new configuration version

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
   runAsNonRoot: true
   ports:
     management: 9000
@@ -39,13 +39,14 @@ spec:
     management:
       httpGet:
         path: "/nevisauth/liveness"
+      initialDelaySeconds: 50
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-153c4f15e7495a3864d7ae40ed58b6b28b543733"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy

@@ -1,78 +1,79 @@
-import groovy.json.JsonSlurper
+import groovy.json.JsonSlurper
-
+
-def cleanSession(boolean rpcodeToo) {
+def cleanSession(boolean rpcodeToo) {
-  def s = request.getAuthSession(true)
+  def s = request.getAuthSession(true)
-
+
-  if (rpcodeToo) {
+  if (rpcodeToo) {
-	s.removeAttribute('agov.ident.rpcode.backup')
+	s.removeAttribute('agov.ident.rpcode.backup')
-	s.removeAttribute('agov.ident.rpcode')
+	s.removeAttribute('agov.ident.rpcode')
-	s.removeAttribute('agov.ident.entityId')
+	s.removeAttribute('agov.ident.entityId')
-  }
+  }
-  def sessionKeySet = new HashSet(session.keySet())
+  def sessionKeySet = new HashSet(session.keySet())
-  sessionKeySet.each { key ->
+  sessionKeySet.each { key ->
-    if ( key ==~ /ch.nevis.auth.saml..*/ ) {
+    if ( key ==~ /ch.nevis.auth.saml..*/ ) {
-	  LOG.debug("Deleted session attribute '${key}'")
+	  LOG.debug("Deleted session attribute '${key}'")
-	  s.removeAttribute(key)
+	  s.removeAttribute(key)
-	}
+	}
-  }
+  }
-}
+}
-
+
-// for auditing
+// for auditing
-def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
+def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
-def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
+def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
-def referer = request.getLoginContext()['connection.HttpHeader.referer'] ?: request.getLoginContext()['connection.HttpHeader' +
+def referer = request.getLoginContext()['connection.HttpHeader.referer'] ?: request.getLoginContext()['connection.HttpHeader' +
-		'.Referer'] ?: '-'
+		'.Referer'] ?: '-'
-def origin = request.getLoginContext()['connection.HttpHeader.origin'] ?: request.getLoginContext()['connection.HttpHeader' +
+def origin = request.getLoginContext()['connection.HttpHeader.origin'] ?: request.getLoginContext()['connection.HttpHeader' +
-		'.Origin'] ?: '-'
+		'.Origin'] ?: '-'
-
+
-// 0) clean up, if we have a SAML Response in session
+// 0) clean up, if we have a SAML Response in session
-if (session['ch.nevis.auth.saml.response.id']) {
+if (session['ch.nevis.auth.saml.response.id']) {
-  // keep rpcode in session, if retrying after SAML error
+  // keep rpcode in session, if retrying after SAML error
-  def keepRpcode = session['ch.nevis.auth.saml.response.statusCode'] == 'urn:oasis:names:tc:SAML:2.0:status:Responder'
+  def keepRpcode = session['ch.nevis.auth.saml.response.statusCode'] == 'urn:oasis:names:tc:SAML:2.0:status:Responder'
-  cleanSession(!keepRpcode)
+  cleanSession(!keepRpcode)
-}
+}
-
+
-// 1) we need to know the code of the RP
+// 1) we need to know the code of the RP
-def rpcode = inargs['rpcode'] ?: inargs['RelayState'] ?: session['agov.ident.rpcode']
+def rpcode = inargs['rpcode'] ?: inargs['RelayState'] ?: session['agov.ident.rpcode']
-def rpcodeBackup = session['agov.ident.rpcode']
+def rpcodeBackup = session['agov.ident.rpcode']
-def rpentity = '-'
+def rpentity = '-'
-
+
-if (rpcode)
+if (rpcode)
-{
+{
-  if (rpcodeBackup) {
+  if (rpcodeBackup) {
-    response.setSessionAttribute('agov.ident.rpcode.backup', rpcodeBackup)
+    response.setSessionAttribute('agov.ident.rpcode.backup', rpcodeBackup)
-  }
+  }
-  response.setSessionAttribute('agov.ident.rpcode', rpcode)
+  response.setSessionAttribute('agov.ident.rpcode', rpcode)
-} else {
+} else {
-  cleanSession(true)
+  cleanSession(true)
-  LOG.info("Event='IDENT-INVALIDREQ', rpcode='missing', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
+  LOG.info("Event='IDENT-INVALIDREQ', rpcode='missing', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
-  response.setResult('inavlidurl')
+  response.setResult('inavlidurl')
-  return
+  return
-}
+}
-
+
-// 2) load rp settings in session (if needed)
+// 2) load rp settings in session (if needed)
-if (rpcode != rpcodeBackup) {
+if (rpcode != rpcodeBackup) {
-  def slurper = new JsonSlurper()
+  def slurper = new JsonSlurper()
-  def rpMap = slurper.parseText(parameters['rpcode.list'])
+  def rpMap = slurper.parseText(parameters['rpcode.list'])
-  LOG.debug(">>> rpMaP: ${rpMap}")
+  LOG.debug(">>> rpMaP: ${rpMap}")
-  if (!rpMap[rpcode]) {
+  if (!rpMap[rpcode]) {
-	  cleanSession(true)
+	  cleanSession(true)
-	  LOG.info("Event='IDENT-INVALIDREQ', rpcode='${rpcode}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
+	  LOG.info("Event='IDENT-INVALIDREQ', rpcode='${rpcode}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
-	  response.setResult('inavlidurl')
+	  response.setResult('inavlidurl')
-	  return
+	  return
-  }
+  }
-  rpentity=rpMap[rpcode]
+  rpentity=rpMap[rpcode]
-  response.setSessionAttribute('agov.ident.entityId', rpMap[rpcode])
+  response.setSessionAttribute('agov.ident.entityId', rpMap[rpcode])
-}
+}
-
+
-// 3) if we have a response ...
+// 3) if we have a response ...
-if (inargs['SAMLResponse']) {
+if (inargs['SAMLResponse']) {
-    response.setResult('processResponse')
+    response.setResult('processResponse')
-    return
+    return
-}
+}
-
+
-// 4) otherwise
+// 4) otherwise
-LOG.info("Event='IDENT-INITREQ', rpcode='${rpcode}', rpentity='${rpentity}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', " +
+LOG.info("Event='IDENT-INITREQ', rpcode='${rpcode}', rpentity='${rpentity}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', " +
-		"Origin='${origin}'")
+		"Origin='${origin}'")
-response.setResult('sendAuthnRequest')
+response.setResult('sendAuthnRequest')
-return
+return
+

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties

@@ -17,7 +17,7 @@ deputy.profile.label=(Deputy Profile)
 dimilar.confirm_identity.checkbox=I confirm this is my data
 dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
 dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
-dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confirm data
 dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
 dimilar.select_onboarding.error-banner=Please select one option to continue
@@ -25,14 +25,16 @@ dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
 dimilar.select_onboarding.proceeding=How would you like to proceed?
 dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
 dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token expired or already used.
-dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
-dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to Dimilar at <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
+error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@@ -88,7 +90,7 @@ general.contactSupport=Contact Support
 general.continue=Continue
 general.data.birthDate=Date of birth
 general.data.birthDateFormat=DD.MM.YYYY
-general.data.enrollmentNumber=Enrolment number (SSN/AHV number)
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
 general.data.firstname=First name
 general.data.lastname=Last name
 general.edit=Edit
@@ -111,7 +113,7 @@ general.moreOptions=MORE OPTIONS
 general.or=OR
 general.otherLoginMethods=Other login methods
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
@@ -262,7 +264,7 @@ providePhoneNumber.laterModal.title=Continue without a phone number?
 providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
-providePhoneNumber.saveButtonText=Save
+providePhoneNumber.saveButtonText=Continue
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
@@ -283,7 +285,7 @@ recovery_check_code.too_many_tries.instruction1=The recovery code you have enter
 recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
-recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
 recovery_code.newRecoveryCode=Introducing recovery code
@@ -311,9 +313,9 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
 recovery_questionnaire_loginfactor.yes=Yes
 recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
-recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
-recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
-recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
@@ -327,9 +329,11 @@ recovery_questionnaire_reason_selection.answer9=I have issues with one of my log
 recovery_questionnaire_reason_selection.banner.error=Please select a reason.
 recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
 recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
-recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
+signup.button.label=Signup
+skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 timeout.description=Your session has timed out. Please close this window and try logging in again.
@@ -340,6 +344,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
+title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties

@@ -17,7 +17,7 @@ deputy.profile.label=(Profil Stellvertreter)
 dimilar.confirm_identity.checkbox=Ich bestätige, dass dies meine Angaben sind
 dimilar.confirm_identity.description=Bitte bestätigen Sie, dass die folgenden Angaben Ihnen gehören, um fortzufahren:
 dimilar.confirm_identity.error=Bitte bestätigen Sie, dass die Angaben Ihnen gehören, um fortzufahren.
-dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Angaben best&auml;tigen
 dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
 dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
@@ -25,14 +25,16 @@ dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AG
 dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
 dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
 dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
-dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
-dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
-dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun bei Dimilar unter <a class='link' href='https://www.armee.ch/de/dim' target='_blank'>https://www.armee.ch/de/dim</a> einloggen.
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
 dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
+error.account.exists=Konto existiert bereits. Melden Sie sich an.
 error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
@@ -70,7 +72,7 @@ error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitt
 error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
 errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
 fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
-fido2_auth.instruction1=Klicken Sie auf "Weiter"
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
 fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
 fido2_auth.instruction3=Folgen Sie den Anweisungen
 fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
@@ -111,7 +113,7 @@ general.moreOptions=WEITERE OPTIONEN
 general.or=ODER
 general.otherLoginMethods=Andere Login-Methoden
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
@@ -283,13 +285,13 @@ recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wieder
 recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
 recovery_check_noCode.banner.error=Zu viele Versuche.
 recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
 recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
-recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
@@ -311,9 +313,9 @@ recovery_questionnaire_loginfactor.no=Nein
 recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
 recovery_questionnaire_loginfactor.yes=Ja
 recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
-recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
-recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
-recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
@@ -330,6 +332,8 @@ recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis d
 recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
 recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
 reject.button.label=Ablehnen
+signup.button.label=Registrieren
+skip.button.label=&Uuml;berspringen
 submit.button.label=Senden
 tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
 timeout.description=Ihre Sitzung ist abgelaufen. Bitte schliessen Sie dieses Fenster und versuchen Sie erneut, sich einzuloggen.
@@ -340,6 +344,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorisierung
 title.saml.failed=Error
+title.signup=Konto erstellen
 title.timeout.page=Logout
 user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
 user_input.invalid.email.required=Erforderliches Feld

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties

@@ -17,7 +17,7 @@ deputy.profile.label=(Deputy Profile)
 dimilar.confirm_identity.checkbox=I confirm this is my data
 dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
 dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
-dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confirm data
 dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
 dimilar.select_onboarding.error-banner=Please select one option to continue
@@ -25,14 +25,16 @@ dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
 dimilar.select_onboarding.proceeding=How would you like to proceed?
 dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
 dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token expired or already used.
-dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
-dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to Dimilar at <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
+error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@@ -88,7 +90,7 @@ general.contactSupport=Contact Support
 general.continue=Continue
 general.data.birthDate=Date of birth
 general.data.birthDateFormat=DD.MM.YYYY
-general.data.enrollmentNumber=Enrolment number (SSN/AHV number)
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
 general.data.firstname=First name
 general.data.lastname=Last name
 general.edit=Edit
@@ -111,7 +113,7 @@ general.moreOptions=MORE OPTIONS
 general.or=OR
 general.otherLoginMethods=Other login methods
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
@@ -262,7 +264,7 @@ providePhoneNumber.laterModal.title=Continue without a phone number?
 providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
-providePhoneNumber.saveButtonText=Save
+providePhoneNumber.saveButtonText=Continue
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
@@ -283,7 +285,7 @@ recovery_check_code.too_many_tries.instruction1=The recovery code you have enter
 recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
-recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
 recovery_code.newRecoveryCode=Introducing recovery code
@@ -311,9 +313,9 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
 recovery_questionnaire_loginfactor.yes=Yes
 recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
-recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
-recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
-recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
@@ -327,9 +329,11 @@ recovery_questionnaire_reason_selection.answer9=I have issues with one of my log
 recovery_questionnaire_reason_selection.banner.error=Please select a reason.
 recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
 recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
-recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
+signup.button.label=Signup
+skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 timeout.description=Your session has timed out. Please close this window and try logging in again.
@@ -340,6 +344,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
+title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties

@@ -15,24 +15,26 @@ continue.button.label=Continuer
 darkModeSwitch.aria.label=Activer l'apparence sombre
 deputy.profile.label=(Profil du suppléant)
 dimilar.confirm_identity.checkbox=Je confirme que ce sont mes données
-dimilar.confirm_identity.description=Veuillez confirmer que les données ci-dessous vous appartiennent afin de poursuivre :
+dimilar.confirm_identity.description=Veuillez confirmer que les données ci-dessous vous appartiennent afin de poursuivre :
 dimilar.confirm_identity.error=Veuillez confirmer que les données vous appartiennent afin de poursuivre.
-dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dim' target='_blank'>https://agov.ch/fr/dim</a>.
+dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confirmer les donn&eacute;es
 dimilar.select_onboarding.description=Bienvenue sur AGOV. Veuillez terminer votre int&eacute;gration en vous connectant &agrave; un compte AGOV existant ou en cr&eacute;ant un nouveau compte.
 dimilar.select_onboarding.error-banner=Veuillez s&eacute;lectionner une option pour continuer
 dimilar.select_onboarding.existing-account=Se connecter avec un compte AGOV existant
-dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der ?
+dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der&#160;?
 dimilar.select_onboarding.registering-account=Se connecter avec un nouveau compte AGOV
 dimilar.select_onboarding.title=Bonjour !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Jeton expir&eacute; ou d&eacute;j&agrave; utilis&eacute;.
-dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Le processus d&rsquo;int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez r&eacute;essayer.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Le processus d'int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez contacter le service de support &agrave;
-dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://www.armee.ch/fr/dimf' target='_blank'>https://www.armee.ch/fr/dimf</a>.
+dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Cr&eacute;er un compte
+envbanner.label=Environnement d'ex&eacute;cution
+error.account.exists=Le compte existe d&#233;j&#224;. Continuez &#224; vous connecter.
 error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
 error_1=Veuillez v&eacute;rifier votre saisie.
 error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
@@ -70,14 +72,14 @@ error_9905=Il y a un probl&egrave;me avec votre compte AGOV operations. Veuillez
 error_9909=Un probl&egrave;me interne s&rsquo;est produit. Veuillez demander un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
 errors.duplicateValue=Votre compte est d&eacute;j&agrave; li&eacute; &agrave; un autre acc&egrave;s &agrave; AGOV operations.
 fido2_auth.cancel.fido=L'authentification avec la cl&eacute; de s&eacute;curit&eacute; a &eacute;t&eacute; interrompue. Veuillez vous assurer que votre cl&eacute; FIDO est enregistr&eacute;e et que votre adresse e-mail est correcte, puis suivez les &eacute;tapes ci-dessous.
-fido2_auth.instruction1=Cliquez sur "Continuer"
+fido2_auth.instruction1=Cliquez sur &laquo;&#160;Continuer&#160;&raquo;
 fido2_auth.instruction2=Une fen&ecirc;tre d'authentification s'affichera
 fido2_auth.instruction3=Suivez les instructions
 fido2_auth.skipInstructions=Passer les instructions la fois suivante
 fido2_auth.switchLogin=S'AUTHENTIFIER AVEC
 footer.link=https://agov.ch
 footer.link.label=Contact
-footer.text=Service d'authentification des autorit&eacute;s suisses AGOV - une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
+footer.text=Service d'authentification des autorit&eacute;s suisses AGOV &ndash; une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
 general.AGOVAccessApp=Application AGOV access
 general.accessApp=Application AGOV access
 general.authenticate=Authentification
@@ -111,18 +113,18 @@ general.moreOptions=PLUS D'OPTIONS
 general.or=OU
 general.otherLoginMethods=Autres m&eacute;thodes de connexion
 general.recovery=R&eacute;cup&eacute;ration
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
-general.registerNow=Enregistrez-vous d&egrave;s maintenant!
+general.registerNow=Enregistrez-vous d&egrave;s maintenant&#160;!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV&#160;?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@@ -144,9 +146,9 @@ languageDropdown.aria.label=S&eacute;lectionner la langue
 loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
 loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
-loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
+loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es&#160;!
 loainfo.later=Plus tard
-loainfo.startNow=Voulez-vous commencer le processus maintenant?
+loainfo.startNow=Voulez-vous commencer le processus maintenant&#160;?
 loainfo.startVerification=D&eacute;marrer la v&eacute;rification
 loainfo.title=V&eacute;rifiez vos donn&eacute;es
 loggedout.description=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
@@ -158,12 +160,12 @@ mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
 mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
 mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
-mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
+mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute;&#160;?
-mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
+mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access&#160;?
-mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
+mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute;&#160;?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV&#160;?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@@ -181,7 +183,7 @@ method.securid.label=SecurID
 method.ticket.label=Ticket
 onboard_linking_account_auth.fido_instructions=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter &agrave; son compte sans devoir utiliser son t&eacute;l&eacute;phone.
 onboard_linking_account_auth.instructions=Connectez-vous avec votre compte AGOV en scannant le code QR avec votre application AGOV access
-onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration ?
+onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration&#160;?
 onboarding.cancel-onboarding-description=Pour proc&eacute;der &agrave; la r&eacute;cup&eacute;ration de votre compte, vous devrez annuler le processus d&rsquo;int&eacute;gration.
 onboarding.cancel-proceed-recovery=Oui, annuler et proc&eacute;der &agrave; la r&eacute;cup&eacute;ration
 onboarding.login-factor=&Eacute;tape 1 - Facteur de connexion
@@ -218,7 +220,7 @@ op-onboarding.done.message=L&rsquo;enregistrement a &eacute;t&eacute; effectu&ea
 op-onboarding.done.title=TERMIN&Eacute;
 op-onboarding.failed.title=ERREUR
 op-onboarding.intro.message1=Pour terminer l&rsquo;enregistrement de votre acc&egrave;s &agrave; AGOV operations, vous devez disposer d&rsquo;un compte AGOV ou d&rsquo;un compte FED-LOGIN.
-op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur "Continuer", vous serez redirig&eacute; vers l&rsquo;authentification.
+op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur &laquo;&#160;Continuer&#160;&raquo;, vous serez redirig&eacute; vers l&rsquo;authentification.
 op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a pas encore atteint le niveau de qualit&eacute; d&rsquo;authentification requis, vous aurez la possibilit&eacute; de d&eacute;marrer la v&eacute;rification d&rsquo;identit&eacute; n&eacute;cessaire pour l&rsquo;atteindre.
 op-onboarding.intro.title=D&Eacute;MARRER
 op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
@@ -258,8 +260,8 @@ providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultat
 providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
+providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone&#160;?
-providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
@@ -272,24 +274,24 @@ recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
 recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
-recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
+recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration&#160;?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
 recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
-recovery_code.validUntil=Valable jusqu'au:
+recovery_code.validUntil=Valable jusqu'au&#160;:
 recovery_fidokey_auth.button=D&eacute;marrer l'authentification par cl&eacute; de s&eacute;curit&eacute;
-recovery_fidokey_auth.fidoInstruction=Cliquez sur "D&eacute;marrer l'enregistrement de la cl&eacute;"
+recovery_fidokey_auth.fidoInstruction=Cliquez sur &laquo;&#160;D&eacute;marrer l'enregistrement de la cl&eacute;&#160;&raquo;
 recovery_fidokey_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle cl&eacute; de s&eacute;curit&eacute; !!!SECURITY_KEY_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_fidokey_auth.instruction2=Veuillez utiliser !!!SECURITY_KEY_NAME!!! pour suivre les &eacute;tapes ci-dessous afin de vous identifier.
 recovery_fidokey_auth.keyRegistered=Cl&eacute; de s&eacute;curit&eacute; d&eacute;j&agrave; enregistr&eacute;e
@@ -297,8 +299,8 @@ recovery_intro_email.banner.error=Le lien que vous avez utilis&eacute; a expir&e
 recovery_intro_email.banner.info=Veuillez saisir votre adresse e-mail. Nous vous enverrons un e-mail vous permettant de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 recovery_intro_email.important=Important:
 recovery_intro_email.process=Le processus de r&eacute;cup&eacute;ration ne doit &ecirc;tre utilis&eacute; que si vous avez perdu l'acc&egrave;s &agrave; vos facteurs de connexion (application AGOV access supprim&eacute;e, cl&eacute; de s&eacute;curit&eacute; perdue, t&eacute;l&eacute;phone perdu, etc.).
-recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email?
+recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email&#160;?
-recovery_intro_email_sent.banner.success=Merci! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
+recovery_intro_email_sent.banner.success=Merci&#160;! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
 recovery_on_going.finishRecovery=Terminer la r&eacute;cup&eacute;ration
 recovery_on_going.instruction=Vous n&rsquo;avez pas encore termin&eacute; le processus de r&eacute;cup&eacute;ration. Dans le cadre du processus de r&eacute;cup&eacute;ration, votre identit&eacute; peut faire l&rsquo;objet d&rsquo;une v&eacute;rification. Pour acc&eacute;der &agrave; des applications au moyen de votre identifiant AGOV, vous devez terminer la v&eacute;rification d&rsquo;identit&eacute;.
 recovery_on_going.title=Veuillez terminer le processus de r&eacute;cup&eacute;ration.
@@ -308,12 +310,12 @@ recovery_questionnaire_instructions.instruction1=Fournissez l'adresse &eacute;le
 recovery_questionnaire_instructions.instruction2=Suivez les &eacute;tapes pour r&eacute;cup&eacute;rer votre compte (les &eacute;tapes varient en fonction du niveau de v&eacute;rification de votre compte)
 recovery_questionnaire_loginfactor.banner.error=Veuillez choisir une r&eacute;ponse.
 recovery_questionnaire_loginfactor.no=Non
-recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte ?
+recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte&#160;?
 recovery_questionnaire_loginfactor.yes=Oui
 recovery_questionnaire_no_recovery.explanation1=D'apr&egrave;s vos r&eacute;ponses, l'option de r&eacute;cup&eacute;ration d'AGOV ne semble pas n&eacute;cessaire pour l'instant.
-recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> pour obtenir des articles de soutien.
+recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> pour obtenir des articles de soutien.
-recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
+recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
-recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
+recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
@@ -325,11 +327,13 @@ recovery_questionnaire_reason_selection.answer7=J'ai mes cl&eacute;s de s&eacute
 recovery_questionnaire_reason_selection.answer8=J'ai perdu l'acc&egrave;s &agrave; toutes mes cl&eacute;s de s&eacute;curit&eacute; et aux applications AGOV access
 recovery_questionnaire_reason_selection.answer9=J'ai des probl&egrave;mes avec l'un de mes facteurs d'authentification (effac&eacute;, r&eacute;initialis&eacute;, PIN oubli&eacute;)
 recovery_questionnaire_reason_selection.banner.error=Veuillez s&eacute;lectionner un motif.
-recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration :
+recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration&#160;:
 recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tant que le processus de r&eacute;cup&eacute;ration n'aura pas &eacute;t&eacute; termin&eacute;.
 recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
 recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 reject.button.label=Refuser
+signup.button.label=Inscription
+skip.button.label=Passer
 submit.button.label=Envoyer
 tan.sent=Veuillez saisir le code de s&eacute;curit&eacute; que vous avez re&ccedil;u au votre t&eacute;l&eacute;phone mobile.
 timeout.description=Votre session a expir&eacute;. Veuillez fermer cette fen&ecirc;tre et essayer de vous reconnecter.
@@ -340,6 +344,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorisation du client
 title.saml.failed=Error
+title.signup=Cr&#233;er un compte
 title.timeout.page=Logout
 user_input.invalid.email=Veuillez saisir un e-mail valable.
 user_input.invalid.email.required=Champ requis

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties

@@ -1,5 +1,5 @@
 
-accept.button.label=Accettare
+accept.button.label=Accetta
 agov-ident.done.message=Il vostro conto AGOV è ora pronto per l'uso. Può chiudere questa pagina.
 agov-ident.done.title=Finito
 agov-ident.failed.instruction=Per completare la registrazione è necessario disporre di un account AGOV e superare la verifica dei dati suggerita. Riprova.
@@ -10,14 +10,14 @@ agov-ident.invalid-url.message=Il link non può essere elaborato
 agov-ident.invalid-url.title=Link non valido
 agov-ident.onboarding=Registrazione e verifica
 agov-ident.retry=Riprova
-cancel.button.label=Abortire
+cancel.button.label=Annulla
 continue.button.label=Continua
 darkModeSwitch.aria.label=Attivare la modalità scura
 deputy.profile.label=(profilo del delegato)
 dimilar.confirm_identity.checkbox=Confermo che questi sono i miei dati
 dimilar.confirm_identity.description=Confermi che i dati riportati di seguito le appartengono per poter procedere:
 dimilar.confirm_identity.error=Confermi che i dati sono i suoi per poter procedere.
-dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confermare i dati
 dimilar.select_onboarding.description=Benvenuto in AGOV. Completi la procedura di registrazione collegando un account AGOV esistente o creandone uno nuovo.
 dimilar.select_onboarding.error-banner=Selezioni un&rsquo;opzione per continuare
@@ -25,14 +25,16 @@ dimilar.select_onboarding.existing-account=Proceda con un account AGOV esistente
 dimilar.select_onboarding.proceeding=Come desidera procedere?
 dimilar.select_onboarding.registering-account=Proceda con un nuovo account AGOV
 dimilar.select_onboarding.title=Buongiorno !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token scaduto o gi&agrave; utilizzato.
-dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=La procedura di registrazione &egrave; stata interrotta. Provi di nuovo.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=La procedura di registrazione &egrave; stata interrotta. Contatti il supporto al
-dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Registrarsi
+envbanner.label=Ambiente di esecuzione
+error.account.exists=L'account esiste gi<67>. Prosegui col login.
 error.saml.failed=Chiudi il browser e riprova.
 error_1=Verificare i dati inseriti.
 error_10=Scegliere l&rsquo;account utente corretto.
@@ -70,14 +72,14 @@ error_9905=Si &egrave; verificato un problema con l&rsquo;account AGOV operation
 error_9909=Si &egrave; verificato un errore interno. Richiedere al supporto un nuovo link di registrazione.
 errors.duplicateValue=Il suo account &egrave; gi&agrave; collegato ad un altro accesso operativo.
 fido2_auth.cancel.fido=L'autenticazione con la chiave di sicurezza &egrave; stata interrotta. Assicurarsi che la chiave FIDO sia registrata e che l'indirizzo e-mail sia corretto, poi seguire le istruzioni.
-fido2_auth.instruction1=Cliccare su "Continua"
+fido2_auth.instruction1=Cliccare su &laquo;Continua&raquo;.
 fido2_auth.instruction2=A breve si aprir&agrave; una finestra per l'autenticazione.
 fido2_auth.instruction3=Seguire le istruzioni.
 fido2_auth.skipInstructions=Non mostrare pi&ugrave; le istruzioni
 fido2_auth.switchLogin=ACCEDERE CON
 footer.link=https://agov.ch
 footer.link.label=Contatto
-footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV - una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
+footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV &ndash; una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
 general.AGOVAccessApp=App AGOV access
 general.accessApp=App AGOV access
 general.authenticate=Autentifica
@@ -111,7 +113,7 @@ general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
@@ -218,8 +220,8 @@ op-onboarding.done.message=La registrazione &egrave; riuscita. Ora l&rsquo;acces
 op-onboarding.done.title=FINITO
 op-onboarding.failed.title=ERRORE
 op-onboarding.intro.message1=Per completare la registrazione per l'accesso AGOV operations, &egrave; necessario avere un account AGOV o FED-LOGIN.
-op-onboarding.intro.message2=Dopo aver cliccato su "Continua", si &egrave; reindirizzati al servizio di autenticazione.
+op-onboarding.intro.message2=Dopo aver cliccato su &laquo;Continua&raquo;, si &egrave; reindirizzati al servizio di autenticazione.
-op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; avviare la verifica dell&rsquo;identit&agrave; richiesta.
+op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; iniziare la verifica dell&rsquo;identit&agrave; richiesta.
 op-onboarding.intro.title=INIZIARE
 op-onboarding.onboarding=Registrazione AGOV op
 op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
@@ -283,13 +285,13 @@ recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito
 recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
 recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
+recovery_fidokey_auth.fidoInstruction=Clicchi su &laquo;Inizi l'authenticazione della chiave&raquo;
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
@@ -311,9 +313,9 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Ha registrato pi&ugrave; di un fattore di accesso (app AGOV access o chiave di sicurezza) al suo account?
 recovery_questionnaire_loginfactor.yes=Si
 recovery_questionnaire_no_recovery.explanation1=In base alle sue risposte, l'opzione di ripristino AGOV non sembra necessaria al momento.
-recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per articoli di supporto.
+recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per articoli di supporto.
-recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
+recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
-recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
+recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
@@ -329,7 +331,9 @@ recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
 recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
 recovery_start_info.title=Sta per iniziare il processo di ripristino
-reject.button.label=Rifiuti
+reject.button.label=Rifiuta
+signup.button.label=Iscriviti
+skip.button.label=Salta
 submit.button.label=Continua
 tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
 timeout.description=La sessione &egrave; scaduta. Chiuda questa finestra e provi ad accedere nuovamente.
@@ -340,6 +344,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorizzazione del client
 title.saml.failed=Error
+title.signup=Crea un account
 title.timeout.page=Logout
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/OpOnbrdng-PreProcessing.groovy

