,10 @@
             "refresh": "refresh",
             "refresh-tokens": "Refresh Tokens",
             "refresh-tokens-issued": "Refresh tokens are issued for this client",
+            "refresh-tokens-reused": "Refresh tokens for this client are re-used",
+            "refresh-tokens-no-expire": "Refresh tokens do not time out",
             "registered": "Registered at",
+            "request-object-signing-algorithm": "Request Object Signing Algorithm",
             "response-types": "Response Types",
             "seconds": "seconds",
             "secret-asymmetric-jwt": "Asymmetrically-signed JWT assertion",
@@ -77,24 +80,27 @@
             "secret-post": "Client Secret over HTTP POST",
             "secret-symmetric-jwt": "Client Secret via symmetrically-signed JWT assertion",
             "sector-identifier": "Sector Identifier URI",
+            "signing-any": "Any allowed",
+            "signing-default": "Use server default",
+            "signing-ecdsa-256": "ECDSA using P-256 curve and SHA-256 hash algorithm",
+            "signing-ecdsa-384": "ECDSA using P-384 curve and SHA-384 hash algorithm",
+            "signing-ecdsa-512": "ECDSA using P-512 curve and SHA-512 hash algorithm",
+            "signing-hmac-256": "HMAC using SHA-256 hash algorithm",
+            "signing-hmac-384": "HMAC using SHA-384 hash algorithm",
+            "signing-hmac-512": "HMAC using SHA-512 hash algorithm",
+            "signing-none": "No digital signature",
+            "signing-rsassa-256": "RSASSA using SHA-256 hash algorithm",
+            "signing-rsassa-384": "RSASSA using SHA-384 hash algorithm",
+            "signing-rsassa-512": "RSASSA using SHA-512 hash algorithm",
             "subject-type": "Subject Type",
             "terms": "Terms of Service",
             "terms-help": "URL for the Terms of Service of this client, will be displayed to the user",
             "token-signing-algorithm": "Token Endpoint Authentication Signing Algorithm",
-            "token-signing-any": "Any allowed",
-            "token-signing-ecdsa-256": "ECDSA using P-256 curve and SHA-256 hash algorithm",
-            "token-signing-ecdsa-384": "ECDSA using P-384 curve and SHA-384 hash algorithm",
-            "token-signing-ecdsa-512": "ECDSA using P-512 curve and SHA-512 hash algorithm",
-            "token-signing-hmac-256": "HMAC using SHA-256 hash algorithm",
-            "token-signing-hmac-384": "HMAC using SHA-384 hash algorithm",
-            "token-signing-hmac-512": "HMAC using SHA-512 hash algorithm",
-            "token-signing-rsassa-256": "RSASSA using SHA-256 hash algorithm",
-            "token-signing-rsassa-384": "RSASSA using SHA-384 hash algorithm",
-            "token-signing-rsassa-512": "RSASSA using SHA-512 hash algorithm",
             "tokens": "Tokens",
             "type": "Application Type",
             "type-native": "Native",
-            "type-web": "Web"
+            "type-web": "Web",
+            "user-info-signing-algorithm": "User Info Endpoint Signing Algorithm"
         },
         "client-table": {
             "confirm": "Are you sure sure you would like to delete this client?",
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
index c3f152597..f0daa4462 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
@@ -33,7 +33,7 @@
             "client-name-help": "Läsbar och begripligt namn på klienten",
             "client-name-placeholder": "Skriv någonting",
             "client-password": "lösenord",
-            "client-secret": "Client Secret",
+            "client-secret": "Klienthemlighet",
             "client-secret-placeholder": "Mata in en hemlighet",
             "contacts": "Kontakter",
             "contacts-placeholder": "ny kontakt",
@@ -68,7 +68,11 @@
             "refresh": "refresh",
             "refresh-tokens": "Refresh-tokens",
             "refresh-tokens-issued": "Refresh-tokens delas ut till denna klient",
+            "refresh-tokens-reused": "Refresh-tokens återanvänds för denna klient",
+            "refresh-tokens-no-expire": "Refresh-tokens har oändlig livslängd",
             "registered": "Registrerad",
+            "request-object-signing-algorithm": "Signeringsalgoritm för request-object ",
+            "response-types": "Svarstyper",
             "seconds": "sekunder",
             "secret-asymmetric-jwt": "Asymmetriskt signerad JWT assertion",
             "secret-http": "Klienthemlighet över HTTP Basic",
@@ -77,25 +81,28 @@
             "secret-symmetric-jwt": "Klienthemlighet via symmetriskt signerad JWT assertion",
             "sector-identifier": "Sector Identifier-länk",
             "sector-identifier-help": "Sector Identifier för JavaScript.",
+            "signing-any": "Valfri tillåten",
+            "signing-default": "Använd serverns standard-algoritm",
+            "signing-ecdsa-256": "ECDSA med P-256 kurva och SHA-256 hash-algoritm",
+            "signing-ecdsa-384": "ECDSA med P-384 kurva och SHA-384 hash-algoritm",
+            "signing-ecdsa-512": "ECDSA med P-512 kurva och SHA-512 hash-algoritm",
+            "signing-hmac-256": "HMAC med SHA-256 hash-algoritm",
+            "signing-hmac-384": "HMAC med SHA-384 hash-algoritm",
+            "signing-hmac-512": "HMAC med SHA-512 hash-algoritm",
+            "signing-none": "Ingen digital signatur",
+            "signing-rsassa-256": "RSASSA med SHA-256 hash-algoritm",
+            "signing-rsassa-384": "RSASSA med SHA-384 hash-algoritm",
+            "signing-rsassa-512": "RSASSA med SHA-512 hash-algoritm",
             "subject-type": "Subjekttyp",
