540 changed files with 122010 additions and 12815 deletions
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
@ -14,7 +14,7 @@ spec:
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-sp-op-onbrdng-authenticationrealm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
-  - name: "proxy-sp-ident-authenticationrealm-identity"
-    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-idm-saml-sp-nevisidm-admin-realm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
+  - name: "proxy-sp-ident-authenticationrealm-identity"
+    namespace: "adn-agov-nevisidm-admin-01-uat"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisAuth"
  replicas: 1
-  version: "8.2505.5"
-  gitInitVersion: "1.4.0"
+  version: "8.2411.3"
+  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    management: 9000
@ -39,14 +39,13 @@ spec:
    management:
      httpGet:
        path: "/nevisauth/liveness"
-      initialDelaySeconds: 50
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
+    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
@ -76,4 +76,3 @@ LOG.info("Event='IDENT-INITREQ', rpcode='${rpcode}', rpentity='${rpentity}', Sou
 		"Origin='${origin}'")
 response.setResult('sendAuthnRequest')
 return
-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
@ -14,7 +14,6 @@ cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
-error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -64,7 +63,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required
+general.fieldRequired=Field required.
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -82,8 +81,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -109,8 +108,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
-loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
+loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -122,8 +121,8 @@ logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
+mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -207,7 +206,7 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
-providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -215,19 +214,17 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
-qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Recovery code
-recovery_check_code.expired=Too many attempts or your recovery code has expired.
+recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -240,9 +237,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your recovery code to be able to continue.
+recovery_code.banner.error=Please reveal your new code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing recovery code
+recovery_code.newRecoveryCode=Introducing Recovery Code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -286,8 +283,6 @@ recovery_start_info.banner.warning=You will not be able to use your account unti
 recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
-signup.button.label=Signup
-skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@ -296,7 +291,6 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
-title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
@ -14,7 +14,6 @@ cancel.button.label=Abbrechen
 continue.button.label=Weiter
 darkModeSwitch.aria.label=Dark-Mode-Schalter
 deputy.profile.label=(Profil Stellvertreter)
-error.account.exists=Konto existiert bereits. Melden Sie sich an.
 error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
@ -64,7 +63,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld
+general.fieldRequired=Erforderliches Feld.
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -82,8 +81,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -109,8 +108,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -122,8 +121,8 @@ logout.label=Logout
 logout.text=Sie haben sich erfolgreich abgemeldet.
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -207,7 +206,7 @@ policyInfo.regex.nonLetter=&#9642; muss mindestens {0} Zeichen enthalten, die ke
 policyInfo.regex.numeric=&#9642; muss mindestens {0} numerische Zeichen enthalten.
 policyInfo.regex.upper=&#9642; muss mindestens {0} Grossbuchstaben enthalten.
 policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -215,19 +214,17 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
-qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode
-recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
@ -286,8 +283,6 @@ recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis d
 recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
 recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
 reject.button.label=Ablehnen
-signup.button.label=Registrieren
-skip.button.label=&Uuml;berspringen
 submit.button.label=Senden
 tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
 title.login=Login
@ -296,7 +291,6 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorisierung
 title.saml.failed=Error
-title.signup=Konto erstellen
 title.timeout.page=Logout
 user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
 user_input.invalid.email.required=Erforderliches Feld
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
@ -14,7 +14,6 @@ cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
-error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -64,7 +63,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required
+general.fieldRequired=Field required.
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -82,8 +81,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -109,8 +108,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
-loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
+loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -122,8 +121,8 @@ logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
+mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -207,7 +206,7 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
-providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -215,19 +214,17 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
-qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Recovery code
-recovery_check_code.expired=Too many attempts or your recovery code has expired.
+recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -240,9 +237,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your recovery code to be able to continue.
+recovery_code.banner.error=Please reveal your new code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing recovery code
+recovery_code.newRecoveryCode=Introducing Recovery Code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -286,8 +283,6 @@ recovery_start_info.banner.warning=You will not be able to use your account unti
 recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
-signup.button.label=Signup
-skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@ -296,7 +291,6 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
-title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
@ -2,10 +2,10 @@
 accept.button.label=Accepter
 agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
 agov-ident.done.title=Termin&eacute;
-agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
+agov-ident.failed.instruction=Vous avez besoin d'un compte AGOV et de passer la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer avec succ&egrave;s l'enregistrement. Veuillez r&eacute;essayer.
 agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
 agov-ident.failed.title=V&eacute;rification requise
-agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veillez l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
 agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
 agov-ident.invalid-url.title=Lien non valide
 agov-ident.onboarding=Enregistrement et v&eacute;rification
@ -14,7 +14,6 @@ cancel.button.label=Abandonner
 continue.button.label=Continuer
 darkModeSwitch.aria.label=Activer l'apparence sombre
 deputy.profile.label=(Profil du suppl&eacute;ant)
-error.account.exists=Le compte existe d&#233;j&#224;. Continuez &#224; vous connecter.
 error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
 error_1=Veuillez v&eacute;rifier votre saisie.
 error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
@ -64,7 +63,7 @@ general.edit=Editer
 general.email=E-mail
 general.email.address=Adresse e-mail
 general.entryCode=Entrer le code
-general.fieldRequired=Champ requis
+general.fieldRequired=Champ requis.
 general.getStarted=D&eacute;marrer
 general.goAGOVHelp=Rendez-vous sur AGOV help
 general.goAccessApp=Login avec AGOV access
@ -82,15 +81,15 @@ general.recovery=R&eacute;cup&eacute;ration
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
-general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistr&eacute; correctement, puis essayer de le soumettre &agrave; nouveau.
+general.recoveryCode.repeatCodeModal.description=Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
 general.registerNow=Enregistrez-vous d&egrave;s maintenant!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas de compte AGOV ?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@ -109,8 +108,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=S&eacute;lectionner la langue
-loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
-loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
 loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
 loainfo.later=Plus tard
@ -122,14 +121,14 @@ logout.label=Logout
 logout.text=Au revoir
 mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
-mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
-mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
 mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
 mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas de compte AGOV ?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@ -207,7 +206,7 @@ policyInfo.regex.nonLetter=&#9642; doit contenir au moins {0} caract&egrave;res
 policyInfo.regex.numeric=&#9642; doit comprendre au minimum {0} caract&#232;res num&#233;riques.
 policyInfo.regex.upper=&#9642; doit contenir au moins {0} caract&egrave;re(s) majuscule(s).
 policyInfo.title=Le mot de passe doit respecter les r&egrave;gles suivantes:
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
 providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
@ -215,20 +214,18 @@ providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacu
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
 providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
-qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
 recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
-recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
-recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
@ -240,7 +237,7 @@ recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV he
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
 recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
+recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
 recovery_code.validUntil=Valable jusqu'au:
@ -286,8 +283,6 @@ recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tan
 recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
 recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 reject.button.label=Refuser
-signup.button.label=Inscription
-skip.button.label=Passer
 submit.button.label=Envoyer
 tan.sent=Veuillez saisir le code de s&eacute;curit&eacute; que vous avez re&ccedil;u au votre t&eacute;l&eacute;phone mobile.
 title.login=Login
@ -296,7 +291,6 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorisation du client
 title.saml.failed=Error
-title.signup=Cr&#233;er un compte
 title.timeout.page=Logout
 user_input.invalid.email=Veuillez saisir un e-mail valable.
 user_input.invalid.email.required=Champ requis
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
@ -1,5 +1,5 @@

-accept.button.label=Accetta
+accept.button.label=Accettare
 agov-ident.done.message=Il vostro conto AGOV &egrave; ora pronto per l'uso. Pu&ograve; chiudere questa pagina.
 agov-ident.done.title=Finito
 agov-ident.failed.instruction=Per completare la registrazione &egrave; necessario disporre di un account AGOV e superare la verifica dei dati suggerita. Riprova.
@ -10,11 +10,10 @@ agov-ident.invalid-url.message=Il link non pu&ograve; essere elaborato
 agov-ident.invalid-url.title=Link non valido
 agov-ident.onboarding=Registrazione e verifica
 agov-ident.retry=Riprova
-cancel.button.label=Annulla
+cancel.button.label=Abortire
 continue.button.label=Continua
 darkModeSwitch.aria.label=Attivare la modalit&agrave; scura
 deputy.profile.label=(profilo del delegato)
-error.account.exists=L'account esiste gi<67>. Prosegui col login.
 error.saml.failed=Chiudi il browser e riprova.
 error_1=Verificare i dati inseriti.
 error_10=Scegliere l&rsquo;account utente corretto.
@ -64,7 +63,7 @@ general.edit=Modificare
 general.email=e-mail
 general.email.address=Indirizzo e-mail
 general.entryCode=Codice
-general.fieldRequired=Campo obbligatorio
+general.fieldRequired=Campo obbligatorio.
 general.getStarted=Iniziare
 general.goAGOVHelp=Vai ad AGOV help
 general.goAccessApp=Login con AGOV access
@ -74,7 +73,7 @@ general.help.link=https://agov.ch/help
 general.login=Accedere
 general.login.accessApp=Accesso con l'App AGOV access
 general.login.securityKey=Login con la chiave di sicurezza
-general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
+general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
@ -82,8 +81,8 @@ general.recovery=Ripristino
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
-general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
-general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
+general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
 general.recoveryCode.reveal=Mostri il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
@ -109,21 +108,21 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selezionare la lingua
-loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
-loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
+loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
+loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
 loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Pi&ugrave; tardi
-loainfo.startNow=Vuole iniziare il processo ora?
-loainfo.startVerification=Inizi la verificazione
+loainfo.startNow=Iniziare la procedura?
+loainfo.startVerification=Iniziare la verifica
 loainfo.title=Verificare i dati.
 login.button.label=Login
 logout.label=Logout
 logout.text=&Egrave; uscito con successo.
 mauth_usernameless.EID=Continuare con CH e-ID
 mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
-mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
-mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
+mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
+mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
 mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
 mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
 mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
@ -132,7 +131,7 @@ mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app
 mauth_usernameless.noAccount=Non ha ancora un AGOV account?
 mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
 mauth_usernameless.showQR=Visualizza il codice QR
-mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
+mauth_usernameless.startRecovery=Inizia il recupero dell'account
 mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
 mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
 method.certificate.label=Certificato
@ -207,7 +206,7 @@ policyInfo.regex.nonLetter=&#9642; non pu&ograve; contenere pi&ugrave; di {0} nu
 policyInfo.regex.numeric=&#9642; deve contenere un minimo di {0} carattere/i numerico/i.
 policyInfo.regex.upper=&#9642; deve conenere almeno {0} carattere/i maiuscolo/i.
 policyInfo.title=La password deve rispettare le seguenti direttive:
-providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
+providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
 providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
 providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
@ -215,19 +214,17 @@ providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recup
 providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
 providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
 providePhoneNumber.modal.inputLabel=Numero di telefono
 providePhoneNumber.modal.title=Ripetere il numero di telefono
 providePhoneNumber.saveButtonText=Salva
 providePhoneNumber.title=Aggiungi numero di telefono
-qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
 recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
-recovery_check_code.enterRecoveryCode=Codice di ripristino
-recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
+recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
 recovery_check_code.invalid.code=Il codice non &egrave; valido
 recovery_check_code.invalid.code.required=Codice richiesto
@ -240,17 +237,17 @@ recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
 recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
+recovery_code.banner.error=La preghiamo di rivelare il suo nuovo codice per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
-recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
+recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
+recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
 recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
-recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
+recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
 recovery_intro_email.important=Importante:
 recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
 recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
@ -260,7 +257,7 @@ recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il pr
 recovery_on_going.title=Completare il processo di ripristino.
 recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
 recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
-recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
+recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
 recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
 recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
 recovery_questionnaire_loginfactor.no=No
@ -281,13 +278,11 @@ recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o l
 recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
 recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
 recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
-recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
+recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
-recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
-recovery_start_info.title=Sta per iniziare il processo di ripristino
-reject.button.label=Rifiuta
-signup.button.label=Iscriviti
-skip.button.label=Salta
+recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
+recovery_start_info.title=Il processo di ripristino sta per iniziare.
+reject.button.label=Rifiuti
 submit.button.label=Continua
 tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
 title.login=Login
@ -296,7 +291,6 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorizzazione del client
 title.saml.failed=Error
-title.signup=Crea un account
 title.timeout.page=Logout
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
@ -13,9 +13,8 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
    "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
    "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )

-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
@ -45,8 +45,6 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
-                <field src="session" key="ch.nevis.session.domain" as="domain"/>
-                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -67,8 +65,6 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
-                <field src="session" key="ch.nevis.session.domain" as="domain"/>
-                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -1141,6 +1137,8 @@
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="SOAP:showGui" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <ResultCond name="default" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="ok" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User" startOver="true"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="showGui" next="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPostProcessing"/>
@ -1159,12 +1157,6 @@
            <property name="detaillevel.default" value="EXCLUDE"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="detaillevel.user" value="MEDIUM"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="detaillevel.profile" value="MEDIUM"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="detaillevel.role" value="LOW"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="forceDataReload" value="true"/>
        </AuthState>
        <AuthState name="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPasswordChange" class="ch.nevis.idm.authstate.IdmChangePasswordState" final="false">
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
@ -1242,7 +1234,7 @@
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
                    <GuiElem name="isiwebnewpw2" type="pw-text" label="prompt.newpassword.confirm"/>
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-                    <GuiElem name="submit" type="submit" label="submit.button.label"/>
+                    <GuiElem name="submit" type="submit" label="button.submit"/>
                </Gui>
            </Response>
            <propertyRef name="nevisIDM_Connector"/>
@ -1350,6 +1342,4 @@
            <property name="generateNow" value="true"/>
        </AuthState>
    </AuthEngine>
-    <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
-    <RESTService name="ManagementService" class="ch.nevis.esauth.rest.service.session.ManagementService"/>
 </esauth-server>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
@ -16,6 +16,12 @@ Configuration:
      level: "INFO"
    - name: "EsAuthStart"
      level: "INFO"
+    - name: "org.apache.catalina.loader.WebappClassLoader"
+      level: "FATAL"
+    - name: "org.apache.catalina.startup.HostConfig"
+      level: "ERROR"
+    - name: "ch.nevis.esauth.events"
+      level: "FATAL"
    - name: "AGOVOP-ACCT"
      level: "INFO"
    - name: "AGOVOP-IDENT"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
@ -1,5 +1,4 @@
 otel.service.name = auth
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
@ -16,4 +16,3 @@ spec:
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQD2rG9y4zmGttpC7TICcclzAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTEyN1oXDTI2MDUxNzE0\nNTEyN1owVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKBPRMnOhPbVwYUNgEt5ZaC+\nUqqCEqr8EsFfvespgBUpNYByoZWCT1K/iCoG9I7DLzNsrHIJ+HSy2hTXD15naOmb\nQout/E0Lh8sMaA7vx0oWJs9YKkQY3TnHqL8CEU3s/Ko3cylYBhsyjxJv/qqpJIsk\nVSMPmr8A1zh55sOmGzsb09aV0rxe4Z6/N0GH9lHyWsIXFRxSIpmtnYmXc1VKE0a5\n8Nxi4sVePN3phhM7YpW9E/XhCgZ2bie832K99A92Ui9qF7ZVKIrqNt4rfvbUWqch\nKFSsk3prslkAC4fmJ8U+DgpkfG0ihgw7u8BSlu9R/tTVT6eCQiBgoK+U3dZKMwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQCJJwGCbarhhgJ10hQxup5l6VTVa8S5orf1kUQX\nkGYLqgIhANYdMwH8gPzck432bomVRXRVHqbvUIny7/mIRFJGvlne\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwjCCAmigAwIBAgIQQ5naR3IENaVymFpP7DHo3DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTExOVoXDTI2MDUxNzE0\nNTExOVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WQDdm5K7sjpnUGVeWU7MkuN\nfpzGoMBpzgrF0qyOInN0sE7WLuOmbrqQ94hPNcdX5wQ1m+UGj0TCsay+un/vPBWT\nNpj68WUnRD6rIbs14bTGAHZkQ+mYbWfidTUg4cw8WzmSpyTMwAxDEVmUneQjTkDK\nTD8N8kNrYG42ZH6tkRakuYX5gXE26eH2NaAAMFP6b5kfX8idV1WbVjFHdq7PdfQg\njwtVNCn74RbMT8cBBAww/C2K3RAogTuWe8dloItmpK5y8boYyKsOiFFg1OzV9p+L\ndN5tLoiUHnPvRRbGcOua4fvJJXgFEB943Wo1EGRlDEmYQ1YpvGvgukm3LPvbCwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0gAMEUCIFJuHTAtp3mPsEk3G90t6PCY46Kc1AejyqcCP4Gt\nan3CAiEA9inWU6SwPd9pWf7hs9FUIGMZonwHgx66Q9qKdeTnjy0=\n-----END CERTIFICATE-----\n"
-  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2505.5"
-  gitInitVersion: "1.4.0"
+  version: "8.2411.3"
+  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -40,14 +40,13 @@ spec:
    management:
      httpGet:
        path: "/health"
-      initialDelaySeconds: 60
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
+    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -2,14 +2,6 @@
 web.gui.languages.default=de
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
-# source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.min=5
-# source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.max=10
-# source: pattern://0d4bbba28a4a76094d41df81
-database.connection.max.lifetime=1800
-# source: pattern://0d4bbba28a4a76094d41df81
-database.connection.max.idle.time=600
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.username=adndbadmin
 # source: pattern://0d4bbba28a4a76094d41df81
@ -61,6 +53,10 @@ application.modules.event.repeat.count=-1
 # source: pattern://0116b3002d0e713e23e6be72
 application.modules.provisioning.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.max=10
+# source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.min=5
+# source: pattern://0116b3002d0e713e23e6be72
 database.connection.xa.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
 database.transaction.timeout=60
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
@ -1,5 +1,4 @@
 otel.service.name = idm-job
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
@ -1,27 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisDatabase"
-metadata:
-  name: "idm"
-  namespace: "adn-agov-nevisidm-admin-01-uat"
-  labels:
-    deploymentTarget: "idm"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
-    patternId: "ca0629d86201d4c4ac857d60"
-spec:
-  type: "NevisIDM"
-  databaseType: "MariaDB"
-  version: "8.2505.5"
-  url: "mariadb-agov-uat.mariadb.database.azure.com"
-  port: 3306
-  ssl: true
-  database: "nevisidm_uat"
-  bootstrap: true
-  migrate: true
-  rootCredentials:
-    name: "root-adn-agov-nevisidm-admin-01-uat-idm"
-    namespace: "adn-agov-nevisidm-admin-01-uat"
-  podSecurity:
-    policy: "baseline"
-    automountServiceAccountToken: false
-  timeZone: "Europe/Zurich"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -16,4 +16,3 @@ spec:
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQD2rG9y4zmGttpC7TICcclzAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTEyN1oXDTI2MDUxNzE0\nNTEyN1owVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKBPRMnOhPbVwYUNgEt5ZaC+\nUqqCEqr8EsFfvespgBUpNYByoZWCT1K/iCoG9I7DLzNsrHIJ+HSy2hTXD15naOmb\nQout/E0Lh8sMaA7vx0oWJs9YKkQY3TnHqL8CEU3s/Ko3cylYBhsyjxJv/qqpJIsk\nVSMPmr8A1zh55sOmGzsb09aV0rxe4Z6/N0GH9lHyWsIXFRxSIpmtnYmXc1VKE0a5\n8Nxi4sVePN3phhM7YpW9E/XhCgZ2bie832K99A92Ui9qF7ZVKIrqNt4rfvbUWqch\nKFSsk3prslkAC4fmJ8U+DgpkfG0ihgw7u8BSlu9R/tTVT6eCQiBgoK+U3dZKMwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQCJJwGCbarhhgJ10hQxup5l6VTVa8S5orf1kUQX\nkGYLqgIhANYdMwH8gPzck432bomVRXRVHqbvUIny7/mIRFJGvlne\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwjCCAmigAwIBAgIQQ5naR3IENaVymFpP7DHo3DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTExOVoXDTI2MDUxNzE0\nNTExOVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WQDdm5K7sjpnUGVeWU7MkuN\nfpzGoMBpzgrF0qyOInN0sE7WLuOmbrqQ94hPNcdX5wQ1m+UGj0TCsay+un/vPBWT\nNpj68WUnRD6rIbs14bTGAHZkQ+mYbWfidTUg4cw8WzmSpyTMwAxDEVmUneQjTkDK\nTD8N8kNrYG42ZH6tkRakuYX5gXE26eH2NaAAMFP6b5kfX8idV1WbVjFHdq7PdfQg\njwtVNCn74RbMT8cBBAww/C2K3RAogTuWe8dloItmpK5y8boYyKsOiFFg1OzV9p+L\ndN5tLoiUHnPvRRbGcOua4fvJJXgFEB943Wo1EGRlDEmYQ1YpvGvgukm3LPvbCwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0gAMEUCIFJuHTAtp3mPsEk3G90t6PCY46Kc1AejyqcCP4Gt\nan3CAiEA9inWU6SwPd9pWf7hs9FUIGMZonwHgx66Q9qKdeTnjy0=\n-----END CERTIFICATE-----\n"
-  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2505.5"
-  gitInitVersion: "1.4.0"
+  version: "8.2411.3"
+  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -40,19 +40,15 @@ spec:
    management:
      httpGet:
        path: "/health"
-      initialDelaySeconds: 60
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-535a1c58f3e972bdefb25ae1db1c6e392665da01"
+    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
    credentials: "git-credentials"
-  database:
-    name: "idm"
-    requiredVersion: "8.2505.5"
  keystores:
  - "idm-default-identity"
  truststores:
@ -64,4 +60,5 @@ spec:
  timeZone: "Europe/Zurich"
  secrets:
    secret:
+    - "a2068eb83a60702322c13949-27ed70d3"
    - "c418560f50e0332d087e85bf-89ec31e5"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -2,18 +2,10 @@
 web.gui.languages.default=de
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
-# source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.min=5
-# source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.max=10
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.max.lifetime=1800
+database.connection.username=adndbadmin
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.max.idle.time=600
-# source: pattern://ca0629d86201d4c4ac857d60
-database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser}
-# source: pattern://ca0629d86201d4c4ac857d60
-database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword}
+database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
@ -67,6 +59,10 @@ application.modules.reporting.characterencoding=ISO-8859-1
 # source: pattern://fe4a248ac7b092a6a80624f1
 application.modules.reporting.separator=;
 # source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.max=10
+# source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.min=5
+# source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.xa.enabled=false
 # source: pattern://fe4a248ac7b092a6a80624f1
 web.gui.facing.cache.size=10000
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
@ -1,5 +1,4 @@
 otel.service.name = idm
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisLogrend"
  replicas: 1
-  version: "8.2505.5"
-  gitInitVersion: "1.4.0"
+  version: "8.2411.2"
+  gitInitVersion: "1.3.0"
  runAsNonRoot: true
  ports:
    server: 8988
@ -38,14 +38,13 @@ spec:
  startupProbe:
    server:
      tcpSocket: true
-      initialDelaySeconds: 30
      periodSeconds: 5
      timeoutSeconds: 4
-      failureThreshold: 30
+      failureThreshold: 50
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
+    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend"
    credentials: "git-credentials"
  podSecurity:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
@ -10,5 +10,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
@ -1,5 +1,3 @@
-
 ico=image/x-icon
-json=application/json
 woff=font/woff
 woff2=font/woff2
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
@ -1,5 +1,4 @@
 otel.service.name = logrend
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
@ -58,7 +58,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld
+general.fieldRequired=Erforderliches Feld.
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -76,8 +76,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -109,8 +109,8 @@ loainfo.startVerification=Verifikation starten
 loainfo.title=Verifizieren Sie Ihre Daten
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht de
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV-op-Onboarding
 op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -164,19 +164,17 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
-qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode
-recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
@ -58,7 +58,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld
+general.fieldRequired=Erforderliches Feld.
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -76,8 +76,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -109,8 +109,8 @@ loainfo.startVerification=Verifikation starten
 loainfo.title=Verifizieren Sie Ihre Daten
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht de
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV-op-Onboarding
 op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -164,19 +164,17 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
-qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode
-recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
@ -58,7 +58,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required
+general.fieldRequired=Field required.
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -76,8 +76,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
-loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
+loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -109,8 +109,8 @@ loainfo.startVerification=Start verification
 loainfo.title=Verify your data
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
+mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=If you are using AGOV, and your account doesn't mee
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV op on-boarding
 op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
-providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -164,19 +164,17 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
-qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Recovery code
-recovery_check_code.expired=Too many attempts or your recovery code has expired.
+recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -189,9 +187,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your recovery code to be able to continue.
+recovery_code.banner.error=Please reveal your new code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing recovery code
+recovery_code.newRecoveryCode=Introducing Recovery Code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
@ -1,10 +1,10 @@

 agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
 agov-ident.done.title=Termin&eacute;
-agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
+agov-ident.failed.instruction=Vous avez besoin d'un compte AGOV et de passer la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer avec succ&egrave;s l'enregistrement. Veuillez r&eacute;essayer.
 agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
 agov-ident.failed.title=V&eacute;rification requise
-agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veillez l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
 agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
 agov-ident.invalid-url.title=Lien non valide
 agov-ident.onboarding=Enregistrement et v&eacute;rification
@ -58,7 +58,7 @@ general.edit=Editer
 general.email=E-mail
 general.email.address=Adresse e-mail
 general.entryCode=Entrer le code
-general.fieldRequired=Champ requis
+general.fieldRequired=Champ requis.
 general.getStarted=D&eacute;marrer
 general.goAGOVHelp=Rendez-vous sur AGOV help
 general.goAccessApp=Login avec AGOV access
@ -76,15 +76,15 @@ general.recovery=R&eacute;cup&eacute;ration
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
-general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistr&eacute; correctement, puis essayer de le soumettre &agrave; nouveau.
+general.recoveryCode.repeatCodeModal.description=Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
 general.registerNow=Enregistrez-vous d&egrave;s maintenant!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas de compte AGOV ?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=S&eacute;lectionner la langue
-loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
-loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
 loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
 loainfo.later=Plus tard
@ -109,14 +109,14 @@ loainfo.startVerification=D&eacute;marrer la v&eacute;rification
 loainfo.title=V&eacute;rifiez vos donn&eacute;es
 mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
-mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
-mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
 mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
 mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas de compte AGOV ?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a
 op-onboarding.intro.title=D&Eacute;MARRER
 op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
 op-onboarding.process.message=Un probl&egrave;me s&rsquo;est produit. Veuillez contacter le service d&rsquo;assistance AGOV afin de demander un nouveau lien d&rsquo;enregistrement.
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
 providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
@ -164,20 +164,18 @@ providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacu
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
 providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
-qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
 recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
-recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
-recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
@ -189,7 +187,7 @@ recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV he
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
 recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
+recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
 recovery_code.validUntil=Valable jusqu'au:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
@ -58,7 +58,7 @@ general.edit=Modificare
 general.email=e-mail
 general.email.address=Indirizzo e-mail
 general.entryCode=Codice
-general.fieldRequired=Campo obbligatorio
+general.fieldRequired=Campo obbligatorio.
 general.getStarted=Iniziare
 general.goAGOVHelp=Vai ad AGOV help
 general.goAccessApp=Login con AGOV access
@ -68,7 +68,7 @@ general.help.link=https://agov.ch/help
 general.login=Accedere
 general.login.accessApp=Accesso con l'App AGOV access
 general.login.securityKey=Login con la chiave di sicurezza
-general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
+general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
@ -76,8 +76,8 @@ general.recovery=Ripristino
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
-general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
-general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
+general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
 general.recoveryCode.reveal=Mostri il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
@ -99,18 +99,18 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selezionare la lingua
-loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
-loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
+loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
+loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
 loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Pi&ugrave; tardi
-loainfo.startNow=Vuole iniziare il processo ora?
-loainfo.startVerification=Inizi la verificazione
+loainfo.startNow=Iniziare la procedura?
+loainfo.startVerification=Iniziare la verifica
 loainfo.title=Verificare i dati.
 mauth_usernameless.EID=Continuare con CH e-ID
 mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
-mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
-mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
+mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
+mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
 mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
 mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
 mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
@ -119,7 +119,7 @@ mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app
 mauth_usernameless.noAccount=Non ha ancora un AGOV account?
 mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
 mauth_usernameless.showQR=Visualizza il codice QR
-mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
+mauth_usernameless.startRecovery=Inizia il recupero dell'account
 mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
 mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
 op-admin.login=AGOV op admin
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa anc
 op-onboarding.intro.title=INIZIARE
 op-onboarding.onboarding=Registrazione AGOV op
 op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
-providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
+providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
 providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
 providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
@ -164,19 +164,17 @@ providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recup
 providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
 providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
 providePhoneNumber.modal.inputLabel=Numero di telefono
 providePhoneNumber.modal.title=Ripetere il numero di telefono
 providePhoneNumber.saveButtonText=Salva
 providePhoneNumber.title=Aggiungi numero di telefono
-qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
 recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
-recovery_check_code.enterRecoveryCode=Codice di ripristino
-recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
+recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
 recovery_check_code.invalid.code=Il codice non &egrave; valido
 recovery_check_code.invalid.code.required=Codice richiesto
@ -189,17 +187,17 @@ recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
 recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
+recovery_code.banner.error=La preghiamo di rivelare il suo nuovo codice per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
-recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
+recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
+recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
 recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
-recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
+recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
 recovery_intro_email.important=Importante:
 recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
 recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
@ -209,7 +207,7 @@ recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il pr
 recovery_on_going.title=Completare il processo di ripristino.
 recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
 recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
-recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
+recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
 recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
 recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
 recovery_questionnaire_loginfactor.no=No
@ -230,10 +228,10 @@ recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o l
 recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
 recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
 recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
-recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
+recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
-recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
-recovery_start_info.title=Sta per iniziare il processo di ripristino
+recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
+recovery_start_info.title=Il processo di ripristino sta per iniziare.
 title=NEVIS SSO Portal
 title.login=Login
 user_input.invalid.email=Inserire un'e-mail valida.
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
@ -10,42 +10,42 @@ agov-ident.invalid-url.title=Invalid Link
 agov-ident.onboarding=Registration & Verification
 agov-ident.retry=Try again
 darkModeSwitch.aria.label=Activar l'apparientscha stgira
-error_1=Controllai Vossas indicaziuns per plaschair.
-error_10=Selecziunai il conto d'utilisader correct.
-error_100=I n'&egrave; betg pussaivel da chargiar si il certificat. Quest certificat exista gia. Contactai il helpdesk.
-error_101=L'adressa d'e-mail endatada n'&egrave; betg valaivla.
-error_11=Duvrai in auter certificat u As annunziai cun in auter factur da login.
-error_2=Selecziunai in auter num d'utilisader.
-error_3=Sche la proxima autentificaziun na reussescha betg vegn Voss conto blocc&agrave;.
-error_4=Voss nov pled-clav n'&egrave; betg confurm a las directivas da segirezza. Selecziunai in auter pled-clav per plaschair.
-error_5=Sbagl da confermar il pled-clav.
-error_50=Il nov pled-clav &egrave; memia curt.
-error_55=Il nov pled-clav sto esser different da pled-clavs vegls.
-error_6=Midada d'il pled-clav &egrave; necessaria.
-error_7=Midada da la login ID &egrave; necessaria.
-error_8=Voss conto &egrave; vegn&igrave; blocc&agrave; pervia da memia bleras emprovas d'autentificaziun che n'&egrave;n betg reussidas.
-error_81=Chatt&agrave; nagina carta d'access, l'access sur l'internet &egrave; vegni refus&agrave;.
-error_83=Vossa carta d'access n'&egrave; betg pli valaivla. Contactai Voss consulent per survegnir ina nova carta d'access.
-error_9=I n'ha betg funcziun&agrave; da surpigliar la sessiun.
-error_97=Vus n'essas betg autoris&agrave; d'acceder a questa resursa.
-error_98=Voss conto &egrave; vegn&igrave; blocc&agrave;.
-error_99=Problems da sistem: Empruvai anc ina giada pli tard.
-error_9901=Vus duvrais in link da onboarding valaivel per pudair acceder a questa pagina.
-error_9902=L'adressa d'e-mail che vegn duvrada per l'autentificaziun na correspunda betg a l'adressa dad e-mail da AGOV operations. Dumandai per in nov link da onboarding.
-error_9903=L'IdP n'ans ha betg tramess ina assertion valaivla. Controllai che Vus dovrias la correcta IdP. Dumandai il support per in nov link da onboarding.
-error_9904=Voss link n'&egrave; betg pli valaivel. Controllai che Vus dovrias il link il pli actual che Vus avais survegn&igrave; d'AGOV operations. Dumandai per in nov link en cass che il problem persista vinavant.
-error_9905=I dat in problem cun Voss conto AGOV operations. Contactai per plaschair il support.
-error_9909=Igl &egrave; capit&agrave; in sbagl intern. Dumandai il support per in nov link da onboarding.
-errors.duplicateValue=Voss conto &egrave; gia colli&agrave; cun in auter access d'operaziun.
+error_1=Please check your input.
+error_10=Please select the correct user account.
+error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
+error_101=The entered email address is not valid.
+error_11=Please use another certficate or login with another credential type.
+error_2=Please select another login name.
+error_3=Your account will be locked if next authentication fails.
+error_4=Your new password does not comply with the security policy. Please choose a different password.
+error_5=Error in password confirmation.
+error_50=The new password is too short.
+error_55=The new password has to differ from old passwords.
+error_6=Password change required.
+error_7=Change of login ID required.
+error_8=Your account has been locked due to repeated authentication failures.
+error_81=No access card found, access from internet denied.
+error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
+error_9=Session take over failed.
+error_97=You are not authorized to access this resource.
+error_98=Your account has been locked.
+error_99=System problems. Please try later.
+error_9901=You need a valid on-boarding link to access this page.
+error_9902=The email used for authentication doesn't match the expected one in operations. Please ask for a new on-boarding link.
+error_9903=The used IdP didn't send us a valid assertion. Please make sure, you use the correct IdP. Ask the support for a new on-boarding link.
+error_9904=Your link is not valid anymore. Please make sure, that you are using the latest Link received from operations. Ask for a new link, if the problem persists.
+error_9905=There is a problem with your operations account. Please contact the support.
+error_9909=An internal error occured. Please ask the support for a new on-boarding link.
+errors.duplicateValue=Your account is already linked with another operations access.
 fido2_auth.cancel.fido=L'autentificaziun cun la clav da segirezza &egrave; vegnida interrutta. Controllai che Vossa clav FIDO saja registrada e che Voss e-mail saja correct.
 fido2_auth.instruction1=Cliccai sin "Vinavant"
-fido2_auth.instruction2=En curt vegn ina fanestra d'autentificaziun ad aviar
+fido2_auth.instruction2=En curt ina fanestra d'autentificaziun vegn ad aviar
 fido2_auth.instruction3=Suandai las instrucziuns
 fido2_auth.skipInstructions=Sursiglir las instrucziuns la proxima giada
-fido2_auth.switchLogin=ANNUNZIAR CUN
+fido2_auth.switchLogin=AS ANNUNZIAR CUN
 footer.link=https://agov.ch
 footer.link.label=Contact
-footer.text=Servetsch d&rsquo;autentificaziun da las autoritads svizras AGOV &ndash; Ina collavuraziun dals chantuns, lur vischnancas e l&rsquo;administraziun federala. -
+footer.text=Authentication service of Swiss authorities AGOV - a collaboration between cantons, their municipalities, and the federal administration. -
 general.AGOVAccessApp=App AGOV access
 general.accessApp=App AGOV access
 general.authenticate=Autentifitgar
@ -53,12 +53,12 @@ general.back=Enavos
 general.cancel=Interrumper
 general.confirm=Confermar
 general.contactSupport=Contactar il support
-general.continue=Vinavant
+general.continue=Cuntinuar
 general.edit=Modifitgar
 general.email=E-mail
-general.email.address=Adressa d'e-mail
-general.entryCode=Endatar il code
-general.fieldRequired=Champ obligatoric
+general.email.address=Adressa dad e-mail
+general.entryCode=Endatai il code
+general.fieldRequired=Champ obligatoric.
 general.getStarted=Cumenzar
 general.goAGOVHelp=Vinavant a AGOV help
 general.goAccessApp=Login cun AGOV access
@ -66,51 +66,51 @@ general.goToAccessApp=Cuntinuai a Vossa app AGOV access
 general.help=Agid
 general.help.link=https://agov.ch/help
 general.login=Login
-general.login.accessApp=Annunziar cun la App Access
-general.login.securityKey=Annunziar cun la clav da segirezza
+general.login.accessApp=As Annunziar cun la App Access
+general.login.securityKey=As Annunziar cun la clav da segirezza
 general.loginSecurityKey=Iniziar il login cun la clav da segirezza
 general.moreOptions=DAPLI OPTIONS
 general.or=U
-general.otherLoginMethods=Ulteriuras metodas da login
+general.otherLoginMethods=Ulteriuras methodas da registraziun
 general.recovery=Recuperaziun
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Telechargiar en furma da PDF
 general.recoveryCode.inputLabel=Code da recuperaziun
-general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai el anc ina giada.
-general.recoveryCode.repeatCodeModal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss code, al repeti qua sutvart per plaschair. In code da recuperaziun pers u betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
-general.recoveryCode.repeatCodeModal.title=Repeter il code da recuperaziun
-general.recoveryCode.reveal=Scuvrir il code da recuperaziun
+general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai anc ina giada il code.
+general.recoveryCode.repeatCodeModal.description=In code da restabiliment pers u betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto. Per verifitgar che Vus hajas arcun&agrave; correctamain Voss code, al repeti qua sutvart per plaschair.
+general.recoveryCode.repeatCodeModal.title=Repeti il code da recuperaziun
+general.recoveryCode.reveal=Revelar il code da recuperaziun
 general.recoveryOngoing=Recuperaziun betg terminada
 general.register=Registrar
 general.registerNow=As registrai ussa!
 general.registration=Registraziun
 general.registration.dontHaveAnAccountYet=N'avais Vus anc nagin account AGOV?
-general.registration.seeOptions=Mussar las metodas da registraziun
+general.registration.seeOptions=Mussar las methodas da registraziun
 general.securityKey=Clav da segirezza
 general.skip.content=Avanzar a la part principala
 general.wrongPhoneNumber=Endatai in numer da telefonin valid
-generic.auth.error.message=Igl ha d&agrave; ina interrupziun dal servetsch. Nus lavurain vidlonder.
-generic.auth.error.next.steps=Empruvai pli tard anc ina giada per plaschair. Visitai AGOV help en cass che il problem persista vinavant.
-generic.auth.error.subtitle=Insatge n'ha betg funcziun&agrave;
-generic.auth.error.title=Errur
+generic.auth.error.message=There was a service interruption. We are working on it.
+generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
+generic.auth.error.subtitle=Something went wrong
+generic.auth.error.title=Error
 language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selecziunar la lingua
-loainfo.description.200=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Quest process po durar fin 2&ndash;3 dis.
-loainfo.description.300=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Vus pudais selecziunar vossa metoda preferida en il proxim pass.
+loainfo.description.200=Ina verificaziun da Vossas datas &egrave; necessaria per acceder a questa applicaziun. Quest process po durar fin 2 u 3 dis.
+loainfo.description.300=Per acceder a questa applicaziun, stuain nus verifitgar Vossas indicaziuns cun in da dus process. Vus pudais selecziunar la metoda preferida en il proxim pass.
 loainfo.description.400=Per acceder a questa applicaziun stuais Vus inditgar Voss numer AVS.
 loainfo.helper=Vossas datas persunalas ston vegnir verifitgadas!
 loainfo.later=Pli tard
 loainfo.startNow=Vulais Vus ussa cumenzar cun il process?