@@ -131,4 +131,4 @@ if (response.getNote('lasterror') != null) {
   cleanSession()
 }
 
-response.setStatus(AuthResponse.AUTH_CONTINUE)
+response.setStatus(AuthResponse.AUTH_CONTINUE)

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf

@@ -13,8 +13,9 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )
 
+

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml

@@ -45,6 +45,8 @@
                 <!-- source: pattern://271d024334021208b71ac80a -->
                 <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                 <!-- source: pattern://271d024334021208b71ac80a -->
+                <field src="session" key="ch.nevis.session.domain" as="domain"/>
+                <!-- source: pattern://271d024334021208b71ac80a -->
                 <field src="request" key="ActualRoles" as="roles"/>
             </TokenSpec>
             <!-- source: pattern://271d024334021208b71ac80a -->
@@ -65,6 +67,8 @@
                 <!-- source: pattern://271d024334021208b71ac80a -->
                 <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                 <!-- source: pattern://271d024334021208b71ac80a -->
+                <field src="session" key="ch.nevis.session.domain" as="domain"/>
+                <!-- source: pattern://271d024334021208b71ac80a -->
                 <field src="request" key="ActualRoles" as="roles"/>
             </TokenSpec>
             <!-- source: pattern://271d024334021208b71ac80a -->
@@ -101,7 +105,7 @@
     </SessionCoordinator>
     <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
     <LocalOutOfContextDataStore reaperPeriod="60"/>
-    <!-- source: pattern://2787b678d9cce5310a335419, pattern://fd3912c7af7a88b6342a4c78, pattern://12c979b6af0f15f1328656a4, pattern://24cbc652d3166c8374eda3cd, pattern://56955e7b6b92c254d7d1aae1, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://ac27dd7daad0ca2b7229bfaf, pattern://ac27dd7daad0ca2b7229bfaf -->
+    <!-- source: pattern://2787b678d9cce5310a335419, pattern://fd3912c7af7a88b6342a4c78, pattern://12c979b6af0f15f1328656a4, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://ac27dd7daad0ca2b7229bfaf, pattern://ac27dd7daad0ca2b7229bfaf -->
     <AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/opt/nevisidmcl/nevisauth/lib:/opt/nevisauth/plugin" propagateSession="false">
         <!-- source: pattern://3fd09bb6cfbd34874595c263 -->
         <Domain name="IDENT-AuthenticationRealm" default="false" inactiveInterval="60" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
@@ -358,7 +362,7 @@
         </AuthState>
         <AuthState name="SAML_SP_nevisidm_operations_Realm_Restore_Level" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
             <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_set_userExtId_Groovy_Script_Step"/>
+            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_Prepare_Done"/>
             <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
             <Response value="AUTH_ERROR">
                 <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
@@ -374,222 +378,21 @@
                 <Gui name="ContinueResponse"/>
             </Response>
         </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_set_userExtId_Groovy_Script_Step" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
-            <!-- source: pattern://488949a743edb1f46f73f232 -->
-            <ResultCond name="error" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://488949a743edb1f46f73f232 -->
-            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step"/>
-            <!-- source: pattern://488949a743edb1f46f73f232 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://488949a743edb1f46f73f232 -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <!-- source: pattern://488949a743edb1f46f73f232 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/set_userextid_groovy_script_step.groovy"/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
-            <!-- source: pattern://700ec185425d8645fea2caf5 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://700ec185425d8645fea2caf5 -->
-                <Gui name="Error">
-                    <!-- source: pattern://700ec185425d8645fea2caf5 -->
-                    <GuiElem name="info" type="error" label="error_99"/>
-                    <!-- source: pattern://700ec185425d8645fea2caf5 -->
-                    <GuiElem name="submit" type="button" label="continue.button.label"/>
-                </Gui>
-                <!-- source: pattern://700ec185425d8645fea2caf5 -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step" class="ch.nevis.idm.authstate.IdmUserVerifyState" final="false" resumeState="true">
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="clientNotFound" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="failed" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="prospect" next="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step_selectProfile"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-                <Gui name="AuthFailDialog"/>
-            </Response>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="user.loginid" value="unknown"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="userExtId" value="${sess:operationsExtId}"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="client.name" value="OPERATIONS"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.user" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.profile" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.role" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.authorization" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.dataroom" value="HIGH"/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step_selectProfile" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="error" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step_IdmGetPropertiesState"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-                <Gui name="op_idmlogin_select_profile">
-                    <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-                    <GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}" optional="true"/>
-                    <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-                    <GuiElem name="submit" type="button" label="submit.button.label" value="go"/>
-                </Gui>
-            </Response>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/selectIdmProfile.groovy"/>
-        </AuthState>
-        <AuthState name="nevisIDM_Connector" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="false">
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="login.service.connection.0" value="https://idm:8989/nevisidm/services/v1/LoginService"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="admin.service.connection.0" value="https://idm:8989/nevisidm/services/v1/AdminService"/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step_IdmGetPropertiesState" class="ch.nevis.idm.authstate.IdmGetPropertiesState" final="false" resumeState="true">
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="clientNotFound" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <ResultCond name="showGui" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <Response value="AUTH_ERROR"/>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="user.attributes" value="loginId,extId,firstName,name,email,language"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="chooseProfileFromSession" value="operationsProfileExtId"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="userExtId" value="${sess:operationsExtId}"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="client.name" value="OPERATIONS"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.user" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.profile" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.role" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.authorization" value="HIGH"/>
-            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
-            <property name="detaillevel.dataroom" value="HIGH"/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false" resumeState="false">
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_Update"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="emailaddressDidntChange,givennameDidntChange,surnameDidntChange,languageDidntChange" next="SAML_SP_nevisidm_operations_Realm_Prepare_Done"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <Response value="AUTH_ERROR"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="condition:emailaddressDidntChange" value="#{ !sess.containsKey('idp.email') or sess.get('idp.email').equals(sess.get('ch.nevis.idm.User.email')) }"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="condition:givennameDidntChange" value="#{ !sess.containsKey('idp.firstName') or sess.get('idp.firstName').equals(sess.get('ch.nevis.idm.User.firstName')) }"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="condition:surnameDidntChange" value="#{ !sess.containsKey('idp.lastName') or sess.get('idp.lastName').equals(sess.get('ch.nevis.idm.User.lastName')) }"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="condition:languageDidntChange" value="#{ !sess.containsKey('idp.language') or sess.get('idp.language').equals(sess.get('ch.nevis.idm.User.language')) }"/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_Update" class="ch.nevis.idm.authstate.IdmSetPropertiesState" final="false" resumeState="false">
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="emailExists" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="inputInvalid" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="inputMissing" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="loginIdExists" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditUpdate"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="userIdExists" next="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.loginid" value="${sess:ch.adnovum.nevisidm.user.loginId}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="client.name" value="${sess:ch.adnovum.nevisidm.clientName}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attributes.optional" value="email,firstName,name,language"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attributes.mandatory" value="remarks"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attribute.email" value="${notes|saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attribute.firstName" value="${notes|saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attribute.name" value="${notes|saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attribute.language" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/languageOfCorrespondance}"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attribute.remarks" value="Updated based on assertion '${sess:ch.nevis.auth.saml.assertion.id}' (Request-ID: ${inctx:connection.HttpHeader.X-Request-ID})"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="user.attributes.overwrite" value="email,firstName,name,language,remarks"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="allowInvalidUserEmails" value="true"/>
-        </AuthState>
         <AuthState name="SAML_SP_nevisidm_operations_Realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
-            <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+            <!-- source: pattern://271d024334021208b71ac80a -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_Redirect_RelayState"/>
+            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_Auth_Done"/>
-            <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+            <!-- source: pattern://271d024334021208b71ac80a -->
             <Response value="AUTH_DONE">
-                <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+                <!-- source: pattern://271d024334021208b71ac80a -->
                 <Gui name="ContinueResponse"/>
             </Response>
-            <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+            <!-- source: pattern://271d024334021208b71ac80a -->
             <property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
         </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditError" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="script" value="  def user = session['ch.adnovum.nevisidm.user.extId'] ?: 'unknown'; def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'; def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'; LOG.error(&quot;Event='USERUPDATE', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', error='failed to update user in IDM', lasterrorinfo='${lasterrorinfo}'&quot;); response.setStatus(ch.nevis.esauth.auth.engine.AuthResponse.AUTH_ERROR);   "/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_UpdateUserIfNeeded_AuditUpdate" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_Prepare_Done"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <Response value="AUTH_CONTINUE"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
-            <!-- source: pattern://24cbc652d3166c8374eda3cd -->
-            <property name="script" value="  def user = session['ch.adnovum.nevisidm.user.extId'] ?: 'unknown'; def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'; def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'; LOG.info(&quot;Event='USERUPDATE', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}'&quot;);   "/>
-        </AuthState>
-        <AuthState name="SAML_SP_nevisidm_operations_Realm_Redirect_RelayState" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
-            <ResultCond name="default" next="SAML_SP_nevisidm_operations_Realm_Auth_Done"/>
-            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-            <Response value="AUTH_DONE">
-                <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-                <Gui name="ContinueResponse"/>
-            </Response>
-            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/redirect_relay_state.groovy"/>
-        </AuthState>
         <AuthState name="SAML_SP_nevisidm_operations_Realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
-            <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+            <!-- source: pattern://271d024334021208b71ac80a -->
             <Response value="AUTH_DONE">
-                <!-- source: pattern://7518c6cc61e47eec6322ae17, pattern://271d024334021208b71ac80a -->
+                <!-- source: pattern://271d024334021208b71ac80a -->
                 <Gui name="ContinueResponse"/>
             </Response>
         </AuthState>
@@ -795,6 +598,12 @@
             <!-- source: pattern://2787b678d9cce5310a335419 -->
             <property name="user.cred.saml_federation3.subjectNameId" value="true"/>
         </AuthState>
+        <AuthState name="nevisIDM_Connector" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="false">
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="login.service.connection.0" value="https://idm:8989/nevisidm/services/v1/LoginService"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="admin.service.connection.0" value="https://idm:8989/nevisidm/services/v1/AdminService"/>
+        </AuthState>
         <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential" class="ch.nevis.idm.authstate.IdmCreateCredentialState" final="false" resumeState="false">
             <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
             <ResultCond name="credentialExists" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
@@ -1137,8 +946,6 @@
             <!-- source: pattern://12c979b6af0f15f1328656a4 -->
             <ResultCond name="SOAP:showGui" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
             <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
             <ResultCond name="ok" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User" startOver="true"/>
             <!-- source: pattern://12c979b6af0f15f1328656a4 -->
             <ResultCond name="showGui" next="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPostProcessing"/>
@@ -1157,6 +964,12 @@
             <property name="detaillevel.default" value="EXCLUDE"/>
             <!-- source: pattern://12c979b6af0f15f1328656a4 -->
             <property name="detaillevel.user" value="MEDIUM"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="detaillevel.profile" value="MEDIUM"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="detaillevel.role" value="LOW"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="forceDataReload" value="true"/>
         </AuthState>
         <AuthState name="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPasswordChange" class="ch.nevis.idm.authstate.IdmChangePasswordState" final="false">
             <!-- source: pattern://12c979b6af0f15f1328656a4 -->
@@ -1234,7 +1047,7 @@
                     <!-- source: pattern://12c979b6af0f15f1328656a4 -->
                     <GuiElem name="isiwebnewpw2" type="pw-text" label="prompt.newpassword.confirm"/>
                     <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-                    <GuiElem name="submit" type="submit" label="button.submit"/>
+                    <GuiElem name="submit" type="submit" label="submit.button.label"/>
                 </Gui>
             </Response>
             <propertyRef name="nevisIDM_Connector"/>
@@ -1342,4 +1155,6 @@
             <property name="generateNow" value="true"/>
         </AuthState>
     </AuthEngine>
+    <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
+    <RESTService name="ManagementService" class="ch.nevis.esauth.rest.service.session.ManagementService"/>
 </esauth-server>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/log_login_user.groovy

@@ -12,4 +12,4 @@ try {
 } catch(Exception ex) {
    LOG.error("Exception in logLoginUser groovy script: " + ex)
    response.setResult('error');
-}
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml

@@ -16,12 +16,6 @@ Configuration:
       level: "INFO"
     - name: "EsAuthStart"
       level: "INFO"
-    - name: "org.apache.catalina.loader.WebappClassLoader"
-      level: "FATAL"
-    - name: "org.apache.catalina.startup.HostConfig"
-      level: "ERROR"
-    - name: "ch.nevis.esauth.events"
-      level: "FATAL"
     - name: "AGOVOP-ACCT"
       level: "INFO"
     - name: "AGOVOP-IDENT"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties

@@ -1,4 +1,5 @@
 otel.service.name = auth
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/saml_sp_nevisidm_admin_realm_extract_issuer.groovy

@@ -59,4 +59,4 @@ else { // no incoming message.
     }
 }
 
-response.setResult('ok')
+response.setResult('ok')

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/saml_sp_nevisidm_operations_realm_extract_issuer.groovy

@@ -59,4 +59,4 @@ else { // no incoming message.
     }
 }
 
-response.setResult('ok')
+response.setResult('ok')

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/selectIdmProfile.groovy

@@ -1,74 +0,0 @@
-import groovy.xml.XmlSlurper
-
-def idmSeverityRoleMap = [
-    "EnterpriseRoleAdmin": [11, "op-idmlogin.role.accs-mgmt-idm"],
-    "ClientRoot": [12, "op-idmlogin.role.support-priv"], 
-    "AppAdmin": [20, "op-idmlogin.role.idmcfg-mgmt"],
-    "AppOwner": [5, "op-idmlogin.role.accs-mgmt-nonidm"],
-    "UserAndUnitAdmin": [7, "op-idmlogin.role.usr-unit-mgmt"],
-    "UserAdmin": [6, "op-idmlogin.role.usr-mgmt"],
-    "TemplateAdmin": [10, "op-idmlogin.role.support-basic"],
-    "Helpdesk": [1, "op-idmlogin.role.readonly-access" ]
-]
-
-try {
-  def dtoString = session['ch.adnovum.nevisidm.userDto']
-
-  def idmDto = new XmlSlurper().parseText(dtoString)
-  def idmPrfMap = idmDto.'**'.findAll 
-    { prf -> prf.name() == 'profiles' 
-      && prf.'**'.find 
-        { role -> role.name() == 'roles' 
-          && role.applicationName.text() == 'nevisIdm'
-        }
-    }.collectEntries { prf -> [ prf.extId.text(), 
-            prf.'**'.findAll 
-            { role -> role.name() == 'roles' 
-              && role.applicationName.text() == 'nevisIdm'
-            }.collect{ rolePrioEntry -> idmSeverityRoleMap[rolePrioEntry.name.text()] ?: [1000, "DO-NOT-USE(${rolePrioEntry.name.text()})"] 
-            }.sort { a, b -> a[0] <=> b[0] // sort by severity
-            }.last()[1] // take label of the ighest one
-    ] }
-
-  if ((inargs.getProperty('submit', '') == 'go') && idmPrfMap.containsKey(inargs.getProperty('profile_selection', 'missing'))) {
-
-    // user selected a profile which exists, we take it
-    def operationsProfileExtId = inargs.getProperty('profile_selection', 'missing')
-    LOG.info("User selected profile: ${operationsProfileExtId} '${idmPrfMap.get(operationsProfileExtId)}'")
-    response.setSessionAttribute('operationsProfileExtId', '' + operationsProfileExtId)
-    response.setResult('ok')
-    return
-
-  } else if (idmPrfMap.size() == 1) {
-
-    // we take the only profile, with an IDM role
-    def operationsProfileExtId = idmPrfMap.keySet().first()
-    LOG.info("taking the only profile with an idm role: ${operationsProfileExtId} '${idmPrfMap.get(operationsProfileExtId)}'")
-    response.setSessionAttribute('operationsProfileExtId', '' + operationsProfileExtId)
-    response.setResult('ok')
-    return
-
-  } else if (idmPrfMap.isEmpty()) {
-
-    // no profile with an IDM role, do nothing
-    response.setResult('ok')
-    return
-
-  } else {
-
-    // user should select a profile
-    response.setGuiName('op_idmlogin_select_profile')
-    idmPrfMap.each {
-      response.addRadioGuiField('profile_selection', it.value, it.key)
-    }
-    response.addButtonGuiField('submit', 'general.continue', 'go')
-
-    response.setStatus(ch.nevis.esauth.auth.engine.AuthResponse.AUTH_CONTINUE)
-    return
-  }
-} catch (Exception e) {
-  def errorMsg = "Failed to process profile selection: ${e.getMessage()}"
-  LOG.error(errorMsg, e)
-  response.setError(9901, errorMsg)
-  response.setResult('error')
-}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/set_userextid_groovy_script_step.groovy

@@ -1,59 +0,0 @@
-try {
-  def s = request.getAuthSession(true)
-
-  LOG.debug("operationsExtId: ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId']}")
-  LOG.debug("operationsUserProfileExtIdList: ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId']}")
-
-  // set operation's account extId and profile extid
-  if (notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId'] == null || notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId'] == null) {
-    LOG.error("[OPACCESS] User ${notes['saml.assertion.subject']} tried to access without operations account or profile")
-    response.setResult('error');
-    return
-  }
-
-  response.setSessionAttribute('operationsExtId', notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId'])
-
-  // extract additional attributes from assertion in session
-  if (notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname']) {
-    response.setSessionAttribute('idp.firstName', notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'])
-  }
-  if (notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname']) {
-    response.setSessionAttribute('idp.lastName', notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'])
-  }
-  if (notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress']) {
-    response.setSessionAttribute('idp.email', notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'])
-  }
-  if (notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/languageOfCorrespondance']) {
-    response.setSessionAttribute('idp.language', notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/languageOfCorrespondance'])
-  }
-
-  // we take the first one, if there is no profile in the operations unit
-  def unitAndProfileExtidPar = notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId']
-    .split(',').find{pairstr -> pairstr.split("\\\\")[1]  == "130274ee-7e24-4050-9b94-d5717ef52ade" } 
-    ?: notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId'].split(',')[0]
-
-  if (! unitAndProfileExtidPar.contains('130274ee-7e24-4050-9b94-d5717ef52ade') )
-  {
-    LOG.info("[OPACCESS] User ${notes['saml.assertion.subject']} with opaccount ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId']} has no operations profile, we use the first one")
-  }
-  response.setSessionAttribute('operationsProfileExtId', unitAndProfileExtidPar.split("\\\\")[0])
-
-  // ad role based on agov aq level
-  def acrToRoleMap = [ 'urn:qa.agov.ch:names:tc:ac:classes:100':'AGOV-Loi.level100',
-    'urn:qa.agov.ch:names:tc:ac:classes:200':'AGOV-Loi.level200',
-    'urn:qa.agov.ch:names:tc:ac:classes:300':'AGOV-Loi.level300',
-    'urn:qa.agov.ch:names:tc:ac:classes:400':'AGOV-Loi.level400',
-    'urn:qa.agov.ch:names:tc:ac:classes:500':'AGOV-Loi.level500'
-  ]
-
-  if (acrToRoleMap[session['ch.nevis.auth.saml.assertion.authnContextClassRef']?='none']) {
-    response.addActualRole(acrToRoleMap[session['ch.nevis.auth.saml.assertion.authnContextClassRef']])
-  }
-
-
-  response.setResult('ok');  
-
-} catch(Exception ex) {
-   LOG.warn("Exception in selectProfile groovy script: " + ex)
-   response.setResult('error');
-}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisIDM"
   replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
   runAsNonRoot: true
   ports:
     management: 8998
@@ -40,13 +40,14 @@ spec:
     management:
       httpGet:
         path: "/health"
+      initialDelaySeconds: 60
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-f1a1d7e9c3345612747d207988ade2a9715621a0"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf

@@ -4,5 +4,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
-)
+)

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties

@@ -2,6 +2,14 @@
 web.gui.languages.default=de
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.url=jdbc:mariadb://session-db-primary-service.adn-agov-database-01-uat:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&sslMode=disable
+# source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.min=5
+# source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.max=10
+# source: pattern://0d4bbba28a4a76094d41df81
+database.connection.max.lifetime=1800
+# source: pattern://0d4bbba28a4a76094d41df81
+database.connection.max.idle.time=600
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.username=adndbadmin
 # source: pattern://0d4bbba28a4a76094d41df81
@@ -53,10 +61,6 @@ application.modules.event.repeat.count=-1
 # source: pattern://0116b3002d0e713e23e6be72
 application.modules.provisioning.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.max=10
-# source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.min=5
-# source: pattern://0116b3002d0e713e23e6be72
 database.connection.xa.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
 database.transaction.timeout=60

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties

@@ -1,4 +1,5 @@
 otel.service.name = idm-job
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/rolesMapping.properties

@@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.CredentialViewPlainValue,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113
@@ -13,7 +13,7 @@ nevisIdm.SoapTechAccessReadOnly=AccessControl.ApplicationSearch,AccessControl.Ap
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TechUser=
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.ClientRoot=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationDelete,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialDelete,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.CredentialViewPlainValue,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileArchive,AccessControl.ProfileDelete,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueDelete,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
+nevisIdm.ClientRoot=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationDelete,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialDelete,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileArchive,AccessControl.ProfileDelete,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueDelete,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Impersonator=
 # source: pattern://50d6c91ace65f52fa56d7113
@@ -25,7 +25,7 @@ nevisIdm.BatchJobAdmin=
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.MainAppOwner=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.UnitSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.RoleView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.CollectionView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.SearchResultsExport,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.ClientApplView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAndUnitAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialViewPlainValue,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAndUnitAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.SelfAdmin=AccessControl.SelfAdmin,AccessControl.LoginIdModify
 # source: pattern://50d6c91ace65f52fa56d7113

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-ba7c7a3b091df0c4b8ba0bb2.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisIDM"
   replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
   runAsNonRoot: true
   ports:
     management: 8998
@@ -40,13 +40,14 @@ spec:
     management:
       httpGet:
         path: "/health"
+      initialDelaySeconds: 60
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-f1a1d7e9c3345612747d207988ade2a9715621a0"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf

@@ -4,5 +4,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
-)
+)

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/logging.yml

@@ -31,12 +31,12 @@ Configuration:
       level: "INFO"
     - name: "Ninja"
       level: "WARN"
+    - name: "OpTrace"
+      level: "INFO"
     - name: "ch.adnovum.nevisidm.service.dbperformance"
       level: "INFO"
     - name: "ch.nevis.ninja"
       level: "WARN"
-    - name: "jcan.Op"
-      level: "INFO"
     Root:
       level: "WARN"
       additivity: "false"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties

@@ -2,6 +2,14 @@
 web.gui.languages.default=de
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.url=jdbc:mariadb://session-db-primary-service.adn-agov-database-01-uat:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&sslMode=disable
+# source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.min=5
+# source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.max=10
+# source: pattern://ca0629d86201d4c4ac857d60
+database.connection.max.lifetime=1800
+# source: pattern://ca0629d86201d4c4ac857d60
+database.connection.max.idle.time=600
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.username=adndbadmin
 # source: pattern://ca0629d86201d4c4ac857d60
@@ -59,10 +67,6 @@ application.modules.reporting.characterencoding=ISO-8859-1
 # source: pattern://fe4a248ac7b092a6a80624f1
 application.modules.reporting.separator=;
 # source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.max=10
-# source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.min=5
-# source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.xa.enabled=false
 # source: pattern://fe4a248ac7b092a6a80624f1
 web.gui.facing.cache.size=10000

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties

@@ -1,4 +1,5 @@
 otel.service.name = idm
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/rolesMapping.properties

@@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.CredentialViewPlainValue,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113
@@ -13,7 +13,7 @@ nevisIdm.SoapTechAccessReadOnly=AccessControl.ApplicationSearch,AccessControl.Ap
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TechUser=
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.ClientRoot=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationDelete,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialDelete,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.CredentialViewPlainValue,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileArchive,AccessControl.ProfileDelete,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueDelete,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
+nevisIdm.ClientRoot=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationDelete,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialDelete,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileArchive,AccessControl.ProfileDelete,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueDelete,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Impersonator=
 # source: pattern://50d6c91ace65f52fa56d7113
@@ -25,7 +25,7 @@ nevisIdm.BatchJobAdmin=
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.MainAppOwner=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.UnitSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.RoleView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.CollectionView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.SearchResultsExport,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.ClientApplView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAndUnitAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialViewPlainValue,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAndUnitAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.SelfAdmin=AccessControl.SelfAdmin,AccessControl.LoginIdModify
 # source: pattern://50d6c91ace65f52fa56d7113

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisLogrend"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
   runAsNonRoot: true
   ports:
     server: 8988
@@ -38,13 +38,14 @@ spec:
   startupProbe:
     server:
       tcpSocket: true
+      initialDelaySeconds: 30
       periodSeconds: 5
       timeoutSeconds: 4
-      failureThreshold: 50
+      failureThreshold: 30
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ffccb0ac6d5831789f198ab73f0ecfff9ea38df7"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend"
     credentials: "git-credentials"
   podSecurity:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf

@@ -10,5 +10,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
-)
+)

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties

@@ -1,3 +1,5 @@
+
 ico=image/x-icon
+json=application/json
 woff=font/woff
-woff2=font/woff2
+woff2=font/woff2

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties

@@ -1,4 +1,5 @@
 otel.service.name = logrend
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties

@@ -13,7 +13,7 @@ darkModeSwitch.aria.label=Dark-Mode-Schalter
 dimilar.confirm_identity.checkbox=Ich bestätige, dass dies meine Angaben sind
 dimilar.confirm_identity.description=Bitte bestätigen Sie, dass die folgenden Angaben Ihnen gehören, um fortzufahren:
 dimilar.confirm_identity.error=Bitte bestätigen Sie, dass die Angaben Ihnen gehören, um fortzufahren.
-dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Angaben best&auml;tigen
 dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
 dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
@@ -21,14 +21,15 @@ dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AG
 dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
 dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
 dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
-dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
-dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
-dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun bei Dimilar unter <a class='link' href='https://www.armee.ch/de/dim' target='_blank'>https://www.armee.ch/de/dim</a> einloggen.
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
 dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
 error_100=Zertifikat-Upload nicht m&ouml;glich. Das Zertifikat existiert bereits. Wenden Sie sich an Ihr Helpdesk.
@@ -65,7 +66,7 @@ error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitt
 error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
 errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
 fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
-fido2_auth.instruction1=Klicken Sie auf "Weiter"
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
 fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
 fido2_auth.instruction3=Folgen Sie den Anweisungen
 fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
@@ -106,7 +107,7 @@ general.moreOptions=WEITERE OPTIONEN
 general.or=ODER
 general.otherLoginMethods=Andere Login-Methoden
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
@@ -233,13 +234,13 @@ recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wieder
 recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
 recovery_check_noCode.banner.error=Zu viele Versuche.
 recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
 recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
-recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
@@ -261,9 +262,9 @@ recovery_questionnaire_loginfactor.no=Nein
 recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
 recovery_questionnaire_loginfactor.yes=Ja
 recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
-recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
-recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
-recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties

@@ -13,7 +13,7 @@ darkModeSwitch.aria.label=Dark-Mode-Schalter
 dimilar.confirm_identity.checkbox=Ich bestätige, dass dies meine Angaben sind
 dimilar.confirm_identity.description=Bitte bestätigen Sie, dass die folgenden Angaben Ihnen gehören, um fortzufahren:
 dimilar.confirm_identity.error=Bitte bestätigen Sie, dass die Angaben Ihnen gehören, um fortzufahren.
-dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Angaben best&auml;tigen
 dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
 dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
@@ -21,14 +21,15 @@ dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AG
 dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
 dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
 dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
-dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
-dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
-dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun bei Dimilar unter <a class='link' href='https://www.armee.ch/de/dim' target='_blank'>https://www.armee.ch/de/dim</a> einloggen.
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
 dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
 error_100=Zertifikat-Upload nicht m&ouml;glich. Das Zertifikat existiert bereits. Wenden Sie sich an Ihr Helpdesk.
@@ -65,7 +66,7 @@ error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitt
 error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
 errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
 fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
-fido2_auth.instruction1=Klicken Sie auf "Weiter"
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
 fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
 fido2_auth.instruction3=Folgen Sie den Anweisungen
 fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
@@ -106,7 +107,7 @@ general.moreOptions=WEITERE OPTIONEN
 general.or=ODER
 general.otherLoginMethods=Andere Login-Methoden
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
@@ -233,13 +234,13 @@ recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wieder
 recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
 recovery_check_noCode.banner.error=Zu viele Versuche.
 recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
 recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
-recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
@@ -261,9 +262,9 @@ recovery_questionnaire_loginfactor.no=Nein
 recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
 recovery_questionnaire_loginfactor.yes=Ja
 recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
-recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
-recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
-recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties

@@ -13,7 +13,7 @@ darkModeSwitch.aria.label=Dark mode toggle
 dimilar.confirm_identity.checkbox=I confirm this is my data
 dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
 dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
-dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confirm data
 dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
 dimilar.select_onboarding.error-banner=Please select one option to continue
@@ -21,14 +21,15 @@ dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
 dimilar.select_onboarding.proceeding=How would you like to proceed?
 dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
 dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token expired or already used.
-dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
-dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to Dimilar at <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
 error_1=Please check your input.
 error_10=Please select the correct user account.
 error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
@@ -83,7 +84,7 @@ general.contactSupport=Contact Support
 general.continue=Continue
 general.data.birthDate=Date of birth
 general.data.birthDateFormat=DD.MM.YYYY
-general.data.enrollmentNumber=Enrolment number (SSN/AHV number)
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
 general.data.firstname=First name
 general.data.lastname=Last name
 general.edit=Edit
@@ -106,7 +107,7 @@ general.moreOptions=MORE OPTIONS
 general.or=OR
 general.otherLoginMethods=Other login methods
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
@@ -212,7 +213,7 @@ providePhoneNumber.laterModal.title=Continue without a phone number?
 providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
-providePhoneNumber.saveButtonText=Save
+providePhoneNumber.saveButtonText=Continue
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
@@ -233,7 +234,7 @@ recovery_check_code.too_many_tries.instruction1=The recovery code you have enter
 recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
-recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
 recovery_code.newRecoveryCode=Introducing recovery code
@@ -261,9 +262,9 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
 recovery_questionnaire_loginfactor.yes=Yes
 recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
-recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
-recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
-recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
@@ -277,7 +278,7 @@ recovery_questionnaire_reason_selection.answer9=I have issues with one of my log
 recovery_questionnaire_reason_selection.banner.error=Please select a reason.
 recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
 recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
-recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 timeout.description=Your session has timed out. Please close this window and try logging in again.
 timeout.title=Session expired

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties

@@ -11,24 +11,25 @@ agov-ident.onboarding=Enregistrement et vérification
 agov-ident.retry=Essayez à nouveau
 darkModeSwitch.aria.label=Activer l'apparence sombre
 dimilar.confirm_identity.checkbox=Je confirme que ce sont mes données
-dimilar.confirm_identity.description=Veuillez confirmer que les données ci-dessous vous appartiennent afin de poursuivre :
+dimilar.confirm_identity.description=Veuillez confirmer que les données ci-dessous vous appartiennent afin de poursuivre :
 dimilar.confirm_identity.error=Veuillez confirmer que les données vous appartiennent afin de poursuivre.
-dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dim' target='_blank'>https://agov.ch/fr/dim</a>.
+dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confirmer les donn&eacute;es
 dimilar.select_onboarding.description=Bienvenue sur AGOV. Veuillez terminer votre int&eacute;gration en vous connectant &agrave; un compte AGOV existant ou en cr&eacute;ant un nouveau compte.
 dimilar.select_onboarding.error-banner=Veuillez s&eacute;lectionner une option pour continuer
 dimilar.select_onboarding.existing-account=Se connecter avec un compte AGOV existant
-dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der ?
+dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der&#160;?
 dimilar.select_onboarding.registering-account=Se connecter avec un nouveau compte AGOV
 dimilar.select_onboarding.title=Bonjour !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Jeton expir&eacute; ou d&eacute;j&agrave; utilis&eacute;.
-dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Le processus d&rsquo;int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez r&eacute;essayer.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/fr/dimf' target='_blank'>https://agov.ch/fr/dimf</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Le processus d'int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez contacter le service de support &agrave;
-dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://www.armee.ch/fr/dimf' target='_blank'>https://www.armee.ch/fr/dimf</a>.
+dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Cr&eacute;er un compte
+envbanner.label=Environnement d'ex&eacute;cution
 error_1=Veuillez v&eacute;rifier votre saisie.
 error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
 error_100=Le t&eacute;l&eacute;chargement du certificat est impossible. Le certificat existe d&eacute;j&agrave;. Veuillez contacter votre service d&rsquo;assistance.
@@ -65,14 +66,14 @@ error_9905=Il y a un probl&egrave;me avec votre compte AGOV operations. Veuillez
 error_9909=Un probl&egrave;me interne s&rsquo;est produit. Veuillez demander un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
 errors.duplicateValue=Votre compte est d&eacute;j&agrave; li&eacute; &agrave; un autre acc&egrave;s &agrave; AGOV operations.
 fido2_auth.cancel.fido=L'authentification avec la cl&eacute; de s&eacute;curit&eacute; a &eacute;t&eacute; interrompue. Veuillez vous assurer que votre cl&eacute; FIDO est enregistr&eacute;e et que votre adresse e-mail est correcte, puis suivez les &eacute;tapes ci-dessous.
-fido2_auth.instruction1=Cliquez sur "Continuer"
+fido2_auth.instruction1=Cliquez sur &laquo;&#160;Continuer&#160;&raquo;
 fido2_auth.instruction2=Une fen&ecirc;tre d'authentification s'affichera
 fido2_auth.instruction3=Suivez les instructions
 fido2_auth.skipInstructions=Passer les instructions la fois suivante
 fido2_auth.switchLogin=S'AUTHENTIFIER AVEC
 footer.link=https://agov.ch
 footer.link.label=Contact
-footer.text=Service d'authentification des autorit&eacute;s suisses AGOV - une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
+footer.text=Service d'authentification des autorit&eacute;s suisses AGOV &ndash; une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
 general.AGOVAccessApp=Application AGOV access
 general.accessApp=Application AGOV access
 general.authenticate=Authentification
@@ -106,18 +107,18 @@ general.moreOptions=PLUS D'OPTIONS
 general.or=OU
 general.otherLoginMethods=Autres m&eacute;thodes de connexion
 general.recovery=R&eacute;cup&eacute;ration
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
-general.registerNow=Enregistrez-vous d&egrave;s maintenant!
+general.registerNow=Enregistrez-vous d&egrave;s maintenant&#160;!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV&#160;?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@@ -135,9 +136,9 @@ languageDropdown.aria.label=S&eacute;lectionner la langue
 loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
 loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
-loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
+loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es&#160;!
 loainfo.later=Plus tard
-loainfo.startNow=Voulez-vous commencer le processus maintenant?
+loainfo.startNow=Voulez-vous commencer le processus maintenant&#160;?
 loainfo.startVerification=D&eacute;marrer la v&eacute;rification
 loainfo.title=V&eacute;rifiez vos donn&eacute;es
 loggedout.description=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
@@ -146,12 +147,12 @@ mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
 mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
 mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
-mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
+mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute;&#160;?
-mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
+mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access&#160;?
-mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
+mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute;&#160;?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV&#160;?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@@ -159,7 +160,7 @@ mauth_usernameless.useSecurityKey=Utiliser une cl&eacute; de s&eacute;curit&eacu
 mauth_usernameless.useSecurityKeyInfo=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter sans devoir utiliser son t&eacute;l&eacute;phone.
 onboard_linking_account_auth.fido_instructions=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter &agrave; son compte sans devoir utiliser son t&eacute;l&eacute;phone.
 onboard_linking_account_auth.instructions=Connectez-vous avec votre compte AGOV en scannant le code QR avec votre application AGOV access
-onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration ?
+onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration&#160;?
 onboarding.cancel-onboarding-description=Pour proc&eacute;der &agrave; la r&eacute;cup&eacute;ration de votre compte, vous devrez annuler le processus d&rsquo;int&eacute;gration.
 onboarding.cancel-proceed-recovery=Oui, annuler et proc&eacute;der &agrave; la r&eacute;cup&eacute;ration
 onboarding.login-factor=&Eacute;tape 1 - Facteur de connexion
@@ -196,7 +197,7 @@ op-onboarding.done.message=L&rsquo;enregistrement a &eacute;t&eacute; effectu&ea
 op-onboarding.done.title=TERMIN&Eacute;
 op-onboarding.failed.title=ERREUR
 op-onboarding.intro.message1=Pour terminer l&rsquo;enregistrement de votre acc&egrave;s &agrave; AGOV operations, vous devez disposer d&rsquo;un compte AGOV ou d&rsquo;un compte FED-LOGIN.
-op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur "Continuer", vous serez redirig&eacute; vers l&rsquo;authentification.
+op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur &laquo;&#160;Continuer&#160;&raquo;, vous serez redirig&eacute; vers l&rsquo;authentification.
 op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a pas encore atteint le niveau de qualit&eacute; d&rsquo;authentification requis, vous aurez la possibilit&eacute; de d&eacute;marrer la v&eacute;rification d&rsquo;identit&eacute; n&eacute;cessaire pour l&rsquo;atteindre.
 op-onboarding.intro.title=D&Eacute;MARRER
 op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
@@ -208,8 +209,8 @@ providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultat
 providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
+providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone&#160;?
-providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
@@ -222,24 +223,24 @@ recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
 recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
-recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
+recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration&#160;?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
 recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
-recovery_code.validUntil=Valable jusqu'au:
+recovery_code.validUntil=Valable jusqu'au&#160;:
 recovery_fidokey_auth.button=D&eacute;marrer l'authentification par cl&eacute; de s&eacute;curit&eacute;
-recovery_fidokey_auth.fidoInstruction=Cliquez sur "D&eacute;marrer l'enregistrement de la cl&eacute;"
+recovery_fidokey_auth.fidoInstruction=Cliquez sur &laquo;&#160;D&eacute;marrer l'enregistrement de la cl&eacute;&#160;&raquo;
 recovery_fidokey_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle cl&eacute; de s&eacute;curit&eacute; !!!SECURITY_KEY_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_fidokey_auth.instruction2=Veuillez utiliser !!!SECURITY_KEY_NAME!!! pour suivre les &eacute;tapes ci-dessous afin de vous identifier.
 recovery_fidokey_auth.keyRegistered=Cl&eacute; de s&eacute;curit&eacute; d&eacute;j&agrave; enregistr&eacute;e
@@ -247,8 +248,8 @@ recovery_intro_email.banner.error=Le lien que vous avez utilis&eacute; a expir&e
 recovery_intro_email.banner.info=Veuillez saisir votre adresse e-mail. Nous vous enverrons un e-mail vous permettant de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 recovery_intro_email.important=Important:
 recovery_intro_email.process=Le processus de r&eacute;cup&eacute;ration ne doit &ecirc;tre utilis&eacute; que si vous avez perdu l'acc&egrave;s &agrave; vos facteurs de connexion (application AGOV access supprim&eacute;e, cl&eacute; de s&eacute;curit&eacute; perdue, t&eacute;l&eacute;phone perdu, etc.).
-recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email?
+recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email&#160;?
-recovery_intro_email_sent.banner.success=Merci! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
+recovery_intro_email_sent.banner.success=Merci&#160;! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
 recovery_on_going.finishRecovery=Terminer la r&eacute;cup&eacute;ration
 recovery_on_going.instruction=Vous n&rsquo;avez pas encore termin&eacute; le processus de r&eacute;cup&eacute;ration. Dans le cadre du processus de r&eacute;cup&eacute;ration, votre identit&eacute; peut faire l&rsquo;objet d&rsquo;une v&eacute;rification. Pour acc&eacute;der &agrave; des applications au moyen de votre identifiant AGOV, vous devez terminer la v&eacute;rification d&rsquo;identit&eacute;.
 recovery_on_going.title=Veuillez terminer le processus de r&eacute;cup&eacute;ration.
@@ -258,12 +259,12 @@ recovery_questionnaire_instructions.instruction1=Fournissez l'adresse &eacute;le
 recovery_questionnaire_instructions.instruction2=Suivez les &eacute;tapes pour r&eacute;cup&eacute;rer votre compte (les &eacute;tapes varient en fonction du niveau de v&eacute;rification de votre compte)
 recovery_questionnaire_loginfactor.banner.error=Veuillez choisir une r&eacute;ponse.
 recovery_questionnaire_loginfactor.no=Non
-recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte ?
+recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte&#160;?
 recovery_questionnaire_loginfactor.yes=Oui
 recovery_questionnaire_no_recovery.explanation1=D'apr&egrave;s vos r&eacute;ponses, l'option de r&eacute;cup&eacute;ration d'AGOV ne semble pas n&eacute;cessaire pour l'instant.
-recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> pour obtenir des articles de soutien.
+recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> pour obtenir des articles de soutien.
-recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
+recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
-recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
+recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
@@ -275,7 +276,7 @@ recovery_questionnaire_reason_selection.answer7=J'ai mes cl&eacute;s de s&eacute
 recovery_questionnaire_reason_selection.answer8=J'ai perdu l'acc&egrave;s &agrave; toutes mes cl&eacute;s de s&eacute;curit&eacute; et aux applications AGOV access
 recovery_questionnaire_reason_selection.answer9=J'ai des probl&egrave;mes avec l'un de mes facteurs d'authentification (effac&eacute;, r&eacute;initialis&eacute;, PIN oubli&eacute;)
 recovery_questionnaire_reason_selection.banner.error=Veuillez s&eacute;lectionner un motif.
-recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration :
+recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration&#160;:
 recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tant que le processus de r&eacute;cup&eacute;ration n'aura pas &eacute;t&eacute; termin&eacute;.
 recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
 recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties

@@ -13,7 +13,7 @@ darkModeSwitch.aria.label=Attivare la modalità scura
 dimilar.confirm_identity.checkbox=Confermo che questi sono i miei dati
 dimilar.confirm_identity.description=Confermi che i dati riportati di seguito le appartengono per poter procedere:
 dimilar.confirm_identity.error=Confermi che i dati sono i suoi per poter procedere.
-dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confermare i dati
 dimilar.select_onboarding.description=Benvenuto in AGOV. Completi la procedura di registrazione collegando un account AGOV esistente o creandone uno nuovo.
 dimilar.select_onboarding.error-banner=Selezioni un&rsquo;opzione per continuare
@@ -21,14 +21,15 @@ dimilar.select_onboarding.existing-account=Proceda con un account AGOV esistente
 dimilar.select_onboarding.proceeding=Come desidera procedere?
 dimilar.select_onboarding.registering-account=Proceda con un nuovo account AGOV
 dimilar.select_onboarding.title=Buongiorno !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token scaduto o gi&agrave; utilizzato.
-dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=La procedura di registrazione &egrave; stata interrotta. Provi di nuovo.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dim' target='_blank'>https://agov.ch/dim</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=La procedura di registrazione &egrave; stata interrotta. Contatti il supporto al
-dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Registrarsi
+envbanner.label=Ambiente di esecuzione
 error_1=Verificare i dati inseriti.
 error_10=Scegliere l&rsquo;account utente corretto.
 error_100=Impossibile caricare il certificato. Il certificato esiste gi&agrave;. Contattare l&rsquo;help desk.
@@ -65,14 +66,14 @@ error_9905=Si &egrave; verificato un problema con l&rsquo;account AGOV operation
 error_9909=Si &egrave; verificato un errore interno. Richiedere al supporto un nuovo link di registrazione.
 errors.duplicateValue=Il suo account &egrave; gi&agrave; collegato ad un altro accesso operativo.
 fido2_auth.cancel.fido=L'autenticazione con la chiave di sicurezza &egrave; stata interrotta. Assicurarsi che la chiave FIDO sia registrata e che l'indirizzo e-mail sia corretto, poi seguire le istruzioni.
-fido2_auth.instruction1=Cliccare su "Continua"
+fido2_auth.instruction1=Cliccare su &laquo;Continua&raquo;.
 fido2_auth.instruction2=A breve si aprir&agrave; una finestra per l'autenticazione.
 fido2_auth.instruction3=Seguire le istruzioni.
 fido2_auth.skipInstructions=Non mostrare pi&ugrave; le istruzioni
 fido2_auth.switchLogin=ACCEDERE CON
 footer.link=https://agov.ch
 footer.link.label=Contatto
-footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV - una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
+footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV &ndash; una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
 general.AGOVAccessApp=App AGOV access
 general.accessApp=App AGOV access
 general.authenticate=Autentifica
@@ -106,7 +107,7 @@ general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
@@ -196,8 +197,8 @@ op-onboarding.done.message=La registrazione &egrave; riuscita. Ora l&rsquo;acces
 op-onboarding.done.title=FINITO
 op-onboarding.failed.title=ERRORE
 op-onboarding.intro.message1=Per completare la registrazione per l'accesso AGOV operations, &egrave; necessario avere un account AGOV o FED-LOGIN.
-op-onboarding.intro.message2=Dopo aver cliccato su "Continua", si &egrave; reindirizzati al servizio di autenticazione.
+op-onboarding.intro.message2=Dopo aver cliccato su &laquo;Continua&raquo;, si &egrave; reindirizzati al servizio di autenticazione.
-op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; avviare la verifica dell&rsquo;identit&agrave; richiesta.
+op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; iniziare la verifica dell&rsquo;identit&agrave; richiesta.
 op-onboarding.intro.title=INIZIARE
 op-onboarding.onboarding=Registrazione AGOV op
 op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
@@ -233,13 +234,13 @@ recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito
 recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
 recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
+recovery_fidokey_auth.fidoInstruction=Clicchi su &laquo;Inizi l'authenticazione della chiave&raquo;
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
@@ -261,9 +262,9 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Ha registrato pi&ugrave; di un fattore di accesso (app AGOV access o chiave di sicurezza) al suo account?
 recovery_questionnaire_loginfactor.yes=Si
 recovery_questionnaire_no_recovery.explanation1=In base alle sue risposte, l'opzione di ripristino AGOV non sembra necessaria al momento.
-recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per articoli di supporto.
+recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per articoli di supporto.
-recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
+recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
-recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
+recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties

@@ -13,7 +13,7 @@ darkModeSwitch.aria.label=Activar l'apparientscha stgira
 dimilar.confirm_identity.checkbox=Jau conferm che quest en mias datas
 dimilar.confirm_identity.description=Per cuntinuar, confermai che las datas sutvart saudan a Vus per plaschair
 dimilar.confirm_identity.error=Per cuntinuar, confermai che las datas saudan a Vus per plaschair.
-dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.confirm_identity.link=En cass che quei n'&egrave;n betg Vossas inditgaziuns, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.confirm_identity.title=Confermar las datas
 dimilar.select_onboarding.description=Bainvegn&igrave; ad AGOV. Cumplettai Voss Onboarding cun connectar in conto AGOV nov u gia existent.
 dimilar.select_onboarding.error-banner=Selecziunai in'opziun, per cuntinuar
@@ -21,14 +21,15 @@ dimilar.select_onboarding.existing-account=Onboarding cun in conto AGOV gia exis
 dimilar.select_onboarding.proceeding=Co vulais Vus cuntinuar?
 dimilar.select_onboarding.registering-account=Onboarding cun in nov conto AGOV
 dimilar.select_onboarding.title=Allegra !!!FIRSTNAME!!! !!!LASTNAME!!!,
-dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar.token_error.support=Sche Vus duvrais agid, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar.token_error.token_expired=Token scad&igrave; u gia duvr&agrave;.
-dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.aborted.link=Sche Vus duvrais agid, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.aborted.message=Onboarding suspend&igrave;. Empruvai anc ina giada.
-dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimilar' target='_blank'>https://agov.ch/dimilar</a>.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
 dimilar_onboarding.failed.message=Onboarding suspend&igrave;. Contactai per plaschair il support.
-dimilar_onboarding.successful.message=Onboarding cun conto AGOV reuss&igrave;. Vus pudais ussa acceder a Dimilar qua <a class='link' href='https://www.armee.ch/dim' target='_blank'>https://www.armee.ch/dim</a>.
+dimilar_onboarding.successful.message=Onboarding cun conto AGOV reuss&igrave;. Vus pudais ussa acceder a la Gestiun da servetsch qua <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
 dimilar_onboarding.title=Registrar
+envbanner.label=Ambient d'execuziun
 error_1=Controllai Vossas indicaziuns per plaschair.
 error_10=Selecziunai il conto d'utilisader correct.
 error_100=I n'&egrave; betg pussaivel da chargiar si il certificat. Quest certificat exista gia. Contactai il helpdesk.
@@ -83,7 +84,7 @@ general.contactSupport=Contactar il support
 general.continue=Vinavant
 general.data.birthDate=Data da naschientscha
 general.data.birthDateFormat=DD.MM.AAAA
-general.data.enrollmentNumber=Enrolment number (SSN/AHV number)
+general.data.enrollmentNumber=Numer AVS (gestiun da servetsch)
 general.data.firstname=Prenum
 general.data.lastname=Num
 general.edit=Modifitgar
@@ -106,7 +107,7 @@ general.moreOptions=DAPLI OPTIONS
 general.or=U
 general.otherLoginMethods=Ulteriuras metodas da login
 general.recovery=Recuperaziun
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
+general.recovery.help.link=https://agov.ch/recovery
 general.recoveryCode.downloadPdf=Telechargiar en furma da PDF
 general.recoveryCode.inputLabel=Code da recuperaziun
 general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai el anc ina giada.
@@ -233,7 +234,7 @@ recovery_check_code.too_many_tries.instruction1=Il code da recuperaziun che Vus
 recovery_check_code.too_many_tries.instruction2=Giai per plaschair ad AGOV help per contactar insatgi d'il support. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
 recovery_check_noCode.banner.error=Memia bleras emprovas.
 recovery_check_noCode.instruction1=Vuss avais eventualmain empruv&agrave; da endatar il code da recuperaziun memia bleras giadas.
-recovery_check_noCode.instruction2=Serrai per plaschair il browser da web e cumenzai anc ina giada cun la recuperaziun da Voss conto en 10 minutas a <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Serrai per plaschair il browser da web e cumenzai anc ina giada cun la recuperaziun da Voss conto en 10 minutas a <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Scuvrir Voss code da recuperaziun per pudair cuntinuar.
 recovery_code.instruction=Il code da recuperaziun As permetta d'acceder a Voss conto en cas che Vus avais pers tut Voss facturs da login. Tegnai en salv quest code da recuperaziun en in lieu segir per plaschair.
 recovery_code.newRecoveryCode=Introducziun dal code da recuperaziun
@@ -261,9 +262,9 @@ recovery_questionnaire_loginfactor.no=Na
 recovery_questionnaire_loginfactor.question=Avais Vus registr&agrave; pli che in factur da login (app AGOV access u clav da segirezza) per Voss login AGOV?
 recovery_questionnaire_loginfactor.yes=Gea
 recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari betg d'esser necessari da recuperar Voss login AGOV per il mument.
-recovery_questionnaire_no_recovery.explanation2=Sche Vus duvrais ulteriuras infurmaziuns, consultai <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per artitgels da support.
+recovery_questionnaire_no_recovery.explanation2=Sche Vus duvrais ulteriuras infurmaziuns, consultai <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per artitgels da support.
-recovery_questionnaire_no_recovery.instruction1=Sche Vus avais difficultads d'As annunziar per in'applicaziun, visitai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifitgai sche Vus As pudais annunziar cun success.
+recovery_questionnaire_no_recovery.instruction1=Sche Vus avais difficultads d'As annunziar per in'applicaziun, visitai <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifitgai sche Vus As pudais annunziar cun success.
-recovery_questionnaire_no_recovery.instruction2=Sche Vus avais registr&agrave; plirs facturs da login, ma avais pers l'access ad in dad els, consultai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per stizzar il factur da login pers.
+recovery_questionnaire_no_recovery.instruction2=Sche Vus avais registr&agrave; plirs facturs da login, ma avais pers l'access ad in dad els, consultai <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per stizzar il factur da login pers.
 recovery_questionnaire_reason_selection.answer1=Jau hai problems da m'annunziar, malgr&agrave; che jau hai mia app / clav da segirezza
 recovery_questionnaire_reason_selection.answer10=Jau hai pers in da mes facturs da login (app AGOV access u clav da segirezza)
 recovery_questionnaire_reason_selection.answer2=Jau n'hai betg pud&igrave; terminar mia registraziun
@@ -277,7 +278,7 @@ recovery_questionnaire_reason_selection.answer9=Jau hai problems cun in da mes f
 recovery_questionnaire_reason_selection.banner.error=Selecziunai in motiv per plaschair.
 recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv pertge che Vus cumenzais il process da recuperaziun:
 recovery_start_info.banner.warning=Vus na pudais betg utilisar Voss conto, fin ch'il process da recuperaziun &egrave; termin&agrave;.
-recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain er far in process da verificaziun per pudair terminar il process da recuperaziun.
+recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain era far in process da verificaziun per pudair concluder il process da recuperaziun.
 recovery_start_info.title=Vus essas vidlonder da cumenzar cun il process da recuperaziun
 timeout.description=Vossa sessiun &egrave; scadida. Serrai questa fanestra ed empruvai anc ina giada d'acceder per plaschair.
 timeout.title=Sessiun scadida

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg

@@ -0,0 +1,10 @@
+<svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0)">
+<path d="M13.9697 17.2808C12.9941 18.2276 11.9177 18.08 10.8917 17.6336C9.80091 17.1782 8.80371 17.1494 7.65171 17.6336C6.21711 18.2528 5.45571 18.0728 4.59171 17.2808C-0.28628 12.2588 0.433719 4.60879 5.97771 4.32079C7.32231 4.39279 8.26371 5.06419 9.05571 5.11999C10.2329 4.88059 11.3597 4.19479 12.6197 4.28479C14.1335 4.40719 15.2657 5.00479 16.0217 6.07938C12.9077 7.95138 13.6457 12.0554 16.5059 13.2074C15.9335 14.7104 15.1991 16.1954 13.9679 17.2934L13.9697 17.2808ZM8.94771 4.26679C8.80191 2.03479 10.6109 0.198798 12.6917 0.0187988C12.9779 2.59279 10.3517 4.51879 8.94771 4.26679Z" fill="#1F2F33"/>
+</g>
+<defs>
+<clipPath id="clip0">
+<rect width="15.156" height="18" fill="white" transform="translate(1.3335)"/>
+</clipPath>
+</defs>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js

@@ -66,7 +66,7 @@ const Status = {
 };
 
 function setDeepLinkLabel(button) {
-    const text = document.getElementsByName('info.deeplink')[0].value;
+    const text = document.getElementById('info.login.access_app').innerText;
     button.innerHTML = text;
 }
 
@@ -80,7 +80,13 @@ function messageCheckPhone() {
     infoElement.innerHTML = text;
 }
 
-const Element = {
+function showError() {
+    const text = document.getElementsByName('error.authcloud.login')[0].value;
+    errorElement.innerHTML = text;
+    infoElement.style.display = "none";
+}
+
+const AccessAppElement = {
 
     _elem: null, // QR code or deep link depending on device
 
@@ -91,8 +97,11 @@ const Element = {
         if (isAndroid || isIphone) {
             this._elem = document.createElement('a');
             this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
+            this._elem.setAttribute('class', 'btn btn-primary w-100 mt-4');
             this._elem.setAttribute('target', '_blank');
+            // distinguishes style for platforms
+            dispatcherElement.classList.add('mobile-platform');
+
             dispatcherElement.appendChild(this._elem);
             setDeepLinkLabel(this._elem);
         }
@@ -103,13 +112,23 @@ const Element = {
             }
             else {
                 messageScanQR();
+                const qrSize = 280;
+                // Element to render the QR code
                 this._elem = document.createElement('canvas');
-                dispatcherElement.appendChild(this._elem);
+                // Wrapper div to render corners
-                var qrcode = new QRious({
+                const qrCodeWrapper = document.createElement('div');
+                qrCodeWrapper.setAttribute('id','qr-code-wrapper');
+                qrCodeWrapper.style.width = `${qrSize}px`;
+                qrCodeWrapper.style.height = `${qrSize}px`;
+                qrCodeWrapper.appendChild(this._elem)
+                dispatcherElement.style.height = `${qrSize}px`;
+                dispatcherElement.appendChild(qrCodeWrapper);
+                const qrcode = new QRious({
                   element: this._elem,
-                  foreground: "#168CA9",
+                  // use --nevis-gray-900 CSS variable value
+                  foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
                   level: "M",
-                  size: 280,
+                  size: qrSize,
                   value: appLink
                 });
             }
@@ -125,20 +144,31 @@ const Element = {
 };
 
 function authenticateUser(appLink) {
-    Element.show(appLink);
+
-    console.log('Starting Authentication Cloud status polling...');
+    AccessAppElement.show(appLink);
+
+    console.log('Starting Auth Cloud status polling...');
+
     Status.startPolling(statusToken, (st, done) => {
+
         if (st.status === 'succeeded') {
-            console.log('Authentication Cloud login done.');
+
+            console.log('Auth Cloud success.');
+
+            // auto submit form with outcome
             submitStatus('succeeded')
         }
         else if (st.status === 'failed') {
+
             // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Authentication Cloud login failed. User abort or timeout.');
+            console.warn('Auth Cloud login failed. User abort or timeout.');
+
             submitStatus('failed')
         }
         else if (st.status === 'unknown') {
-            console.error('Authentication Cloud login failed. Unknown status.');
+
+            console.error('Auth Cloud login failed. Unknown status.');
+
             submitStatus('unknown')
         }
     });

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js

@@ -75,7 +75,12 @@ function messageScanQR() {
     infoElement.innerHTML = text;
 }
 
-const Element = {
+function messageInstalledAccessApp() {
+  const text = document.getElementById('info.access_app.installed').innerText;
+  infoElement.innerHTML = text;
+}
+
+const AccessAppElement = {
 