             "terms": "Villkor för tjänsten",
             "terms-help": "Länk till en sida som beskriver villkor för tjänsten. Den visas på bekräftelsesidan.",
             "token-signing-algorithm": "Signeringsalgoritm för vald autentiseringsmetod",
-            "token-signing-any": "Valfri tillåten",
-            "token-signing-ecdsa-256": "ECDSA med P-256 kurva och SHA-256 hash-algoritm",
-            "token-signing-ecdsa-384": "ECDSA med P-384 kurva och SHA-384 hash-algoritm",
-            "token-signing-ecdsa-512": "ECDSA med P-512 kurva och SHA-512 hash-algoritm",
-            "token-signing-hmac-256": "HMAC med SHA-256 hash-algoritm",
-            "token-signing-hmac-384": "HMAC med SHA-384 hash-algoritm",
-            "token-signing-hmac-512": "HMAC med SHA-512 hash-algoritm",
-            "token-signing-rsassa-256": "RSASSA med SHA-256 hash-algoritm",
-            "token-signing-rsassa-384": "RSASSA med SHA-384 hash-algoritm",
-            "token-signing-rsassa-512": "RSASSA med SHA-512 hash-algoritm",
             "token-timeout-help": "Ange tiden i sekunder, timmar eller minuter.",
             "tokens": "Nycklar",
             "type": "Typ av tjänst",
             "type-native": "App",
-            "type-web": "Webb"
+            "type-web": "Webb",
+            "user-info-signing-algorithm": "Signeringsalgoritm för user-info"
         },
         "client-table": {
             "confirm": "Är du säker på att du vill ta bort denna klient?",
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
index e43c98d71..a4bb4cbdd 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
@@ -474,16 +474,16 @@
                 <label class="control-label" data-i18n="client.client-form.token-signing-algorithm">Token Endpoint Authentication Signing Algorithm</label>
                 <div class="controls">
 					<select>
-						<option value="default" <%-tokenEndpointAuthSigningAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.token-signing-any">Any allowed</option>
-						<option value="HS256" <%-tokenEndpointAuthSigningAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-hmac-256">HMAC using SHA-256 hash algorithm</option>
-						<option value="HS384" <%-tokenEndpointAuthSigningAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-hmac-384">HMAC using SHA-384 hash algorithm</option>
-						<option value="HS512" <%-tokenEndpointAuthSigningAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-hmac-512">HMAC using SHA-512 hash algorithm</option>
-						<option value="RS256" <%-tokenEndpointAuthSigningAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-rsassa-256">RSASSA using SHA-256 hash algorithm</option>
-						<option value="RS384" <%-tokenEndpointAuthSigningAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-rsassa-384">RSASSA using SHA-384 hash algorithm</option>
-						<option value="RS512" <%-tokenEndpointAuthSigningAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-rsassa-512">RSASSA using SHA-512 hash algorithm</option>
-						<option value="ES256" <%-tokenEndpointAuthSigningAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
-						<option value="ES384" <%-tokenEndpointAuthSigningAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
-						<option value="ES512" <%-tokenEndpointAuthSigningAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.token-signing-ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+						<option value="default" <%-tokenEndpointAuthSigningAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing-any">Any allowed</option>
+						<option value="HS256" <%-tokenEndpointAuthSigningAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-tokenEndpointAuthSigningAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-tokenEndpointAuthSigningAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-tokenEndpointAuthSigningAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-tokenEndpointAuthSigningAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-tokenEndpointAuthSigningAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="ES256" <%-tokenEndpointAuthSigningAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-tokenEndpointAuthSigningAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-tokenEndpointAuthSigningAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
 					</select>
                 </div>
             </div>
@@ -546,63 +546,61 @@
             <div class="control-group" id="refreshTokenValidityTime">
                 <div class="controls">
 					<div>
-						<label class="checkbox">
-	                        <input type="checkbox" id="reuseRefreshToken" <%-(reuseRefreshToken == true ? 'checked' : '')%>> Refresh tokens for this client are re-used
-    	                </label>
+                        <input type="checkbox" id="reuseRefreshToken" <%-(reuseRefreshToken == true ? 'checked' : '')%>>
+                        <label for="reuseRefreshToken" class="checkbox">Refresh tokens for this client are re-used</label>
 					</div>
 					<div>
-						<label class="checkbox">
-                        	<input type="checkbox" id="disableRefreshTokenTimeout" <%-(refreshTokenValiditySeconds == null ? 'checked' : '')%>/> Refresh tokens do not time out
-						</label>
+                        <input type="checkbox" id="disableRefreshTokenTimeout" <%-(refreshTokenValiditySeconds == null ? 'checked' : '')%>/> 
+                        <label for="disableRefreshTokenTimeout" class="checkbox">Refresh tokens do not time out</label>
 					</div>
                     <div>