-loainfo.startVerification=Cumenzar
+loainfo.startVerification=Cumenzar cun la verificaziun
 loainfo.title=Verifitgai Vossas datas
-mauth_usernameless.EID=Vinavant cun la e-ID svizra
-mauth_usernameless.banner.error=Autentificaziun interrutta. <br>Empruvai anc ina giada suenter che la pagina &egrave; rechargiada per plaschair.
-mauth_usernameless.banner.info=Scan reuss&igrave;. Cuntinuai per plaschair en l'app AGOV access.
-mauth_usernameless.banner.success=Autentificaziun reussida <br>Spetgai fin che Vus essas annunziads per plaschair.
+mauth_usernameless.EID=Cuntinuar cun la e-ID svizra
+mauth_usernameless.banner.error=Autentificaziun interrutta. <br>Empruvai anc ina giada per plaschair, suenter che la pagina &egrave; rechargiada.
+mauth_usernameless.banner.info=Scan reuss&igrave; <br>Cuntinuai per plaschair en l'app AGOV access.
+mauth_usernameless.banner.success=Autentificaziun reussida! <br>Spetgai fin che Vus essas annunziads.
 mauth_usernameless.cannotLogin=Avais Vus pers l'access a l'app / la clav da segirezza?
 mauth_usernameless.cannotLogin.accessApp=Avais Vus pers l'access a Vossa app?
 mauth_usernameless.cannotLogin.securityKey=Avais Vus pers l'access a Vossa clav da segirezza?
@ -123,40 +123,40 @@ mauth_usernameless.startRecovery=Cumenzar cun la recuperaziun dal conto
 mauth_usernameless.useSecurityKey=Duvrai ina clav da segirezza per As annunziar
 mauth_usernameless.useSecurityKeyInfo=Ina clav da segirezza fisica pussibilitescha ina annunzia segira senza telefonin.
 op-admin.login=AGOV op admin
-op-admin.login.intro.message=Login cun Voss num d'utilisader e cun Voss pled-clav
+op-admin.login.intro.message=Login with your username and password
 op-admin.login.loginid=LoginId
-op-admin.login.password=Pled-clav
+op-admin.login.password=Passwort
 op-admin.login.title=Login
 op-admin.logout=AGOV op admin
-op-admin.logout.message=Voss logout &egrave; reuss&igrave;.
-op-admin.logout.title=Deconnectar
-op-admin.pwchange.intro.message=Midada d'il pled-clav &egrave; necessaria
-op-admin.pwchange.newpassword=Nov pled-clav
-op-admin.pwchange.newpassword2=Repeter il nov pled-clav
-op-admin.pwchange.password=Pled-clav actual
-op-admin.pwchange.title=Midada d'il pled-clav
-op-idmlogin.role.accs-mgmt-idm=Management dals dretgs d'access IDM
-op-idmlogin.role.accs-mgmt-nonidm=Management dals dretgs d'access
+op-admin.logout.message=You have successfully logged out.
+op-admin.logout.title=Logout
+op-admin.pwchange.intro.message=Password change required
+op-admin.pwchange.newpassword=New password
+op-admin.pwchange.newpassword2=Repeat new password
+op-admin.pwchange.password=Current password
+op-admin.pwchange.title=Password Change
+op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
+op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
 op-idmlogin.role.idmcfg-mgmt=IDM set-up
-op-idmlogin.role.readonly-access=Access da standard (mo dretgs da leger)
-op-idmlogin.role.support-basic=Cas da support (recuperaziun, …)
-op-idmlogin.role.support-priv=Support dal 3. nivel (archivaziun, deconnecziuns)
-op-idmlogin.role.usr-mgmt=Administraziun dals utilisaders (operations)
-op-idmlogin.role.usr-unit-mgmt=Administraziun dals utilisaders e da l'organisaziun (operations)
+op-idmlogin.role.readonly-access=Default access (readonly)
+op-idmlogin.role.support-basic=Support cases (recovery, ...)
+op-idmlogin.role.support-priv=3rd level support (archiving, off-boarding)
+op-idmlogin.role.usr-mgmt=User management (operations)
+op-idmlogin.role.usr-unit-mgmt=User and organization management (operations)
 op-idmlogin.select=AGOV idm
-op-idmlogin.select.intro=Selecziunai in d'ils profils suandants per plaschair...
-op-idmlogin.select.note=Ils profils marcads cun * duessan mo vegnir duvrads per tschertas incumbensas da support u da release.
-op-idmlogin.select.title=Selecziun dal profil
-op-onboarding.done.message=Il onboarding &egrave; reuss&igrave;. Vus pudais ussa duvrar Voss access AGOV operations. Serrai il browser per plaschair avant che acceder ad AGOV operations.
-op-onboarding.done.title=FIN&Igrave;
-op-onboarding.failed.title=ERRUR
-op-onboarding.intro.message1=Per concluder la registraziun da Voss access AGOV operations duvrais Vus in conto AGOV u in conto FED-LOGIN.
-op-onboarding.intro.message2=Suenter avair clicc&agrave; sin &laquo;Vinavant&raquo; vegnis Vus dirig&igrave; a l'autentificaziun.
-op-onboarding.intro.message3=Sche Vus utilisais AGOV ed il conto na correspunda anc betg al nivel dad AGOVaq necessari, survegnis Vus la pussaivladad da cumenzar la verificaziun d'identitad che &egrave; necessaria.
+op-idmlogin.select.intro=Please select one of the profiles below...
+op-idmlogin.select.note=Profiles marked with a * should only be used if required for a specific support or release tasks.
+op-idmlogin.select.title=Profile selection
+op-onboarding.done.message=On-boarding was successfull. You can now use your AGOV operations access. Please close the browser, before accessing on of the operations application.
+op-onboarding.done.title=DONE
+op-onboarding.failed.title=ERROR
+op-onboarding.intro.message1=To complete your on-boarding for your AGOV operations access, you need either an AGOV or a FED-LOGIN account.
+op-onboarding.intro.message2=After clicking on "Continue", you will be redirected for authentication.
+op-onboarding.intro.message3=If you are using AGOV, and your account doesn't meet yet the required AGOVaq level, you will be given the possibility to start the required ID verification.
 op-onboarding.intro.title=START
-op-onboarding.onboarding=AGOV op onboarding
-op-onboarding.process.message=Igl ha d&agrave; in sbagl. Contactai il support dad AGOV e dumandai per in nov link da registraziun, sche necessari.
-providePhoneNumber.banner=Il numer da telefonin sto esser capabel da retschaiver SMS. El na vegn betg duvr&agrave; per As contactar.
+op-onboarding.onboarding=AGOV op on-boarding
+op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
+providePhoneNumber.banner=Il numer da telefonin sto esser capabla da retschaiver SMS. <br>Quest numer da telefonin na vegn betg duvr&agrave; per As contactar.
 providePhoneNumber.description=AGOV pussibilitescha ussa la recuperaziun cun agid dal numer da telefonin. Durant la recuperaziun pudais Vus ussa cuntinuar cun in SMS, en cas che Vus avais pers Voss code da recuperaziun.
 providePhoneNumber.errorBanner=Ils numers da telefonin na correspundan betg in a l'auter. Empruvai danovamain per plaschair.
 providePhoneNumber.inputLabel=Numer da telefonin (opziunal)
@ -164,58 +164,56 @@ providePhoneNumber.laterModal.description1=Senza numer da telefonin po la recupe
 providePhoneNumber.laterModal.description2=Agiuntar in numer da telefonin pussibilitescha ina recuperaziun da Voss conto en paucas minutas.
 providePhoneNumber.laterModal.description3=Quest numer da telefonin na vegn betg duvr&agrave; per As contactar.
 providePhoneNumber.laterModal.title=Cuntinuar senza numer da telefonin?
-providePhoneNumber.modal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss numer da telefonin, al repeti qua sutvart per plaschair. In numer da telefonin betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
+providePhoneNumber.modal.description=In numer da telefonin che n'&egrave; betg vegn&igrave; arcun&agrave; correctamain, po difficultar la recuperaziun da Voss conto. Per verifitgar che Vus hajas arcun&agrave; correctamain Voss numer da telefonin, al repeti qua sutvart per plaschair.
 providePhoneNumber.modal.inputLabel=Numer da telefonin
-providePhoneNumber.modal.title=Reper il numer da telefonin
+providePhoneNumber.modal.title=Repeti il numer da telefonin
 providePhoneNumber.saveButtonText=Arcunar
 providePhoneNumber.title=Inditgar in numer da telefonin
-qrCode.label=Cliccai per avrir il code QR en ina fanestra separada.
-recovery_accessapp_auth.accessAppRegistered=App AGOV access gia registrada
-recovery_accessapp_auth.instruction1=Vus avais gia registr&agrave; ina nova app AGOV access !!!ACCESS_APP_NAME!!! durant il process da recuperaziun.
-recovery_accessapp_auth.instruction2=Utilisai per plaschair !!!ACCESS_APP_NAME!!! per As identifitgar.
-recovery_check_code.banner.lockedError=Memia bleras emprovas d'endataziun nunvalaivlas. Empruvai anc ina giada en intginas minutas.
-recovery_check_code.codeIncorrect=Il code endat&agrave; n'&egrave; betg correct. Empruvai anc ina giada.
-recovery_check_code.enterRecoveryCode=Code da recuperaziun
-recovery_check_code.expired=Memia bleras emprovas u Voss code da recuperaziun &egrave; scad&igrave;.
-recovery_check_code.instruction=Endatai qua sutvart Voss code da recuperaziun persunal cun 12 cifras. Vus avais survegn&igrave; il code da recuperaziun en ina datoteca PDF a chaschun da la registraziun u en AGOV me.
-recovery_check_code.invalid.code=Il code &egrave; nunvalaivel
-recovery_check_code.invalid.code.required=Code necessari
-recovery_check_code.invalid.code.tooLong=Il code &egrave; memia lung
-recovery_check_code.noAccess=Jau n'hai betg access a mes code
-recovery_check_code.noCodeAccess=Essas Vus segirs che Vus n'avais betg access a Voss code da recuperaziun?
-recovery_check_code.noCodeAccessInstructions=Sche Vus avais pers access a Voss code da recuperaziun giai ad AGOV help per contactar insatgi d'il support dad AGOV. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
-recovery_check_code.too_many_tries.instruction1=Il code da recuperaziun che Vus avais endat&agrave; &egrave; eventualmain scad&igrave; u Vuss avais empruv&agrave; da l'endatar memia bleras giadas.
-recovery_check_code.too_many_tries.instruction2=Giai per plaschair ad AGOV help per contactar insatgi d'il support. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
-recovery_check_noCode.banner.error=Memia bleras emprovas.
-recovery_check_noCode.instruction1=Vuss avais eventualmain empruv&agrave; da endatar il code da recuperaziun memia bleras giadas.
-recovery_check_noCode.instruction2=Serrai per plaschair il browser da web e cumenzai anc ina giada cun la recuperaziun da Voss conto en 10 minutas a <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Scuvrir Voss code da recuperaziun per pudair cuntinuar.
-recovery_code.instruction=Il code da recuperaziun As permetta d'acceder a Voss conto en cas che Vus avais pers tut Voss facturs da login. Tegnai en salv quest code da recuperaziun en in lieu segir per plaschair.
-recovery_code.newRecoveryCode=Introducziun dal code da recuperaziun
-recovery_code.validUntil=Valaivel enfin:
-recovery_fidokey_auth.button=Cumenzar la autentificaziun da clav
-recovery_fidokey_auth.fidoInstruction=Cliccai sin &laquo;Cumenzar la autentificaziun da clav&raquo;
-recovery_fidokey_auth.instruction1=Vus avais gia registr&agrave; ina nova clav da segirezza !!!SECURITY_KEY_NAME!!! durant il process da recuperaziun.
-recovery_fidokey_auth.instruction2=Utilisai per plaschair !!!SECURITY_KEY_NAME!!! e suandai ils pass qua sutvart per As identifitgar.
-recovery_fidokey_auth.keyRegistered=Clav da sgirezza gia registrada
-recovery_intro_email.banner.error=Il link che Vus avais duvr&agrave; &egrave; scad&igrave;. Endatai Vossa adressa d'e-mail per survegnir in nov link.
-recovery_intro_email.banner.info=Inditgai Vossa adressa d'e-mail. Nus As tramettain in link cun il qual Vus pudais cumenzar cun il process da recuperaziun.
+recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
+recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
+recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
+recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
+recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
+recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
+recovery_check_code.invalid.code=The code is invalid
+recovery_check_code.invalid.code.required=Code required
+recovery_check_code.invalid.code.tooLong=The code is too long
+recovery_check_code.noAccess=I do not have access to my code
+recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
+recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
+recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
+recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
+recovery_check_noCode.banner.error=Too many attempts.
+recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
+recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.validUntil=Valid until:
+recovery_fidokey_auth.button=Start key authentication
+recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
+recovery_fidokey_auth.instruction1=You have already registered a new security key !!!SECURITY_KEY_NAME!!! as part of the recovery process.
+recovery_fidokey_auth.instruction2=Please use !!!SECURITY_KEY_NAME!!! to follow the steps below to identify you.
+recovery_fidokey_auth.keyRegistered=Security key already registered
+recovery_intro_email.banner.error=Il link che Vus avais duvr&agrave; &egrave; scad&igrave;. Endatai Vossa adressa dad e-mail per survegnir in nov link.
+recovery_intro_email.banner.info=Inditgai Vossa adressa dad e-mail. Nus As tramettain in link, cun il qual Vus pudais cumenzar cun il process da recuperaziun.
 recovery_intro_email.important=Impurtant:
-recovery_intro_email.process=Il process da recuperaziun duess mo vegnir duvr&agrave; en cas che Vus avais pers l'access a Voss facturs da login (stizz&agrave; l'app AGOV access, pers la clav da segirezza, pers il telefonin etc.).
+recovery_intro_email.process=Il process da restabiliment duess mo vegnir duvr&agrave; en cas che Vus avais pers l'access a Voss facturs da login (stizz&agrave; l'app AGOV access, pers la clav da segirezza, pers il telefonin etc.).
 recovery_intro_email_sent.banner.button=N'avais betg retschav&igrave; il e-mail?
 recovery_intro_email_sent.banner.success=Grazia fitg! Proximamain vegnis Vus a retschaiver in e-mail cun in link da recupraziun ed instrucziuns.
-recovery_on_going.finishRecovery=Concluder la recuperaziun
-recovery_on_going.instruction=In process da recuperaziun &egrave; en curs. Il process da recuperaziun po cumpigliar ina verificaziun d'identitad. Per avair access ad applicaziuns cun Voss AGOV-Login, stuais Vus terminar la verificaziun d'identitad.
-recovery_on_going.title=Concludai Voss process da recuperaziun per plaschair.
+recovery_on_going.finishRecovery=Finish recovery
+recovery_on_going.instruction=You have an ongoing recovery process. Part of the recovery process can include an identity verification. To access applications with your AGOV-Login you need to finish the identity verification as well.
+recovery_on_going.title=Please finish your recovery process.
 recovery_questionnaire_instructions.banner.info=Resguardai che en tscherts cas stuais Vus avair access a Voss code da recuperaziun per che la recupraziun po reussir.
 recovery_questionnaire_instructions.explanation=Sin basa da Vossas respostas pari d'esser necessari da recuperar Voss login AGOV. Cliccai sin Vinavant e suandai las instrucziuns sin il monitur.
-recovery_questionnaire_instructions.instruction1=Inditgai l'adressa d'e-mail da Voss login AGOV. Nus As tramettain in link cun il qual Vus pudais cumenzar il process da recuperaziun
+recovery_questionnaire_instructions.instruction1=Inditgai l'adressa dad e-mail da Voss login AGOV. Nus As tramettain in link, cun il qual Vus pudais cumenzar il process da recuperaziun
 recovery_questionnaire_instructions.instruction2=Suandai ils pass per recuperar Voss conto (ils pass varieschan tenor il nivel da verificaziun da Voss conto)
-recovery_questionnaire_loginfactor.banner.error=Selecziunai ina resposta per plaschair.
+recovery_questionnaire_loginfactor.banner.error=Per plaschair selecziunai ina resposta.
 recovery_questionnaire_loginfactor.no=Na
 recovery_questionnaire_loginfactor.question=Avais Vus registr&agrave; pli che in factur da login (app AGOV access u clav da segirezza) per Voss login AGOV?
 recovery_questionnaire_loginfactor.yes=Gea
-recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari betg d'esser necessari da recuperar Voss login AGOV per il mument.
+recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari per il mument betg d'esser necessari da recuperar Voss login AGOV.
 recovery_questionnaire_no_recovery.explanation2=Sche Vus duvrais ulteriuras infurmaziuns, consultai <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per artitgels da support.
 recovery_questionnaire_no_recovery.instruction1=Sche Vus avais difficultads d'As annunziar per in'applicaziun, visitai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifitgai sche Vus As pudais annunziar cun success.
 recovery_questionnaire_no_recovery.instruction2=Sche Vus avais registr&agrave; plirs facturs da login, ma avais pers l'access ad in dad els, consultai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per stizzar il factur da login pers.
@ -229,11 +227,11 @@ recovery_questionnaire_reason_selection.answer6=Jau hai emblid&agrave; il PIN pe
 recovery_questionnaire_reason_selection.answer7=Jau hai mias clavs da segirezza u mias apps, hai dentant g&igrave; problems da m'annunziar
 recovery_questionnaire_reason_selection.answer8=Jau hai pers l'access a tut mias clavs da segirezza ed apps AGOV
 recovery_questionnaire_reason_selection.answer9=Jau hai problems cun in da mes facturs da login (stizz&agrave;, mess enavos, PIN emblid&agrave;)
-recovery_questionnaire_reason_selection.banner.error=Selecziunai in motiv per plaschair.
-recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv pertge che Vus cumenzais il process da recuperaziun:
+recovery_questionnaire_reason_selection.banner.error=Per plaschair selecziunai in motiv.
+recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv, pertge che Vus cumenzais il process da recuperaziun:
 recovery_start_info.banner.warning=Vus na pudais betg utilisar Voss conto, fin ch'il process da recuperaziun &egrave; termin&agrave;.
-recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain er far in process da verificaziun per pudair terminar il process da recuperaziun.
+recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain er far in process da verificaziun per pudair terminar il process da restabiliment.
 recovery_start_info.title=Vus essas vidlonder da cumenzar cun il process da recuperaziun
-user_input.invalid.email=Endatai in'adressa d'e-mail valida
+user_input.invalid.email=Endatai in'adressa dad e-mail valida
 user_input.invalid.email.required=Champ obligatoric
 user_input.invalid.email.tooLong=Il text endat&agrave; e memia lung
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
@ -1,10 +0,0 @@
-<svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g clip-path="url(#clip0)">
-<path d="M13.9697 17.2808C12.9941 18.2276 11.9177 18.08 10.8917 17.6336C9.80091 17.1782 8.80371 17.1494 7.65171 17.6336C6.21711 18.2528 5.45571 18.0728 4.59171 17.2808C-0.28628 12.2588 0.433719 4.60879 5.97771 4.32079C7.32231 4.39279 8.26371 5.06419 9.05571 5.11999C10.2329 4.88059 11.3597 4.19479 12.6197 4.28479C14.1335 4.40719 15.2657 5.00479 16.0217 6.07938C12.9077 7.95138 13.6457 12.0554 16.5059 13.2074C15.9335 14.7104 15.1991 16.1954 13.9679 17.2934L13.9697 17.2808ZM8.94771 4.26679C8.80191 2.03479 10.6109 0.198798 12.6917 0.0187988C12.9779 2.59279 10.3517 4.51879 8.94771 4.26679Z" fill="#1F2F33"/>
-</g>
-<defs>
-<clipPath id="clip0">
-<rect width="15.156" height="18" fill="white" transform="translate(1.3335)"/>
-</clipPath>
-</defs>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
@ -66,7 +66,7 @@ const Status = {
 };