     _elem: null, // QR code or deep link depending on device
 
@@ -84,22 +89,47 @@ const Element = {
         const isIphone = 'iPhone' === navigator.platform;
         const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
         if (isAndroid || isIphone) {
+            if (isAndroid) {
+                document.getElementById('install_apple').style.display = 'none';
+            }
+            if (isIphone) {
+                document.getElementById('install_google').style.display = 'none';
+            }
             this._elem = document.createElement('a');
             this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
+            this._elem.setAttribute('class', 'btn btn-primary w-100');
             this._elem.setAttribute('target', '_blank');
+            // distinguishes style for platforms
+            dispatcherElement.classList.add('mobile-platform');
+            const accessApplinks = document.getElementById('access-app-download-link');
+            accessApplinks.classList.add('access-app-download-link-mobile-spacing');
+
             dispatcherElement.appendChild(this._elem);
             setDeepLinkLabel(this._elem);
+
+            // info text is displayed before access app links
+            accessApplinks.parentNode.insertBefore(infoElement.parentNode, accessApplinks);
+            messageInstalledAccessApp();
         }
         else {
             messageScanQR();
+            const qrSize = 280;
+            // Element to render the QR code
             this._elem = document.createElement('canvas');
-            dispatcherElement.appendChild(this._elem);
+            // Wrapper div to render corners
-            var qrcode = new QRious({
+            const qrCodeWrapper = document.createElement('div');
+            qrCodeWrapper.setAttribute('id','qr-code-wrapper');
+            qrCodeWrapper.style.width = `${qrSize}px`;
+            qrCodeWrapper.style.height = `${qrSize}px`;
+            qrCodeWrapper.appendChild(this._elem)
+            dispatcherElement.style.height = `${qrSize}px`;
+            dispatcherElement.appendChild(qrCodeWrapper);
+            const qrcode = new QRious({
               element: this._elem,
-              foreground: "#168CA9",
+              // use --nevis-gray-900 CSS variable value
+              foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
               level: "M",
-              size: 280,
+              size: qrSize,
               value: appLink
             });
         }
@@ -114,25 +144,47 @@ const Element = {
 };
 
 function onboardUser(appLink) {
-    Element.show(appLink);
+
-    console.log('Starting Authentication Cloud status polling...');
+    AccessAppElement.show(appLink);
+
+    console.log('Starting Auth Cloud status polling...');
+
     Status.startPolling(statusToken, (st, done) => {
+
         if (st.status === 'succeeded') {
-            console.log('Authentication Cloud onboarding done.');
+
+            console.log('Auth Cloud success.');
+
+            // auto submit form with outcome
             submitStatus('succeeded')
         }
         else if (st.status === 'failed') {
+
             // failed: The transaction failed, either by timeout or because the user did not accept.
             console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
+
             submitStatus('failed')
         }
         else if (st.status === 'unknown') {
+
             console.error('Authentication Cloud onboarding failed. Unknown status.');
+
             submitStatus('unknown')
         }
     });
 }
 
+const swap = function (nodeA, nodeB) {
+    const parentA = nodeA.parentNode;
+    const siblingA = nodeA.nextSibling === nodeB ? nodeA : nodeA.nextSibling;
+
+    // Move `nodeA` to before the `nodeB`
+    nodeB.parentNode.insertBefore(nodeA, nodeB);
+
+    // Move `nodeB` to before the sibling of `nodeA`
+    parentA.insertBefore(nodeB, siblingA);
+};
+
 function init() {
 
     const form = document.getElementById('authcloud_onboard');
@@ -145,6 +197,9 @@ function init() {
 
     dispatcherElement = document.getElementById('authcloud_dispatch');
 
+    // info texts are displayed underneath QR code
+    swap(infoElement.parentNode, dispatcherElement.parentNode);
+
     const appLink = form.appLink.value;
     onboardUser(appLink);
 }

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M12.6667 6L8 10.6667L3.33333 6" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <path d="M6 3.33332L10.6667 7.99999L6 12.6667" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js

@@ -0,0 +1,27 @@
+function copyToClipboard(containerid) {
+  if (document.selection) {
+    var range = document.body.createTextRange();
+    range.moveToElementText(document.getElementById(containerid));
+    range.select().createTextRange();
+    document.execCommand("copy");
+  } else if (window.getSelection) {
+    var range = document.createRange();
+    range.selectNode(document.getElementById(containerid));
+    window.getSelection().addRange(range);
+    document.execCommand("copy");
+  }
+
+  // clear selection
+  if (window.getSelection) {
+    if (window.getSelection().empty) {
+      // Chrome
+      window.getSelection().empty();
+    } else if (window.getSelection().removeAllRanges) {
+      // Firefox
+      window.getSelection().removeAllRanges();
+    }
+  } else if (document.selection) {
+    // IE
+    document.selection.empty();
+  }
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css

@@ -0,0 +1,755 @@
+/*!
+ * Bootstrap v5.1.3 (https://getbootstrap.com/)
+ * Copyright 2011-2021 The Bootstrap Authors
+ * Copyright 2011-2021 Twitter, Inc.
+ * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
+*/
+
+/*
+ * This file contains customized bootstrap classes which are in the same name, however differ in the implementation.
+ * Classes use CSS custom properties from :root to be runtime modifiable.
+ * Used a portion of bootstrap classes which satisfy the requirements without to include the whole bootstrap bundle.
+ * If you would like to add new classes as "override" or extension please use the bootstrap naming convention.
+*/
+
+/* Form controls */
+.form-label {
+  margin-bottom: 0.25rem;
+}
+
+.form-check:has(.form-check-label) {
+  padding: 1em 1em 1em 1.6em;
+  border-top: solid 1px lightgray;
+  margin: 0 1em 0 1em;
+}
+
+.form-check-label {
+  font-size: 0.875rem !important;
+}
+
+.form-group {}
+
+.form-control {
+  display: block;
+  width: 100%;
+  padding: 0.5625rem 0.75rem;
+  font-size: 1rem;
+  font-weight: 400;
+  line-height: 1.25rem;
+  color: var(--nevis-black);
+  background-color: var(--nevis-white);
+  background-clip: padding-box;
+  border: 0.0625rem solid var(--nevis-form-control-border-color);
+  border-radius: var(--nevis-border-radius);
+  -webkit-appearance: none;
+  -moz-appearance: none;
+  appearance: none;
+  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+}
+
+@media (prefers-reduced-motion: reduce) {
+  .form-control {
+    transition: none;
+  }
+}
+
+.form-control:focus {
+  color: var(--nevis-black);
+  background-color: var(--nevis-white);
+  border-color: var(--nevis-primary);
+  outline: 0;
+  box-shadow: 0 0 0 0.0625rem var(--nevis-primary);
+}
+
+.form-control::-webkit-date-and-time-value {
+  height: 1.5em;
+}
+
+.form-control::-moz-placeholder {
+  color: var(--nevis-secondary);
+  opacity: 1;
+}
+
+.form-control::placeholder {
+  color: var(--nevis-secondary);
+  opacity: 1;
+}
+
+.form-control:disabled {
+  font-size: 0.875rem;
+  background-color: #e9ecef;
+  opacity: 1;
+}
+
+.form-control[readonly] {
+  background: var(--nevis-readonly-bg-color);
+  border-color: var(--nevis-readonly-border-color);
+  border-radius: var(--nevis-border-radius);
+  color: var(--nevis-gray-900);
+  font-size: 0.875rem;
+}
+
+.form-control[readonly]:focus {
+  box-shadow: 0 0 0 0.0625rem var(--nevis-readonly-box-shadow-color);
+}
+
+/* Valdiation */
+.invalid-feedback {
+  display: none;
+  width: 100%;
+  margin-top: 0.25rem;
+  font-size: 0.875em;
+  color: var(--nevis-danger);
+}
+
+.was-validated :invalid~.invalid-feedback,
+.was-validated :invalid~.invalid-tooltip,
+.is-invalid~.invalid-feedback,
+.is-invalid~.invalid-tooltip {
+  display: block;
+}
+
+/* Added for 3rd party International Telephone Input */
+.was-validated .iti~.invalid-feedback.invalid-feedback-ready,
+.was-validated .iti~.invalid-tooltip.invalid-feedback-ready {
+  display: block;
+}
+
+.was-validated .form-control:invalid,
+.form-control.is-invalid {
+  border-color: var(--nevis-danger);
+  border-width: 0.125rem;
+  padding-right: inherit;
+  background-image: none;
+  background-repeat: no-repeat;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-control:invalid:focus,
+.form-control.is-invalid:focus {
+  border-color: var(--nevis-danger);
+  box-shadow: none;
+}
+
+.form-control:valid,
+.form-control.is-valid {
+  background-image: none;
+}
+
+/* remove valid feedback classes */
+.was-validated .form-control:valid,
+.form-control.is-valid {
+  border-color: var(--nevis-gray-400);
+  padding-right: inherit;
+  background-image: inherit;
+  background-repeat: no-repeat;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-control:valid:focus,
+.form-control.is-valid:focus {
+  border-color: var(--nevis-gray-400);
+  box-shadow: unset;
+}
+
+.was-validated textarea.form-control:valid,
+textarea.form-control.is-valid {
+  padding-right: inherit;
+  background-position: inherit;
+}
+
+.was-validated .form-select:valid,
+.form-select.is-valid {
+  border-color: var(--nevis-gray-400);
+}
+
+.was-validated .form-select:valid:not([multiple]):not([size]),
+.was-validated .form-select:valid:not([multiple])[size="1"],
+.form-select.is-valid:not([multiple]):not([size]),
+.form-select.is-valid:not([multiple])[size="1"] {
+  padding-right: inherit;
+  background-image: none;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-select:valid:focus,
+.form-select.is-valid:focus {
+  border-color: var(--nevis-gray-400);
+  box-shadow: unset;
+}
+
+.was-validated .form-check-input:valid,
+.form-check-input.is-valid {
+  border-color: var(--nevis-gray-400);
+}
+
+.was-validated .form-check-input:valid:checked,
+.form-check-input.is-valid:checked {
+  background-color: inherit;
+}
+
+.was-validated .form-check-input:valid:focus,
+.form-check-input.is-valid:focus {
+  box-shadow: unset;
+}
+
+.was-validated .form-check-input:valid~.form-check-label,
+.form-check-input.is-valid~.form-check-label {
+  color: inherit;
+}
+
+/* Buttons */
+.btn {
+  display: inline-block;
+  font-weight: 500;
+  line-height: 1.5rem;
+  color: var(--nevis-black);
+  text-align: center;
+  text-decoration: none;
+  vertical-align: middle;
+  cursor: pointer;
+  -webkit-user-select: none;
+  -moz-user-select: none;
+  user-select: none;
+  background-color: transparent;
+  border: 0.0625rem solid transparent;
+  padding: 0.75rem 1.25rem;
+  font-size: 1rem;
+  border-radius: var(--nevis-border-radius);
+  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+}
+
+@media (prefers-reduced-motion: reduce) {
+  .btn {
+    transition: none;
+  }
+}
+
+.btn:hover {
+  color: var(--nevis-black);
+}
+
+.btn:disabled,
+.btn.disabled,
+fieldset:disabled .btn {
+  pointer-events: none;
+  opacity: 0.65;
+}
+
+/* remove box-shadows by default, enable later by colors */
+.btn:focus {
+  box-shadow: unset;
+}
+
+.btn-check:checked+.btn-primary:focus,
+.btn-check:active+.btn-primary:focus,
+.btn-primary:active:focus,
+.btn-primary.active:focus,
+.show>.btn-primary.dropdown-toggle:focus {
+  box-shadow: unset;
+}
+
+/* Primary Button */
+.btn-primary {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:hover {
+  color: var(--nevis-white);
+  filter: brightness(110%);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:focus {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  filter: brightness(110%);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:active,
+.btn-primary.active {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  filter: brightness(90%);
+}
+
+.btn-primary:active:focus,
+.btn-primary.active:focus {
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:disabled,
+.btn-primary.disabled {
+  color: var(--nevis-secondary);
+  background-color: var(--nevis-gray-100);
+  border-color: var(--nevis-gray-100);
+  box-shadow: none;
+  filter: brightness(1);
+}
+
+/* Secondary Button */
+.btn-secondary {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:hover {
+  color: var(--nevis-gray-900);
+  filter: brightness(110%);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:focus {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  filter: brightness(110%);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:active,
+.btn-secondary.active {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  filter: brightness(90%);
+}
+
+.btn-secondary:active:focus,
+.btn-secondary.active:focus {
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:disabled,
+.btn-secondary.disabled {
+  color: var(--nevis-secondary);
+  background-color: var(--nevis-gray-100);
+  border-color: var(--nevis-gray-100);
+  box-shadow: none;
+  filter: brightness(1);
+}
+
+.btn-link {
+  font-size: 0.875rem !important;
+  vertical-align: baseline;
+  border: none;
+  color: var(--nevis-primary);
+  background: none;
+  text-decoration: none;
+  padding: 0;
+}
+
+/* Componentes */
+.dropdown-toggle::after {
+  display: none !important;
+}
+
+/* Utilities */
+h6,
+.h6,
+h5,
+.h5,
+h4,
+.h4,
+h3,
+.h3,
+h2,
+.h2,
+h1,
+.h1 {
+  margin-top: 0;
+  font-weight: 500;
+  line-height: 1.2;
+}
+
+h1,
+.h1 {
+  font-size: calc(1.375rem + 1.5vw);
+}
+
+@media (min-width: 1200px) {
+
+  h1,
+  .h1 {
+    font-size: 2.5rem;
+  }
+}
+
+h2,
+.h2 {
+  font-size: calc(1.325rem + 0.9vw);
+}
+
+@media (min-width: 1200px) {
+
+  h2,
+  .h2 {
+    font-size: 2rem;
+  }
+}
+
+h3,
+.h3 {
+  font-size: calc(1.3rem + 0.6vw);
+}
+
+@media (min-width: 1200px) {
+
+  h3,
+  .h3 {
+    font-size: 1.75rem;
+  }
+}
+
+h4,
+.h4 {
+  font-size: calc(1.275rem + 0.3vw);
+}
+
+@media (min-width: 1200px) {
+
+  h4,
+  .h4 {
+    font-size: 1.5rem;
+  }
+}
+
+h5,
+.h5 {
+  font-size: 1.25rem;
+}
+
+h6,
+.h6 {
+  font-size: 1rem;
+}
+
+small,
+.small {
+  font-size: 0.875rem !important;
+}
+
+.text-primary {
+  color: var(--nevis-primary) !important;
+}
+
+.text-secondary {
+  color: var(--nevis-secondary) !important;
+}
+
+.text-success {
+  color: var(--nevis-success) !important;
+}
+
+.text-info {
+  color: var(--nevis-info) !important;
+}
+
+.text-warning {
+  color: var(--nevis-warning) !important;
+}
+
+.text-danger {
+  color: var(--nevis-danger) !important;
+}
+
+.text-light {
+  color: var(--nevis-light) !important;
+}
+
+.text-dark {
+  color: var(--nevis-dark) !important;
+}
+
+.text-white {
+  color: var(--nevis-white) !important;
+}
+
+.bg-primary {
+  background-color: var(--nevis-primary) !important;
+}
+
+.bg-secondary {
+  background-color: var(--nevis-secondary) !important;
+}
+
+.bg-success {
+  background-color: var(--nevis-success) !important;
+}
+
+.bg-info {
+  background-color: var(--nevis-info) !important;
+}
+
+.bg-warning {
+  background-color: var(--nevis-warning) !important;
+}
+
+.bg-danger {
+  background-color: var(--nevis-danger) !important;
+}
+
+.bg-light {
+  background-color: var(--nevis-light) !important;
+}
+
+.bg-dark {
+  background-color: var(--nevis-dark) !important;
+}
+
+.bg-body {
+  background-color: var(--nevis-white) !important;
+}
+
+.bg-white {
+  background-color: var(--nevis-white) !important;
+}
+
+.link-primary {
+  color: var(--nevis-primary);
+}
+
+.link-primary:hover,
+.link-primary:focus {
+  color: var(--nevis-primary);
+  filter: brightness(80%);
+}
+
+.link-secondary {
+  color: var(--nevis-secondary);
+}
+
+.link-secondary:hover,
+.link-secondary:focus {
+  color: var(--nevis-secondary);
+  filter: brightness(80%);
+}
+
+.link-success {
+  color: var(--nevis-success);
+}
+
+.link-success:hover,
+.link-success:focus {
+  color: var(--nevis-success);
+  filter: brightness(80%);
+}
+
+.link-info {
+  color: var(--nevis-info);
+}
+
+.link-info:hover,
+.link-info:focus {
+  color: var(--nevis-info);
+  filter: brightness(80%);
+}
+
+.link-warning {
+  color: var(--nevis-warning);
+}
+
+.link-warning:hover,
+.link-warning:focus {
+  color: var(--nevis-warning);
+  filter: brightness(80%);
+}
+
+.link-danger {
+  color: var(--nevis-danger);
+}
+
+.link-danger:hover,
+.link-danger:focus {
+  color: var(--nevis-danger);
+  filter: brightness(80%);
+}
+
+.link-light {
+  color: var(--nevis-light);
+}
+
+.link-light:hover,
+.link-light:focus {
+  color: var(--nevis-light);
+  filter: brightness(80%);
+}
+
+.link-dark {
+  color: var(--nevis-dark);
+}
+
+.link-dark:hover,
+.link-dark:focus {
+  color: var(--nevis-dark);
+  filter: brightness(80%);
+}
+
+.border-primary {
+  border-color: var(--nevis-primary) !important;
+}
+
+.border-secondary {
+  border-color: var(--nevis-secondary) !important;
+}
+
+.border-success {
+  border-color: var(--nevis-success) !important;
+}
+
+.border-info {
+  border-color: var(--nevis-info) !important;
+}
+
+.border-warning {
+  border-color: var(--nevis-warning) !important;
+}
+
+.border-danger {
+  border-color: var(--nevis-danger) !important;
+  border-width: 0.125rem;
+}
+
+.border-light {
+  border-color: var(--nevis-light) !important;
+}
+
+.border-dark {
+  border-color: var(--nevis-dark) !important;
+}
+
+.border-white {
+  border-color: var(--nevis-white) !important;
+}
+
+
+/* EXTENSION PART */
+
+/* Spacing */
+.mt-20 {
+  margin-top: 1.25rem;
+}
+
+.me-5px {
+  margin-right: 0.3125rem;
+}
+
+.my-40 {
+  margin: 2.5rem 0;
+}
+
+.mb-40 {
+  margin-bottom: 2.5rem;
+}
+
+/* Colors */
+
+.text-nevis-blue {
+  color: var(--nevis-blue-600) !important;
+}
+
+.bg-nevis-blue {
+  background-color: var(--nevis-blue-600) !important;
+}
+
+.border-nevis-blue {
+  border-color: var(--nevis-blue-600) !important;
+}
+
+.link-nevis-blue {
+  color: var(--nevis-blue-600);
+}
+
+.link-nevis-blue:hover,
+.link-nevis-blue:focus {
+  color: var(--nevis-blue-600);
+  filter: brightness(80%);
+}
+
+.btn-language-selector {
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  flex-shrink: 0;
+  padding: 0;
+  min-width: 0;
+  box-sizing: border-box;
+  box-shadow: none;
+  font-size: 0.875rem !important;
+  line-height: 1.25rem;
+  font-weight: normal;
+  outline: none;
+  border: none;
+  vertical-align: baseline;
+  text-align: center;
+  background-color: initial;
+  color: var(--nevis-gray-900);
+}
+
+.btn-language-selector:hover {
+  background: initial;
+}
+
+.btn-language-selector:active {
+  background: initial;
+}
+
+.btn-language-selector:focus {
+  box-shadow: none;
+}
+
+.btn-language-selector+.dropdown-menu {
+  min-width: 0;
+  width: 10rem;
+  padding: 0.25rem 0;
+  /* centering the dropdown */
+  margin-left: -0.5rem !important;
+  margin-top: 0.5rem !important;
+  overflow: hidden;
+  box-shadow: 0rem 0rem 0rem 0.0625rem var(--nevis-gray-200),
+    0rem 0.1875rem 1.25rem -0.625rem var(--nevis-gray-900);
+  border-radius: var(--nevis-border-radius);
+  border: 0;
+}
+
+.btn-language-selector+.dropdown-menu>li {
+  overflow: hidden;
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item {
+  font-style: normal;
+  font-weight: normal;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  padding: 0.5rem 1rem;
+  color: var(--nevis-gray-900);
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:hover {
+  background: var(--nevis-blue-100);
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:focus {
+  background: none;
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:active,
+.btn-language-selector+.dropdown-menu .dropdown-item.active {
+  background: var(--nevis-blue-100);
+  filter: brightness(90%);
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/default.css

@@ -1,222 +0,0 @@
-/********************************************************
- * Layout
- ********************************************************/
-
-html { /* magic to position footer */
-	position: relative;
-	min-height: 100%;
-}
-
-body {
-	margin-bottom: 76px; /* == footer height */
-}
-
-.container, .container-fluid {
- 	padding-left: 36px;
-	padding-right: 36px;
-}
-
-nav {
-	min-height: 100px;
-	padding: 36px;
-}
-
-header {
-	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
-}
-
-.container {
- 	min-width: 260px;
- 	max-width: 700px;
-}
-
-h1 {
-	margin-bottom: 50px;
-}
-
-footer {
-	width: 100%;
-	position: absolute;
-	bottom: 0;
-	padding: 0 36px;
-}
-
-img {
-	width: 100%;
-}
-
-/********************************************************
- * Header
- ********************************************************/
-
-header .logo {
-	/* width: 20%;*/
-	/*max-width: 600px;*/
-	max-height: 150px;
-	width: auto;
-}
-
-/********************************************************
- * Dropdown
- ********************************************************/
-a.dropdown-toggle {
-	text-decoration: none;
-}
-
-a.dropdown-toggle:hover {
-	color: #168CA9;
-	border-bottom: 3px solid #168CA9;
-}
-
-.dropdown-menu {
-	padding: 5px 0;
-}
-
-.dropdown-menu li > a {
-	padding: 6px 28px;
-}
-
-.dropdown-menu a > .prefix {
-	display: inline-block;
-	min-width: 22px;
-	margin-right: 28px;
-	text-align: right;
-}
-
-/********************************************************
- * Form
- ********************************************************/
-
-/* Labels should not be bold */
-label {
-	font-weight: normal;
-}
-
-/* Make error messages bold */
-.has-error .help-block {
-	font-weight: bold;
-}
-
-/* Change button size, by default 116px in width */
-.btn {
-	min-width: 116px;
-	padding: 3px 12px;
-}
-
-/* Disable gradient in buttons, ughhhh */
-.btn.btn-primary {
-	border-color: transparent;
-	background-image: none;
-	text-shadow: none;
-	box-shadow: none;
-	-webkit-box-shadow: none;
-}
-
-.help-block a, .help-block a:visited {
-	color: #168CA9;
-  font-weight: bold;
-  text-decoration: none;
-}
-
-.help-block a:hover {
-	color: #168CA9;
-  text-decoration: underline;
-}
-
-/********************************************************
- * Footer
- ********************************************************/
-footer .row {
-	margin: 36px 0 0 0;
-	height: 40px;
-	padding-top: 14px;
-	line-height: 26px; /* to center text: height - padding-top = 26px */
-	border-top: 1px solid #168CA9;
-}
-
-footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
-	padding: 0;
-}
-
-footer .logo-round-container {
-	position: relative;
-}
-
-footer .logo-round {
-	position: absolute;
-	left: 0;
-	right: 0;
-	top: -33px; /* found visually with Chrome Dev Tools */
-	height: 36px;
-	width: 36px;
-	border: 1px solid #00868c;
-	border-radius: 18px;
-	background: #fff;
-	padding: 8px;
-}
-
-footer .logo-round > img {
-	display: block;
-}
-
-#dispatchTargets {
-	margin-top: 20px;
-}
-
-/********************************************************
- * Social login
- ********************************************************/
-.btn.line {
-    background-color: transparent;
-    display: block;
-    width: 100%;
-    padding: 0;
-    margin: 1.5em 0 1em;
-    border: 0.5px solid #ccc;
-    pointer-events: none;
-}
-
-.btn.socialLogin {
-    background-color: #fff;
-    border: thin solid #ccc;
-    color: #000;
-    font-weight: 600;
-    position: relative;
-    margin: 5px;
-    min-width: 140px;
-    width: 210px;
-    border-radius: 8px;
-    padding: 8px 12px;
-    text-align: left;
-}
-
-.socialLogin img {
-    width: 1.5em;
-    height: 108%;
-    margin-right: 0.5em;
-}
-
-.btn.apple img {
-    width: 1.2em;
-}
-
-/********************************************************
- * Show password
- ********************************************************/
-.icon-inside {
-  position: relative;
-}
-
-.icon-inside input {
-  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
-}
-
-.icon-inside button {
-  position: absolute;
-  right: 0;
-  top: 0;
-  margin-top: 0.45rem;
-  margin-right: 0.45rem;
-  background: #FFFFFF;
-  border: #FFFFFF;
-}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js

@@ -0,0 +1,23 @@
+function displayRecoveryCodes() {
+  const recoverCodes = document.getElementById("recovery-codes-raw");
+  // early return if recoverCodes not found
+  if (!recoverCodes) {
+    return;
+  }
+
+  var recoveryCodesContent = recoverCodes.innerHTML;
+  recoveryCodesContent = recoveryCodesContent.replace("[", "");
+  recoveryCodesContent = recoveryCodesContent.replace("]", "");
+  recoveryCodesContent = recoveryCodesContent.split(",");
+  for (let i = 0; i < recoveryCodesContent.length; i++) {
+    if (i % 2 == 0) {
+      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-gray printable\">" + recoveryCodesContent[i] + "</div>";
+    }
+    else {
+      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-white printable\">" + recoveryCodesContent[i] + "</div>";
+    }
+  }
+  recoverCodes.remove();
+}
+
+displayRecoveryCodes();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js

@@ -0,0 +1,26 @@
+function downloadRecoveryCodes(contentContainerId) {
+  const textToDownload = document.getElementById(contentContainerId).innerText;
+  // It is necessary to create a new blob object with mime-type explicitly set
+  // otherwise only Chrome works like it should
+  const newBlob = new Blob([textToDownload], { type: "text/plain" });
+
+  // IE doesn't allow using a blob object directly as link href
+  // instead it is necessary to use msSaveOrOpenBlob
+  if (window.navigator && window.navigator.msSaveOrOpenBlob) {
+    window.navigator.msSaveOrOpenBlob(newBlob, "recovery-codes.txt");
+    return;
+  }
+
+  // For other browsers:
+  // Create a link pointing to the ObjectURL containing the blob.
+  const data = window.URL.createObjectURL(newBlob);
+  const link = document.createElement("a");
+  link.href = data;
+  link.download = "recovery-codes.txt";
+  link.click();
+  setTimeout(() => {
+    // For Firefox it is necessary to delay revoking the ObjectURL
+    window.URL.revokeObjectURL(data);
+  }, 400);
+  link.remove();
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/dropdown.js

@@ -1,36 +0,0 @@
-(function() {
-  var closeDropdownTimeout;
-
-  function closeDropdown(event) {
-    var dropdowns = document.querySelectorAll('.dropdown');
-    for (var i = 0; i < dropdowns.length; i++) {
-      var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
-      if (dropdownMenu.style.display !== 'none' && !dropdowns[i].contains(event.target)) {
-        dropdownMenu.style.display = 'none';
-      }
-    }
-
-    // remove event listener till we have a new dropdown menu open
-    if (document.querySelector('.dropdown-menu:not([style*="display: none"])') === null) {
-      document.removeEventListener('click', closeDropdown);
-    }
-  }
-
-  var dropdowns = document.querySelectorAll('.dropdown');
-  for (var i = 0; i < dropdowns.length; i++) {
-    var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
-    dropdownMenu.style.display = 'none'; // ensure menu is initially hidden
-
-    dropdowns[i].addEventListener('click', function(e) {
-      // show dropdown menu
-      var dropdownMenu = this.querySelector('.dropdown-menu');
-      dropdownMenu.style.display = 'block';
-
-      // handle clicking away
-      clearTimeout(closeDropdownTimeout);
-      closeDropdownTimeout = setTimeout(function() {
-        document.addEventListener('click', closeDropdown);
-      }, 10);
-    });
-  }
-}());

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/e2eenc.js

@@ -1,98 +0,0 @@
-var e2eenc = function() {
-
-	this.encryptForm = function(algoString, formId) {
-		// TODO: in case of an error we should return false, to prevent the for to be submitted
-		//       or replace the fields with dummy values, just to prevent the the transmission
-		//       of unencrypted values
-		
-
-		// create the array of input fields to encrypt (needs to be done before setting the form
-		// invisible
-		var fieldsToEncrypt = new Array();
-		$.each($("form input:visible"), function(index, _inputField) { fieldsToEncrypt.push($(_inputField));});
-
-		// hide the form, and display the splash screen
-		$('#loginform').css('display','none');
-		$('#e2eeSplashScreen').css('display','block');
-
-		// encryption logic
-		var pubKey = $("input[name='e2eenc.publicKey']").val();
-
-		var kemSessionKey = readPublicKeyAndGenerateSessionKey(pubKey)
-		var iv = forge.random.getBytesSync(16);
-		keyB64 = forge.util.encode64(kemSessionKey.key);
-		encapsulationB64 = forge.util.encode64(kemSessionKey.encapsulation);
-		ivB64 = forge.util.encode64(iv);
-
-		//console.log("Encrypting form " + formId + " (" + algoString + ")");
-		var fields = "";
-		$.each(fieldsToEncrypt, function(index, _inputField) {
-			var inputField = $(_inputField);
-			if (inputField.attr("type") == "text" || inputField.attr("type") == "password") {
-				//console.log("Encrypting field " + JSON.stringify(inputField));
-				var plainValue = inputField.val();
-
-				var encryptedValueB64 = encrypt(kemSessionKey, iv, plainValue);
-				//console.log("Setting encrypted value in b64: " + encryptedValueB64);
-				inputField.val(encryptedValueB64);
-				if (fields.length > 0) {
-					fields = fields + ","
-				}
-				fields = fields + inputField.attr("name");
-			}
-		});
-		$("input[name='e2eenc.iv']").val(ivB64);
-		$("input[name='e2eenc.encapsulation']").val(encapsulationB64);
-		$("input[name='e2eenc.fields']").val(fields);
-	}
-
-	function getRSApublicKey(pem) {
-	    //console.log("PEM: " + pem);
-
-	    var msg = forge.pem.decode(pem)[0];
-
-	    //console.log("msg type: " + msg.type);
-
-	    if(msg.procType && msg.procType.type === 'ENCRYPTED') {
-		throw new Error('Could not retrieve RSA public key from PEM; PEM is encrypted.');
-	    }
-
-	    // convert DER to ASN.1 object
-	    var asn1obj = forge.asn1.fromDer(msg.body);
-	    //console.log("ASN.1 obj: " + JSON.stringify(asn1obj))
-
-	    var pubKey = forge.pki.publicKeyFromAsn1(asn1obj)
-	    //console.log("PubKey: " + JSON.stringify(pubKey))
-	    return pubKey;
-	}
-
-	function generateKEMSessionKey(rsaPublicKey) {
-	    // generate key-derivation-function and initializes it with sha1
-	    var kdf1 = new forge.kem.kdf1(forge.md.sha1.create());
-	    // creates a KEM function based on the key-derivation-function created above
-	    var kem = forge.kem.rsa.create(kdf1);
-	    // generate and encapsulate a 16-byte secret key. 
-	    // The secret key is generated using the kdf defined above.
-	    var kemSessionKey = kem.encrypt(rsaPublicKey, 16);
-	    // kemSessionKey has 'encapsulation' (= pub key) and 'key' (= generated secret key)
-	    return kemSessionKey;
-	}
-
-	function readPublicKeyAndGenerateSessionKey(pem) {
-	    var rsaPublicKey = getRSApublicKey(pem);
-	    //console.log("PubKey: " + JSON.stringify(rsaPublicKey))
-	    var kemSessionKey = generateKEMSessionKey(rsaPublicKey);
-	    //console.log("KEM session key: " + JSON.stringify(kemSessionKey))
-	    return kemSessionKey;
-	}
-
-	function encrypt(kemSessionKey, iv, msg) {
-		var cipher = forge.cipher.createCipher('AES-CBC', kemSessionKey.key);
-		cipher.start({iv: iv});
-		cipher.update(forge.util.createBuffer(msg, 'utf-8'));
-		cipher.finish();
-		var encrypted = cipher.output.getBytes();
-		encryptedB64 = forge.util.encode64(encrypted);
-		return encryptedB64;
-	}
-};