                         <input type="text" class="" value="<%-(refreshTokenValiditySeconds == null ? '' : refreshTokenValiditySeconds)%>" id="refresh-token-timeout-time" size="16" style="width:8em;">
 						<select id="refresh-token-timeout-unit" style="width:8em;">
-							<option>seconds</option>
-							<option>minutes</option>
-							<option>hours</option>
+							<option data-i18n="client.client-form.seconds">seconds</option>
+							<option data-i18n="client.client-form.minutes">minutes</option>
+							<option data-i18n="client.client-form.hours">hours</option>
 						</select>
 					</div>
-                    <p class="help-block">Enter this time in seconds, minutes, or hours.</p>
+                    <p class="help-block" data-i18n="client.client-form.token-timeout-help">Enter this time in seconds, minutes, or hours.</p>
                 </div>
             </div>
 	</div>
 
 	<div class="tab-pane" id="client-crypto-tab">
             <div class="control-group" id="requestObjectSigningAlg">
-                <label class="control-label">Request Object Signing Algorithm</label>
+                <label class="control-label" data-i18n="client.client-form.request-object-signing-algorithm">Request Object Signing Algorithm</label>
                 <div class="controls">
 					<select>
-						<option value="default" <%-requestObjectSigningAlg == null ? 'selected ' : ''%>>Use server default</option>
-						<option value="none" <%-requestObjectSigningAlg == "none" ? 'selected' : ''%>>No digital signature</option>
-						<option value="HS256" <%-requestObjectSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
-						<option value="HS384" <%-requestObjectSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
-						<option value="HS512" <%-requestObjectSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
-						<option value="RS256" <%-requestObjectSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
-						<option value="RS384" <%-requestObjectSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
-						<option value="RS512" <%-requestObjectSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
-						<option value="ES256" <%-requestObjectSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
-						<option value="ES384" <%-requestObjectSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
-						<option value="ES512" <%-requestObjectSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+						<option value="default" <%-requestObjectSigningAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing-default">Use server default</option>
+						<option value="none" <%-requestObjectSigningAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing-none">No digital signature</option>
+						<option value="HS256" <%-requestObjectSigningAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-requestObjectSigningAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-requestObjectSigningAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-requestObjectSigningAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-requestObjectSigningAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-requestObjectSigningAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="ES256" <%-requestObjectSigningAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-requestObjectSigningAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-requestObjectSigningAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
 					</select>
                 </div>
             </div>
 			
             <div class="control-group" id="userInfoSignedResponseAlg">
-                <label class="control-label">User Info Endpoint Signing Algorithm</label>
+                <label class="control-label" data-i18n="client.client-form.user-info-signing-algorithm">User Info Endpoint Signing Algorithm</label>
                 <div class="controls">
 					<select>
-						<option value="default" <%-userInfoSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
-						<option value="none" <%-userInfoSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
-						<option value="HS256" <%-userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
-						<option value="HS384" <%-userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
-						<option value="HS512" <%-userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
-						<option value="RS256" <%-userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
-						<option value="RS384" <%-userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
-						<option value="RS512" <%-userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
-						<option value="ES256" <%-userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
-						<option value="ES384" <%-userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
-						<option value="ES512" <%-userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+						<option value="default" <%-userInfoSignedResponseAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing-default">Use server default</option>
+						<option value="none" <%-userInfoSignedResponseAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing-none">No digital signature</option>
+						<option value="HS256" <%-userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-hmac-512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing-rsassa-512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="ES256" <%-userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing-ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
 					</select>
                 </div>
             </div>