 function setDeepLinkLabel(button) {
-    const text = document.getElementById('info.login.access_app').innerText;
+    const text = document.getElementsByName('info.deeplink')[0].value;
    button.innerHTML = text;
 }

@ -80,13 +80,7 @@ function messageCheckPhone() {
    infoElement.innerHTML = text;
 }

-function showError() {
-    const text = document.getElementsByName('error.authcloud.login')[0].value;
-    errorElement.innerHTML = text;
-    infoElement.style.display = "none";
-}
-
-const AccessAppElement = {
+const Element = {

    _elem: null, // QR code or deep link depending on device

@ -97,11 +91,8 @@ const AccessAppElement = {
        if (isAndroid || isIphone) {
            this._elem = document.createElement('a');
            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary w-100 mt-4');
+            this._elem.setAttribute('class', 'btn btn-primary');
            this._elem.setAttribute('target', '_blank');
-            // distinguishes style for platforms
-            dispatcherElement.classList.add('mobile-platform');
-
            dispatcherElement.appendChild(this._elem);
            setDeepLinkLabel(this._elem);
        }
@ -112,23 +103,13 @@ const AccessAppElement = {
            }
            else {
                messageScanQR();
-                const qrSize = 280;
-                // Element to render the QR code
                this._elem = document.createElement('canvas');
-                // Wrapper div to render corners
-                const qrCodeWrapper = document.createElement('div');
-                qrCodeWrapper.setAttribute('id','qr-code-wrapper');
-                qrCodeWrapper.style.width = `${qrSize}px`;
-                qrCodeWrapper.style.height = `${qrSize}px`;
-                qrCodeWrapper.appendChild(this._elem)
-                dispatcherElement.style.height = `${qrSize}px`;
-                dispatcherElement.appendChild(qrCodeWrapper);
-                const qrcode = new QRious({
+                dispatcherElement.appendChild(this._elem);
+                var qrcode = new QRious({
                  element: this._elem,
-                  // use --nevis-gray-900 CSS variable value
-                  foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
+                  foreground: "#168CA9",
                  level: "M",
-                  size: qrSize,
+                  size: 280,
                  value: appLink
                });
            }
@ -144,31 +125,20 @@ const AccessAppElement = {
 };

 function authenticateUser(appLink) {
-
-    AccessAppElement.show(appLink);
-
-    console.log('Starting Auth Cloud status polling...');
-
+    Element.show(appLink);
+    console.log('Starting Authentication Cloud status polling...');
    Status.startPolling(statusToken, (st, done) => {
-
        if (st.status === 'succeeded') {
-
-            console.log('Auth Cloud success.');
-
-            // auto submit form with outcome
+            console.log('Authentication Cloud login done.');
            submitStatus('succeeded')
        }
        else if (st.status === 'failed') {
-
            // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Auth Cloud login failed. User abort or timeout.');
-
+            console.warn('Authentication Cloud login failed. User abort or timeout.');
            submitStatus('failed')
        }
        else if (st.status === 'unknown') {
-
-            console.error('Auth Cloud login failed. Unknown status.');
-
+            console.error('Authentication Cloud login failed. Unknown status.');
            submitStatus('unknown')
        }
    });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
@ -75,12 +75,7 @@ function messageScanQR() {
    infoElement.innerHTML = text;
 }

-function messageInstalledAccessApp() {
-  const text = document.getElementById('info.access_app.installed').innerText;
-  infoElement.innerHTML = text;
-}
-
-const AccessAppElement = {
+const Element = {

    _elem: null, // QR code or deep link depending on device

@ -89,47 +84,22 @@ const AccessAppElement = {
        const isIphone = 'iPhone' === navigator.platform;
        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
        if (isAndroid || isIphone) {
-            if (isAndroid) {
-                document.getElementById('install_apple').style.display = 'none';
-            }
-            if (isIphone) {
-                document.getElementById('install_google').style.display = 'none';
-            }
            this._elem = document.createElement('a');
            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary w-100');
+            this._elem.setAttribute('class', 'btn btn-primary');
            this._elem.setAttribute('target', '_blank');
-            // distinguishes style for platforms
-            dispatcherElement.classList.add('mobile-platform');
-            const accessApplinks = document.getElementById('access-app-download-link');
-            accessApplinks.classList.add('access-app-download-link-mobile-spacing');
-
            dispatcherElement.appendChild(this._elem);
            setDeepLinkLabel(this._elem);
-
-            // info text is displayed before access app links
-            accessApplinks.parentNode.insertBefore(infoElement.parentNode, accessApplinks);
-            messageInstalledAccessApp();
        }
        else {
            messageScanQR();
-            const qrSize = 280;
-            // Element to render the QR code
            this._elem = document.createElement('canvas');
-            // Wrapper div to render corners
-            const qrCodeWrapper = document.createElement('div');
-            qrCodeWrapper.setAttribute('id','qr-code-wrapper');
-            qrCodeWrapper.style.width = `${qrSize}px`;
-            qrCodeWrapper.style.height = `${qrSize}px`;
-            qrCodeWrapper.appendChild(this._elem)
-            dispatcherElement.style.height = `${qrSize}px`;
-            dispatcherElement.appendChild(qrCodeWrapper);
-            const qrcode = new QRious({
+            dispatcherElement.appendChild(this._elem);
+            var qrcode = new QRious({
              element: this._elem,
-              // use --nevis-gray-900 CSS variable value
-              foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
+              foreground: "#168CA9",
              level: "M",
-              size: qrSize,
+              size: 280,
              value: appLink
            });
        }
@ -144,47 +114,25 @@ const AccessAppElement = {
 };

 function onboardUser(appLink) {
-
-    AccessAppElement.show(appLink);
-
-    console.log('Starting Auth Cloud status polling...');
-
+    Element.show(appLink);
+    console.log('Starting Authentication Cloud status polling...');
    Status.startPolling(statusToken, (st, done) => {
-
        if (st.status === 'succeeded') {
-
-            console.log('Auth Cloud success.');
-
-            // auto submit form with outcome
+            console.log('Authentication Cloud onboarding done.');
            submitStatus('succeeded')
        }
        else if (st.status === 'failed') {
-
            // failed: The transaction failed, either by timeout or because the user did not accept.
            console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
-
            submitStatus('failed')
        }
        else if (st.status === 'unknown') {
-
            console.error('Authentication Cloud onboarding failed. Unknown status.');
-
            submitStatus('unknown')
        }
    });
 }

-const swap = function (nodeA, nodeB) {
-    const parentA = nodeA.parentNode;
-    const siblingA = nodeA.nextSibling === nodeB ? nodeA : nodeA.nextSibling;
-
-    // Move `nodeA` to before the `nodeB`
-    nodeB.parentNode.insertBefore(nodeA, nodeB);
-
-    // Move `nodeB` to before the sibling of `nodeA`
-    parentA.insertBefore(nodeB, siblingA);
-};
-
 function init() {

    const form = document.getElementById('authcloud_onboard');
@ -197,9 +145,6 @@ function init() {

    dispatcherElement = document.getElementById('authcloud_dispatch');