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg

@@ -0,0 +1,3 @@
+<svg width="10" height="9" viewBox="0 0 10 9" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M3.95423 0.859245C4.413 0.0436633 5.58725 0.0436629 6.04602 0.859245L9.3942 6.81157C9.84416 7.61149 9.2661 8.59988 8.34831 8.59988H1.65194C0.734151 8.59988 0.156094 7.61149 0.606052 6.81157L3.95423 0.859245ZM5.60007 6.79995C5.60007 7.13132 5.33144 7.39995 5.00007 7.39995C4.6687 7.39995 4.40007 7.13132 4.40007 6.79995C4.40007 6.46858 4.6687 6.19995 5.00007 6.19995C5.33144 6.19995 5.60007 6.46858 5.60007 6.79995ZM5.00007 1.99995C4.6687 1.99995 4.40007 2.26858 4.40007 2.59995V4.39995C4.40007 4.73132 4.6687 4.99995 5.00007 4.99995C5.33144 4.99995 5.60007 4.73132 5.60007 4.39995V2.59995C5.60007 2.26858 5.33144 1.99995 5.00007 1.99995Z" fill="#F25562"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye-off.svg

@@ -1,3 +1,3 @@
 <svg width="22" height="20" viewBox="0 0 22 20" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye.svg

@@ -1,4 +1,4 @@
 <svg width="22" height="16" viewBox="0 0 22 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-    <path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg

@@ -0,0 +1,10 @@
+<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M54 10H62C66.4183 10 70 13.5817 70 18V26" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M10 26L10 18C10 13.5817 13.5817 10 18 10L26 10" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M26 70L18 70C13.5817 70 10 66.4183 10 62L10 54" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M70 54L70 62C70 66.4183 66.4183 70 62 70L54 70" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<circle cx="40" cy="40" r="22" stroke="#168CA9" stroke-width="4"/>
+<path d="M48 48.5C43.5817 53.8333 36.4183 53.8333 32 48.5" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<rect x="49" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
+<rect x="30" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg

@@ -0,0 +1,4 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M18 9.00002C18 4.02945 13.9706 2.09808e-05 9 2.09808e-05C4.02943 2.09808e-05 0 4.02945 0 9.00002C0 13.4922 3.29117 17.2155 7.59375 17.8907V11.6016H5.30859V9.00002H7.59375V7.01721C7.59375 4.76158 8.93739 3.51565 10.9932 3.51565C11.9779 3.51565 13.0078 3.69143 13.0078 3.69143V5.90627H11.8729C10.7549 5.90627 10.4062 6.60003 10.4062 7.31176V9.00002H12.9023L12.5033 11.6016H10.4062V17.8907C14.7088 17.2155 18 13.4922 18 9.00002Z" fill="#1877F2"/>
+<path d="M12.5033 11.6016L12.9024 9.00006H10.4063V7.3118C10.4063 6.60007 10.7549 5.90631 11.873 5.90631H13.0078V3.69147C13.0078 3.69147 11.9779 3.51569 10.9932 3.51569C8.9374 3.51569 7.59376 4.76162 7.59376 7.01725V9.00006H5.30859V11.6016H7.59376V17.8907C8.05197 17.9626 8.52161 18.0001 9.00001 18.0001C9.47842 18.0001 9.94806 17.9626 10.4063 17.8907V11.6016H12.5033Z" fill="white"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js

@@ -2,13 +2,13 @@
   'use strict'
 
   async function assertion(options) {
-    let credential;
+    let assertion;
     try {
-      credential = await navigator.credentials.get({ "publicKey": options });
+      assertion = await navigator.credentials.get({ "publicKey": options });
-    }
+    } 
     // Cancel and timeout can occur besides error
     catch (error) {
-      console.error(`Failed to get WebAuthn credential: ${error}`);
+      console.error(`Error while trying to collect WebAuthn credential. ${error}`);
       throw error;
     }
     // as this is the last call we have to do a top-level request instead of AJAX
@@ -16,18 +16,19 @@
     form.method = "POST";
     form.style.display = "none";
     addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", credential.id);
+    addInput(form, "id", assertion.id);
-    addInput(form, "type", credential.type);
+    addInput(form, "type", assertion.type);
-    addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
+    addInput(form, "response.clientDataJSON", base64url.encode(assertion.response.clientDataJSON));
-    addInput(form, "response.authenticatorData", base64url.encode(credential.response.authenticatorData));
+    addInput(form, "response.authenticatorData", base64url.encode(assertion.response.authenticatorData));
-    addInput(form, "response.signature", base64url.encode(credential.response.signature));
+    addInput(form, "response.signature", base64url.encode(assertion.response.signature));
     document.body.appendChild(form);
     form.submit();
   }
-
+  
   function authenticate() {
     // WebAuthn feature detection
-    if (!isWebAuthnSupportedByTheBrowser()) {
+    if(!isWebAuthnSupportedByTheBrowser()) {
+      // Trigger `Login Passwordless Fallback` pattern
       cancelFido2();
       return;
     };
@@ -50,9 +51,11 @@
         c.id = base64url.decode(c.id);
         return c;
       });
+        
       return assertion(options);
     }).catch((error) => {
-      console.error(`Error during FIDO2 authentication: ${error}`);
+      console.error(`Error at fido2 authentication: ${error}`);
+      // Trigger `Login Passwordless Fallback` pattern
       cancelFido2();
     });
   }

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js

@@ -0,0 +1,25 @@
+function submit(result) {
+    // we have to do a top-level request instead of AJAX
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.style.display = "none";
+
+    addInput(form, "result", result)
+
+    document.body.appendChild(form);
+
+    form.submit();
+}
+
+function check() {
+  if (isWebAuthnSupportedByTheBrowser()) {
+    submit("ok");
+  }
+  else {
+    submit("error");
+  }
+}
+
+window.onload = () => {
+  check();
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js

@@ -31,7 +31,7 @@ async function attestation(options) {
   form.submit();
 }
 
-function start() {
+function startFido2() {
 
   if (!isWebAuthnSupportedByTheBrowser()) {
     dispatch("unsupported");

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js

@@ -1,10 +1,3 @@
-function addInput(form, name, value) {
-    const input = document.createElement("input");
-    input.name = name;
-    input.value = value;
-    form.appendChild(input);
-}
-
 /**
  * Checks whether WebAuthn is supported by the browser or not.
  * @return true if supported, false if it is not supported or not in secure context
@@ -23,7 +16,7 @@ function isWebAuthnSupportedByTheBrowser() {
 }
 
 /**
- * Trigger on cancel pattern of the FIDO2 authentication step.
+ * Trigger on cancel pattern at the FIDO2 authentication flow.
  * 
  * Provides an alternative when the user decides to 
  * cancel the fido2 credential operation(create or fetch) or
@@ -34,7 +27,10 @@ function cancelFido2() {
   const form = document.createElement("form");
   form.method = "POST";
   form.style.display = "none";
+
   addInput(form, "cancel_fido2", "true");
+
   document.body.appendChild(form);
+
   form.submit();
 }

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg

@@ -0,0 +1,9 @@
+<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M56.2789 49.5761C56.2789 40.4331 48.8671 33.0213 39.7242 33.0213C30.5813 33.0213 23.1694 40.4331 23.1694 49.5761C23.1694 62.2356 32.2583 70.0261 32.2583 70.0261" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M47.8393 49.5763C47.8393 45.0945 44.206 41.4612 39.7242 41.4612C35.2424 41.4612 31.6091 45.0945 31.6091 49.5763C31.6091 62.5604 41.6718 68.7279 48.8131 71.0001" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M64.7191 49.5748C64.7191 35.7707 53.5287 24.5803 39.7247 24.5803C25.9206 24.5803 14.7302 35.7707 14.7302 49.5748C14.7302 55.093 17.0024 60.6113 17.0024 60.6113" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M66.4485 31.0739C60.6836 22.4617 50.8661 16.7914 39.7242 16.7914C28.5824 16.7914 18.7649 22.4617 13 31.0739" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M58.1132 13.5444C52.623 10.6428 46.3652 9 39.724 9C33.0827 9 26.825 10.6428 21.3347 13.5444" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M64.7185 49.2502C64.7185 53.5527 60.9399 57.0407 56.2788 57.0407C51.6177 57.0407 47.8391 53.5527 47.8391 49.2502" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M58.8764 63.8706C57.8276 64.075 56.7421 64.1823 55.6304 64.1823C47.1222 64.1823 40.1431 57.8973 39.4558 49.8997" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/apple/black.svg

@@ -1 +0,0 @@
-<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/microsoft/microsoft.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg

@@ -0,0 +1,3 @@
+<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M32 18.6667V32M32 45.3333H32.0333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#EFBA00" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+    <path d="M6.3335 2.99992H3.00016C2.07969 2.99992 1.3335 3.74611 1.3335 4.66659V12.9999C1.3335 13.9204 2.07969 14.6666 3.00016 14.6666H11.3335C12.254 14.6666 13.0002 13.9204 13.0002 12.9999V9.66659M9.66683 1.33325H14.6668M14.6668 1.33325V6.33325M14.6668 1.33325L6.3335 9.66659" stroke="#168CA9" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css

@@ -0,0 +1,429 @@
+html,
+body {
+  height: 100%;
+}
+
+body {
+  font-family: var(--nevis-font-sans-serif);
+  font-size: 0.875rem;
+  color: var(--nevis-gray-900);
+  display: flex;
+  align-items: center;
+  padding-top: 2.5rem;
+  padding-bottom: 2.5rem;
+  background-color: #d1d5d6;
+}
+
+a {
+  text-decoration: none;
+  color: var(--nevis-primary);
+}
+
+/* add icon for links to external sites */
+a[rel~="external"]::after {
+  content: url("link.svg");
+  padding-left: 7px;
+  vertical-align: -2px;
+}
+
+/* Chrome, Safari, Edge, Opera */
+input::-webkit-outer-spin-button,
+input::-webkit-inner-spin-button {
+  -webkit-appearance: none;
+  margin: 0;
+}
+
+/* Firefox */
+input[type="number"] {
+  -moz-appearance: textfield;
+}
+
+button:disabled {
+  cursor: not-allowed;
+  pointer-events: all !important;
+}
+
+label {
+  font-size: 0.75rem;
+}
+
+span.text-secondary>div {
+  display: inline-block;
+}
+
+/* Screen specific CSS */
+.login-container {
+  width: 100%;
+  max-width: 22.5rem;
+  margin: auto;
+  background-color: var(--nevis-gray-100);
+  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
+  border-radius: 1.25rem;
+}
+
+.login-container-header {
+  padding: 1.25rem;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+}
+
+.login-container-minimal-header {
+  padding: 1.25rem;
+}
+
+.login-container-body {
+  background: #ffffff;
+  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
+  border-radius: 1.25rem;
+  min-height: 31.25rem;
+}
+
+.login-container-body-content {
+  padding: 2.5rem;
+}
+
+.login-container-body-content>.input-error~.input-error {
+  margin-top: 0;
+}
+
+.brand-name {
+  font-size: 1rem;
+  word-wrap: break-word;
+}
+
+.sub-title {
+  font-style: normal;
+  font-weight: 400;
+  font-size: 1rem;
+  line-height: 1.375rem;
+  text-align: center;
+}
+
+.sub-icon {
+  font-style: normal;
+  font-weight: 400;
+  font-size: 1rem;
+  margin-top: 1rem;
+  text-align: center;
+}
+
+.horizontal-line {
+  display: flex;
+  flex-direction: row;
+}
+
+.horizontal-line:before,
+.horizontal-line:after {
+  content: "";
+  flex: 1 1;
+  border-bottom: 0.0625rem solid var(--nevis-gray-200);
+  margin: auto;
+}
+
+.horizontal-line:before {
+  margin-right: 0.625rem;
+  margin-left: -2.5rem;
+}
+
+.horizontal-line:after {
+  margin-left: 0.625rem;
+  margin-right: -2.5rem;
+}
+
+.register-spacing {
+  margin-top: 2rem;
+  margin-bottom: 2.75rem;
+}
+
+.social-login-buttons {
+  display: flex;
+  flex-direction: column;
+  gap: 0.75rem;
+}
+
+.social-login-button {
+  background: none;
+  flex-grow: 1;
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+  align-items: center;
+  padding: 0.375rem 1.125rem;
+  width: 100%;
+  height: 2.5rem;
+  border: 0.0625rem solid var(--nevis-gray-200);
+  box-sizing: border-box;
+  border-radius: 0.625rem;
+  gap: 0.625rem;
+}
+
+.icon-inside {
+  position: relative;
+}
+
+.icon-inside input {
+  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
+}
+
+.icon-inside button {
+  position: absolute;
+  right: 0;
+  top: 0;
+  margin-top: 0.3125rem;
+  margin-right: 0.75rem;
+}
+
+.icon-button {
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  flex-shrink: 0;
+  width: 1.875rem;
+  height: 1.875rem;
+  padding: 0;
+  margin: 0;
+  min-width: 0;
+  border-radius: 50%;
+  box-sizing: border-box;
+  box-shadow: none;
+  font-size: inherit;
+  font-weight: 500;
+  cursor: pointer;
+  outline: none;
+  border: none;
+  vertical-align: baseline;
+  text-align: center;
+  background-color: initial;
+}
+
+.icon-button:hover {
+  background: var(--nevis-gray-200);
+}
+
+.icon-button:active {
+  background: var(--nevis-gray-300);
+}
+
+.icon-button.nevis-blue-icon:hover {
+  background: var(--nevis-blue-icon-hover-bg-color);
+}
+
+.icon-button.nevis-blue-icon:active {
+  background: var(--nevis-blue-icon-active-bg-color);
+}
+
+.h-icon-button {
+  min-height: 1.875rem;
+}
+
+.max-w-full {
+  max-width: 100%;
+}
+
+.verification-code-wrapper {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+}
+
+.verification-code-label {
+  font-size: 1.125rem;
+  line-height: 1.5rem;
+  margin-right: 0.25rem;
+}
+
+.verification-code-input {
+  text-align: center;
+  max-width: 8.75rem;
+  letter-spacing: 0.5rem;
+  text-indent: 0.25rem;
+}
+
+.hidden-verification-code-submit-button {
+  overflow: visible !important;
+  height: 0 !important;
+  width: 0 !important;
+  margin: 0 !important;
+  border: 0 !important;
+  padding: 0 !important;
+  display: block !important;
+}
+
+.totp-code-wrapper {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+  margin: 2.5rem 0;
+}
+
+.totp-code-input {
+  text-align: left;
+  max-width: 8.75rem;
+  letter-spacing: 0.5rem;
+  text-indent: 0.25rem;
+}
+
+.hidden {
+  display: none !important;
+}
+
+.success-icon {
+  text-align: center !important;
+  margin-top: 5.625rem;
+  margin-bottom: 11.75rem;
+}
+
+.btn-selection-item {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: space-between;
+  padding: 0.5rem 0rem;
+  gap: 0.5rem;
+
+  border: 0.0625rem solid var(--nevis-gray-200);
+  border-left-width: 0;
+  border-right-width: 0;
+}
+
+.btn-selection-item+.btn-selection-item {
+  border-top-width: 0;
+}
+
+.btn-selection-item:first-of-type {
+  margin-top: 1.5rem;
+}
+
+.btn-selection-item:last-of-type {
+  margin-bottom: 1.5rem;
+}
+
+.btn-selection-item .selection-label {
+  color: var(--nevis-dark) !important;
+  font-weight: 500;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+}
+
+.btn-selection-item .selection-description {
+  color: var(--nevis-gray-500) !important;
+  font-weight: 400;
+  font-size: 0.75rem;
+  line-height: 1.125rem;
+}
+
+/* Passwordless */
+
+/* Access App*/
+.access-app-download-link-mobile-spacing {
+  margin-top: 5rem;
+  margin-bottom: 5rem;
+}
+
+/* add rounded border corners around QR code */
+#authcloud_dispatch,
+#authcloud_dispatch>#qr-code-wrapper {
+  position: relative;
+  display: block;
+}
+
+#authcloud_dispatch:not(.mobile-platform):before,
+#authcloud_dispatch:not(.mobile-platform):after,
+#authcloud_dispatch>#qr-code-wrapper:before,
+#authcloud_dispatch>#qr-code-wrapper:after {
+  position: absolute;
+  width: 1.875rem;
+  height: 1.875rem;
+  border-color: var(--nevis-primary);
+  border-style: solid;
+  z-index: 1;
+  content: " ";
+}
+
+#authcloud_dispatch:before {
+  top: 0.5rem;
+  left: 0.5rem;
+  border-width: 0.1875rem 0 0 0.1875rem;
+  border-top-left-radius: 1rem;
+}
+
+#authcloud_dispatch:after {
+  top: 0.5rem;
+  right: 0.5rem;
+  border-width: 0.1875rem 0.1875rem 0 0;
+  border-top-right-radius: 1rem;
+}
+
+#authcloud_dispatch>#qr-code-wrapper:before {
+  bottom: 0.5rem;
+  right: 0.5rem;
+  border-width: 0 0.1875rem 0.1875rem 0;
+  border-bottom-right-radius: 1rem;
+}
+
+#authcloud_dispatch>#qr-code-wrapper:after {
+  bottom: 0.5rem;
+  left: 0.5rem;
+  border-width: 0 0 0.1875rem 0.1875rem;
+  border-bottom-left-radius: 1rem;
+}
+
+.recovery-code-input {
+  text-align: left;
+  letter-spacing: 0.1875rem;
+  font-family: monospace;
+}
+
+.recovery-codes-wrapper {
+  height: 9rem;
+  text-align: center;
+  overflow-y: auto;
+  margin-bottom: 1rem;
+  /* Firefox */
+  scrollbar-color: var(--nevis-gray-300) #ffffff;
+  scrollbar-width: thin;
+  border: 1px solid lightgray;
+  border-radius: 0.5rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar {
+  width: 0.25rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-track {
+  background: #ffffff;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-thumb {
+  background: var(--nevis-gray-300);
+  border-radius: 0.125rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-thumb:hover {
+  background: var(--nevis-gray-400);
+}
+
+.recovery-code-gray {
+  background: var(--nevis-gray-100);
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  font-family: monospace;
+  letter-spacing: 0.1875rem;
+}
+
+.recovery-code-white {
+  background: #ffffff;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  font-family: monospace;
+  letter-spacing: 0.1875rem;
+}
+
+button.btn-recovery-code {
+  line-height: 0.75rem;
+  margin-top: 0.7rem;
+  width: 100%;
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js

@@ -110,13 +110,15 @@
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
+                    // hide QR code and info message
                     document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_qrcode_info").style.display = 'none';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "fidoUafDone", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
                 } else if (status == 'failed' || status == 'unknown') {

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg

@@ -0,0 +1,7 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+    <path fill="#f3f3f3" d="M0 0h18v18H0z"/>
+    <path fill="#f35325" d="M1 1h8v8H1z"/>
+    <path fill="#81bc06" d="M10 1h8v8H10z"/>
+    <path fill="#05a6f0" d="M1 10h8v8H1z"/>
+    <path fill="#ffba08" d="M10 10h8v8H10z"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js

@@ -1,43 +1,50 @@
-// display oauth scopes listed in input field 'consentInformation'
+document.addEventListener("DOMContentLoaded", function () {
-// change 'consentInformation' and 'scope_name' to the values used in your configuration.
+    const consentInformationFieldName = "consentInformation"; // Input field name
-$(function() {
+    const scopeDescriptionSource = "scope_name"; // JSON key for scope description
-
-    var consentInformationFieldName = "consentInformation"; // name of the input field from which to parse the value as the consent information JSON
-    var scopeDescriptionSource = "scope_name";              // key of the field in the consent information JSON of which to get the value as the scope description
 
     function displayOAuthScopesConsent() {
-        var jsonData = parseJson();
+        const jsonData = parseJson();
         if (jsonData !== undefined) {
-            mapJsonToHtml(jsonData)
+            mapJsonToHtml(jsonData);
         }
     }
 
     function mapJsonToHtml(jsonData) {
         mapJsonToHtmlScopeList("listOfRequestedScopesWithExistingConsent", jsonData.requestedScopesWithExistingConsent, "Already accepted scopes:");
-        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require a consent:");
+        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require consent:");
     }
 
     function mapJsonToHtmlScopeList(elementId, scopeInformation, title) {
-        if (scopeInformation !== undefined && Object.keys(scopeInformation).length > 0) {
+        if (scopeInformation && Object.keys(scopeInformation).length > 0) {
-            $("input[name=" + consentInformationFieldName +"]").after("<p style='margin-top: 0.5em'>" + title + "</p><div class='scopeinfobox'><ul id='" + elementId + "' /> </div>");
+            const consentInput = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-            jQuery.each(scopeInformation, function(key,value) {
+            if (consentInput) {
-                var scopeDescription = value[scopeDescriptionSource];
+                const container = document.createElement("div");
-                if (scopeDescription) {
+                container.innerHTML = `<p style='margin-top: 0.5em'>${title}</p><div class='scopeinfobox'><ul id='${elementId}'></ul></div>`;
-                    $("#" + elementId).append('<li>' + scopeDescription + '</li>');
+                consentInput.insertAdjacentElement("afterend", container);
-                } else {
+
-                    $("#" + elementId).append('<li>' + key + '</li>');
+                const ulElement = document.getElementById(elementId);
+                for (const key in scopeInformation) {
+                    if (scopeInformation.hasOwnProperty(key)) {
+                        const scopeDescription = scopeInformation[key][scopeDescriptionSource] || key;
+                        const li = document.createElement("li");
+                        li.textContent = scopeDescription;
+                        ulElement.appendChild(li);
+                    }
                 }
-            });
+            }
         }
     }
 
     function parseJson() {
-        var consentInformationField = $("input[name=" +consentInformationFieldName +"]");
+        const consentInformationField = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-        if (consentInformationField.length > 0) {
+        if (consentInformationField) {
-            return JSON.parse(consentInformationField.val());
+            try {
+                return JSON.parse(consentInformationField.value);
+            } catch (e) {
+                console.error("Invalid JSON in consent information field:", e);
+            }
         }
     }
 
     displayOAuthScopesConsent();
 });
-

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js

@@ -0,0 +1,44 @@
+(function() {
+  'use strict'
+
+  async function submit(assertion) {
+    // as this is the last call we have to do a top-level request instead of AJAX
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.style.display = "none";
+    addInput(form, "path", "/nevisfido/fido2/assertion/result")
+    addInput(form, "id", assertion.id);
+    addInput(form, "type", assertion.type);
+    console.log("assertion response:", assertion.response);
+    addInput(form, "response.clientDataJSON", assertion.response.clientDataJSON);
+    addInput(form, "response.authenticatorData", assertion.response.authenticatorData);
+    addInput(form, "response.signature", assertion.response.signature);
+    addInput(form, "response.userHandle", assertion.response.userHandle);
+    document.body.appendChild(form);
+    form.submit();
+  }
+
+  function authenticate() {
+    const hiddenField = document.querySelector("input[name='fido2_attestation_options']");
+    if (hiddenField && hiddenField.value) {
+        try {
+            const options = JSON.parse(hiddenField.value);
+            console.log("parsed attestation options:", JSON.stringify(options));
+
+            SimpleWebAuthnBrowser.startAuthentication({ optionsJSON: options, useBrowserAutofill: true })
+                .then(assertionResponse => {
+                    console.log("Authentication successful:", JSON.stringify(assertionResponse));
+                    submit(assertionResponse);
+                })
+                .catch(error => {
+                    console.log(`Passkey autofill skipped: ${error}`);
+                });
+        } catch (error) {
+            console.error("Error parsing fido2_attestation_options:", error);
+        }
+    } else {
+        console.log("Passkey autofill is disabled.");
+    }
+  }
+  authenticate();
+})();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/print.css

@@ -0,0 +1,67 @@
+@media print {
+   /* general printing rules */
+
+    body {
+      margin: 0;
+      color: #000000 !important;
+      background-color: #ffffff !important;
+
+      font-size: 12pt;
+      font-family: georgia, times, serif;
+
+      box-shadow: none !important;
+    }
+
+    header, footer, aside, nav, button, h1, h2, h3, h4, h5, h6 {
+      display: none;
+    }
+
+    main {
+      max-width: 100%;
+      box-shadow: none !important;
+    }
+
+    .printable {
+      display: block;
+    }
+
+    div:not(.printable) {
+      display: none;
+    }
+
+    .btn { 
+      display: none;
+    }
+
+    /* screen specific rules */
+
+    .login-container-body {
+      color: #000000 !important;
+      background-color: #ffffff !important;
+      box-shadow: none !important;
+      border-radius: unset;
+    }
+
+    .recovery-codes-wrapper {
+      overflow: unset !important;
+      height: unset !important;
+    }
+
+    #recovery-codes::before {
+      content: "Recovery Codes";
+      font-size: 16pt;
+    }
+
+    .recovery-code-white,
+    .recovery-code-gray {
+      color: #000000 !important;
+      background-color: #ffffff !important;
+
+      font-size: 14pt;
+      margin-top: 5pt;
+    }
+
+    .recovery-code-gray:first-child {
+      margin-top: 15pt;
+    }
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/saml_idp_logout.js

@@ -0,0 +1,63 @@
+function handleLogout(sp_urls, final_url) {
+
+    const request_urls = sp_urls.filter(function(current_url) {
+        return current_url.indexOf('SAMLRequest') > 0;
+    });
+
+    const response_urls = sp_urls.filter(function(current_url) {
+        return current_url.indexOf('SAMLResponse') > 0;
+    });
+
+    function kill_session() {
+        const current_url = window.location.href;
+        if (current_url.indexOf('?logout') == -1 && current_url.indexOf('&logout') == -1) {
+            console.log("current URL does not terminate the IDP session");
+            let logout_url = '';
+            if (current_url.indexOf('?') > 0) {
+                logout_url = current_url + "&logout";
+            } else {
+            }
+            fetch(logout_url, {
+                method: 'GET',
+                credentials: 'include'
+            }).then(response => {
+                if (!response.ok) {
+                    console.error('Logout request failed');
+                }
+            }).catch(error => {
+                console.error('Logout request error', error);
+            });
+        }
+    }
+
+    const requests = request_urls.map(current_url => {
+        return fetch(current_url, {
+            method: 'GET',
+            credentials: 'include',
+            mode: 'cors'
+        }).then(response => {
+            if (!response.ok) {
+                console.error('Request failed', current_url);
+            }
+        }).catch(error => {
+            console.error('Request error', current_url, error);
+        });
+    });
+
+    // send out the requests in parallel
+    // in any case we then terminate the IDP session and redirect to the correct destination
+    // we have to complete the logout no matter if the requests were successful or if there were failed requests
+    Promise.allSettled(requests).then(() => {
+        kill_session(); // required to terminate IDP session
+    }).finally(() => {
+        if (response_urls.length == 0) {
+            // redirect to root location on the IDP
+            console.log('Finish IDP-initiated SAML logout - redirecting to: ' + final_url);
+            window.location.href = final_url;
+        } else {
+            // only 1 such URL allowed. process ends on SP side
+            console.log('Finish SP-initiated SAML logout - redirecting to: ' + response_urls[0]);
+            window.location.href = response_urls[0];
+        }
+    })
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/show-password.js

@@ -1,11 +0,0 @@
-function toggleInputType(passwordInputId, eyeIconId, resourcePath) {
-    const passwordInput = document.getElementById(passwordInputId);
-    const eyeIcon = document.getElementById(eyeIconId);
-    if (passwordInput.type === 'text') {
-        passwordInput.type = 'password';
-        eyeIcon.src = resourcePath + '/resources/eye.svg';
-        return;
-    }
-    passwordInput.type = 'text';
-    eyeIcon.src = resourcePath + '/resources/eye-off.svg';
-}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success-solid.svg

