Set up OpenID Connect provider and client.
Create oam/XUI/locales/fr directory and copy the content of /locales/en/ into there.
Edit /fr/authorize.json to reflect a different language for the consent page.
Change the browser to French locale.
Initiating an oauth2/authorize request lands at the login page.
All text is localised (French) correctly due to the Headers/i18next cookie value.
Upon reaching the consent page, only openam/XUI/locales/en/authorize.json is loaded, and the page is the default English page, not the newly added french one.
Solution: Add spec-compliant param ui_locales=fr to the URL and it loads the new authorize.json file (as well as the English one), and the page is correctly translated to French.
Adding locale=fr to the URL does NOT affect the localised files used by the consent page.
Problem: It may not always be possible to configure all OIDC parameters in the request.
For example, from a 3rd party app which simply takes endpoint locations for parameters and assumes the native client locale (mobile/tablet) will be honoured.
It would be useful if the oauth2/authorize endpoint took into account the 'locale' parameter, or ideally the locale headers in the request to have consistent localisation with all other user pages.