-    // info texts are displayed underneath QR code
-    swap(infoElement.parentNode, dispatcherElement.parentNode);
-
    const appLink = form.appLink.value;
    onboardUser(appLink);
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap-theme.min.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap-theme.min.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12.6667 6L8 10.6667L3.33333 6" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-  <path d="M6 3.33332L10.6667 7.99999L6 12.6667" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
@ -1,27 +0,0 @@
-function copyToClipboard(containerid) {
-  if (document.selection) {
-    var range = document.body.createTextRange();
-    range.moveToElementText(document.getElementById(containerid));
-    range.select().createTextRange();
-    document.execCommand("copy");
-  } else if (window.getSelection) {
-    var range = document.createRange();
-    range.selectNode(document.getElementById(containerid));
-    window.getSelection().addRange(range);
-    document.execCommand("copy");
-  }
-
-  // clear selection
-  if (window.getSelection) {
-    if (window.getSelection().empty) {
-      // Chrome
-      window.getSelection().empty();
-    } else if (window.getSelection().removeAllRanges) {
-      // Firefox
-      window.getSelection().removeAllRanges();
-    }
-  } else if (document.selection) {
-    // IE
-    document.selection.empty();
-  }
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
@ -1,755 +0,0 @@
-/*!
- * Bootstrap v5.1.3 (https://getbootstrap.com/)
- * Copyright 2011-2021 The Bootstrap Authors
- * Copyright 2011-2021 Twitter, Inc.
- * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
-*/
-
-/*
- * This file contains customized bootstrap classes which are in the same name, however differ in the implementation.
- * Classes use CSS custom properties from :root to be runtime modifiable.
- * Used a portion of bootstrap classes which satisfy the requirements without to include the whole bootstrap bundle.
- * If you would like to add new classes as "override" or extension please use the bootstrap naming convention.
-*/
-
-/* Form controls */
-.form-label {
-  margin-bottom: 0.25rem;
-}
-
-.form-check:has(.form-check-label) {
-  padding: 1em 1em 1em 1.6em;
-  border-top: solid 1px lightgray;
-  margin: 0 1em 0 1em;
-}
-
-.form-check-label {
-  font-size: 0.875rem !important;
-}
-
-.form-group {}
-
-.form-control {
-  display: block;
-  width: 100%;
-  padding: 0.5625rem 0.75rem;
-  font-size: 1rem;
-  font-weight: 400;
-  line-height: 1.25rem;
-  color: var(--nevis-black);
-  background-color: var(--nevis-white);
-  background-clip: padding-box;
-  border: 0.0625rem solid var(--nevis-form-control-border-color);
-  border-radius: var(--nevis-border-radius);
-  -webkit-appearance: none;
-  -moz-appearance: none;
-  appearance: none;
-  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
-}
-
-@media (prefers-reduced-motion: reduce) {
-  .form-control {
-    transition: none;
-  }
-}
-
-.form-control:focus {
-  color: var(--nevis-black);
-  background-color: var(--nevis-white);
-  border-color: var(--nevis-primary);
-  outline: 0;
-  box-shadow: 0 0 0 0.0625rem var(--nevis-primary);
-}
-
-.form-control::-webkit-date-and-time-value {
-  height: 1.5em;
-}
-
-.form-control::-moz-placeholder {
-  color: var(--nevis-secondary);
-  opacity: 1;
-}
-
-.form-control::placeholder {
-  color: var(--nevis-secondary);
-  opacity: 1;
-}
-
-.form-control:disabled {
-  font-size: 0.875rem;
-  background-color: #e9ecef;
-  opacity: 1;
-}
-
-.form-control[readonly] {
-  background: var(--nevis-readonly-bg-color);
-  border-color: var(--nevis-readonly-border-color);
-  border-radius: var(--nevis-border-radius);
-  color: var(--nevis-gray-900);
-  font-size: 0.875rem;
-}
-
-.form-control[readonly]:focus {
-  box-shadow: 0 0 0 0.0625rem var(--nevis-readonly-box-shadow-color);
-}
-
-/* Valdiation */
-.invalid-feedback {
-  display: none;
-  width: 100%;
-  margin-top: 0.25rem;
-  font-size: 0.875em;
-  color: var(--nevis-danger);
-}
-
-.was-validated :invalid~.invalid-feedback,
-.was-validated :invalid~.invalid-tooltip,
-.is-invalid~.invalid-feedback,
-.is-invalid~.invalid-tooltip {
-  display: block;
-}
-
-/* Added for 3rd party International Telephone Input */
-.was-validated .iti~.invalid-feedback.invalid-feedback-ready,
-.was-validated .iti~.invalid-tooltip.invalid-feedback-ready {
-  display: block;
-}
-
-.was-validated .form-control:invalid,
-.form-control.is-invalid {
-  border-color: var(--nevis-danger);
-  border-width: 0.125rem;
-  padding-right: inherit;
-  background-image: none;
-  background-repeat: no-repeat;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-control:invalid:focus,
-.form-control.is-invalid:focus {
-  border-color: var(--nevis-danger);
-  box-shadow: none;
-}
-
-.form-control:valid,
-.form-control.is-valid {
-  background-image: none;
-}
-
-/* remove valid feedback classes */
-.was-validated .form-control:valid,
-.form-control.is-valid {
-  border-color: var(--nevis-gray-400);
-  padding-right: inherit;
-  background-image: inherit;
-  background-repeat: no-repeat;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-control:valid:focus,
-.form-control.is-valid:focus {
-  border-color: var(--nevis-gray-400);
-  box-shadow: unset;
-}
-
-.was-validated textarea.form-control:valid,
-textarea.form-control.is-valid {
-  padding-right: inherit;
-  background-position: inherit;
-}
-
-.was-validated .form-select:valid,
-.form-select.is-valid {
-  border-color: var(--nevis-gray-400);
-}
-
-.was-validated .form-select:valid:not([multiple]):not([size]),
-.was-validated .form-select:valid:not([multiple])[size="1"],
-.form-select.is-valid:not([multiple]):not([size]),
-.form-select.is-valid:not([multiple])[size="1"] {
-  padding-right: inherit;
-  background-image: none;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-select:valid:focus,
-.form-select.is-valid:focus {
-  border-color: var(--nevis-gray-400);
-  box-shadow: unset;
-}
-
-.was-validated .form-check-input:valid,
-.form-check-input.is-valid {
-  border-color: var(--nevis-gray-400);
-}
-
-.was-validated .form-check-input:valid:checked,
-.form-check-input.is-valid:checked {
-  background-color: inherit;
-}
-
-.was-validated .form-check-input:valid:focus,
-.form-check-input.is-valid:focus {
-  box-shadow: unset;
-}
-
-.was-validated .form-check-input:valid~.form-check-label,
-.form-check-input.is-valid~.form-check-label {
-  color: inherit;
-}
-
-/* Buttons */
-.btn {
-  display: inline-block;
-  font-weight: 500;
-  line-height: 1.5rem;
-  color: var(--nevis-black);
-  text-align: center;
-  text-decoration: none;
-  vertical-align: middle;
-  cursor: pointer;
-  -webkit-user-select: none;
-  -moz-user-select: none;
-  user-select: none;
-  background-color: transparent;
-  border: 0.0625rem solid transparent;
-  padding: 0.75rem 1.25rem;
-  font-size: 1rem;
-  border-radius: var(--nevis-border-radius);
-  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
-}
-
-@media (prefers-reduced-motion: reduce) {
-  .btn {
-    transition: none;
-  }
-}
-
-.btn:hover {
-  color: var(--nevis-black);
-}
-
-.btn:disabled,
-.btn.disabled,
-fieldset:disabled .btn {
-  pointer-events: none;
-  opacity: 0.65;
-}
-
-/* remove box-shadows by default, enable later by colors */
-.btn:focus {
-  box-shadow: unset;
-}
-
-.btn-check:checked+.btn-primary:focus,
-.btn-check:active+.btn-primary:focus,
-.btn-primary:active:focus,
-.btn-primary.active:focus,
-.show>.btn-primary.dropdown-toggle:focus {
-  box-shadow: unset;
-}
-
-/* Primary Button */
-.btn-primary {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:hover {
-  color: var(--nevis-white);
-  filter: brightness(110%);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:focus {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  filter: brightness(110%);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:active,
-.btn-primary.active {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  filter: brightness(90%);
-}
-
-.btn-primary:active:focus,
-.btn-primary.active:focus {
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:disabled,
-.btn-primary.disabled {
-  color: var(--nevis-secondary);
-  background-color: var(--nevis-gray-100);
-  border-color: var(--nevis-gray-100);
-  box-shadow: none;
-  filter: brightness(1);
-}
-
-/* Secondary Button */
-.btn-secondary {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:hover {
-  color: var(--nevis-gray-900);
-  filter: brightness(110%);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:focus {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  filter: brightness(110%);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:active,
-.btn-secondary.active {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  filter: brightness(90%);
-}
-
-.btn-secondary:active:focus,
-.btn-secondary.active:focus {
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:disabled,
-.btn-secondary.disabled {
-  color: var(--nevis-secondary);
-  background-color: var(--nevis-gray-100);
-  border-color: var(--nevis-gray-100);
-  box-shadow: none;
-  filter: brightness(1);
-}
-
-.btn-link {
-  font-size: 0.875rem !important;
-  vertical-align: baseline;
-  border: none;
-  color: var(--nevis-primary);
-  background: none;
-  text-decoration: none;
-  padding: 0;
-}
-
-/* Componentes */
-.dropdown-toggle::after {
-  display: none !important;
-}
-
-/* Utilities */
-h6,
-.h6,
-h5,
-.h5,
-h4,
-.h4,
-h3,
-.h3,
-h2,
-.h2,
-h1,
-.h1 {
-  margin-top: 0;
-  font-weight: 500;
-  line-height: 1.2;
-}
-
-h1,
-.h1 {
-  font-size: calc(1.375rem + 1.5vw);
-}
-
-@media (min-width: 1200px) {
-
-  h1,
-  .h1 {
-    font-size: 2.5rem;
-  }
-}
-
-h2,
-.h2 {
-  font-size: calc(1.325rem + 0.9vw);
-}
-
-@media (min-width: 1200px) {
-
-  h2,
-  .h2 {
-    font-size: 2rem;
-  }
-}
-
-h3,
-.h3 {
-  font-size: calc(1.3rem + 0.6vw);
-}
-
-@media (min-width: 1200px) {
-
-  h3,
-  .h3 {
-    font-size: 1.75rem;
-  }
-}
-
-h4,
-.h4 {
-  font-size: calc(1.275rem + 0.3vw);
-}
-
-@media (min-width: 1200px) {
-
-  h4,
-  .h4 {
-    font-size: 1.5rem;
-  }
-}
-
-h5,
-.h5 {
-  font-size: 1.25rem;
-}
-
-h6,
-.h6 {
-  font-size: 1rem;
-}
-
-small,
-.small {
-  font-size: 0.875rem !important;
-}
-
-.text-primary {
-  color: var(--nevis-primary) !important;
-}
-
-.text-secondary {
-  color: var(--nevis-secondary) !important;
-}
-
-.text-success {
-  color: var(--nevis-success) !important;
-}
-
-.text-info {
-  color: var(--nevis-info) !important;
-}
-
-.text-warning {
-  color: var(--nevis-warning) !important;
-}
-
-.text-danger {
-  color: var(--nevis-danger) !important;
-}
-
-.text-light {
-  color: var(--nevis-light) !important;
-}
-
-.text-dark {
-  color: var(--nevis-dark) !important;
-}
-
-.text-white {
-  color: var(--nevis-white) !important;
-}
-
-.bg-primary {
-  background-color: var(--nevis-primary) !important;
-}
-
-.bg-secondary {
-  background-color: var(--nevis-secondary) !important;
-}
-
-.bg-success {
-  background-color: var(--nevis-success) !important;
-}
-
-.bg-info {
-  background-color: var(--nevis-info) !important;
-}
-
-.bg-warning {
-  background-color: var(--nevis-warning) !important;
-}
-
-.bg-danger {
-  background-color: var(--nevis-danger) !important;
-}
-
-.bg-light {
-  background-color: var(--nevis-light) !important;
-}
-
-.bg-dark {
-  background-color: var(--nevis-dark) !important;
-}
-
-.bg-body {
-  background-color: var(--nevis-white) !important;
-}
-
-.bg-white {
-  background-color: var(--nevis-white) !important;
-}
-
-.link-primary {
-  color: var(--nevis-primary);
-}
-
-.link-primary:hover,
-.link-primary:focus {
-  color: var(--nevis-primary);
-  filter: brightness(80%);
-}
-
-.link-secondary {
-  color: var(--nevis-secondary);
-}
-
-.link-secondary:hover,
-.link-secondary:focus {
-  color: var(--nevis-secondary);
-  filter: brightness(80%);
-}
-
-.link-success {
-  color: var(--nevis-success);
-}
-
-.link-success:hover,
-.link-success:focus {
-  color: var(--nevis-success);
-  filter: brightness(80%);
-}
-
-.link-info {
-  color: var(--nevis-info);
-}
-
-.link-info:hover,
-.link-info:focus {
-  color: var(--nevis-info);
-  filter: brightness(80%);
-}
-
-.link-warning {
-  color: var(--nevis-warning);
-}
-
-.link-warning:hover,
-.link-warning:focus {
-  color: var(--nevis-warning);
-  filter: brightness(80%);
-}
-
-.link-danger {
-  color: var(--nevis-danger);
-}
-
-.link-danger:hover,
-.link-danger:focus {
-  color: var(--nevis-danger);
-  filter: brightness(80%);
-}
-
-.link-light {
-  color: var(--nevis-light);
-}
-
-.link-light:hover,
-.link-light:focus {
-  color: var(--nevis-light);
-  filter: brightness(80%);
-}
-
-.link-dark {
-  color: var(--nevis-dark);
-}
-
-.link-dark:hover,
-.link-dark:focus {
-  color: var(--nevis-dark);
-  filter: brightness(80%);
-}
-
-.border-primary {
-  border-color: var(--nevis-primary) !important;
-}
-
-.border-secondary {
-  border-color: var(--nevis-secondary) !important;
-}
-
-.border-success {
-  border-color: var(--nevis-success) !important;
-}
-
-.border-info {
-  border-color: var(--nevis-info) !important;
-}
-
-.border-warning {
-  border-color: var(--nevis-warning) !important;
-}
-
-.border-danger {
-  border-color: var(--nevis-danger) !important;
-  border-width: 0.125rem;
-}
-
-.border-light {
-  border-color: var(--nevis-light) !important;
-}
-
-.border-dark {
-  border-color: var(--nevis-dark) !important;
-}
-
-.border-white {
-  border-color: var(--nevis-white) !important;
-}
-
-
-/* EXTENSION PART */
-
-/* Spacing */
-.mt-20 {
-  margin-top: 1.25rem;
-}
-
-.me-5px {
-  margin-right: 0.3125rem;
-}
-
-.my-40 {
-  margin: 2.5rem 0;
-}
-
-.mb-40 {
-  margin-bottom: 2.5rem;
-}
-
-/* Colors */
-
-.text-nevis-blue {
-  color: var(--nevis-blue-600) !important;
-}
-
-.bg-nevis-blue {
-  background-color: var(--nevis-blue-600) !important;
-}
-
-.border-nevis-blue {
-  border-color: var(--nevis-blue-600) !important;
-}
-
-.link-nevis-blue {
-  color: var(--nevis-blue-600);
-}
-
-.link-nevis-blue:hover,
-.link-nevis-blue:focus {
-  color: var(--nevis-blue-600);
-  filter: brightness(80%);
-}
-
-.btn-language-selector {
-  display: inline-flex;
-  justify-content: center;
-  align-items: center;
-  flex-shrink: 0;
-  padding: 0;
-  min-width: 0;
-  box-sizing: border-box;
-  box-shadow: none;
-  font-size: 0.875rem !important;
-  line-height: 1.25rem;
-  font-weight: normal;
-  outline: none;
-  border: none;
-  vertical-align: baseline;
-  text-align: center;
-  background-color: initial;
-  color: var(--nevis-gray-900);
-}
-
-.btn-language-selector:hover {
-  background: initial;
-}
-
-.btn-language-selector:active {
-  background: initial;
-}
-
-.btn-language-selector:focus {
-  box-shadow: none;
-}
-
-.btn-language-selector+.dropdown-menu {
-  min-width: 0;
-  width: 10rem;
-  padding: 0.25rem 0;
-  /* centering the dropdown */
-  margin-left: -0.5rem !important;
-  margin-top: 0.5rem !important;
-  overflow: hidden;
-  box-shadow: 0rem 0rem 0rem 0.0625rem var(--nevis-gray-200),
-    0rem 0.1875rem 1.25rem -0.625rem var(--nevis-gray-900);
-  border-radius: var(--nevis-border-radius);
-  border: 0;
-}
-
-.btn-language-selector+.dropdown-menu>li {
-  overflow: hidden;
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item {
-  font-style: normal;
-  font-weight: normal;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  padding: 0.5rem 1rem;
-  color: var(--nevis-gray-900);
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:hover {
-  background: var(--nevis-blue-100);
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:focus {
-  background: none;
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:active,
-.btn-language-selector+.dropdown-menu .dropdown-item.active {
-  background: var(--nevis-blue-100);
-  filter: brightness(90%);
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/default.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/default.css
@ -0,0 +1,222 @@
+/********************************************************
+ * Layout
+ ********************************************************/
+
+html { /* magic to position footer */
+	position: relative;
+	min-height: 100%;
+}
+
+body {
+	margin-bottom: 76px; /* == footer height */
+}
+
+.container, .container-fluid {
+ 	padding-left: 36px;
+	padding-right: 36px;
+}
+
+nav {
+	min-height: 100px;
+	padding: 36px;
+}
+
+header {
+	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
+}
+
+.container {
+ 	min-width: 260px;
+ 	max-width: 700px;
+}
+
+h1 {
+	margin-bottom: 50px;
+}
+
+footer {
+	width: 100%;
+	position: absolute;
+	bottom: 0;
+	padding: 0 36px;
+}
+
+img {
+	width: 100%;
+}
+
+/********************************************************
+ * Header
+ ********************************************************/
+
+header .logo {
+	/* width: 20%;*/
+	/*max-width: 600px;*/
+	max-height: 150px;
+	width: auto;
+}
+
+/********************************************************
+ * Dropdown
+ ********************************************************/
+a.dropdown-toggle {
+	text-decoration: none;
+}
+
+a.dropdown-toggle:hover {
+	color: #168CA9;
+	border-bottom: 3px solid #168CA9;
+}
+
+.dropdown-menu {
+	padding: 5px 0;
+}
+
+.dropdown-menu li > a {
+	padding: 6px 28px;
+}
+
+.dropdown-menu a > .prefix {
+	display: inline-block;
+	min-width: 22px;
+	margin-right: 28px;
+	text-align: right;
+}
+
+/********************************************************
+ * Form
+ ********************************************************/
+
+/* Labels should not be bold */
+label {
+	font-weight: normal;
+}
+
+/* Make error messages bold */
+.has-error .help-block {
+	font-weight: bold;
+}
+
+/* Change button size, by default 116px in width */
+.btn {
+	min-width: 116px;
+	padding: 3px 12px;
+}
+
+/* Disable gradient in buttons, ughhhh */
+.btn.btn-primary {
+	border-color: transparent;
+	background-image: none;
+	text-shadow: none;
+	box-shadow: none;
+	-webkit-box-shadow: none;
+}
+
+.help-block a, .help-block a:visited {
+	color: #168CA9;
+  font-weight: bold;
+  text-decoration: none;
+}
+
+.help-block a:hover {
+	color: #168CA9;
+  text-decoration: underline;
+}
+
+/********************************************************
+ * Footer
+ ********************************************************/
+footer .row {
+	margin: 36px 0 0 0;
+	height: 40px;
+	padding-top: 14px;
+	line-height: 26px; /* to center text: height - padding-top = 26px */
+	border-top: 1px solid #168CA9;
+}
+
+footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
+	padding: 0;
+}
+
+footer .logo-round-container {
+	position: relative;
+}
+
+footer .logo-round {
+	position: absolute;
+	left: 0;
+	right: 0;
+	top: -33px; /* found visually with Chrome Dev Tools */
+	height: 36px;
+	width: 36px;
+	border: 1px solid #00868c;
+	border-radius: 18px;
+	background: #fff;
+	padding: 8px;
+}
+
+footer .logo-round > img {
+	display: block;
+}
+
+#dispatchTargets {
+	margin-top: 20px;
+}
+
+/********************************************************
+ * Social login
+ ********************************************************/
+.btn.line {
+    background-color: transparent;
+    display: block;
+    width: 100%;
+    padding: 0;
+    margin: 1.5em 0 1em;
+    border: 0.5px solid #ccc;
+    pointer-events: none;
+}
+
+.btn.socialLogin {
+    background-color: #fff;
+    border: thin solid #ccc;
+    color: #000;
+    font-weight: 600;
+    position: relative;
+    margin: 5px;
+    min-width: 140px;
+    width: 210px;
+    border-radius: 8px;
+    padding: 8px 12px;
+    text-align: left;
+}
+
+.socialLogin img {
+    width: 1.5em;
+    height: 108%;
+    margin-right: 0.5em;
+}
+
+.btn.apple img {
+    width: 1.2em;
+}
+
+/********************************************************
+ * Show password
+ ********************************************************/
+.icon-inside {
+  position: relative;
+}
+
+.icon-inside input {
+  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
+}
+
+.icon-inside button {
+  position: absolute;
+  right: 0;
+  top: 0;
+  margin-top: 0.45rem;
+  margin-right: 0.45rem;
+  background: #FFFFFF;
+  border: #FFFFFF;
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
@ -1,23 +0,0 @@
-function displayRecoveryCodes() {
-  const recoverCodes = document.getElementById("recovery-codes-raw");
-  // early return if recoverCodes not found
-  if (!recoverCodes) {
-    return;
-  }
-
-  var recoveryCodesContent = recoverCodes.innerHTML;
-  recoveryCodesContent = recoveryCodesContent.replace("[", "");
-  recoveryCodesContent = recoveryCodesContent.replace("]", "");
-  recoveryCodesContent = recoveryCodesContent.split(",");
-  for (let i = 0; i < recoveryCodesContent.length; i++) {
-    if (i % 2 == 0) {
-      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-gray printable\">" + recoveryCodesContent[i] + "</div>";
-    }
-    else {
-      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-white printable\">" + recoveryCodesContent[i] + "</div>";
-    }
-  }
-  recoverCodes.remove();
-}
-
-displayRecoveryCodes();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
@ -1,26 +0,0 @@
-function downloadRecoveryCodes(contentContainerId) {
-  const textToDownload = document.getElementById(contentContainerId).innerText;
-  // It is necessary to create a new blob object with mime-type explicitly set
-  // otherwise only Chrome works like it should
-  const newBlob = new Blob([textToDownload], { type: "text/plain" });
-
-  // IE doesn't allow using a blob object directly as link href
-  // instead it is necessary to use msSaveOrOpenBlob
-  if (window.navigator && window.navigator.msSaveOrOpenBlob) {
-    window.navigator.msSaveOrOpenBlob(newBlob, "recovery-codes.txt");
-    return;
-  }
-
-  // For other browsers:
-  // Create a link pointing to the ObjectURL containing the blob.
-  const data = window.URL.createObjectURL(newBlob);
-  const link = document.createElement("a");
-  link.href = data;
-  link.download = "recovery-codes.txt";
-  link.click();
-  setTimeout(() => {
-    // For Firefox it is necessary to delay revoking the ObjectURL
-    window.URL.revokeObjectURL(data);
-  }, 400);
-  link.remove();
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/dropdown.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/dropdown.js
@ -0,0 +1,36 @@
+(function() {
+  var closeDropdownTimeout;
+
+  function closeDropdown(event) {
+    var dropdowns = document.querySelectorAll('.dropdown');
+    for (var i = 0; i < dropdowns.length; i++) {
+      var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
+      if (dropdownMenu.style.display !== 'none' && !dropdowns[i].contains(event.target)) {
+        dropdownMenu.style.display = 'none';
+      }
+    }
+
+    // remove event listener till we have a new dropdown menu open
+    if (document.querySelector('.dropdown-menu:not([style*="display: none"])') === null) {
+      document.removeEventListener('click', closeDropdown);
+    }
+  }
+
+  var dropdowns = document.querySelectorAll('.dropdown');
+  for (var i = 0; i < dropdowns.length; i++) {
+    var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
+    dropdownMenu.style.display = 'none'; // ensure menu is initially hidden
+
+    dropdowns[i].addEventListener('click', function(e) {
+      // show dropdown menu
+      var dropdownMenu = this.querySelector('.dropdown-menu');
+      dropdownMenu.style.display = 'block';
+
+      // handle clicking away
+      clearTimeout(closeDropdownTimeout);
+      closeDropdownTimeout = setTimeout(function() {
+        document.addEventListener('click', closeDropdown);
+      }, 10);
+    });
+  }
+}());
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/e2eenc.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/e2eenc.js
@ -0,0 +1,98 @@
+var e2eenc = function() {
+
+	this.encryptForm = function(algoString, formId) {
+		// TODO: in case of an error we should return false, to prevent the for to be submitted
+		//       or replace the fields with dummy values, just to prevent the the transmission
+		//       of unencrypted values
+		
+
+		// create the array of input fields to encrypt (needs to be done before setting the form
+		// invisible
+		var fieldsToEncrypt = new Array();
+		$.each($("form input:visible"), function(index, _inputField) { fieldsToEncrypt.push($(_inputField));});
+
+		// hide the form, and display the splash screen
+		$('#loginform').css('display','none');
+		$('#e2eeSplashScreen').css('display','block');
+
+		// encryption logic
+		var pubKey = $("input[name='e2eenc.publicKey']").val();
+
+		var kemSessionKey = readPublicKeyAndGenerateSessionKey(pubKey)
+		var iv = forge.random.getBytesSync(16);
+		keyB64 = forge.util.encode64(kemSessionKey.key);
+		encapsulationB64 = forge.util.encode64(kemSessionKey.encapsulation);
+		ivB64 = forge.util.encode64(iv);
+
+		//console.log("Encrypting form " + formId + " (" + algoString + ")");
+		var fields = "";
+		$.each(fieldsToEncrypt, function(index, _inputField) {
+			var inputField = $(_inputField);
+			if (inputField.attr("type") == "text" || inputField.attr("type") == "password") {
+				//console.log("Encrypting field " + JSON.stringify(inputField));
+				var plainValue = inputField.val();
+
+				var encryptedValueB64 = encrypt(kemSessionKey, iv, plainValue);
+				//console.log("Setting encrypted value in b64: " + encryptedValueB64);
+				inputField.val(encryptedValueB64);
+				if (fields.length > 0) {
+					fields = fields + ","
+				}
+				fields = fields + inputField.attr("name");
+			}
+		});
+		$("input[name='e2eenc.iv']").val(ivB64);
+		$("input[name='e2eenc.encapsulation']").val(encapsulationB64);
+		$("input[name='e2eenc.fields']").val(fields);
+	}
+
+	function getRSApublicKey(pem) {
+	    //console.log("PEM: " + pem);
+
+	    var msg = forge.pem.decode(pem)[0];
+
+	    //console.log("msg type: " + msg.type);
+
+	    if(msg.procType && msg.procType.type === 'ENCRYPTED') {
+		throw new Error('Could not retrieve RSA public key from PEM; PEM is encrypted.');
+	    }
+
+	    // convert DER to ASN.1 object
+	    var asn1obj = forge.asn1.fromDer(msg.body);
+	    //console.log("ASN.1 obj: " + JSON.stringify(asn1obj))
+
+	    var pubKey = forge.pki.publicKeyFromAsn1(asn1obj)
+	    //console.log("PubKey: " + JSON.stringify(pubKey))
+	    return pubKey;
+	}
+
+	function generateKEMSessionKey(rsaPublicKey) {
+	    // generate key-derivation-function and initializes it with sha1
+	    var kdf1 = new forge.kem.kdf1(forge.md.sha1.create());
+	    // creates a KEM function based on the key-derivation-function created above
+	    var kem = forge.kem.rsa.create(kdf1);
+	    // generate and encapsulate a 16-byte secret key. 
+	    // The secret key is generated using the kdf defined above.
+	    var kemSessionKey = kem.encrypt(rsaPublicKey, 16);
+	    // kemSessionKey has 'encapsulation' (= pub key) and 'key' (= generated secret key)
+	    return kemSessionKey;
+	}
+
+	function readPublicKeyAndGenerateSessionKey(pem) {
+	    var rsaPublicKey = getRSApublicKey(pem);
+	    //console.log("PubKey: " + JSON.stringify(rsaPublicKey))
+	    var kemSessionKey = generateKEMSessionKey(rsaPublicKey);
+	    //console.log("KEM session key: " + JSON.stringify(kemSessionKey))
+	    return kemSessionKey;
+	}
+
+	function encrypt(kemSessionKey, iv, msg) {
+		var cipher = forge.cipher.createCipher('AES-CBC', kemSessionKey.key);
+		cipher.start({iv: iv});
+		cipher.update(forge.util.createBuffer(msg, 'utf-8'));
+		cipher.finish();
+		var encrypted = cipher.output.getBytes();
+		encryptedB64 = forge.util.encode64(encrypted);
+		return encryptedB64;
+	}
+};
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
@ -1,3 +0,0 @@
-<svg width="10" height="9" viewBox="0 0 10 9" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path fill-rule="evenodd" clip-rule="evenodd" d="M3.95423 0.859245C4.413 0.0436633 5.58725 0.0436629 6.04602 0.859245L9.3942 6.81157C9.84416 7.61149 9.2661 8.59988 8.34831 8.59988H1.65194C0.734151 8.59988 0.156094 7.61149 0.606052 6.81157L3.95423 0.859245ZM5.60007 6.79995C5.60007 7.13132 5.33144 7.39995 5.00007 7.39995C4.6687 7.39995 4.40007 7.13132 4.40007 6.79995C4.40007 6.46858 4.6687 6.19995 5.00007 6.19995C5.33144 6.19995 5.60007 6.46858 5.60007 6.79995ZM5.00007 1.99995C4.6687 1.99995 4.40007 2.26858 4.40007 2.59995V4.39995C4.40007 4.73132 4.6687 4.99995 5.00007 4.99995C5.33144 4.99995 5.60007 4.73132 5.60007 4.39995V2.59995C5.60007 2.26858 5.33144 1.99995 5.00007 1.99995Z" fill="#F25562"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye-off.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye-off.svg
@ -1,3 +1,3 @@
 <svg width="22" height="20" viewBox="0 0 22 20" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+    <path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye.svg
@ -1,4 +1,4 @@
 <svg width="22" height="16" viewBox="0 0 22 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+    <path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+    <path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
@ -1,10 +0,0 @@
-<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M54 10H62C66.4183 10 70 13.5817 70 18V26" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M10 26L10 18C10 13.5817 13.5817 10 18 10L26 10" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M26 70L18 70C13.5817 70 10 66.4183 10 62L10 54" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M70 54L70 62C70 66.4183 66.4183 70 62 70L54 70" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<circle cx="40" cy="40" r="22" stroke="#168CA9" stroke-width="4"/>
-<path d="M48 48.5C43.5817 53.8333 36.4183 53.8333 32 48.5" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<rect x="49" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
-<rect x="30" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
@ -1,4 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M18 9.00002C18 4.02945 13.9706 2.09808e-05 9 2.09808e-05C4.02943 2.09808e-05 0 4.02945 0 9.00002C0 13.4922 3.29117 17.2155 7.59375 17.8907V11.6016H5.30859V9.00002H7.59375V7.01721C7.59375 4.76158 8.93739 3.51565 10.9932 3.51565C11.9779 3.51565 13.0078 3.69143 13.0078 3.69143V5.90627H11.8729C10.7549 5.90627 10.4062 6.60003 10.4062 7.31176V9.00002H12.9023L12.5033 11.6016H10.4062V17.8907C14.7088 17.2155 18 13.4922 18 9.00002Z" fill="#1877F2"/>
-<path d="M12.5033 11.6016L12.9024 9.00006H10.4063V7.3118C10.4063 6.60007 10.7549 5.90631 11.873 5.90631H13.0078V3.69147C13.0078 3.69147 11.9779 3.51569 10.9932 3.51569C8.9374 3.51569 7.59376 4.76162 7.59376 7.01725V9.00006H5.30859V11.6016H7.59376V17.8907C8.05197 17.9626 8.52161 18.0001 9.00001 18.0001C9.47842 18.0001 9.94806 17.9626 10.4063 17.8907V11.6016H12.5033Z" fill="white"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
@ -2,13 +2,13 @@
  'use strict'