@@ -0,0 +1,3 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <path fill-rule="evenodd" clip-rule="evenodd" d="M9.00005 16.2C12.9765 16.2 16.2 12.9764 16.2 8.99999C16.2 5.02354 12.9765 1.79999 9.00005 1.79999C5.0236 1.79999 1.80005 5.02354 1.80005 8.99999C1.80005 12.9764 5.0236 16.2 9.00005 16.2ZM12.3364 7.83638C12.6879 7.48491 12.6879 6.91506 12.3364 6.56359C11.985 6.21212 11.4151 6.21212 11.0636 6.56359L8.10005 9.5272L6.93644 8.36359C6.58497 8.01212 6.01512 8.01212 5.66365 8.36359C5.31218 8.71506 5.31218 9.28491 5.66365 9.63638L7.46365 11.4364C7.81512 11.7879 8.38497 11.7879 8.73644 11.4364L12.3364 7.83638Z" fill="#52CC65"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success.svg

@@ -0,0 +1,3 @@
+<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M22 32L28.6667 38.6667L42 25.3333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#52CC65" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/utils.js

@@ -0,0 +1,41 @@
+function addInput(form, name, value, type = "text") {
+  if (!form) throw new Error("Form element is required");
+  const input = document.createElement("input");
+  input.name = name;
+  input.type = type;
+  input.value = value;
+  form.appendChild(input);
+}
+
+function getSubmitButton() {
+  const submitButtons = [...document.querySelectorAll('button[name^="submit"]')];
+  if (submitButtons.length === 0) {
+    return null;
+  }
+  if (submitButtons.length > 1) {
+    throw new Error('There should be exactly 1 button on the screen with a name starting with "submit". Check the AuthState configuration.');
+  }
+  return submitButtons[0] || null;
+}
+
+function toggleEye(passwordInputId, eyeIconId, resourcePath) {
+  const passwordInput = document.getElementById(passwordInputId);
+  const eyeIcon = document.getElementById(eyeIconId);
+  if (!passwordInput || !eyeIcon) return;
+  const isPassword = passwordInput.type === 'password';
+  passwordInput.type = isPassword ? 'text' : 'password';
+  // Ensure correct path format
+  const normalizedPath = resourcePath.endsWith('/') ? resourcePath.slice(0, -1) : resourcePath;
+  eyeIcon.src = `${normalizedPath}/resources/eye${isPassword ? '-off' : ''}.svg`;
+}
+
+function formatNumberInput(numberInputId) {
+  const numberInput = document.getElementById(numberInputId);
+  if (!numberInput) return;
+  let value = numberInput.value || ''; // Handle potential null/undefined
+  value = value.replace(/[-e]/gi, '');
+  if (numberInput.maxLength > 0 && value.length > numberInput.maxLength) {
+    value = value.slice(0, numberInput.maxLength);
+  }
+  numberInput.value = value;
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/variables.css

@@ -0,0 +1,52 @@
+:root {
+    /* Default Colors */
+    --nevis-blue: #0d6efd;
+    --nevis-indigo: #6610f2;
+    --nevis-purple: #6f42c1;
+    --nevis-pink: #d63384;
+    --nevis-red: #F25562;
+    --nevis-orange: #fd7e14;
+    --nevis-yellow: #EFBA00;
+    --nevis-green: #151615;
+    --nevis-teal: #20c997;
+    --nevis-cyan: #0dcaf0;
+    --nevis-blue-100: #E1F5FB;
+    --nevis-blue-300: #A6DFED;
+    --nevis-blue-400: #75C3D7;
+    --nevis-blue-600: #168CA9;
+    --nevis-white: #ffffff;
+    --nevis-black: #000000;
+    --nevis-gray-100: #EDF1F2;
+    --nevis-gray-200: #DADFE0;
+    --nevis-gray-300: #C2CACC;
+    --nevis-gray-400: #A4AFB2;
+    --nevis-gray-500: #8A9699;
+    --nevis-gray-900: #1F2F33;
+
+    /* Theme */
+    --nevis-primary: var(--primary-color);
+    --nevis-secondary: var(--nevis-gray-400);
+    --nevis-success: var(--nevis-green);
+    --nevis-info: var(--nevis-cyan);
+    --nevis-warning: var(--nevis-yellow);
+    --nevis-danger: var(--nevis-red);
+    --nevis-light: var(--nevis-gray-100);
+    --nevis-dark: var(--nevis-gray-900);
+
+    /* Font */
+    --nevis-font-sans-serif: var(--font-family), system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", "Liberation Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+
+    /* Common */
+    --nevis-border-radius: var(--border-radius);
+    --nevis-form-control-border-color: var(--nevis-gray-300);
+
+    --nevis-blue-icon-color: var(--nevis-blue-600);
+    --nevis-blue-icon-hover-bg-color: var(--nevis-blue-300);
+    --nevis-blue-icon-active-bg-color: var(--nevis-blue-400);
+
+    /* Components */
+    /* Readonly field*/
+    --nevis-readonly-bg-color: var(--nevis-blue-100);
+    --nevis-readonly-border-color: var(--nevis-blue-300);
+    --nevis-readonly-box-shadow-color: var(--nevis-blue-600);
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/window-onload.js

@@ -0,0 +1,101 @@
+// this js should run last
+
+// DOM is ready (stylesheets, images, and subframes may not have been loaded yet)
+window.addEventListener('DOMContentLoaded', () => {
+    'use strict'
+    handleLogoutButton();
+    onSubmitWithEnter();
+    onFormSubmit();
+});
+
+function handleLogoutButton() {
+    const logoutButton = document.getElementById("logout-btn");
+    if (logoutButton) {
+        logoutButton.addEventListener("click", function (event) {
+            event.preventDefault();
+            event.stopPropagation();
+
+            const url = new URL(window.location.href);
+
+            // Parse raw query string, split into key=value or key-only
+            const rawParams = window.location.search.substring(1).split("&").filter(Boolean);
+
+            // Keep only params that are not 'login' or 'logout'
+            const remainingParams = rawParams.filter(p => {
+                const key = p.split("=")[0];
+                return key !== "login" && key !== "logout";
+            });
+
+            // Add 'logout' first
+            const finalParams = ["logout", ...remainingParams];
+
+            const newQuery = finalParams.length ? `?${finalParams.join("&")}` : "";
+
+            // Redirect
+            window.location.href = url.origin + url.pathname + newQuery;
+        });
+    }
+}
+
+/**
+ * Trigger to submit the button with name 'submit' and prevent other buttons to submission on 'Enter' keypress
+ */
+function onSubmitWithEnter() {
+    'use strict'
+
+    document.addEventListener('keypress', function (event) {
+        if (event.key === 'Enter') {
+            if (['TEXTAREA', 'INPUT'].includes(event.target.tagName) && event.target.type !== 'submit') {
+                return; // allow pressing Enter inside text fields
+            }
+
+            event.preventDefault();
+            event.stopPropagation();
+
+            const submitButton = getSubmitButton();
+            if (submitButton !== null) {
+                submitButton.click();
+            }
+        }
+    });
+}
+
+/*
+ * Setup form submit event handler for form with a required input.
+ * Manages the submission in case triggered by:
+ *   - non-genuine submit button: clear invalid required inputs and proceed the submission
+ *   - real submit button: if there is an invalid field prevent submission and trigger validation class addition
+ */
+function onFormSubmit() {
+    'use strict';
+
+    const form = document.querySelector('form');
+    if (!form) return;
+
+    form.addEventListener('submit', function onSubmit(event) {
+        const submitter = event.submitter || event.target;
+
+        // Check form validity once at the beginning
+        const isValid = form.checkValidity();
+
+        if (!submitter || !submitter.name.startsWith('submit')) {
+            // Clear invalid required inputs before submit
+            if (!isValid) {
+                document.querySelectorAll('input[required]:invalid').forEach(input => {
+                    if (input.value.length) {
+                        input.value = '';
+                    }
+                });
+            }
+            return event;
+        }
+
+        if (!isValid) {
+            console.log('Form is invalid');
+            event.preventDefault();
+            event.stopPropagation();
+        }
+
+        form.classList.add('was-validated'); // Add validation styling
+    }, false);
+}

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/images/logout-img-dark.svg

@@ -1,46 +1,46 @@
 <svg width="569" height="392" viewBox="0 0 569 392" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path opacity="0.6" d="M2.24127 149.464C23.6861 64.8302 188.553 122.509 287.94 64.9913C387.328 7.47386 588.237 64.9913 567.071 158.8C545.905 252.609 450.766 200.569 385.918 316.289C321.07 432.01 74.3637 405.305 97.6245 299.855C120.885 194.405 -19.2036 234.098 2.24127 149.464Z" fill="#453F4F"/>
+	<path opacity="0.6" d="M2.24127 149.464C23.6861 64.8302 188.553 122.509 287.94 64.9913C387.328 7.47386 588.237 64.9913 567.071 158.8C545.905 252.609 450.766 200.569 385.918 316.289C321.07 432.01 74.3637 405.305 97.6245 299.855C120.885 194.405 -19.2036 234.098 2.24127 149.464Z" fill="#453F4F"/>
-<ellipse cx="290.113" cy="371.071" rx="190.645" ry="0.828893" fill="#E6E6E6"/>
+	<ellipse cx="290.114" cy="371.071" rx="190.645" ry="0.828893" fill="#8F8F8F"/>
-<path d="M315.34 3.62891H142.629V369H315.34V3.62891Z" fill="#737373"/>
+	<path d="M315.344 3.625H142.633V368.996H315.344V3.625Z" fill="#453F4F"/>
-<path d="M303.873 14.5469H154.31V368.941H303.873V14.5469Z" fill="#e6e6e6"/>
+	<path d="M303.875 14.5391H154.312V368.933H303.875V14.5391Z" fill="black"/>
-<path d="M302.653 15.7656H155.53V368.94H302.653V15.7656Z" fill="#737373"/>
+	<path d="M302.654 15.7656H155.531V368.94H302.654V15.7656Z" fill="#453F4F"/>
-<path d="M300.976 209.435C300.976 213.338 297.835 216.479 293.931 216.479C290.027 216.479 286.886 213.338 286.886 209.435C286.886 205.531 290.027 202.391 293.931 202.391C297.835 202.391 300.976 205.531 300.976 209.435Z" fill="#2F2E41"/>
+	<path d="M300.981 209.435C300.981 213.338 297.839 216.479 293.936 216.479C290.032 216.479 286.891 213.338 286.891 209.435C286.891 205.531 290.032 202.391 293.936 202.391C297.839 202.391 300.981 205.531 300.981 209.435Z" fill="black"/>
-<path d="M293.26 212.666C290.851 212.666 288.685 211.781 287.008 210.318C287.465 213.763 290.393 216.447 293.961 216.447C297.865 216.447 301.006 213.306 301.006 209.403C301.006 209.189 300.976 209.006 300.945 208.793C299.207 211.141 296.432 212.666 293.26 212.666Z" fill="#bcbac5"/>
+	<path d="M293.26 212.67C290.851 212.67 288.685 211.785 287.008 210.322C287.465 213.767 290.393 216.451 293.961 216.451C297.865 216.451 301.006 213.31 301.006 209.407C301.006 209.193 300.976 209.01 300.945 208.797C299.207 211.145 296.432 212.67 293.26 212.67Z" fill="#2B2931"/>
-<path d="M300.915 208.825C298.749 213.856 290.179 214.161 283.744 209.801C275.815 204.434 272.247 210.624 272.247 208.52C272.247 206.416 275.815 203.306 287.282 207.056C293.199 208.977 300.884 208.825 300.884 208.825H300.915Z" fill="#b1aabb"/>
+	<path d="M300.918 208.821C298.753 213.852 290.183 214.157 283.748 209.797C275.818 204.43 272.25 210.62 272.25 208.516C272.25 206.412 275.818 203.302 287.286 207.052C293.202 208.973 300.888 208.821 300.888 208.821H300.918Z" fill="#453F4F"/>
-<path d="M283.5 208.428C277.767 204.677 274.473 207.055 272.521 208.946C273.436 208.976 277.035 205.226 283.744 209.8C290.057 214.069 298.383 213.825 300.762 209.129C296.828 211.965 288.807 211.904 283.5 208.428Z" fill="#2F2E41"/>
+	<path d="M283.503 208.43C277.769 204.679 274.475 207.057 272.523 208.948C273.438 208.978 277.037 205.228 283.747 209.802C290.06 214.071 298.386 213.827 300.765 209.131C296.83 211.967 288.809 211.906 283.503 208.43Z" fill="black"/>
-<path d="M329.68 201.163C329.53 201.896 329.539 202.661 329.708 203.388C329.876 204.116 330.198 204.784 330.645 205.332C330.874 205.612 330.469 205.986 330.241 205.707C329.75 205.099 329.395 204.361 329.208 203.558C329.02 202.754 329.005 201.91 329.165 201.099C329.174 201.021 329.209 200.95 329.262 200.9C329.315 200.851 329.382 200.827 329.45 200.833C329.518 200.842 329.58 200.882 329.623 200.943C329.666 201.005 329.687 201.084 329.68 201.163Z" fill="#262626"/>
+	<path d="M329.679 201.159C329.529 201.892 329.539 202.657 329.707 203.384C329.876 204.112 330.198 204.78 330.644 205.328C330.874 205.608 330.469 205.982 330.241 205.703C329.75 205.095 329.395 204.357 329.207 203.554C329.02 202.751 329.005 201.906 329.164 201.095C329.174 201.017 329.208 200.946 329.261 200.897C329.314 200.847 329.382 200.823 329.449 200.829C329.518 200.838 329.58 200.878 329.623 200.939C329.666 201.001 329.686 201.08 329.679 201.159Z" fill="white"/>
-<path d="M323.353 231.6C323.738 230.317 324.384 229.226 325.149 228.451L328.031 216L334 217.526L330.433 229.992C330.647 231.052 330.588 232.314 330.203 233.597C329.324 236.529 327.078 238.457 325.186 237.906C323.294 237.354 322.474 234.531 323.353 231.6Z" fill="#FFB6B6"/>
+	<path d="M323.353 231.6C323.738 230.317 324.384 229.226 325.149 228.451L328.031 216L334 217.526L330.433 229.992C330.647 231.052 330.588 232.314 330.203 233.597C329.324 236.529 327.078 238.457 325.186 237.906C323.294 237.354 322.474 234.531 323.353 231.6Z" fill="#EDC4A6"/>
-<path d="M376.135 357.09L370.367 357.226L367.152 331.315L375.664 331.113L376.135 357.09Z" fill="#FFB6B6"/>
+	<path d="M376.131 357.086L370.363 357.222L367.148 331.311L375.66 331.109L376.131 357.086Z" fill="#EDC4A6"/>
-<path d="M356.347 369.123C356.347 370.097 357.039 370.887 357.892 370.887H369.34C369.34 370.887 370.466 366.358 375.059 364.409L375.377 370.887H381.282L380.567 360.471C380.567 360.471 382.146 354.899 378.866 352.051C375.585 349.202 378.242 349.599 378.242 349.599L376.951 343.152L368.027 344.202L367.962 354.321L363.631 364.365L357.279 367.503C356.713 367.783 356.347 368.419 356.347 369.123Z" fill="#c4c3d5"/>
+	<path d="M356.344 369.119C356.344 370.093 357.035 370.883 357.888 370.883H369.336C369.336 370.883 370.463 366.354 375.056 364.405L375.373 370.883H381.279L380.563 360.467C380.563 360.467 382.143 354.895 378.862 352.047C375.581 349.198 378.239 349.595 378.239 349.595L376.948 343.148L368.024 344.198L367.958 354.317L363.627 364.362L357.275 367.499C356.71 367.779 356.344 368.415 356.344 369.119Z" fill="#ECECEC"/>
-<path d="M338.206 350.317L332.438 350.453L329.223 324.541L337.735 324.34L338.206 350.317Z" fill="#FFB6B6"/>
+	<path d="M338.209 350.32L332.441 350.457L329.227 324.545L337.738 324.344L338.209 350.32Z" fill="#EDC4A6"/>
-<path d="M319 368.97C319 369.945 319.691 370.734 320.544 370.734H331.992C331.992 370.734 333.119 366.206 337.712 364.257L338.029 370.734H343.935L343.219 360.319C343.219 360.319 344.799 354.747 341.518 351.898C338.237 349.05 340.895 349.446 340.895 349.446L339.604 343L330.68 344.049L330.614 354.169L326.284 364.213L319.931 367.351C319.366 367.63 319 368.267 319 368.97Z" fill="#c4c3d5"/>
+	<path d="M319 368.97C319 369.945 319.691 370.734 320.544 370.734H331.992C331.992 370.734 333.119 366.206 337.712 364.257L338.029 370.734H343.935L343.219 360.319C343.219 360.319 344.799 354.747 341.518 351.898C338.237 349.05 340.895 349.446 340.895 349.446L339.604 343L330.68 344.049L330.614 354.169L326.284 364.213L319.931 367.351C319.366 367.63 319 368.267 319 368.97Z" fill="#ECECEC"/>
-<path d="M374.68 150.377L353.232 154C351.755 150.327 341.835 125.406 341.222 121.809C339.629 112.459 346.806 103.839 356.537 103.134C365.869 102.457 371.555 104.155 372.349 112.789C372.627 115.815 375.301 123.922 376.118 126.855C380.626 143.036 375.758 146.929 374.68 150.377Z" fill="#511F33"/>
+	<path d="M374.68 150.377L353.232 154C351.755 150.327 341.835 125.406 341.222 121.809C339.629 112.459 346.806 103.839 356.537 103.134C365.869 102.457 371.555 104.155 372.349 112.789C372.627 115.815 375.301 123.922 376.118 126.855C380.626 143.036 375.758 146.929 374.68 150.377Z" fill="#AE5717"/>
-<path d="M345.5 203.5L342.274 225L326 288.089L328.5 340L339 339.549L342.274 289.895L362.682 243.626L365.329 339.549L377.986 340L385.5 229C386.18 220.393 382.83 210.661 378 203.5H345.5Z" fill="#c4c3d5"/>
+	<path d="M345.5 203.5L342.274 225L326 288.089L328.5 340L339 339.549L342.274 289.895L362.682 243.626L365.329 339.549L377.986 340L385.5 229C386.18 220.393 382.83 210.661 378 203.5H345.5Z" fill="#453F4F"/>
-<path d="M353.5 140L354 133L364.5 132L365.5 140H353.5Z" fill="#FFB6B6"/>
+	<path d="M353.5 140L354 133L364.5 132L365.5 140H353.5Z" fill="#EDC4A6"/>
-<path d="M365.5 137H353.5C353.5 137 354 141.5 350.5 142.5C347 143.5 341.294 147 341.294 147L346 190L342.5 214C352.807 217.431 364.699 222.018 382 208C382 208 377 196 377 185.5C377 175 379.134 149.972 379.134 149.972C379.134 149.972 370.5 144.5 368.5 143C366.5 141.5 365.5 137 365.5 137Z" fill="#7036e2"/>
+	<path d="M365.502 137H353.502C353.502 137 354.002 141.5 350.502 142.5C347.002 143.5 341.297 147 341.297 147L346.002 190L342.502 214C352.81 217.431 364.701 222.018 382.002 208C382.002 208 377.002 196 377.002 185.5C377.002 175 379.137 149.972 379.137 149.972C379.137 149.972 370.502 144.5 368.502 143C366.502 141.5 365.502 137 365.502 137Z" fill="#DACDFB"/>
-<path d="M349 145.854C349 145.854 341.444 142.679 337.889 148.575C335.954 151.784 332.308 173.797 329.386 193.198C326.939 209.448 325 223.866 325 223.866L332.778 225L341.467 193.258L348.111 168.985L349 145.854Z" fill="#7036e2"/>
+	<path d="M349 145.854C349 145.854 341.444 142.679 337.889 148.575C335.954 151.784 332.308 173.797 329.386 193.198C326.939 209.448 325 223.866 325 223.866L332.778 225L341.467 193.258L348.111 168.985L349 145.854Z" fill="#DACDFB"/>
-<path d="M357.5 134C364.404 134 370 128.404 370 121.5C370 114.596 364.404 109 357.5 109C350.596 109 345 114.596 345 121.5C345 128.404 350.596 134 357.5 134Z" fill="#FFB6B6"/>
+	<path d="M357.5 134C364.404 134 370 128.404 370 121.5C370 114.596 364.404 109 357.5 109C350.596 109 345 114.596 345 121.5C345 128.404 350.596 134 357.5 134Z" fill="#EDC4A6"/>
-<path d="M423.966 131.231C423.239 132.344 422.325 133.206 421.392 133.736L415.134 144.768L410.025 141.725L416.923 130.862C417.029 129.8 417.446 128.619 418.173 127.506C419.832 124.962 422.474 123.734 424.074 124.763C425.674 125.792 425.625 128.688 423.966 131.231Z" fill="#FFB6B6"/>
+	<path d="M423.968 131.227C423.242 132.341 422.327 133.202 421.394 133.732L415.136 144.764L410.027 141.721L416.925 130.858C417.031 129.796 417.449 128.615 418.175 127.502C419.835 124.958 422.477 123.73 424.076 124.759C425.676 125.788 425.628 128.684 423.968 131.227Z" fill="#EDC4A6"/>
-<path d="M368 144C368 144 372.5 145 377 148C378.371 150.156 392 155.5 395 155.5C397.249 154.647 402.5 147.5 404 146C405.5 144.5 414 133 414 133L420.5 137C420.5 137 401.5 164 398 168C394.5 172 368 163.5 368 163.5V144Z" fill="#7036e2"/>
+	<path d="M368 144C368 144 372.5 145 377 148C378.371 150.156 392 155.5 395 155.5C397.249 154.647 402.5 147.5 404 146C405.5 144.5 414 133 414 133L420.5 137C420.5 137 401.5 164 398 168C394.5 172 368 163.5 368 163.5V144Z" fill="#DACDFB"/>
-<path d="M355.841 104.961C350.758 105.872 345.832 108.676 343.195 113.197C340.558 117.717 335.726 124.016 339.229 127.878C340.44 129.212 341.982 130.223 343.071 131.662C344.925 134.112 345.193 137.553 344.268 140.5C343.344 143.446 337.768 147.444 335.5 149.5C340.354 148.99 347.271 147.169 348.947 142.5C349.723 140.339 350.988 134.555 349.66 132.693C348.962 131.715 347.934 131.045 347.048 130.24C344.761 128.164 346.229 125.029 346.243 121.908C346.257 118.787 346.642 116.616 348.947 114.561C350.534 115.853 355.798 115.541 357.803 115.21C359.809 114.878 365.418 122.727 366.523 120.99C368.686 123.822 367.206 117.985 366.8 121.55C366.51 124.1 364.866 126.3 364.371 128.817C363.939 131.008 364.411 133.287 365.168 135.384C366.877 140.113 370.08 144.269 374.184 147.08C371.814 143.665 369.344 139.933 369.422 135.751C369.479 132.649 374.628 126.247 375.536 123.285C377.274 117.619 373.829 111.34 370.128 106.755C366.879 102.728 360.597 103.972 355.616 105.164" fill="#511F33"/>
+	<path d="M355.841 104.961C350.758 105.872 345.832 108.676 343.195 113.197C340.558 117.717 335.726 124.016 339.229 127.878C340.44 129.212 341.982 130.223 343.071 131.662C344.925 134.112 345.193 137.553 344.268 140.5C343.344 143.446 337.768 147.444 335.5 149.5C340.354 148.99 347.271 147.169 348.947 142.5C349.723 140.339 350.988 134.555 349.66 132.693C348.962 131.715 347.934 131.045 347.048 130.24C344.761 128.164 346.229 125.029 346.243 121.908C346.257 118.787 346.642 116.616 348.947 114.561C350.534 115.853 355.798 115.541 357.803 115.21C359.809 114.878 365.418 122.727 366.523 120.99C368.686 123.822 367.206 117.985 366.8 121.55C366.51 124.1 364.866 126.3 364.371 128.817C363.939 131.008 364.411 133.287 365.168 135.384C366.877 140.113 370.08 144.269 374.184 147.08C371.814 143.665 369.344 139.933 369.422 135.751C369.479 132.649 374.628 126.247 375.536 123.285C377.274 117.619 373.829 111.34 370.128 106.755C366.879 102.728 360.597 103.972 355.616 105.164" fill="#AE5717"/>
-<path d="M395 117.232C401.714 116.386 409.568 119.286 413.699 122.339" stroke="#2F2E41" stroke-linecap="round"/>
+	<path d="M395 117.232C401.715 116.386 409.568 119.286 413.699 122.339" stroke="white" stroke-linecap="round"/>
-<path d="M395.223 121.266C400.011 120.287 405.172 121.843 407.714 123.721" stroke="#2F2E41" stroke-linecap="round"/>
+	<path d="M395.223 121.268C400.011 120.289 405.172 121.845 407.714 123.723" stroke="white" stroke-linecap="round"/>
-<path d="M430.918 132.319C435.672 134.16 439.5 138 442.5 143" stroke="#2F2E41" stroke-linecap="round"/>
+	<path d="M430.917 132.317C435.67 134.158 439.499 137.998 442.499 142.998" stroke="white" stroke-linecap="round"/>
-<path d="M429 135.871C432.582 136.862 436 139.5 437.5 142.5" stroke="#2F2E41" stroke-linecap="round"/>
+	<path d="M429.003 135.869C432.584 136.86 436.002 139.498 437.502 142.498" stroke="white" stroke-linecap="round"/>
-<path d="M458.764 85.9823C459.253 84.0543 457.402 81.9221 454.631 81.2198C451.86 80.5175 449.217 81.511 448.728 83.4389C448.24 85.3668 450.09 87.499 452.862 88.2014C455.633 88.9037 458.276 87.9102 458.764 85.9823Z" fill="#262626"/>
+	<path d="M458.764 85.9823C459.253 84.0543 457.402 81.9221 454.631 81.2198C451.86 80.5175 449.217 81.511 448.728 83.4389C448.24 85.3668 450.09 87.499 452.862 88.2014C455.633 88.9037 458.276 87.9102 458.764 85.9823Z" fill="white"/>
-<path d="M431.921 57.7654C432.409 55.8375 430.559 53.7053 427.787 53.003C425.016 52.3006 422.373 53.2942 421.885 55.2221C421.396 57.15 423.247 59.2822 426.018 59.9846C428.789 60.6869 431.432 59.6933 431.921 57.7654Z" fill="#3F3D56"/>
+	<path d="M431.921 57.7635C432.409 55.8356 430.559 53.7033 427.787 53.001C425.016 52.2987 422.373 53.2922 421.885 55.2201C421.396 57.148 423.247 59.2803 426.018 59.9826C428.789 60.6849 431.432 59.6914 431.921 57.7635Z" fill="#3F3D56"/>
-<path d="M472.115 86.0623C472.604 84.1344 470.753 82.0022 467.982 81.2999C465.211 80.5975 462.568 81.5911 462.079 83.519C461.591 85.4469 463.441 87.5791 466.213 88.2814C468.984 88.9838 471.627 87.9902 472.115 86.0623Z" fill="#7036e2"/>
+	<path d="M472.116 86.0604C472.604 84.1325 470.754 82.0002 467.983 81.2979C465.211 80.5956 462.569 81.5891 462.08 83.517C461.591 85.4449 463.442 87.5772 466.213 88.2795C468.985 88.9818 471.627 87.9883 472.116 86.0604Z" fill="#9268E9"/>
-<path d="M480.005 96.6486C480.205 94.8529 479.355 93.2841 478.106 93.1445C476.857 93.0049 475.682 94.3475 475.481 96.1432C475.28 97.9388 476.13 99.5077 477.38 99.6473C478.629 99.7868 479.804 98.4443 480.005 96.6486Z" fill="#E6E6E6"/>
+	<path d="M480.004 96.6525C480.205 94.8568 479.355 93.288 478.106 93.1484C476.856 93.0088 475.681 94.3514 475.48 96.1471C475.28 97.9428 476.13 99.5116 477.379 99.6512C478.628 99.7908 479.804 98.4482 480.004 96.6525Z" fill="#E6E6E6"/>
-<path d="M482.788 117.858C482.988 116.062 482.138 114.493 480.889 114.354C479.64 114.214 478.465 115.556 478.264 117.352C478.064 119.148 478.914 120.717 480.163 120.856C481.412 120.996 482.587 119.653 482.788 117.858Z" fill="#3F3D56"/>
+	<path d="M482.785 117.856C482.986 116.06 482.136 114.491 480.887 114.352C479.638 114.212 478.462 115.555 478.262 117.35C478.061 119.146 478.911 120.715 480.16 120.854C481.409 120.994 482.585 119.651 482.785 117.856Z" fill="#3F3D56"/>
-<path d="M448.187 77.4416C448.388 75.6459 447.538 74.0771 446.289 73.9375C445.04 73.7979 443.864 75.1404 443.664 76.9361C443.463 78.7318 444.313 80.3007 445.562 80.4402C446.811 80.5798 447.987 79.2373 448.187 77.4416Z" fill="#E6E6E6"/>
+	<path d="M448.184 77.4416C448.384 75.6459 447.534 74.0771 446.285 73.9375C445.036 73.7979 443.861 75.1404 443.66 76.9361C443.46 78.7318 444.31 80.3007 445.559 80.4402C446.808 80.5798 447.983 79.2373 448.184 77.4416Z" fill="#E6E6E6"/>
-<path d="M465.219 71.0432C465.42 69.2475 464.57 67.6786 463.32 67.5391C462.071 67.3995 460.896 68.742 460.695 70.5377C460.495 72.3334 461.345 73.9022 462.594 74.0418C463.843 74.1814 465.018 72.8388 465.219 71.0432Z" fill="#7036e2"/>
+	<path d="M465.215 71.0432C465.416 69.2475 464.566 67.6786 463.317 67.5391C462.067 67.3995 460.892 68.742 460.691 70.5377C460.491 72.3334 461.341 73.9022 462.59 74.0418C463.839 74.1814 465.014 72.8388 465.215 71.0432Z" fill="#9268E9"/>
-<path d="M444.237 53.756C444.437 51.9603 443.587 50.3915 442.338 50.2519C441.089 50.1123 439.914 51.4549 439.713 53.2506C439.512 55.0462 440.362 56.6151 441.611 56.7547C442.861 56.8943 444.036 55.5517 444.237 53.756Z" fill="#3F3D56"/>
+	<path d="M444.239 53.7541C444.439 51.9584 443.589 50.3895 442.34 50.25C441.091 50.1104 439.916 51.4529 439.715 53.2486C439.514 55.0443 440.364 56.6132 441.613 56.7527C442.863 56.8923 444.038 55.5498 444.239 53.7541Z" fill="#3F3D56"/>
-<path d="M43.2651 134.356C41.3288 133.901 39.2297 135.789 38.5766 138.573C37.9234 141.356 38.9636 143.981 40.8999 144.435C42.8361 144.889 44.9352 143.001 45.5884 140.218C46.2415 137.435 45.2013 134.81 43.2651 134.356Z" fill="#262626"/>
+	<path d="M43.2656 134.356C41.3293 133.901 39.2302 135.789 38.5771 138.573C37.9239 141.356 38.9641 143.981 40.9003 144.435C42.8366 144.889 44.9357 143.001 45.5889 140.218C46.242 137.435 45.2018 134.81 43.2656 134.356Z" fill="white"/>
-<path d="M43.6478 168.199C41.7116 167.745 39.6125 169.633 38.9593 172.416C38.3062 175.2 39.3464 177.825 41.2826 178.279C43.2189 178.733 45.318 176.845 45.9712 174.062C46.6243 171.278 45.5841 168.654 43.6478 168.199Z" fill="#3F3D56"/>
+	<path d="M43.6483 168.199C41.7121 167.745 39.613 169.633 38.9598 172.416C38.3067 175.2 39.3469 177.825 41.2831 178.279C43.2194 178.733 45.3185 176.845 45.9717 174.062C46.6248 171.278 45.5846 168.654 43.6483 168.199Z" fill="#3F3D56"/>
-<path d="M71.2284 127.51C69.2922 127.056 67.1931 128.944 66.5399 131.727C65.8868 134.51 66.927 137.135 68.8632 137.589C70.7995 138.044 72.8986 136.156 73.5517 133.372C74.2049 130.589 73.1647 127.964 71.2284 127.51Z" fill="#7036e2"/>
+	<path d="M71.2265 127.512C69.2902 127.058 67.1911 128.946 66.538 131.729C65.8848 134.512 66.925 137.137 68.8613 137.591C70.7975 138.046 72.8967 136.158 73.5498 133.374C74.2029 130.591 73.1628 127.966 71.2265 127.512Z" fill="#9268E9"/>
-<path d="M81.6733 119.434C79.8744 119.265 78.3209 120.143 78.2034 121.394C78.086 122.646 79.4491 123.797 81.2481 123.966C83.047 124.135 84.6006 123.257 84.718 122.006C84.8354 120.754 83.4723 119.603 81.6733 119.434Z" fill="#E6E6E6"/>
+	<path d="M81.6758 119.436C79.8768 119.267 78.3233 120.145 78.2059 121.396C78.0884 122.648 79.4516 123.799 81.2505 123.968C83.0495 124.137 84.603 123.259 84.7204 122.007C84.8379 120.756 83.4747 119.605 81.6758 119.436Z" fill="#E6E6E6"/>
-<path d="M102.83 116.276C101.031 116.107 99.4771 116.985 99.3597 118.236C99.2422 119.487 100.605 120.639 102.404 120.808C104.203 120.976 105.757 120.099 105.874 118.847C105.992 117.596 104.629 116.445 102.83 116.276Z" fill="#3F3D56"/>
+	<path d="M102.832 116.272C101.033 116.103 99.4795 116.981 99.3621 118.232C99.2447 119.484 100.608 120.635 102.407 120.804C104.206 120.973 105.759 120.095 105.877 118.843C105.994 117.592 104.631 116.441 102.832 116.272Z" fill="#3F3D56"/>
-<path d="M63.0327 151.586C61.2338 151.417 59.6802 152.295 59.5628 153.547C59.4454 154.798 60.8085 155.949 62.6074 156.118C64.4064 156.287 65.9599 155.409 66.0774 154.158C66.1948 152.906 64.8317 151.755 63.0327 151.586Z" fill="#E6E6E6"/>
+	<path d="M63.0352 151.584C61.2362 151.415 59.6827 152.293 59.5652 153.545C59.4478 154.796 60.8109 155.947 62.6099 156.116C64.4088 156.285 65.9624 155.407 66.0798 154.156C66.1973 152.904 64.8341 151.753 63.0352 151.584Z" fill="#E6E6E6"/>
-<path d="M56.3337 134.67C54.5348 134.501 52.9813 135.379 52.8638 136.631C52.7464 137.882 54.1095 139.033 55.9085 139.202C57.7074 139.371 59.261 138.493 59.3784 137.242C59.4958 135.99 58.1327 134.839 56.3337 134.67Z" fill="#7036e2"/>
+	<path d="M56.332 134.67C54.5331 134.501 52.9795 135.379 52.8621 136.631C52.7447 137.882 54.1078 139.033 55.9068 139.202C57.7057 139.371 59.2593 138.493 59.3767 137.242C59.4941 135.99 58.131 134.839 56.332 134.67Z" fill="#9268E9"/>
-<path d="M39.4209 155.955C37.6219 155.787 36.0684 156.664 35.9509 157.916C35.8335 159.167 37.1966 160.318 38.9956 160.487C40.7946 160.656 42.3481 159.778 42.4656 158.527C42.583 157.276 41.2198 156.124 39.4209 155.955Z" fill="#3F3D56"/>
+	<path d="M39.4179 155.959C37.619 155.79 36.0654 156.668 35.948 157.92C35.8306 159.171 37.1937 160.322 38.9927 160.491C40.7916 160.66 42.3452 159.782 42.4626 158.531C42.5801 157.279 41.2169 156.128 39.4179 155.959Z" fill="#3F3D56"/>
 </svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/images/logout-img.svg