  async function assertion(options) {
-    let assertion;
+    let credential;
    try {
-      assertion = await navigator.credentials.get({ "publicKey": options });
+      credential = await navigator.credentials.get({ "publicKey": options });
    }
    // Cancel and timeout can occur besides error
    catch (error) {
-      console.error(`Error while trying to collect WebAuthn credential. ${error}`);
+      console.error(`Failed to get WebAuthn credential: ${error}`);
      throw error;
    }
    // as this is the last call we have to do a top-level request instead of AJAX
@ -16,19 +16,18 @@
    form.method = "POST";
    form.style.display = "none";
    addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", assertion.id);
-    addInput(form, "type", assertion.type);
-    addInput(form, "response.clientDataJSON", base64url.encode(assertion.response.clientDataJSON));
-    addInput(form, "response.authenticatorData", base64url.encode(assertion.response.authenticatorData));
-    addInput(form, "response.signature", base64url.encode(assertion.response.signature));
+    addInput(form, "id", credential.id);
+    addInput(form, "type", credential.type);
+    addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
+    addInput(form, "response.authenticatorData", base64url.encode(credential.response.authenticatorData));
+    addInput(form, "response.signature", base64url.encode(credential.response.signature));
    document.body.appendChild(form);
    form.submit();
  }

  function authenticate() {
    // WebAuthn feature detection
-    if(!isWebAuthnSupportedByTheBrowser()) {
-      // Trigger `Login Passwordless Fallback` pattern
+    if (!isWebAuthnSupportedByTheBrowser()) {
      cancelFido2();
      return;
    };
@ -51,11 +50,9 @@
        c.id = base64url.decode(c.id);
        return c;
      });
-        
      return assertion(options);
    }).catch((error) => {
-      console.error(`Error at fido2 authentication: ${error}`);
-      // Trigger `Login Passwordless Fallback` pattern
+      console.error(`Error during FIDO2 authentication: ${error}`);
      cancelFido2();
    });
  }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
@ -1,25 +0,0 @@
-function submit(result) {
-    // we have to do a top-level request instead of AJAX
-    const form = document.createElement("form");
-    form.method = "POST";
-    form.style.display = "none";
-
-    addInput(form, "result", result)
-
-    document.body.appendChild(form);
-
-    form.submit();
-}
-
-function check() {
-  if (isWebAuthnSupportedByTheBrowser()) {
-    submit("ok");
-  }
-  else {
-    submit("error");
-  }
-}
-
-window.onload = () => {
-  check();
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
@ -31,7 +31,7 @@ async function attestation(options) {
  form.submit();
 }

-function startFido2() {
+function start() {

  if (!isWebAuthnSupportedByTheBrowser()) {
    dispatch("unsupported");
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
@ -1,3 +1,10 @@
+function addInput(form, name, value) {
+    const input = document.createElement("input");
+    input.name = name;
+    input.value = value;
+    form.appendChild(input);
+}
+
 /**
 * Checks whether WebAuthn is supported by the browser or not.
 * @return true if supported, false if it is not supported or not in secure context
@ -16,7 +23,7 @@ function isWebAuthnSupportedByTheBrowser() {
 }

 /**
- * Trigger on cancel pattern at the FIDO2 authentication flow.
+ * Trigger on cancel pattern of the FIDO2 authentication step.
 * 
 * Provides an alternative when the user decides to 
 * cancel the fido2 credential operation(create or fetch) or
@ -27,10 +34,7 @@ function cancelFido2() {
  const form = document.createElement("form");
  form.method = "POST";
  form.style.display = "none";
-
  addInput(form, "cancel_fido2", "true");
-
  document.body.appendChild(form);
-
  form.submit();
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
@ -1,9 +0,0 @@
-<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M56.2789 49.5761C56.2789 40.4331 48.8671 33.0213 39.7242 33.0213C30.5813 33.0213 23.1694 40.4331 23.1694 49.5761C23.1694 62.2356 32.2583 70.0261 32.2583 70.0261" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M47.8393 49.5763C47.8393 45.0945 44.206 41.4612 39.7242 41.4612C35.2424 41.4612 31.6091 45.0945 31.6091 49.5763C31.6091 62.5604 41.6718 68.7279 48.8131 71.0001" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M64.7191 49.5748C64.7191 35.7707 53.5287 24.5803 39.7247 24.5803C25.9206 24.5803 14.7302 35.7707 14.7302 49.5748C14.7302 55.093 17.0024 60.6113 17.0024 60.6113" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M66.4485 31.0739C60.6836 22.4617 50.8661 16.7914 39.7242 16.7914C28.5824 16.7914 18.7649 22.4617 13 31.0739" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M58.1132 13.5444C52.623 10.6428 46.3652 9 39.724 9C33.0827 9 26.825 10.6428 21.3347 13.5444" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M64.7185 49.2502C64.7185 53.5527 60.9399 57.0407 56.2788 57.0407C51.6177 57.0407 47.8391 53.5527 47.8391 49.2502" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M58.8764 63.8706C57.8276 64.075 56.7421 64.1823 55.6304 64.1823C47.1222 64.1823 40.1431 57.8973 39.4558 49.8997" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/forge.bundle.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/forge.bundle.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/apple/black.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/apple/black.svg
@ -0,0 +1 @@
+<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/facebook/white.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/facebook/white.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/google/google.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/google/google.svg
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/microsoft/microsoft.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/microsoft/microsoft.svg
@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
@ -1,3 +0,0 @@
-<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M32 18.6667V32M32 45.3333H32.0333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#EFBA00" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/jquery-3.6.0.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/jquery-3.6.0.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M6.3335 2.99992H3.00016C2.07969 2.99992 1.3335 3.74611 1.3335 4.66659V12.9999C1.3335 13.9204 2.07969 14.6666 3.00016 14.6666H11.3335C12.254 14.6666 13.0002 13.9204 13.0002 12.9999V9.66659M9.66683 1.33325H14.6668M14.6668 1.33325V6.33325M14.6668 1.33325L6.3335 9.66659" stroke="#168CA9" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo_animated.gif
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo_animated.gif
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
@ -1,429 +0,0 @@
-html,
-body {
-  height: 100%;
-}
-
-body {
-  font-family: var(--nevis-font-sans-serif);
-  font-size: 0.875rem;
-  color: var(--nevis-gray-900);
-  display: flex;
-  align-items: center;
-  padding-top: 2.5rem;
-  padding-bottom: 2.5rem;
-  background-color: #d1d5d6;
-}
-
-a {
-  text-decoration: none;
-  color: var(--nevis-primary);
-}
-
-/* add icon for links to external sites */
-a[rel~="external"]::after {
-  content: url("link.svg");
-  padding-left: 7px;
-  vertical-align: -2px;
-}
-
-/* Chrome, Safari, Edge, Opera */
-input::-webkit-outer-spin-button,
-input::-webkit-inner-spin-button {
-  -webkit-appearance: none;
-  margin: 0;
-}
-
-/* Firefox */
-input[type="number"] {
-  -moz-appearance: textfield;
-}
-
-button:disabled {
-  cursor: not-allowed;
-  pointer-events: all !important;
-}
-
-label {
-  font-size: 0.75rem;
-}
-
-span.text-secondary>div {
-  display: inline-block;
-}
-
-/* Screen specific CSS */
-.login-container {
-  width: 100%;
-  max-width: 22.5rem;
-  margin: auto;
-  background-color: var(--nevis-gray-100);
-  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
-  border-radius: 1.25rem;
-}
-
-.login-container-header {
-  padding: 1.25rem;
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-}
-
-.login-container-minimal-header {
-  padding: 1.25rem;
-}
-
-.login-container-body {
-  background: #ffffff;
-  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
-  border-radius: 1.25rem;
-  min-height: 31.25rem;
-}
-
-.login-container-body-content {
-  padding: 2.5rem;
-}
-
-.login-container-body-content>.input-error~.input-error {
-  margin-top: 0;
-}
-
-.brand-name {
-  font-size: 1rem;
-  word-wrap: break-word;
-}
-
-.sub-title {
-  font-style: normal;
-  font-weight: 400;
-  font-size: 1rem;
-  line-height: 1.375rem;
-  text-align: center;
-}
-
-.sub-icon {
-  font-style: normal;
-  font-weight: 400;
-  font-size: 1rem;
-  margin-top: 1rem;
-  text-align: center;
-}
-
-.horizontal-line {
-  display: flex;
-  flex-direction: row;
-}
-
-.horizontal-line:before,
-.horizontal-line:after {
-  content: "";
-  flex: 1 1;
-  border-bottom: 0.0625rem solid var(--nevis-gray-200);
-  margin: auto;
-}
-
-.horizontal-line:before {
-  margin-right: 0.625rem;
-  margin-left: -2.5rem;
-}
-
-.horizontal-line:after {
-  margin-left: 0.625rem;
-  margin-right: -2.5rem;
-}
-
-.register-spacing {
-  margin-top: 2rem;
-  margin-bottom: 2.75rem;
-}
-
-.social-login-buttons {
-  display: flex;
-  flex-direction: column;
-  gap: 0.75rem;
-}
-
-.social-login-button {
-  background: none;
-  flex-grow: 1;
-  display: flex;
-  flex-direction: row;
-  justify-content: center;
-  align-items: center;
-  padding: 0.375rem 1.125rem;
-  width: 100%;
-  height: 2.5rem;
-  border: 0.0625rem solid var(--nevis-gray-200);
-  box-sizing: border-box;
-  border-radius: 0.625rem;
-  gap: 0.625rem;
-}
-
-.icon-inside {
-  position: relative;
-}
-
-.icon-inside input {
-  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
-}
-
-.icon-inside button {
-  position: absolute;
-  right: 0;
-  top: 0;
-  margin-top: 0.3125rem;
-  margin-right: 0.75rem;
-}
-
-.icon-button {
-  display: inline-flex;
-  justify-content: center;
-  align-items: center;
-  flex-shrink: 0;
-  width: 1.875rem;
-  height: 1.875rem;
-  padding: 0;
-  margin: 0;
-  min-width: 0;
-  border-radius: 50%;
-  box-sizing: border-box;
-  box-shadow: none;
-  font-size: inherit;
-  font-weight: 500;
-  cursor: pointer;
-  outline: none;
-  border: none;
-  vertical-align: baseline;
-  text-align: center;
-  background-color: initial;
-}
-
-.icon-button:hover {
-  background: var(--nevis-gray-200);
-}
-
-.icon-button:active {
-  background: var(--nevis-gray-300);
-}
-
-.icon-button.nevis-blue-icon:hover {
-  background: var(--nevis-blue-icon-hover-bg-color);
-}
-
-.icon-button.nevis-blue-icon:active {
-  background: var(--nevis-blue-icon-active-bg-color);
-}
-
-.h-icon-button {
-  min-height: 1.875rem;
-}
-
-.max-w-full {
-  max-width: 100%;
-}
-
-.verification-code-wrapper {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: center;
-}
-
-.verification-code-label {
-  font-size: 1.125rem;
-  line-height: 1.5rem;
-  margin-right: 0.25rem;
-}
-
-.verification-code-input {
-  text-align: center;
-  max-width: 8.75rem;
-  letter-spacing: 0.5rem;
-  text-indent: 0.25rem;
-}
-
-.hidden-verification-code-submit-button {
-  overflow: visible !important;
-  height: 0 !important;
-  width: 0 !important;
-  margin: 0 !important;
-  border: 0 !important;
-  padding: 0 !important;
-  display: block !important;
-}
-
-.totp-code-wrapper {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: center;
-  margin: 2.5rem 0;
-}
-
-.totp-code-input {
-  text-align: left;
-  max-width: 8.75rem;
-  letter-spacing: 0.5rem;
-  text-indent: 0.25rem;
-}
-
-.hidden {
-  display: none !important;
-}
-
-.success-icon {
-  text-align: center !important;
-  margin-top: 5.625rem;
-  margin-bottom: 11.75rem;
-}
-
-.btn-selection-item {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: space-between;
-  padding: 0.5rem 0rem;
-  gap: 0.5rem;
-
-  border: 0.0625rem solid var(--nevis-gray-200);
-  border-left-width: 0;
-  border-right-width: 0;
-}
-
-.btn-selection-item+.btn-selection-item {
-  border-top-width: 0;
-}
-
-.btn-selection-item:first-of-type {
-  margin-top: 1.5rem;
-}
-
-.btn-selection-item:last-of-type {
-  margin-bottom: 1.5rem;
-}
-
-.btn-selection-item .selection-label {
-  color: var(--nevis-dark) !important;
-  font-weight: 500;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-}
-
-.btn-selection-item .selection-description {
-  color: var(--nevis-gray-500) !important;
-  font-weight: 400;
-  font-size: 0.75rem;
-  line-height: 1.125rem;
-}
-
-/* Passwordless */
-
-/* Access App*/
-.access-app-download-link-mobile-spacing {
-  margin-top: 5rem;
-  margin-bottom: 5rem;
-}
-
-/* add rounded border corners around QR code */
-#authcloud_dispatch,
-#authcloud_dispatch>#qr-code-wrapper {
-  position: relative;
-  display: block;
-}
-
-#authcloud_dispatch:not(.mobile-platform):before,
-#authcloud_dispatch:not(.mobile-platform):after,
-#authcloud_dispatch>#qr-code-wrapper:before,
-#authcloud_dispatch>#qr-code-wrapper:after {
-  position: absolute;
-  width: 1.875rem;
-  height: 1.875rem;
-  border-color: var(--nevis-primary);
-  border-style: solid;
-  z-index: 1;
-  content: " ";
-}
-
-#authcloud_dispatch:before {
-  top: 0.5rem;
-  left: 0.5rem;
-  border-width: 0.1875rem 0 0 0.1875rem;
-  border-top-left-radius: 1rem;
-}
-
-#authcloud_dispatch:after {
-  top: 0.5rem;
-  right: 0.5rem;
-  border-width: 0.1875rem 0.1875rem 0 0;
-  border-top-right-radius: 1rem;
-}
-
-#authcloud_dispatch>#qr-code-wrapper:before {
-  bottom: 0.5rem;
-  right: 0.5rem;
-  border-width: 0 0.1875rem 0.1875rem 0;
-  border-bottom-right-radius: 1rem;
-}
-
-#authcloud_dispatch>#qr-code-wrapper:after {
-  bottom: 0.5rem;
-  left: 0.5rem;
-  border-width: 0 0 0.1875rem 0.1875rem;
-  border-bottom-left-radius: 1rem;
-}
-
-.recovery-code-input {
-  text-align: left;
-  letter-spacing: 0.1875rem;
-  font-family: monospace;
-}
-
-.recovery-codes-wrapper {
-  height: 9rem;
-  text-align: center;
-  overflow-y: auto;
-  margin-bottom: 1rem;
-  /* Firefox */
-  scrollbar-color: var(--nevis-gray-300) #ffffff;
-  scrollbar-width: thin;
-  border: 1px solid lightgray;
-  border-radius: 0.5rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar {
-  width: 0.25rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-track {
-  background: #ffffff;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-thumb {
-  background: var(--nevis-gray-300);
-  border-radius: 0.125rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-thumb:hover {
-  background: var(--nevis-gray-400);
-}
-
-.recovery-code-gray {
-  background: var(--nevis-gray-100);
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  font-family: monospace;
-  letter-spacing: 0.1875rem;
-}
-
-.recovery-code-white {
-  background: #ffffff;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  font-family: monospace;
-  letter-spacing: 0.1875rem;
-}
-
-button.btn-recovery-code {
-  line-height: 0.75rem;
-  margin-top: 0.7rem;
-  width: 100%;
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
@ -110,15 +110,13 @@
                if (status == 'clientAuthenticating') {
                    // show process icon
                    document.getElementById("mauth_loading").style.display = 'block';
-                    // hide QR code and info message
                    document.getElementById("mauth_qrcode").style.display = 'none';
-                    document.getElementById("mauth_qrcode_info").style.display = 'none';
                }
                if (status == 'succeeded') {
                    clearInterval(statusPolling);
                    // as this is the last call we have to do a top-level request instead of AJAX
                    const form = createForm();
-                    addInput(form, "fidoUafDone", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                    document.body.appendChild(form);
                    form.submit();
                } else if (status == 'failed' || status == 'unknown') {
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
@ -1,7 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path fill="#f3f3f3" d="M0 0h18v18H0z"/>
-    <path fill="#f35325" d="M1 1h8v8H1z"/>
-    <path fill="#81bc06" d="M10 1h8v8H10z"/>
-    <path fill="#05a6f0" d="M1 10h8v8H1z"/>
-    <path fill="#ffba08" d="M10 10h8v8H10z"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
@ -1,50 +1,43 @@
-document.addEventListener("DOMContentLoaded", function () {
-    const consentInformationFieldName = "consentInformation"; // Input field name
-    const scopeDescriptionSource = "scope_name"; // JSON key for scope description
+// display oauth scopes listed in input field 'consentInformation'
+// change 'consentInformation' and 'scope_name' to the values used in your configuration.
+$(function() {
+
+    var consentInformationFieldName = "consentInformation"; // name of the input field from which to parse the value as the consent information JSON
+    var scopeDescriptionSource = "scope_name";              // key of the field in the consent information JSON of which to get the value as the scope description