@@ -1,46 +1,46 @@
 <svg width="569" height="392" viewBox="0 0 569 392" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path opacity="0.6" d="M2.24127 149.464C23.6861 64.8302 188.553 122.509 287.94 64.9913C387.328 7.47386 588.237 64.9913 567.071 158.8C545.905 252.609 450.766 200.569 385.918 316.289C321.07 432.01 74.3637 405.305 97.6245 299.855C120.885 194.405 -19.2036 234.098 2.24127 149.464Z" fill="#453F4F"/>
+	<path opacity="0.6" d="M2.24127 149.464C23.6861 64.8302 188.553 122.509 287.94 64.9913C387.328 7.47386 588.237 64.9913 567.071 158.8C545.905 252.609 450.766 200.569 385.918 316.289C321.07 432.01 74.3637 405.305 97.6245 299.855C120.885 194.405 -19.2036 234.098 2.24127 149.464Z" fill="white"/>
-<ellipse cx="290.113" cy="371.071" rx="190.645" ry="0.828893" fill="#757575"/>
+	<ellipse cx="290.114" cy="371.071" rx="190.645" ry="0.828893" fill="#8F8F8F"/>
-<path d="M315.34 3.62891H142.629V369H315.34V3.62891Z" fill="#ECECEC"/>
+	<path d="M315.344 3.625H142.633V368.996H315.344V3.625Z" fill="#ECECEC"/>
-<path d="M303.873 14.5469H154.31V368.941H303.873V14.5469Z" fill="#C1C1C1"/>
+	<path d="M303.875 14.5391H154.312V368.933H303.875V14.5391Z" fill="#C1C1C1"/>
-<path d="M302.653 15.7656H155.53V368.94H302.653V15.7656Z" fill="#ECECEC"/>
+	<path d="M302.654 15.7656H155.531V368.94H302.654V15.7656Z" fill="#ECECEC"/>
-<path d="M300.976 209.435C300.976 213.338 297.835 216.479 293.931 216.479C290.027 216.479 286.886 213.338 286.886 209.435C286.886 205.531 290.027 202.391 293.931 202.391C297.835 202.391 300.976 205.531 300.976 209.435Z" fill="black"/>
+	<path d="M300.981 209.435C300.981 213.338 297.839 216.479 293.936 216.479C290.032 216.479 286.891 213.338 286.891 209.435C286.891 205.531 290.032 202.391 293.936 202.391C297.839 202.391 300.981 205.531 300.981 209.435Z" fill="black"/>
-<path d="M293.26 212.666C290.851 212.666 288.685 211.781 287.008 210.318C287.465 213.763 290.393 216.447 293.961 216.447C297.865 216.447 301.006 213.306 301.006 209.403C301.006 209.189 300.976 209.006 300.945 208.793C299.207 211.141 296.432 212.666 293.26 212.666Z" fill="#2B2931"/>
+	<path d="M293.26 212.67C290.851 212.67 288.685 211.785 287.008 210.322C287.465 213.767 290.393 216.451 293.961 216.451C297.865 216.451 301.006 213.31 301.006 209.407C301.006 209.193 300.976 209.01 300.945 208.797C299.207 211.145 296.432 212.67 293.26 212.67Z" fill="#2B2931"/>
-<path d="M300.915 208.825C298.749 213.856 290.179 214.161 283.744 209.801C275.815 204.434 272.247 210.624 272.247 208.52C272.247 206.416 275.815 203.306 287.282 207.056C293.199 208.977 300.884 208.825 300.884 208.825H300.915Z" fill="#453F4F"/>
+	<path d="M300.918 208.821C298.753 213.852 290.183 214.157 283.748 209.797C275.818 204.43 272.25 210.62 272.25 208.516C272.25 206.412 275.818 203.302 287.286 207.052C293.202 208.973 300.888 208.821 300.888 208.821H300.918Z" fill="#453F4F"/>
-<path d="M283.5 208.428C277.767 204.677 274.473 207.055 272.521 208.946C273.436 208.976 277.035 205.226 283.744 209.8C290.057 214.069 298.383 213.825 300.762 209.129C296.828 211.965 288.807 211.904 283.5 208.428Z" fill="black"/>
+	<path d="M283.503 208.43C277.769 204.679 274.475 207.057 272.523 208.948C273.438 208.978 277.037 205.228 283.747 209.802C290.06 214.071 298.386 213.827 300.765 209.131C296.83 211.967 288.809 211.906 283.503 208.43Z" fill="black"/>
-<path d="M329.68 201.163C329.53 201.896 329.539 202.661 329.708 203.388C329.876 204.116 330.198 204.784 330.645 205.332C330.874 205.612 330.469 205.986 330.241 205.707C329.75 205.099 329.395 204.361 329.208 203.558C329.02 202.754 329.005 201.91 329.165 201.099C329.174 201.021 329.209 200.95 329.262 200.9C329.315 200.851 329.382 200.827 329.45 200.833C329.518 200.842 329.58 200.882 329.623 200.943C329.666 201.005 329.687 201.084 329.68 201.163Z" fill="white"/>
+	<path d="M329.679 201.159C329.529 201.892 329.539 202.657 329.707 203.384C329.876 204.112 330.198 204.78 330.644 205.328C330.874 205.608 330.469 205.982 330.241 205.703C329.75 205.095 329.395 204.357 329.207 203.554C329.02 202.751 329.005 201.906 329.164 201.095C329.174 201.017 329.208 200.946 329.261 200.897C329.314 200.847 329.382 200.823 329.449 200.829C329.518 200.838 329.58 200.878 329.623 200.939C329.666 201.001 329.686 201.08 329.679 201.159Z" fill="white"/>
-<path d="M323.353 231.6C323.738 230.317 324.384 229.226 325.149 228.451L328.031 216L334 217.526L330.433 229.992C330.647 231.052 330.588 232.314 330.203 233.597C329.324 236.529 327.078 238.457 325.186 237.906C323.294 237.354 322.474 234.531 323.353 231.6Z" fill="#FFB6B6"/>
+	<path d="M323.353 231.6C323.738 230.317 324.384 229.226 325.149 228.451L328.031 216L334 217.526L330.433 229.992C330.647 231.052 330.588 232.314 330.203 233.597C329.324 236.529 327.078 238.457 325.186 237.906C323.294 237.354 322.474 234.531 323.353 231.6Z" fill="#FFB6B6"/>
-<path d="M376.135 357.09L370.367 357.226L367.152 331.315L375.664 331.113L376.135 357.09Z" fill="#FFB6B6"/>
+	<path d="M376.131 357.086L370.363 357.222L367.148 331.311L375.66 331.109L376.131 357.086Z" fill="#FFB6B6"/>
-<path d="M356.347 369.123C356.347 370.097 357.039 370.887 357.892 370.887H369.34C369.34 370.887 370.466 366.358 375.059 364.409L375.377 370.887H381.282L380.567 360.471C380.567 360.471 382.146 354.899 378.866 352.051C375.585 349.202 378.242 349.599 378.242 349.599L376.951 343.152L368.027 344.202L367.962 354.321L363.631 364.365L357.279 367.503C356.713 367.783 356.347 368.419 356.347 369.123Z" fill="#2F2E41"/>
+	<path d="M356.344 369.119C356.344 370.093 357.035 370.883 357.888 370.883H369.336C369.336 370.883 370.463 366.354 375.056 364.405L375.373 370.883H381.279L380.563 360.467C380.563 360.467 382.143 354.895 378.862 352.047C375.581 349.198 378.239 349.595 378.239 349.595L376.948 343.148L368.024 344.198L367.958 354.317L363.627 364.362L357.275 367.499C356.71 367.779 356.344 368.415 356.344 369.119Z" fill="#2F2E41"/>
-<path d="M338.206 350.317L332.438 350.453L329.223 324.541L337.735 324.34L338.206 350.317Z" fill="#FFB6B6"/>
+	<path d="M338.209 350.32L332.441 350.457L329.227 324.545L337.738 324.344L338.209 350.32Z" fill="#FFB6B6"/>
-<path d="M319 368.97C319 369.945 319.691 370.734 320.544 370.734H331.992C331.992 370.734 333.119 366.206 337.712 364.257L338.029 370.734H343.935L343.219 360.319C343.219 360.319 344.799 354.747 341.518 351.898C338.237 349.05 340.895 349.446 340.895 349.446L339.604 343L330.68 344.049L330.614 354.169L326.284 364.213L319.931 367.351C319.366 367.63 319 368.267 319 368.97Z" fill="#2F2E41"/>
+	<path d="M319 368.97C319 369.945 319.691 370.734 320.544 370.734H331.992C331.992 370.734 333.119 366.206 337.712 364.257L338.029 370.734H343.935L343.219 360.319C343.219 360.319 344.799 354.747 341.518 351.898C338.237 349.05 340.895 349.446 340.895 349.446L339.604 343L330.68 344.049L330.614 354.169L326.284 364.213L319.931 367.351C319.366 367.63 319 368.267 319 368.97Z" fill="#2F2E41"/>
-<path d="M374.68 150.377L353.232 154C351.755 150.327 341.835 125.406 341.222 121.809C339.629 112.459 346.806 103.839 356.537 103.134C365.869 102.457 371.555 104.155 372.349 112.789C372.627 115.815 375.301 123.922 376.118 126.855C380.626 143.036 375.758 146.929 374.68 150.377Z" fill="#511F33"/>
+	<path d="M374.68 150.377L353.232 154C351.755 150.327 341.835 125.406 341.222 121.809C339.629 112.459 346.806 103.839 356.537 103.134C365.869 102.457 371.555 104.155 372.349 112.789C372.627 115.815 375.301 123.922 376.118 126.855C380.626 143.036 375.758 146.929 374.68 150.377Z" fill="#511F33"/>
-<path d="M345.5 203.5L342.274 225L326 288.089L328.5 340L339 339.549L342.274 289.895L362.682 243.626L365.329 339.549L377.986 340L385.5 229C386.18 220.393 382.83 210.661 378 203.5H345.5Z" fill="#2F2E41"/>
+	<path d="M345.5 203.5L342.274 225L326 288.089L328.5 340L339 339.549L342.274 289.895L362.682 243.626L365.329 339.549L377.986 340L385.5 229C386.18 220.393 382.83 210.661 378 203.5H345.5Z" fill="#2F2E41"/>
-<path d="M353.5 140L354 133L364.5 132L365.5 140H353.5Z" fill="#FFB6B6"/>
+	<path d="M353.5 140L354 133L364.5 132L365.5 140H353.5Z" fill="#FFB6B6"/>
-<path d="M365.5 137H353.5C353.5 137 354 141.5 350.5 142.5C347 143.5 341.294 147 341.294 147L346 190L342.5 214C352.807 217.431 364.699 222.018 382 208C382 208 377 196 377 185.5C377 175 379.134 149.972 379.134 149.972C379.134 149.972 370.5 144.5 368.5 143C366.5 141.5 365.5 137 365.5 137Z" fill="#9268E9"/>
+	<path d="M365.502 137H353.502C353.502 137 354.002 141.5 350.502 142.5C347.002 143.5 341.297 147 341.297 147L346.002 190L342.502 214C352.81 217.431 364.701 222.018 382.002 208C382.002 208 377.002 196 377.002 185.5C377.002 175 379.137 149.972 379.137 149.972C379.137 149.972 370.502 144.5 368.502 143C366.502 141.5 365.502 137 365.502 137Z" fill="#9268E9"/>
-<path d="M349 145.854C349 145.854 341.444 142.679 337.889 148.575C335.954 151.784 332.308 173.797 329.386 193.198C326.939 209.448 325 223.866 325 223.866L332.778 225L341.467 193.258L348.111 168.985L349 145.854Z" fill="#9268E9"/>
+	<path d="M349 145.854C349 145.854 341.444 142.679 337.889 148.575C335.954 151.784 332.308 173.797 329.386 193.198C326.939 209.448 325 223.866 325 223.866L332.778 225L341.467 193.258L348.111 168.985L349 145.854Z" fill="#9268E9"/>
-<path d="M357.5 134C364.404 134 370 128.404 370 121.5C370 114.596 364.404 109 357.5 109C350.596 109 345 114.596 345 121.5C345 128.404 350.596 134 357.5 134Z" fill="#FFB6B6"/>
+	<path d="M357.5 134C364.404 134 370 128.404 370 121.5C370 114.596 364.404 109 357.5 109C350.596 109 345 114.596 345 121.5C345 128.404 350.596 134 357.5 134Z" fill="#FFB6B6"/>
-<path d="M423.966 131.231C423.239 132.344 422.325 133.206 421.392 133.736L415.134 144.768L410.025 141.725L416.923 130.862C417.029 129.8 417.446 128.619 418.173 127.506C419.832 124.962 422.474 123.734 424.074 124.763C425.674 125.792 425.625 128.688 423.966 131.231Z" fill="#FFB6B6"/>
+	<path d="M423.968 131.227C423.242 132.341 422.327 133.202 421.394 133.732L415.136 144.764L410.027 141.721L416.925 130.858C417.031 129.796 417.449 128.615 418.175 127.502C419.835 124.958 422.477 123.73 424.076 124.759C425.676 125.788 425.628 128.684 423.968 131.227Z" fill="#FFB6B6"/>
-<path d="M368 144C368 144 372.5 145 377 148C378.371 150.156 392 155.5 395 155.5C397.249 154.647 402.5 147.5 404 146C405.5 144.5 414 133 414 133L420.5 137C420.5 137 401.5 164 398 168C394.5 172 368 163.5 368 163.5V144Z" fill="#9268E9"/>
+	<path d="M368 144C368 144 372.5 145 377 148C378.371 150.156 392 155.5 395 155.5C397.249 154.647 402.5 147.5 404 146C405.5 144.5 414 133 414 133L420.5 137C420.5 137 401.5 164 398 168C394.5 172 368 163.5 368 163.5V144Z" fill="#9268E9"/>
-<path d="M355.841 104.961C350.758 105.872 345.832 108.676 343.195 113.197C340.558 117.717 335.726 124.016 339.229 127.878C340.44 129.212 341.982 130.223 343.071 131.662C344.925 134.112 345.193 137.553 344.268 140.5C343.344 143.446 337.768 147.444 335.5 149.5C340.354 148.99 347.271 147.169 348.947 142.5C349.723 140.339 350.988 134.555 349.66 132.693C348.962 131.715 347.934 131.045 347.048 130.24C344.761 128.164 346.229 125.029 346.243 121.908C346.257 118.787 346.642 116.616 348.947 114.561C350.534 115.853 355.798 115.541 357.803 115.21C359.809 114.878 365.418 122.727 366.523 120.99C368.686 123.822 367.206 117.985 366.8 121.55C366.51 124.1 364.866 126.3 364.371 128.817C363.939 131.008 364.411 133.287 365.168 135.384C366.877 140.113 370.08 144.269 374.184 147.08C371.814 143.665 369.344 139.933 369.422 135.751C369.479 132.649 374.628 126.247 375.536 123.285C377.274 117.619 373.829 111.34 370.128 106.755C366.879 102.728 360.597 103.972 355.616 105.164" fill="#511F33"/>
+	<path d="M355.841 104.961C350.758 105.872 345.832 108.676 343.195 113.197C340.558 117.717 335.726 124.016 339.229 127.878C340.44 129.212 341.982 130.223 343.071 131.662C344.925 134.112 345.193 137.553 344.268 140.5C343.344 143.446 337.768 147.444 335.5 149.5C340.354 148.99 347.271 147.169 348.947 142.5C349.723 140.339 350.988 134.555 349.66 132.693C348.962 131.715 347.934 131.045 347.048 130.24C344.761 128.164 346.229 125.029 346.243 121.908C346.257 118.787 346.642 116.616 348.947 114.561C350.534 115.853 355.798 115.541 357.803 115.21C359.809 114.878 365.418 122.727 366.523 120.99C368.686 123.822 367.206 117.985 366.8 121.55C366.51 124.1 364.866 126.3 364.371 128.817C363.939 131.008 364.411 133.287 365.168 135.384C366.877 140.113 370.08 144.269 374.184 147.08C371.814 143.665 369.344 139.933 369.422 135.751C369.479 132.649 374.628 126.247 375.536 123.285C377.274 117.619 373.829 111.34 370.128 106.755C366.879 102.728 360.597 103.972 355.616 105.164" fill="#511F33"/>
-<path d="M395 117.232C401.714 116.386 409.568 119.286 413.699 122.339" stroke="black" stroke-linecap="round"/>
+	<path d="M395 117.232C401.715 116.386 409.568 119.286 413.699 122.339" stroke="black" stroke-linecap="round"/>
-<path d="M395.223 121.266C400.011 120.287 405.172 121.843 407.714 123.721" stroke="black" stroke-linecap="round"/>
+	<path d="M395.223 121.268C400.011 120.289 405.172 121.845 407.714 123.723" stroke="black" stroke-linecap="round"/>
-<path d="M430.918 132.319C435.672 134.16 439.5 138 442.5 143" stroke="black" stroke-linecap="round"/>
+	<path d="M430.917 132.317C435.67 134.158 439.499 137.998 442.499 142.998" stroke="black" stroke-linecap="round"/>
-<path d="M429 135.871C432.582 136.862 436 139.5 437.5 142.5" stroke="black" stroke-linecap="round"/>
+	<path d="M429.003 135.869C432.584 136.86 436.002 139.498 437.502 142.498" stroke="black" stroke-linecap="round"/>
-<path d="M458.764 85.9823C459.253 84.0543 457.402 81.9221 454.631 81.2198C451.86 80.5175 449.217 81.511 448.728 83.4389C448.24 85.3668 450.09 87.499 452.862 88.2014C455.633 88.9037 458.276 87.9102 458.764 85.9823Z" fill="white"/>
+	<path d="M458.764 85.9823C459.253 84.0543 457.402 81.9221 454.631 81.2198C451.86 80.5175 449.217 81.511 448.728 83.4389C448.24 85.3668 450.09 87.499 452.862 88.2014C455.633 88.9037 458.276 87.9102 458.764 85.9823Z" fill="white"/>
-<path d="M431.921 57.7654C432.409 55.8375 430.559 53.7053 427.787 53.003C425.016 52.3006 422.373 53.2942 421.885 55.2221C421.396 57.15 423.247 59.2822 426.018 59.9846C428.789 60.6869 431.432 59.6933 431.921 57.7654Z" fill="#3F3D56"/>
+	<path d="M431.921 57.7635C432.409 55.8356 430.559 53.7033 427.787 53.001C425.016 52.2987 422.373 53.2922 421.885 55.2201C421.396 57.148 423.247 59.2803 426.018 59.9826C428.789 60.6849 431.432 59.6914 431.921 57.7635Z" fill="#3F3D56"/>
-<path d="M472.115 86.0623C472.604 84.1344 470.753 82.0022 467.982 81.2999C465.211 80.5975 462.568 81.5911 462.079 83.519C461.591 85.4469 463.441 87.5791 466.213 88.2814C468.984 88.9838 471.627 87.9902 472.115 86.0623Z" fill="#9268E9"/>
+	<path d="M472.116 86.0604C472.604 84.1325 470.754 82.0002 467.983 81.2979C465.211 80.5956 462.569 81.5891 462.08 83.517C461.591 85.4449 463.442 87.5772 466.213 88.2795C468.985 88.9818 471.627 87.9883 472.116 86.0604Z" fill="#9268E9"/>
-<path d="M480.005 96.6486C480.205 94.8529 479.355 93.2841 478.106 93.1445C476.857 93.0049 475.682 94.3475 475.481 96.1432C475.28 97.9388 476.13 99.5077 477.38 99.6473C478.629 99.7868 479.804 98.4443 480.005 96.6486Z" fill="#E6E6E6"/>
+	<path d="M480.004 96.6525C480.205 94.8568 479.355 93.288 478.106 93.1484C476.856 93.0088 475.681 94.3514 475.48 96.1471C475.28 97.9428 476.13 99.5116 477.379 99.6512C478.628 99.7908 479.804 98.4482 480.004 96.6525Z" fill="#E6E6E6"/>
-<path d="M482.788 117.858C482.988 116.062 482.138 114.493 480.889 114.354C479.64 114.214 478.465 115.556 478.264 117.352C478.064 119.148 478.914 120.717 480.163 120.856C481.412 120.996 482.587 119.653 482.788 117.858Z" fill="#3F3D56"/>
+	<path d="M482.785 117.856C482.986 116.06 482.136 114.491 480.887 114.352C479.638 114.212 478.462 115.555 478.262 117.35C478.061 119.146 478.911 120.715 480.16 120.854C481.409 120.994 482.585 119.651 482.785 117.856Z" fill="#3F3D56"/>
-<path d="M448.187 77.4416C448.388 75.6459 447.538 74.0771 446.289 73.9375C445.04 73.7979 443.864 75.1404 443.664 76.9361C443.463 78.7318 444.313 80.3007 445.562 80.4402C446.811 80.5798 447.987 79.2373 448.187 77.4416Z" fill="#E6E6E6"/>
+	<path d="M448.184 77.4416C448.384 75.6459 447.534 74.0771 446.285 73.9375C445.036 73.7979 443.861 75.1404 443.66 76.9361C443.46 78.7318 444.31 80.3007 445.559 80.4402C446.808 80.5798 447.983 79.2373 448.184 77.4416Z" fill="#E6E6E6"/>
-<path d="M465.219 71.0432C465.42 69.2475 464.57 67.6786 463.32 67.5391C462.071 67.3995 460.896 68.742 460.695 70.5377C460.495 72.3334 461.345 73.9022 462.594 74.0418C463.843 74.1814 465.018 72.8388 465.219 71.0432Z" fill="#9268E9"/>
+	<path d="M465.215 71.0432C465.416 69.2475 464.566 67.6786 463.317 67.5391C462.067 67.3995 460.892 68.742 460.691 70.5377C460.491 72.3334 461.341 73.9022 462.59 74.0418C463.839 74.1814 465.014 72.8388 465.215 71.0432Z" fill="#9268E9"/>
-<path d="M444.237 53.756C444.437 51.9603 443.587 50.3915 442.338 50.2519C441.089 50.1123 439.914 51.4549 439.713 53.2506C439.512 55.0462 440.362 56.6151 441.611 56.7547C442.861 56.8943 444.036 55.5517 444.237 53.756Z" fill="#3F3D56"/>
+	<path d="M444.239 53.7541C444.439 51.9584 443.589 50.3895 442.34 50.25C441.091 50.1104 439.916 51.4529 439.715 53.2486C439.514 55.0443 440.364 56.6132 441.613 56.7527C442.863 56.8923 444.038 55.5498 444.239 53.7541Z" fill="#3F3D56"/>
-<path d="M43.2651 134.356C41.3288 133.901 39.2297 135.789 38.5766 138.573C37.9234 141.356 38.9636 143.981 40.8999 144.435C42.8361 144.889 44.9352 143.001 45.5884 140.218C46.2415 137.435 45.2013 134.81 43.2651 134.356Z" fill="white"/>
+	<path d="M43.2656 134.356C41.3293 133.901 39.2302 135.789 38.5771 138.573C37.9239 141.356 38.9641 143.981 40.9003 144.435C42.8366 144.889 44.9357 143.001 45.5889 140.218C46.242 137.435 45.2018 134.81 43.2656 134.356Z" fill="white"/>
-<path d="M43.6478 168.199C41.7116 167.745 39.6125 169.633 38.9593 172.416C38.3062 175.2 39.3464 177.825 41.2826 178.279C43.2189 178.733 45.318 176.845 45.9712 174.062C46.6243 171.278 45.5841 168.654 43.6478 168.199Z" fill="#3F3D56"/>
+	<path d="M43.6483 168.199C41.7121 167.745 39.613 169.633 38.9598 172.416C38.3067 175.2 39.3469 177.825 41.2831 178.279C43.2194 178.733 45.3185 176.845 45.9717 174.062C46.6248 171.278 45.5846 168.654 43.6483 168.199Z" fill="#3F3D56"/>
-<path d="M71.2284 127.51C69.2922 127.056 67.1931 128.944 66.5399 131.727C65.8868 134.51 66.927 137.135 68.8632 137.589C70.7995 138.044 72.8986 136.156 73.5517 133.372C74.2049 130.589 73.1647 127.964 71.2284 127.51Z" fill="#9268E9"/>
+	<path d="M71.2265 127.512C69.2902 127.058 67.1911 128.946 66.538 131.729C65.8848 134.512 66.925 137.137 68.8613 137.591C70.7975 138.046 72.8967 136.158 73.5498 133.374C74.2029 130.591 73.1628 127.966 71.2265 127.512Z" fill="#9268E9"/>
-<path d="M81.6733 119.434C79.8744 119.265 78.3209 120.143 78.2034 121.394C78.086 122.646 79.4491 123.797 81.2481 123.966C83.047 124.135 84.6006 123.257 84.718 122.006C84.8354 120.754 83.4723 119.603 81.6733 119.434Z" fill="#E6E6E6"/>
+	<path d="M81.6758 119.436C79.8768 119.267 78.3233 120.145 78.2059 121.396C78.0884 122.648 79.4516 123.799 81.2505 123.968C83.0495 124.137 84.603 123.259 84.7204 122.007C84.8379 120.756 83.4747 119.605 81.6758 119.436Z" fill="#E6E6E6"/>
-<path d="M102.83 116.276C101.031 116.107 99.4771 116.985 99.3597 118.236C99.2422 119.487 100.605 120.639 102.404 120.808C104.203 120.976 105.757 120.099 105.874 118.847C105.992 117.596 104.629 116.445 102.83 116.276Z" fill="#3F3D56"/>
+	<path d="M102.832 116.272C101.033 116.103 99.4795 116.981 99.3621 118.232C99.2447 119.484 100.608 120.635 102.407 120.804C104.206 120.973 105.759 120.095 105.877 118.843C105.994 117.592 104.631 116.441 102.832 116.272Z" fill="#3F3D56"/>
-<path d="M63.0327 151.586C61.2338 151.417 59.6802 152.295 59.5628 153.547C59.4454 154.798 60.8085 155.949 62.6074 156.118C64.4064 156.287 65.9599 155.409 66.0774 154.158C66.1948 152.906 64.8317 151.755 63.0327 151.586Z" fill="#E6E6E6"/>
+	<path d="M63.0352 151.584C61.2362 151.415 59.6827 152.293 59.5652 153.545C59.4478 154.796 60.8109 155.947 62.6099 156.116C64.4088 156.285 65.9624 155.407 66.0798 154.156C66.1973 152.904 64.8341 151.753 63.0352 151.584Z" fill="#E6E6E6"/>
-<path d="M56.3337 134.67C54.5348 134.501 52.9813 135.379 52.8638 136.631C52.7464 137.882 54.1095 139.033 55.9085 139.202C57.7074 139.371 59.261 138.493 59.3784 137.242C59.4958 135.99 58.1327 134.839 56.3337 134.67Z" fill="#9268E9"/>
+	<path d="M56.332 134.67C54.5331 134.501 52.9795 135.379 52.8621 136.631C52.7447 137.882 54.1078 139.033 55.9068 139.202C57.7057 139.371 59.2593 138.493 59.3767 137.242C59.4941 135.99 58.131 134.839 56.332 134.67Z" fill="#9268E9"/>
-<path d="M39.4209 155.955C37.6219 155.787 36.0684 156.664 35.9509 157.916C35.8335 159.167 37.1966 160.318 38.9956 160.487C40.7946 160.656 42.3481 159.778 42.4656 158.527C42.583 157.276 41.2198 156.124 39.4209 155.955Z" fill="#3F3D56"/>
+	<path d="M39.4179 155.959C37.619 155.79 36.0654 156.668 35.948 157.92C35.8306 159.171 37.1937 160.322 38.9927 160.491C40.7916 160.66 42.3452 159.782 42.4626 158.531C42.5801 157.279 41.2169 156.128 39.4179 155.959Z" fill="#3F3D56"/>
 </svg>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/403.vm