    function displayOAuthScopesConsent() {
-        const jsonData = parseJson();
+        var jsonData = parseJson();
        if (jsonData !== undefined) {
-            mapJsonToHtml(jsonData);
+            mapJsonToHtml(jsonData)
        }
    }

    function mapJsonToHtml(jsonData) {
        mapJsonToHtmlScopeList("listOfRequestedScopesWithExistingConsent", jsonData.requestedScopesWithExistingConsent, "Already accepted scopes:");
-        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require consent:");
+        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require a consent:");
    }

    function mapJsonToHtmlScopeList(elementId, scopeInformation, title) {
-        if (scopeInformation && Object.keys(scopeInformation).length > 0) {
-            const consentInput = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-            if (consentInput) {
-                const container = document.createElement("div");
-                container.innerHTML = `<p style='margin-top: 0.5em'>${title}</p><div class='scopeinfobox'><ul id='${elementId}'></ul></div>`;
-                consentInput.insertAdjacentElement("afterend", container);
-
-                const ulElement = document.getElementById(elementId);
-                for (const key in scopeInformation) {
-                    if (scopeInformation.hasOwnProperty(key)) {
-                        const scopeDescription = scopeInformation[key][scopeDescriptionSource] || key;
-                        const li = document.createElement("li");
-                        li.textContent = scopeDescription;
-                        ulElement.appendChild(li);
-                    }
+        if (scopeInformation !== undefined && Object.keys(scopeInformation).length > 0) {
+            $("input[name=" + consentInformationFieldName +"]").after("<p style='margin-top: 0.5em'>" + title + "</p><div class='scopeinfobox'><ul id='" + elementId + "' /> </div>");
+            jQuery.each(scopeInformation, function(key,value) {
+                var scopeDescription = value[scopeDescriptionSource];
+                if (scopeDescription) {
+                    $("#" + elementId).append('<li>' + scopeDescription + '</li>');
+                } else {
+                    $("#" + elementId).append('<li>' + key + '</li>');
                }
-            }
+            });
        }
    }

    function parseJson() {
-        const consentInformationField = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-        if (consentInformationField) {
-            try {
-                return JSON.parse(consentInformationField.value);
-            } catch (e) {
-                console.error("Invalid JSON in consent information field:", e);
-            }
+        var consentInformationField = $("input[name=" +consentInformationFieldName +"]");
+        if (consentInformationField.length > 0) {
+            return JSON.parse(consentInformationField.val());
        }
    }

    displayOAuthScopesConsent();
 });
+
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
@ -1,44 +0,0 @@
-(function() {
-  'use strict'
-
-  async function submit(assertion) {
-    // as this is the last call we have to do a top-level request instead of AJAX
-    const form = document.createElement("form");
-    form.method = "POST";
-    form.style.display = "none";
-    addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", assertion.id);
-    addInput(form, "type", assertion.type);
-    console.log("assertion response:", assertion.response);
-    addInput(form, "response.clientDataJSON", assertion.response.clientDataJSON);
-    addInput(form, "response.authenticatorData", assertion.response.authenticatorData);
-    addInput(form, "response.signature", assertion.response.signature);
-    addInput(form, "response.userHandle", assertion.response.userHandle);
-    document.body.appendChild(form);
-    form.submit();
-  }
-
-  function authenticate() {
-    const hiddenField = document.querySelector("input[name='fido2_attestation_options']");
-    if (hiddenField && hiddenField.value) {
-        try {
-            const options = JSON.parse(hiddenField.value);
-            console.log("parsed attestation options:", JSON.stringify(options));
-
-            SimpleWebAuthnBrowser.startAuthentication({ optionsJSON: options, useBrowserAutofill: true })
-                .then(assertionResponse => {
-                    console.log("Authentication successful:", JSON.stringify(assertionResponse));
-                    submit(assertionResponse);
-                })
-                .catch(error => {
-                    console.log(`Passkey autofill skipped: ${error}`);
-                });
-        } catch (error) {
-            console.error("Error parsing fido2_attestation_options:", error);
-        }
-    } else {
-        console.log("Passkey autofill is disabled.");
-    }
-  }
-  authenticate();
-})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/print.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/print.css
@ -1,67 +0,0 @@
-@media print {
-   /* general printing rules */
-
-    body {
-      margin: 0;
-      color: #000000 !important;
-      background-color: #ffffff !important;
-
-      font-size: 12pt;
-      font-family: georgia, times, serif;
-
-      box-shadow: none !important;
-    }
-
-    header, footer, aside, nav, button, h1, h2, h3, h4, h5, h6 {
-      display: none;
-    }
-
-    main {
-      max-width: 100%;
-      box-shadow: none !important;
-    }
-
-    .printable {
-      display: block;
-    }
-
-    div:not(.printable) {
-      display: none;
-    }
-
-    .btn { 
-      display: none;
-    }
-
-    /* screen specific rules */
-
-    .login-container-body {
-      color: #000000 !important;
-      background-color: #ffffff !important;
-      box-shadow: none !important;
-      border-radius: unset;
-    }
-
-    .recovery-codes-wrapper {
-      overflow: unset !important;
-      height: unset !important;
-    }
-
-    #recovery-codes::before {
-      content: "Recovery Codes";
-      font-size: 16pt;
-    }
-
-    .recovery-code-white,
-    .recovery-code-gray {
-      color: #000000 !important;
-      background-color: #ffffff !important;
-
-      font-size: 14pt;
-      margin-top: 5pt;
-    }
-
-    .recovery-code-gray:first-child {
-      margin-top: 15pt;
-    }
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/saml_idp_logout.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/saml_idp_logout.js
@ -1,63 +0,0 @@
-function handleLogout(sp_urls, final_url) {
-
-    const request_urls = sp_urls.filter(function(current_url) {
-        return current_url.indexOf('SAMLRequest') > 0;
-    });
-
-    const response_urls = sp_urls.filter(function(current_url) {
-        return current_url.indexOf('SAMLResponse') > 0;
-    });
-
-    function kill_session() {
-        const current_url = window.location.href;
-        if (current_url.indexOf('?logout') == -1 && current_url.indexOf('&logout') == -1) {
-            console.log("current URL does not terminate the IDP session");
-            let logout_url = '';
-            if (current_url.indexOf('?') > 0) {
-                logout_url = current_url + "&logout";
-            } else {
-            }
-            fetch(logout_url, {
-                method: 'GET',
-                credentials: 'include'
-            }).then(response => {
-                if (!response.ok) {
-                    console.error('Logout request failed');
-                }
-            }).catch(error => {
-                console.error('Logout request error', error);
-            });
-        }
-    }
-
-    const requests = request_urls.map(current_url => {
-        return fetch(current_url, {
-            method: 'GET',
-            credentials: 'include',
-            mode: 'cors'
-        }).then(response => {
-            if (!response.ok) {
-                console.error('Request failed', current_url);
-            }
-        }).catch(error => {
-            console.error('Request error', current_url, error);
-        });
-    });
-
-    // send out the requests in parallel
-    // in any case we then terminate the IDP session and redirect to the correct destination
-    // we have to complete the logout no matter if the requests were successful or if there were failed requests
-    Promise.allSettled(requests).then(() => {
-        kill_session(); // required to terminate IDP session
-    }).finally(() => {
-        if (response_urls.length == 0) {
-            // redirect to root location on the IDP
-            console.log('Finish IDP-initiated SAML logout - redirecting to: ' + final_url);
-            window.location.href = final_url;
-        } else {
-            // only 1 such URL allowed. process ends on SP side
-            console.log('Finish SP-initiated SAML logout - redirecting to: ' + response_urls[0]);
-            window.location.href = response_urls[0];
-        }
-    })
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/show-password.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/show-password.js
@ -0,0 +1,11 @@
+function toggleInputType(passwordInputId, eyeIconId, resourcePath) {
+    const passwordInput = document.getElementById(passwordInputId);
+    const eyeIcon = document.getElementById(eyeIconId);
+    if (passwordInput.type === 'text') {
+        passwordInput.type = 'password';
+        eyeIcon.src = resourcePath + '/resources/eye.svg';
+        return;
+    }
+    passwordInput.type = 'text';
+    eyeIcon.src = resourcePath + '/resources/eye-off.svg';
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/simplewebauthn-browser@13.1.0.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/simplewebauthn-browser@13.1.0.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success-solid.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success-solid.svg
@ -1,3 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-  <path fill-rule="evenodd" clip-rule="evenodd" d="M9.00005 16.2C12.9765 16.2 16.2 12.9764 16.2 8.99999C16.2 5.02354 12.9765 1.79999 9.00005 1.79999C5.0236 1.79999 1.80005 5.02354 1.80005 8.99999C1.80005 12.9764 5.0236 16.2 9.00005 16.2ZM12.3364 7.83638C12.6879 7.48491 12.6879 6.91506 12.3364 6.56359C11.985 6.21212 11.4151 6.21212 11.0636 6.56359L8.10005 9.5272L6.93644 8.36359C6.58497 8.01212 6.01512 8.01212 5.66365 8.36359C5.31218 8.71506 5.31218 9.28491 5.66365 9.63638L7.46365 11.4364C7.81512 11.7879 8.38497 11.7879 8.73644 11.4364L12.3364 7.83638Z" fill="#52CC65"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success.svg
@ -1,3 +0,0 @@
-<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M22 32L28.6667 38.6667L42 25.3333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#52CC65" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/utils.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/utils.js
@ -1,41 +0,0 @@
-function addInput(form, name, value, type = "text") {
-  if (!form) throw new Error("Form element is required");
-  const input = document.createElement("input");
-  input.name = name;
-  input.type = type;
-  input.value = value;
-  form.appendChild(input);
-}
-
-function getSubmitButton() {
-  const submitButtons = [...document.querySelectorAll('button[name^="submit"]')];
-  if (submitButtons.length === 0) {
-    return null;
-  }
-  if (submitButtons.length > 1) {
-    throw new Error('There should be exactly 1 button on the screen with a name starting with "submit". Check the AuthState configuration.');
-  }
-  return submitButtons[0] || null;
-}
-
-function toggleEye(passwordInputId, eyeIconId, resourcePath) {
-  const passwordInput = document.getElementById(passwordInputId);
-  const eyeIcon = document.getElementById(eyeIconId);
-  if (!passwordInput || !eyeIcon) return;
-  const isPassword = passwordInput.type === 'password';
-  passwordInput.type = isPassword ? 'text' : 'password';
-  // Ensure correct path format
-  const normalizedPath = resourcePath.endsWith('/') ? resourcePath.slice(0, -1) : resourcePath;
-  eyeIcon.src = `${normalizedPath}/resources/eye${isPassword ? '-off' : ''}.svg`;
-}
-
-function formatNumberInput(numberInputId) {
-  const numberInput = document.getElementById(numberInputId);
-  if (!numberInput) return;
-  let value = numberInput.value || ''; // Handle potential null/undefined
-  value = value.replace(/[-e]/gi, '');
-  if (numberInput.maxLength > 0 && value.length > numberInput.maxLength) {
-    value = value.slice(0, numberInput.maxLength);
-  }
-  numberInput.value = value;
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/variables.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/variables.css
@ -1,52 +0,0 @@
-:root {
-    /* Default Colors */
-    --nevis-blue: #0d6efd;
-    --nevis-indigo: #6610f2;
-    --nevis-purple: #6f42c1;
-    --nevis-pink: #d63384;
-    --nevis-red: #F25562;
-    --nevis-orange: #fd7e14;
-    --nevis-yellow: #EFBA00;
-    --nevis-green: #151615;
-    --nevis-teal: #20c997;
-    --nevis-cyan: #0dcaf0;
-    --nevis-blue-100: #E1F5FB;
-    --nevis-blue-300: #A6DFED;
-    --nevis-blue-400: #75C3D7;
-    --nevis-blue-600: #168CA9;
-    --nevis-white: #ffffff;
-    --nevis-black: #000000;
-    --nevis-gray-100: #EDF1F2;
-    --nevis-gray-200: #DADFE0;
-    --nevis-gray-300: #C2CACC;
-    --nevis-gray-400: #A4AFB2;
-    --nevis-gray-500: #8A9699;
-    --nevis-gray-900: #1F2F33;
-
-    /* Theme */
-    --nevis-primary: var(--primary-color);
-    --nevis-secondary: var(--nevis-gray-400);
-    --nevis-success: var(--nevis-green);
-    --nevis-info: var(--nevis-cyan);
-    --nevis-warning: var(--nevis-yellow);
-    --nevis-danger: var(--nevis-red);
-    --nevis-light: var(--nevis-gray-100);
-    --nevis-dark: var(--nevis-gray-900);
-
-    /* Font */
-    --nevis-font-sans-serif: var(--font-family), system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", "Liberation Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
-
-    /* Common */
-    --nevis-border-radius: var(--border-radius);
-    --nevis-form-control-border-color: var(--nevis-gray-300);
-
-    --nevis-blue-icon-color: var(--nevis-blue-600);
-    --nevis-blue-icon-hover-bg-color: var(--nevis-blue-300);
-    --nevis-blue-icon-active-bg-color: var(--nevis-blue-400);
-
-    /* Components */
-    /* Readonly field*/
-    --nevis-readonly-bg-color: var(--nevis-blue-100);
-    --nevis-readonly-border-color: var(--nevis-blue-300);
-    --nevis-readonly-box-shadow-color: var(--nevis-blue-600);
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/window-onload.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/window-onload.js
@ -1,101 +0,0 @@
-// this js should run last
-
-// DOM is ready (stylesheets, images, and subframes may not have been loaded yet)
-window.addEventListener('DOMContentLoaded', () => {
-    'use strict'
-    handleLogoutButton();
-    onSubmitWithEnter();
-    onFormSubmit();
-});
-
-function handleLogoutButton() {
-    const logoutButton = document.getElementById("logout-btn");
-    if (logoutButton) {
-        logoutButton.addEventListener("click", function (event) {
-            event.preventDefault();
-            event.stopPropagation();
-
-            const url = new URL(window.location.href);
-
-            // Parse raw query string, split into key=value or key-only
-            const rawParams = window.location.search.substring(1).split("&").filter(Boolean);
-
-            // Keep only params that are not 'login' or 'logout'
-            const remainingParams = rawParams.filter(p => {
-                const key = p.split("=")[0];
-                return key !== "login" && key !== "logout";
-            });
-
-            // Add 'logout' first
-            const finalParams = ["logout", ...remainingParams];
-
-            const newQuery = finalParams.length ? `?${finalParams.join("&")}` : "";
-
-            // Redirect
-            window.location.href = url.origin + url.pathname + newQuery;
-        });
-    }
-}
-
-/**
- * Trigger to submit the button with name 'submit' and prevent other buttons to submission on 'Enter' keypress
- */
-function onSubmitWithEnter() {
-    'use strict'
-
-    document.addEventListener('keypress', function (event) {
-        if (event.key === 'Enter') {
-            if (['TEXTAREA', 'INPUT'].includes(event.target.tagName) && event.target.type !== 'submit') {
-                return; // allow pressing Enter inside text fields
-            }
-
-            event.preventDefault();
-            event.stopPropagation();
-
-            const submitButton = getSubmitButton();
-            if (submitButton !== null) {
-                submitButton.click();
-            }
-        }
-    });
-}
-
-/*
- * Setup form submit event handler for form with a required input.
- * Manages the submission in case triggered by:
- *   - non-genuine submit button: clear invalid required inputs and proceed the submission
- *   - real submit button: if there is an invalid field prevent submission and trigger validation class addition
- */
-function onFormSubmit() {
-    'use strict';
-
-    const form = document.querySelector('form');
-    if (!form) return;
-
-    form.addEventListener('submit', function onSubmit(event) {
-        const submitter = event.submitter || event.target;
-
-        // Check form validity once at the beginning
-        const isValid = form.checkValidity();
-
-        if (!submitter || !submitter.name.startsWith('submit')) {
-            // Clear invalid required inputs before submit
-            if (!isValid) {
-                document.querySelectorAll('input[required]:invalid').forEach(input => {
-                    if (input.value.length) {
-                        input.value = '';
-                    }
-                });
-            }
-            return event;
-        }
-
-        if (!isValid) {
-            console.log('Form is invalid');
-            event.preventDefault();
-            event.stopPropagation();
-        }
-
-        form.classList.add('was-validated'); // Add validation styling
-    }, false);
-}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/bundle.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/bundle.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/ask_mobile.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/ask_mobile.js
@ -1,15 +1,16 @@
 class ProvidePhoneNumber {
-	repeatModal;
+	modal;
 	declineModal;
+	providePhoneNumberLaterButton;
 	phoneNumberInput;
 	agovInputPhoneNumberInput;
 	repeatPhoneNumberInput;
 	agovInputRepeatPhoneNumberInput;
-	lastOpenedModal;

 	constructor() {
-		this.repeatModal = document.querySelector('#repeatModal');
+		this.modal = document.querySelector('#modal');
 		this.declineModal = document.querySelector('#declineModal');
+		this.providePhoneNumberLaterButton = document.querySelector('#providePhoneNumberLaterButton');
 		this.phoneNumberInput = document.querySelector('#phoneNumberInput');
 		this.agovInputPhoneNumberInput = document.querySelector('#agovInputPhoneNumberInput');
 		this.agovInputRepeatPhoneNumberInput = document.querySelector('#agovInputRepeatPhoneNumberInput');
@ -19,6 +20,20 @@ class ProvidePhoneNumber {
 		this.addPhoneInputEventHandlers(this.phoneNumberInput);
 		this.addPhoneInputEventHandlers(this.repeatPhoneNumberInput);

+		document.querySelector('#declineModalBack').addEventListener('click', () => {
+			this.resetValidation(this.agovInputPhoneNumberInput);
+			this.setInvisible(this.declineModal);
+		});
+		document.querySelector('#repeatPhoneNumberModalBack').addEventListener('click', () => {
+			this.initializePhoneInput(this.phoneNumberInput);
+			this.setInvisible(this.modal);
+		});
+		document.querySelector('#repeatPhoneNumberModalContinue').addEventListener('click', () => {
+			if (this.validateInput(this.agovInputRepeatPhoneNumberInput)) {
+				this.evaluatePhoneNumbersAndSubmit();
+				this.initializePhoneInput(this.phoneNumberInput);
+			}
+		});
 		document.querySelector('#providePhoneNumberContinueButton').addEventListener('click', () => {
 			const dialCode = `+${window.phoneNumberUtils.getDialCode()}`;
 			if (this.validateInput(this.agovInputPhoneNumberInput)) {
@ -26,37 +41,15 @@ class ProvidePhoneNumber {
 				this.initializePhoneInput(this.repeatPhoneNumberInput);
 				this.resetValidation(this.agovInputRepeatPhoneNumberInput);
 				this.showErrorBanner(false);
-				this.lastOpenedModal = 'repeatModal';
-				window.utils.openModal(this.repeatModal);
+				this.setVisible(this.modal);
 			}
 			else if (this.phoneNumberInput.value.trim() === '' ||
 				this.phoneNumberInput.value.trim() === dialCode) {
-				window.utils.openModal(this.declineModal);
+				this.setVisible(this.declineModal);
 			}
 		});
 	}