@@ -1,4 +1,4 @@
-<html class="relative min-h-100 h-full mx-4 flex sm:block" lang="$login.language">
+<html class="relative min-h-100 h-full flex sm:block" lang="$login.language">
 <head>
 	#set($title = $utils.getConfigParameter("page.title"))
 	#if(!$title || $title == '')
@@ -12,89 +12,98 @@
 	<link href="${login.appDataPath}/static/tailwind.css" rel="stylesheet" type="text/css"/>
 </head>
 <body class="flex flex-col flex-auto min-w-0 h-full relative">
-<header class="flex flew-row relative">
-	<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-		<span class="flex-1 sm:flex-initial sm:hidden"></span>
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-		<div class="flex items-center flex-1 sm:flex-initial justify-end">
-			#set ($langMenu = '')
-			## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
-			#set($localeList = ["de", "fr", "it", "rm", "en"])
-			#foreach ($locale in $localeList)
-				## find translated label of current locale
-				#if ($text.contains("language.$locale"))
-					#set ($langLabel = $text.get("language.$locale"))
-				#elseif ($locale.length() > 2)
-					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
-				#else
-					#set ($langLabel = $locale)
-				#end
-				## emit link or text for each language
-				#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
-				#if ($login.localeCode != $locale && $login.language != $locale)
-					#set ($langMenu = $langMenu +
-						'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
-						'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
-				#else
-					#set ($langMenu = $langMenu +
-						'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
-						bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
-						'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
-						'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
-				#end
-			#end ## end foreach
 
-			<agov-canary-cookie class="hidden sm:inline-block px-6">
+#parse("${templatePath}/envBanner.vm") ## closed in footer.vm
-			</agov-canary-cookie>
 
-			<agov-language
+<div class="flex flex-col flex-1 overflow-y-auto px-4">
-					class="hidden sm:inline-block"
+	<header class="flex flew-row relative">
-					data-lang='$login.localeCode.toUpperCase()'
+		<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-					data-links='$langMenu'
+			<span class="flex-1 sm:flex-initial sm:hidden"></span>
-					data-aria_label='$text.get("languageDropdown.aria.label")'
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-			>
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-			</agov-language>
+			<div class="flex items-center flex-1 sm:flex-initial justify-end">
+				#set ($langMenu = '')
+				## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
+				#set($localeList = ["de", "fr", "it", "rm", "en"])
+				#foreach ($locale in $localeList)
+					## find translated label of current locale
+					#if ($text.contains("language.$locale"))
+						#set ($langLabel = $text.get("language.$locale"))
+					#elseif ($locale.length() > 2)
+						#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
+					#else
+						#set ($langLabel = $locale)
+					#end
+					## emit link or text for each language
+					#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
+					#if ($login.localeCode != $locale && $login.language != $locale)
+						#set ($langMenu = $langMenu +
+							'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
+							'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
+					#else
+						#set ($langMenu = $langMenu +
+							'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
+							bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
+							'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
+							'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
+					#end
+				#end ## end foreach
 
-			<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
+				<agov-canary-cookie class="hidden sm:inline-block px-6">
-				<div class="mx-6 flex items-center">
+				</agov-canary-cookie>
-					<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-				</div>
-			</a>
 
-			<agov-darkmode
+				<agov-language
-					class="hidden sm:inline-block"
+						class="hidden sm:inline-block"
-					data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-lang='$login.localeCode.toUpperCase()'
-					data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+						data-links='$langMenu'
-			</agov-darkmode>
+						data-aria_label='$text.get("languageDropdown.aria.label")'
+				>
+				</agov-language>
 
-			<agov-mobile-menu
+				<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
-					data-lang='$login.localeCode.toUpperCase()'
+					<div class="mx-6 flex items-center">
-					data-links='$langMenu'
+						<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					data-help='$text.get("general.help")'
+						<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-					data-helplink='$text.get("general.help.link")'
+					</div>
-					data-filepath='${login.appDataPath}'
+				</a>
-					data-language_aria_label='$text.get("languageDropdown.aria.label")'
+
-					data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+				<agov-darkmode
-					data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						class="hidden sm:inline-block"
-			></agov-mobile-menu>
+						data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+				</agov-darkmode>
+
+				<agov-mobile-menu
+						data-lang='$login.localeCode.toUpperCase()'
+						data-links='$langMenu'
+						data-help='$text.get("general.help")'
+						data-helplink='$text.get("general.help.link")'
+						data-filepath='${login.appDataPath}'
+						data-language_aria_label='$text.get("languageDropdown.aria.label")'
+						data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						#if ($envMap.containsKey('name'))
+							data-env-name='$envMap.get("name")'
+							data-version='1.13.0.2.15-20251202T171015Z'
+							data-doc-url='$docUrl'
+							data-env-banner-label='$text.get("envbanner.label")'
+						#end
+				></agov-mobile-menu>
+			</div>
+			<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+		</nav>
+	</header>
+		#parse("${templatePath}/backdrop.vm")
+
+	<main id="mainContent"
+		  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
+		<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/403.svg">
+		<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/403-dark.svg">
+		<div class="flex flex-col md:flex-row justify-evenly gap-6">
+			<div class="mb-10">
+				<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_403.title")</h3>
+				<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_403.description")</p>
+			</div>
 		</div>
-		<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+	</main>
-	</nav>
+	#parse("${templatePath}/footer.vm")
-	#parse("${templatePath}/envBanner.vm")
-</header>
-	#parse("${templatePath}/backdrop.vm")
-
-<main id="mainContent"
-	  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
-	<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/403.svg">
-	<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/403-dark.svg">
-	<div class="flex flex-col md:flex-row justify-evenly gap-6">
-		<div class="mb-10">
-			<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_403.title")</h3>
-			<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_403.description")</p>
-		</div>
-	</div>
-</main>
-	#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/404.vm

@@ -1,4 +1,4 @@
-<html class="relative min-h-100 h-full mx-4 flex sm:block" lang="$login.language">
+<html class="relative min-h-100 h-full flex sm:block" lang="$login.language">
 <head>
 	#set($title = $utils.getConfigParameter("page.title"))
 	#if(!$title || $title == '')
@@ -13,89 +13,98 @@
 </head>
 
 <body class="flex flex-col flex-auto min-w-0 h-full relative">
-<header class="flex flew-row relative">
-	<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-		<span class="flex-1 sm:flex-initial sm:hidden"></span>
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-		<div class="flex items-center flex-1 sm:flex-initial justify-end">
-			#set ($langMenu = '')
-			## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
-			#set($localeList = ["de", "fr", "it", "rm", "en"])
-			#foreach ($locale in $localeList)
-				## find translated label of current locale
-				#if ($text.contains("language.$locale"))
-					#set ($langLabel = $text.get("language.$locale"))
-				#elseif ($locale.length() > 2)
-					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
-				#else
-					#set ($langLabel = $locale)
-				#end
-				## emit link or text for each language
-				#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
-				#if ($login.localeCode != $locale && $login.language != $locale)
-					#set ($langMenu = $langMenu +
-						'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
-						'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
-				#else
-					#set ($langMenu = $langMenu +
-						'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
-						bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
-						'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
-						'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
-				#end
-			#end ## end foreach
 
-			<agov-canary-cookie class="hidden sm:inline-block px-6">
+#parse("${templatePath}/envBanner.vm")
-			</agov-canary-cookie>
 
-			<agov-language
+<div class="flex flex-col flex-1 overflow-y-auto px-4"> ## closed in footer.vm
-					class="hidden sm:inline-block"
+	<header class="flex flew-row relative">
-					data-lang='$login.localeCode.toUpperCase()'
+		<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-					data-links='$langMenu'
+			<span class="flex-1 sm:flex-initial sm:hidden"></span>
-					data-aria_label='$text.get("languageDropdown.aria.label")'
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-			>
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-			</agov-language>
+			<div class="flex items-center flex-1 sm:flex-initial justify-end">
+				#set ($langMenu = '')
+				## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
+				#set($localeList = ["de", "fr", "it", "rm", "en"])
+				#foreach ($locale in $localeList)
+					## find translated label of current locale
+					#if ($text.contains("language.$locale"))
+						#set ($langLabel = $text.get("language.$locale"))
+					#elseif ($locale.length() > 2)
+						#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
+					#else
+						#set ($langLabel = $locale)
+					#end
+					## emit link or text for each language
+					#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
+					#if ($login.localeCode != $locale && $login.language != $locale)
+						#set ($langMenu = $langMenu +
+							'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
+							'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
+					#else
+						#set ($langMenu = $langMenu +
+							'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
+							bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
+							'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
+							'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
+					#end
+				#end ## end foreach
 
-			<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
+				<agov-canary-cookie class="hidden sm:inline-block px-6">
-				<div class="mx-6 flex items-center">
+				</agov-canary-cookie>
-					<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-				</div>
-			</a>
 
-			<agov-darkmode
+				<agov-language
-					class="hidden sm:inline-block"
+						class="hidden sm:inline-block"
-					data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-lang='$login.localeCode.toUpperCase()'
-					data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+						data-links='$langMenu'
-			</agov-darkmode>
+						data-aria_label='$text.get("languageDropdown.aria.label")'
+				>
+				</agov-language>
 
-			<agov-mobile-menu
+				<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
-					data-lang='$login.localeCode.toUpperCase()'
+					<div class="mx-6 flex items-center">
-					data-links='$langMenu'
+						<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					data-help='$text.get("general.help")'
+						<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-					data-helplink='$text.get("general.help.link")'
+					</div>
-					data-filepath='${login.appDataPath}'
+				</a>
-					data-language_aria_label='$text.get("languageDropdown.aria.label")'
+
-					data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+				<agov-darkmode
-					data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						class="hidden sm:inline-block"
-			></agov-mobile-menu>
+						data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+				</agov-darkmode>
+
+				<agov-mobile-menu
+						data-lang='$login.localeCode.toUpperCase()'
+						data-links='$langMenu'
+						data-help='$text.get("general.help")'
+						data-helplink='$text.get("general.help.link")'
+						data-filepath='${login.appDataPath}'
+						data-language_aria_label='$text.get("languageDropdown.aria.label")'
+						data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						#if ($envMap.containsKey('name'))
+							data-env-name='$envMap.get("name")'
+							data-version='1.13.0.2.15-20251202T171015Z'
+							data-doc-url='$docUrl'
+							data-env-banner-label='$text.get("envbanner.label")'
+						#end
+				></agov-mobile-menu>
+			</div>
+			<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+		</nav>
+	</header>
+	#parse("${templatePath}/backdrop.vm")
+
+	<main id="mainContent"
+		  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
+		<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/404.svg">
+		<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/404-dark.svg">
+		<div class="flex flex-col md:flex-row justify-evenly gap-6">
+			<div class="mb-10">
+				<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_404.title")</h3>
+				<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_404.description")</p>
+			</div>
 		</div>
-		<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+	</main>
-	</nav>
+	#parse("${templatePath}/footer.vm")
-	#parse("${templatePath}/envBanner.vm")
-</header>
-#parse("${templatePath}/backdrop.vm")
-
-<main id="mainContent"
-	  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
-	<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/404.svg">
-	<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/404-dark.svg">
-	<div class="flex flex-col md:flex-row justify-evenly gap-6">
-		<div class="mb-10">
-			<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_404.title")</h3>
-			<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_404.description")</p>
-		</div>
-	</div>
-</main>
-#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/500.vm

@@ -1,4 +1,4 @@
-<html class="relative min-h-100 h-full mx-4 flex sm:block" lang="$login.language">
+<html class="relative min-h-100 h-full flex sm:block" lang="$login.language">
 <head>
 	#set($title = $utils.getConfigParameter("page.title"))
 	#if(!$title || $title == '')
@@ -12,89 +12,99 @@
 	<link href="${login.appDataPath}/static/tailwind.css" rel="stylesheet" type="text/css"/>
 </head>
 <body class="flex flex-col flex-auto min-w-0 h-full relative">
-<header class="flex flew-row relative">
-	<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-		<span class="flex-1 sm:flex-initial sm:hidden"></span>
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-		<div class="flex items-center flex-1 sm:flex-initial justify-end">
-			#set ($langMenu = '')
-			## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
-			#set($localeList = ["de", "fr", "it", "rm", "en"])
-			#foreach ($locale in $localeList)
-				## find translated label of current locale
-				#if ($text.contains("language.$locale"))
-					#set ($langLabel = $text.get("language.$locale"))
-				#elseif ($locale.length() > 2)
-					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
-				#else
-					#set ($langLabel = $locale)
-				#end
-				## emit link or text for each language
-				#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
-				#if ($login.localeCode != $locale && $login.language != $locale)
-					#set ($langMenu = $langMenu +
-						'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
-						'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
-				#else
-					#set ($langMenu = $langMenu +
-						'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
-						bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
-						'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
-						'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
-				#end
-			#end ## end foreach
 
-			<agov-canary-cookie class="hidden sm:inline-block px-6">
+#parse("${templatePath}/envBanner.vm")
-			</agov-canary-cookie>
 
-			<agov-language
+<div class="flex flex-col flex-1 overflow-y-auto px-4"> ## closed in footer.vm
-					class="hidden sm:inline-block"
+	<header class="flex flew-row relative">
-					data-lang='$login.localeCode.toUpperCase()'
+		<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-					data-links='$langMenu'
+			<span class="flex-1 sm:flex-initial sm:hidden"></span>
-					data-aria_label='$text.get("languageDropdown.aria.label")'
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-			>
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-			</agov-language>
+			<div class="flex items-center flex-1 sm:flex-initial justify-end">
+				#set ($langMenu = '')
+				## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
+				#set($localeList = ["de", "fr", "it", "rm", "en"])
+				#foreach ($locale in $localeList)
+					## find translated label of current locale
+					#if ($text.contains("language.$locale"))
+						#set ($langLabel = $text.get("language.$locale"))
+					#elseif ($locale.length() > 2)
+						#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
+					#else
+						#set ($langLabel = $locale)
+					#end
+					## emit link or text for each language
+					#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
+					#if ($login.localeCode != $locale && $login.language != $locale)
+						#set ($langMenu = $langMenu +
+							'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
+							'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
+					#else
+						#set ($langMenu = $langMenu +
+							'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
+							bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
+							'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
+							'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
+					#end
+				#end ## end foreach
 
-			<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
+				<agov-canary-cookie class="hidden sm:inline-block px-6">
-				<div class="mx-6 flex items-center">
+				</agov-canary-cookie>
-					<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-				</div>
-			</a>
 
-			<agov-darkmode
+				<agov-language
-					class="hidden sm:inline-block"
+						class="hidden sm:inline-block"
-					data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-lang='$login.localeCode.toUpperCase()'
-					data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+						data-links='$langMenu'
-			</agov-darkmode>
+						data-aria_label='$text.get("languageDropdown.aria.label")'
+				>
+				</agov-language>
 
-			<agov-mobile-menu
+				<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
-					data-lang='$login.localeCode.toUpperCase()'
+					<div class="mx-6 flex items-center">
-					data-links='$langMenu'
+						<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					data-help='$text.get("general.help")'
+						<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-					data-helplink='$text.get("general.help.link")'
+					</div>
-					data-filepath='${login.appDataPath}'
+				</a>
-					data-language_aria_label='$text.get("languageDropdown.aria.label")'
+
-					data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+				<agov-darkmode
-					data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						class="hidden sm:inline-block"
-			></agov-mobile-menu>
+						data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+				</agov-darkmode>
+
+				<agov-mobile-menu
+						data-lang='$login.localeCode.toUpperCase()'
+						data-links='$langMenu'
+						data-help='$text.get("general.help")'
+						data-helplink='$text.get("general.help.link")'
+						data-filepath='${login.appDataPath}'
+						data-language_aria_label='$text.get("languageDropdown.aria.label")'
+						data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						#if ($envMap.containsKey('name'))
+							data-env-name='$envMap.get("name")'
+							data-version='1.13.0.2.15-20251202T171015Z'
+							data-doc-url='$docUrl'
+							data-env-banner-label='$text.get("envbanner.label")'
+						#end
+				></agov-mobile-menu>
+			</div>
+			<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+		</nav>
+
+	</header>
+		#parse("${templatePath}/backdrop.vm")
+
+	<main id="mainContent"
+		  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
+		<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/500.svg">
+		<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/500-dark.svg">
+		<div class="flex flex-col md:flex-row justify-evenly gap-6">
+			<div class="mb-10">
+				<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_500.title")</h3>
+				<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_500.description")</p>
+			</div>
 		</div>
-		<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+	</main>
-	</nav>
+	#parse("${templatePath}/footer.vm")
-	#parse("${templatePath}/envBanner.vm")
-</header>
-	#parse("${templatePath}/backdrop.vm")
-
-<main id="mainContent"
-	  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
-	<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/500.svg">
-	<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/500-dark.svg">
-	<div class="flex flex-col md:flex-row justify-evenly gap-6">
-		<div class="mb-10">
-			<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_500.title")</h3>
-			<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_500.description")</p>
-		</div>
-	</div>
-</main>
-	#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/502.vm

@@ -12,89 +12,97 @@
 	<link href="${login.appDataPath}/static/tailwind.css" rel="stylesheet" type="text/css"/>
 </head>
 <body class="flex flex-col flex-auto min-w-0 h-full relative">
-<header class="flex flew-row relative">
-	<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
-		<span class="flex-1 sm:flex-initial sm:hidden"></span>
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
-		<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
-		<div class="flex items-center flex-1 sm:flex-initial justify-end">
-			#set ($langMenu = '')
-			## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
-			#set($localeList = ["de", "fr", "it", "rm", "en"])
-			#foreach ($locale in $localeList)
-				## find translated label of current locale
-				#if ($text.contains("language.$locale"))
-					#set ($langLabel = $text.get("language.$locale"))
-				#elseif ($locale.length() > 2)
-					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
-				#else
-					#set ($langLabel = $locale)
-				#end
-				## emit link or text for each language
-				#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
-				#if ($login.localeCode != $locale && $login.language != $locale)
-					#set ($langMenu = $langMenu +
-						'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
-						'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
-				#else
-					#set ($langMenu = $langMenu +
-						'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
-						bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
-						'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
-						'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
-				#end
-			#end ## end foreach
 
-			<agov-canary-cookie class="hidden sm:inline-block px-6">
+#parse("${templatePath}/envBanner.vm")
-			</agov-canary-cookie>
+<div class="flex flex-col flex-1 overflow-y-auto px-4"> ## closed in footer.vm
+	<header class="flex flew-row relative">
+		<nav class="w-full md:max-w-[1240px] lg:max-w-[1440px] mx-auto flex items-center justify-between h-20 mt-4 sm:mt-10 mb-4">
+			<span class="flex-1 sm:flex-initial sm:hidden"></span>
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 dark:hidden" src="${login.appDataPath}/static/images/agov-logo.svg">
+			<img alt="agov Logo" class="h-8 sm:h-10 mr-6 hidden dark:block" src="${login.appDataPath}/static/images/agov-logo-dark.svg">
+			<div class="flex items-center flex-1 sm:flex-initial justify-end">
+				#set ($langMenu = '')
+				## NOTE/2025-06-30/haburger: using hard coded, sorted array instead of $login.locales
+				#set($localeList = ["de", "fr", "it", "rm", "en"])
+				#foreach ($locale in $localeList)
+					## find translated label of current locale
+					#if ($text.contains("language.$locale"))
+						#set ($langLabel = $text.get("language.$locale"))
+					#elseif ($locale.length() > 2)
+						#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowerCase()}"))
+					#else
+						#set ($langLabel = $locale)
+					#end
+					## emit link or text for each language
+					#set ($langTarget = '?language=' + $utils.escapeHtmlAttribute($locale))
+					#if ($login.localeCode != $locale && $login.language != $locale)
+						#set ($langMenu = $langMenu +
+							'<li><a class="block px-8 sm:px-4 py-3 hover:bg-lavender-blush dark:hover:bg-purple-black" aria-current="false" href="'+$langTarget+
+							'">'+$langLabel+' - '+$locale.toUpperCase()+'</a></li>')
+					#else
+						#set ($langMenu = $langMenu +
+							'<li><a class="whitespace-nowrap flex items-center px-8 sm:px-4 justify-between w-full py-3
+							bg-indigo-light dark:bg-purple-black" aria-current="true" href="'+$langTarget+
+							'"><span class="font-body-semi">'+$langLabel+' - '+$locale.toUpperCase()+
+							'</span><span class="fa-solid fa-check text-indigo dark:text-white text-body-l"></span></a></li>')
+					#end
+				#end ## end foreach
 
-			<agov-language
+				<agov-canary-cookie class="hidden sm:inline-block px-6">
-					class="hidden sm:inline-block"
+				</agov-canary-cookie>
-					data-lang='$login.localeCode.toUpperCase()'
-					data-links='$langMenu'
-					data-aria_label='$text.get("languageDropdown.aria.label")'
-			>
-			</agov-language>
 
-			<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
+				<agov-language
-				<div class="mx-6 flex items-center">
+						class="hidden sm:inline-block"
-					<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
+						data-lang='$login.localeCode.toUpperCase()'
-					<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
+						data-links='$langMenu'
-				</div>
+						data-aria_label='$text.get("languageDropdown.aria.label")'
-			</a>
+				>
+				</agov-language>
 
-			<agov-darkmode
+				<a class="cursor-pointer hidden sm:inline-block" href="$text.get("general.help.link")" target="_blank">
-					class="hidden sm:inline-block"
+					<div class="mx-6 flex items-center">
-					data-aria_label='$text.get("darkModeSwitch.aria.label")'
+						<i class="text-xl pr-2 fa-regular fa-circle-question ml-auto text-space-blue dark:text-white transition-all"></i>
-					data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
+						<span class="text-space-blue dark:text-white font-body-semi text-body-l transition-colors">$text.get("general.help")</span>
-			</agov-darkmode>
+					</div>
+				</a>
 
-			<agov-mobile-menu
+				<agov-darkmode
-					data-lang='$login.localeCode.toUpperCase()'
+						class="hidden sm:inline-block"
-					data-links='$langMenu'
+						data-aria_label='$text.get("darkModeSwitch.aria.label")'
-					data-help='$text.get("general.help")'
+						data-domain='$utils.getConfigParameter("application.language.cookie.en")'>
-					data-helplink='$text.get("general.help.link")'
+				</agov-darkmode>
-					data-filepath='${login.appDataPath}'
+
-					data-language_aria_label='$text.get("languageDropdown.aria.label")'
+				<agov-mobile-menu
-					data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-lang='$login.localeCode.toUpperCase()'
-					data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'
+						data-links='$langMenu'
-			></agov-mobile-menu>
+						data-help='$text.get("general.help")'
+						data-helplink='$text.get("general.help.link")'
+						data-filepath='${login.appDataPath}'
+						data-language_aria_label='$text.get("languageDropdown.aria.label")'
+						data-dark_mode_aria_label='$text.get("darkModeSwitch.aria.label")'
+						data-dark_mode_domain='$utils.getConfigParameter("application.language.cookie.en")'$
+						#if ($envMap.containsKey('name'))
+							data-env-name='$envMap.get("name")'
+							data-version='1.13.0.2.15-20251202T171015Z'
+							data-doc-url='$docUrl'
+							data-env-banner-label='$text.get("envbanner.label")'
+						#end
+				></agov-mobile-menu>
+			</div>
+			<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+		</nav>
+	</header>
+		#parse("${templatePath}/backdrop.vm")
+
+	<main id="mainContent"
+		  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
+		<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/something_wrong.svg">
+		<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/something_wrong-dark.svg">
+		<div class="flex flex-col md:flex-row justify-evenly gap-6">
+			<div class="mb-10">
+				<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_502.title")</h3>
+				<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_502.description")</p>
+			</div>
 		</div>
-		<div class="sm:hidden absolute bottom-0 mt-4 -left-4 -right-4 h-px bg-light-grey dark:bg-silver"></div>
+	</main>
-	</nav>
+	#parse("${templatePath}/footer.vm")
-	#parse("${templatePath}/envBanner.vm")
-</header>
-	#parse("${templatePath}/backdrop.vm")
-
-<main id="mainContent"
-	  class="container mx-auto sm:max-w-full flex sm:flex-auto flex-col sm:block">
-	<img alt="" class="mx-auto mt-16 block dark:hidden" src="${login.appDataPath}/static/images/something_wrong.svg">
-	<img alt="" class="mx-auto mt-16 hidden dark:block" src="${login.appDataPath}/static/images/something_wrong-dark.svg">
-	<div class="flex flex-col md:flex-row justify-evenly gap-6">
-		<div class="mb-10">
-			<h3 class="font-header text-h3 text-black dark:text-white mb-4 mx-auto text-center">$text.get("error_502.title")</h3>
-			<p class="font-body text-body-l text-black dark:text-white mx-auto text-center">$text.get("error_502.description")</p>
-		</div>
-	</div>
-</main>
-	#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/AuthFailDialog.vm

@@ -2,4 +2,4 @@
 
 #parse("${templatePath}/generic_auth_error.vm")
 
-#parse("${templatePath}/footer.vm")
+#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/AuthUidPwDialog.vm

@@ -141,4 +141,4 @@
 </div>
 
 
-#parse("${templatePath}/footer.vm")
+#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/Error.vm

@@ -2,4 +2,4 @@
 
 #parse("${templatePath}/generic_auth_error.vm")
 
-#parse("${templatePath}/footer.vm")
+#parse("${templatePath}/footer.vm")