-	onCloseOpenModal() {
-		if (this.lastOpenedModal === 'declineModal') {
-			window.providePhoneNumber.onCloseDeclineModal();
-		}
-		else {
-			window.providePhoneNumber.onRepeatModalCancel();
-		}
-	}
-
-	onRepeatModalSubmit() {
-		if (this.validateInput(this.agovInputRepeatPhoneNumberInput)) {
-			this.evaluatePhoneNumbersAndSubmit();
-			this.initializePhoneInput(this.phoneNumberInput);
-		}
-	}
-
-	onRepeatModalCancel() {
-		this.initializePhoneInput(this.phoneNumberInput);
-		window.utils.closeModal(this.repeatModal);
-	}
-
 	addPhoneInputEventHandlers(phoneInputElement) {
 		phoneInputElement.addEventListener('input', () => {
 			this.formatAndEmitPhoneNumberValue(phoneInputElement);
@ -104,6 +97,19 @@ class ProvidePhoneNumber {
 		return true;
 	}

+	setInvisible(modalElement) {
+		window.utils.changeDisplay(modalElement, 'hidden', 'block');
+	}
+
+	setVisible(modalElement) {
+		window.utils.changeDisplay(modalElement, 'block', 'hidden');
+		const isMobile = !!/(iPhone|Android)/.test(window.navigator.userAgent);
+		if (isMobile) {
+			modalElement.classList.add('mobileDrawer');
+			document.dispatchEvent(new Event('initDrawerPopup'));
+		}
+	}
+
 	arePhoneNumbersEqual() {
 		const phoneNumber = this.phoneNumberInput.value.trim();
 		const repeatedPhoneNumber = this.repeatPhoneNumberInput.value.trim();
@ -112,7 +118,7 @@ class ProvidePhoneNumber {

 	evaluatePhoneNumbersAndSubmit() {
 		if (this.arePhoneNumbersEqual()) {
-			document.querySelector('#mobile').value = window.phoneNumberUtils.formatDefault(this.repeatPhoneNumberInput.value);
+			document.querySelector('#mobile').value = this.repeatPhoneNumberInput.value.trim().replaceAll(' ', '');
 			// Some other 'click' listeners from gsap (used in drawer.js) seem to interfere with the trigger click on
 			// submitPhoneNumber button. It happens only on mobile devices, where the drawer is used. setTimeout seems to help
 			// to avoid the issue (although it is just a workaround).
@ -121,7 +127,7 @@ class ProvidePhoneNumber {
 			}, 100);
 		}
 		else {
-			window.utils.closeModal(this.repeatModal);
+			this.setInvisible(this.modal);
 			this.showErrorBanner(true);
 		}
 	}
@ -135,44 +141,9 @@ class ProvidePhoneNumber {
 			window.utils.changeDisplay(errorBanner, 'hidden', 'block');
 		}
 	}
-
-	onCloseDeclineModal() {
-		this.resetValidation(this.agovInputPhoneNumberInput);
-		window.utils.closeModal(this.declineModal);
-	}
-
-	onSubmitDeclineModal() {
-		setTimeout(() => {
-			document.querySelector('#continueWithoutPhoneNumberButton').click();
-		});
-	}
 }

 document.addEventListener('DOMContentLoaded', () => {
 	document.dispatchEvent(new Event('initPhoneNumberUtils'));
 	window.providePhoneNumber = new ProvidePhoneNumber();
-
-	document.addEventListener('declineModalCancelEvent', () => {
-		window.providePhoneNumber.onCloseDeclineModal();
-	});
-	document.addEventListener('declineModalSubmitEvent', () => {
-		window.providePhoneNumber.onSubmitDeclineModal();
-	});
-
-	document.addEventListener('repeatModalCancelEvent', () => {
-		window.providePhoneNumber.onRepeatModalCancel();
-	});
-	document.addEventListener('repeatModalSubmitEvent', () => {
-		window.providePhoneNumber.onRepeatModalSubmit();
-	});
-
-	document.addEventListener('closeDrawerPopup', () => {
-		window.providePhoneNumber.onCloseOpenModal();
-	});
-
-	document.addEventListener('keyup', (e) => {
-		if (e.key === 'Escape') {
-			window.providePhoneNumber.onCloseOpenModal();
-		}
-	});
 });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/loginMask.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/loginMask.js
@ -1,25 +1,3 @@
-
-const mainContent = document.querySelector('#mainContent');
-const mobileLoginContainer = document.querySelector('#mobileLoginContainer');
-const mobileSecurityKeyModal = mobileLoginContainer.querySelector('#securityKeyModal');
-const mobileAccessAppModal = mobileLoginContainer.querySelector('#accessAppModal');
-const desktopTitle = document.querySelector('#desktopTitle');
-const mobileSubtitle = document.querySelector('#mobileSubtitle');
-const cannotLoginSubtitle = document.querySelector('#cannotLoginSubtitle');
-const cannotLoginSubtitleDrawer = document.querySelector('#cannotLoginSubtitleDrawer');
-
-const accessAppModal = document.querySelector('#accessAppModal');
-const securityKeyModal = document.querySelector('#securityKeyModal');
-const accessAppBtn = document.querySelector('#accessAppLoginBtn');
-const securityKeyBtn = document.querySelector('#securityKeyLoginBtn');
-
-const labelsToChangeBasedOnSelectedMethod = [
-	desktopTitle,
-	mobileSubtitle,
-	cannotLoginSubtitle,
-	cannotLoginSubtitleDrawer
-];
-
 function setValueToSecurityKeyOrAccessAppLabel(element, selectedMethod) {
 	element.textContent = (selectedMethod === 'securityKey'
 		? element.dataset.securitykeylabel
@ -47,16 +25,6 @@ function showAccessAppModal() {
 	changeDisplay(mobileSecurityKeyModal, 'hidden', 'flex');
 }

-function hideSecurityKeyAndShowAccessAppBtn() {
-	changeDisplay(accessAppBtn, 'block', 'hidden');
-	changeDisplay(securityKeyBtn, 'hidden', 'block');
-}
-
-function hideAccessAppAndShowSecurityKeyBtn() {
-	changeDisplay(securityKeyBtn, 'block', 'hidden');
-	changeDisplay(accessAppBtn, 'hidden', 'block');
-}
-
 function changeLabelsBasedOnSelectedMethod(selectedMethod) {
 	labelsToChangeBasedOnSelectedMethod.forEach(label => {
 		if (label) {
@ -65,14 +33,33 @@ function changeLabelsBasedOnSelectedMethod(selectedMethod) {
 	});
 }

+const mainContent = document.querySelector('#mainContent');
+const mobileLoginContainer = document.querySelector('#mobileLoginContainer');
+const mobileSecurityKeyModal = mobileLoginContainer.querySelector('#securityKeyModal');
+const mobileAccessAppModal = mobileLoginContainer.querySelector('#accessAppModal');
+const desktopTitle = document.querySelector('#desktopTitle');
+const mobileSubtitle = document.querySelector('#mobileSubtitle');
+const cannotLoginSubtitle = document.querySelector('#cannotLoginSubtitle');
+const cannotLoginSubtitleDrawer = document.querySelector('#cannotLoginSubtitleDrawer');
+
+const accessAppModal = document.querySelector('#accessAppModal');
+const securityKeyModal = document.querySelector('#securityKeyModal');
+const accessAppBtn = document.querySelector('#accessAppLoginBtn');
+const securityKeyBtn = document.querySelector('#securityKeyLoginBtn');
+
+const labelsToChangeBasedOnSelectedMethod = [
+	desktopTitle,
+	mobileSubtitle,
+	cannotLoginSubtitle,
+	cannotLoginSubtitleDrawer
+];
+
 document.addEventListener('showAccessAppLogin', () => {
 	showAccessAppModal();
-	hideAccessAppAndShowSecurityKeyBtn();
 	changeLabelsBasedOnSelectedMethod('accessApp');
 });
 document.addEventListener('showSecurityKeyLogin', () => {
 	showSecurityKeyModal();
-	hideSecurityKeyAndShowAccessAppBtn();
 	changeLabelsBasedOnSelectedMethod('securityKey');
 });

@ -91,12 +78,14 @@ else {

 securityKeyBtn.addEventListener('click', () => {
 	showSecurityKeyModal();
-	hideSecurityKeyAndShowAccessAppBtn();
+	changeDisplay(accessAppBtn, 'block', 'hidden');
+	changeDisplay(securityKeyBtn, 'hidden', 'block');
 	changeLabelsBasedOnSelectedMethod('securityKey');
 });

 accessAppBtn.addEventListener('click', () => {
 	showAccessAppModal();
-	hideAccessAppAndShowSecurityKeyBtn();
+	changeDisplay(securityKeyBtn, 'block', 'hidden');
+	changeDisplay(accessAppBtn, 'hidden', 'block');
 	changeLabelsBasedOnSelectedMethod('accessApp');
 });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/tailwind.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/tailwind.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/Loggedout.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/Loggedout.vm
@ -77,7 +77,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p data-test="footer.info.right">1.12.0.0.3113-20250818T085306Z</p>
+		<p data-test="agovVersionNumber">1.11.0.local-20250704T042155Z-haburger: Fri Jul  4 06:28:02 CEST 2025</p>
 	</footer>
 </body>
 <script src="${login.appDataPath}/static/bundle.js"></script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/accessAppLogin.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/accessAppLogin.vm
@ -1,25 +1,56 @@
-<div id="accessAppModal"
-	 class="h-full hidden sm:min-h-[297px]">
-	<agov-banner class="hidden mb-4"
-				 id="desktopBanner"
-				 aria-live="assertive"
-				 data-info-description="$text.get("mauth_usernameless.banner.info")"
-				 data-success-description="$text.get("mauth_usernameless.banner.success")"
-				 data-error-description="$text.get("mauth_usernameless.banner.error")">
-	</agov-banner>
-	<div class="relative flex flex-col gap-4 h-full">
-		<div id="blurBackdrop"
-			 class="hidden absolute backdrop-blur-sm -top-1 -bottom-8 -left-4 -right-4 z-10">
+<div id="accessAppModal" class="h-full hidden sm:min-h-[297px]">
+	<div id="desktopBannerContainer" class="desktopBanner mb-4 hidden" aria-live="assertive">
+		<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
+			<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
+			<p class="font-body text-body-l text-space-blue dark:text-white">
+				$text.get("mauth_usernameless.banner.info")
+			</p>
+		</div>
+
+		<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background items-center p-4">
+			<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
+			<div>
+				<p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("mauth_usernameless.banner.success")
+				</p>
+			</div>
+		</div>
+
+		<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
+			<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+			<p class="font-body text-body-l text-space-blue dark:text-white">
+				$text.get("mauth_usernameless.banner.error")
+			</p>
+		</div>
+	</div>
+	<div class="relative flex flex-col gap-4 h-full">
+		<div id="blurBackdrop" class="hidden absolute backdrop-blur-sm -top-1 -bottom-8 -left-4 -right-4 z-10"></div>
+		<div id="mobileBannerContainer" class="mobileBanner relative z-20 mb-4 hidden" aria-live="assertive">
+			<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
+				<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
+				<p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("mauth_usernameless.banner.info")
+				</p>
+			</div>
+
+			<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background items-center p-4">
+				<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
+				<div>
+					<p class="font-body text-body-l text-space-blue dark:text-white">
+						$text.get("mauth_usernameless.banner.success")
+					</p>
+				</div>
+			</div>
+
+			<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
+				<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+				<p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("mauth_usernameless.banner.error")
+				</p>
+			</div>
 		</div>
-		<agov-banner class="hidden z-20 mb-4 relative"
-					 id="accessAppMobileBanner"
-					 aria-live="assertive"
-					 data-info-description="$text.get("mauth_usernameless.banner.info")"
-					 data-success-description="$text.get("mauth_usernameless.banner.success")"
-					 data-error-description="$text.get("mauth_usernameless.banner.error")">
-		</agov-banner>
 		<div id="agovLoginImageMobile"
-			 class="sm:hidden block max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
+			 class="hidden max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
 			<img alt=""
 				 src="${login.appDataPath}/static/images/accessApp.svg"
 				 class="block dark:hidden w-[96px] h-[96px]">
@ -28,27 +59,10 @@
 				 src="${login.appDataPath}/static/images/accessApp_dark.svg"
 				 class="hidden dark:block w-[96px] h-[96px]">
 		</div>
-		<div id="QRCodeHolder" class="hidden sm:block">
-			<div class="relative">
-				<canvas
-						role="img"
-						aria-describedby="labelQRCodeInstructions"
-						id="mauth_qrcode"
-						class="mb-6 mx-auto">
-				</canvas>
-				<button id="showModalButton"
-						aria-label="$text.get("qrCode.label")"
-						class="absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2
-					 w-[166px] h-[166px]
-					 hover:bg-indigo/5 hover:rounded-[8px]
-					 active:bg-indigo/10
-					 focus-visible:bg-indigo/10 focus:rounded-[8px] focus-visible:outline-offset-2
-					 focus-visible:before:border focus-visible:before:border-indigo
-					 focus-visible:before:absolute
-					 focus-visible:before:-inset-3px focus-visible:before:rounded-[8px]
-					 dark:focus-visible:before:border-lilac dark:focus-visible:outline-offset-2
-					 focus:outline-none">
-				</button>
+		<div id="QRCodeHolder">
+			<div  class="relative">
+				<canvas tabindex="0" role="img" aria-labelledby="labelQRCodeInstructions" id="mauth_qrcode"
+						class="mb-6 mx-auto"></canvas>
 				<div class="hidden" id="QRcodeHiddenLink"></div>
 				<span id="spinner" class="hidden absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2 z-20">
 					<img src="${login.appDataPath}/static/images/spinner.svg"
@ -59,13 +73,13 @@
 			</div>
 			<a id="accessAppLinkIpad" href="" class="hidden">
 				<agov-button
-						class="block basis-full mb-6"
-						data-name="accessApp"
-						data-value="accessApp"
-						data-id="accessAppIpad"
-						data-label="$text.get("general.goToAccessApp")"
-						data-type="button"
-						data-fullwidth="true">
+					class="block basis-full mb-6"
+					data-name="accessApp"
+					data-value="accessApp"
+					data-id="accessAppIpad"
+					data-label="$text.get("general.goToAccessApp")"
+					data-type="button"
+					data-fullwidth="true">
 				</agov-button>
 			</a>
 			<div class="accessAppInstructions flex bg-indigo-light rounded-xl p-4 sm:mb-0 mb-2 items-center	dark:bg-purple-black">
@ -77,15 +91,11 @@
 				</p>
 			</div>
 		</div>
-		<form class="w-full sm:static mt-auto"
-			  id="$gui.name"
-			  name="$gui.name"
-			  method="POST"
-			  target="_self"
-			  action="$formTarget"
+		<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget"
 			  autocomplete="off"
-			  accept-charset="UTF-8">
-			<div id="mobileButtons" class="sm:hidden w-full">
+			  accept-charset="UTF-8" class="w-full sm:static mt-auto">
+
+			<div id="mobileButtons" class="hidden w-full">
 				<div class="flex flex-col">
 					<a id="accessAppLink" href="">
 						<agov-button
@ -110,6 +120,7 @@
 							data-type="button"
 							data-fullwidth="true">
 					</agov-button>
+
 					<agov-button
 							id="hideQR"
 							class="hidden basis-full"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/ask_mobile_number.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/ask_mobile_number.vm
@ -3,19 +3,22 @@
 #parse("${templatePath}/backdrop.vm")

 <div id="mainContent" class="container mx-auto sm:mt-32 sm:max-w-full flex flex-auto sm:block">
-	<div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
-		<div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
+    <div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
+        <div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
 		basis-full md:basis-1/2">
-			<div class="flex mb-8 items-baseline">
-				<h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">
+            <div class="flex mb-8 items-baseline">
+                <h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">
 					$text.get("providePhoneNumber.title")
                </h3>
            </div>
            <div class="flex flex-col gap-8">
-				<agov-banner class="hidden error"
-							 id="errorBanner"
-							 data-error-description="$text.get("providePhoneNumber.errorBanner")">
-				</agov-banner>
+                <div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 hidden"
+                     id="errorBanner">
+                    <i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+                    <p class="font-body text-body-l text-space-blue dark:text-white">
+						$text.get("providePhoneNumber.errorBanner")
+                    </p>
+                </div>
                <div class="flex flex-col gap-4">
                    <p class="font-body text-body-l text-space-blue dark:text-white">
 						$text.get("providePhoneNumber.description")
@ -36,9 +39,12 @@
                </div>
            </div>
            <div class="flex flex-col gap-4">
-				<agov-banner class="info"
-							 data-info-description="$text.get("providePhoneNumber.banner")">
-				</agov-banner>
+                <div class="info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
+                    <i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
+                    <p class="font-body text-body-l text-space-blue dark:text-white">
+						$text.get("providePhoneNumber.banner")
+                    </p>
+                </div>
                <div class="w-full sm:static mt-auto">
                    <div class="flex flex-col-reverse sm:flex-row gap-4">
                        <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
@ -74,90 +80,137 @@
    </div>
 </div>

-<agov-modal class="hidden"
-			id="repeatModal"
-			data-title="$text.get("providePhoneNumber.modal.title")"
-			data-description="$text.get("providePhoneNumber.modal.description")"
-			data-cancel-button-label="$text.get("general.back")"
-			data-submit-button-label="$text.get("general.continue")"
-			data-submit-button-event-name="repeatModalSubmitEvent"
-			data-cancel-button-event-name="repeatModalCancelEvent">
-	<agov-input
-			id="agovInputRepeatPhoneNumberInput"
-			data-label="$text.get("providePhoneNumber.modal.inputLabel")"
-			data-id="repeatPhoneNumberInput"
-			data-name="repeatPhoneNumberInput"
-			data-placeholder=""
-			data-value=""
-			data-type="tel"
-			data-autofocus="true"
-			data-is_icon_padding_ignored="true"
-			data-email_invalid="$text.get("general.wrongPhoneNumber")"
-			data-email_required="$text.get("general.fieldRequired")">
-	</agov-input>
-</agov-modal>
-<form class="hidden"
-	  id="$gui.name"
-	  name="$gui.name"
-	  method="POST"
-	  target="_self"
-	  action="$formTarget"
-	  autocomplete="off"
-	  accept-charset="UTF-8">
-	<agov-input data-label="$text.get("providePhoneNumber.modal.inputLabel")"
-				data-id="mobile"
-				data-name="mobile"
-				data-placeholder=""
-				data-value=""
-				data-type="tel">
-	</agov-input>
-	<agov-button data-name="submit"
-				 data-id="submitPhoneNumber"
-				 data-value="submit"
-				 data-type="submit"
-				 data-label="$text.get("general.continue")">
-	</agov-button>
-	<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-</form>
+<div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+    <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
+    <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+    <div id="drawer"
+         class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">

-<agov-modal class="hidden"
-			id="declineModal"
-			data-title="$text.get("providePhoneNumber.laterModal.title")"
-			data-cancel-button-label="$text.get("general.back")"
-			data-submit-button-label="$text.get("general.continue")"
-			data-submit-button-event-name="declineModalSubmitEvent"
-			data-cancel-button-event-name="declineModalCancelEvent">
-	<div class="flex flex-col gap-4" id="modalDescriptionExtra">
-		<p class="font-body text-body-l text-space-blue dark:text-white">
-			$text.get("providePhoneNumber.laterModal.description1")
-		</p>
-		<p class="font-body text-body-l text-space-blue dark:text-white">
-			$text.get("providePhoneNumber.laterModal.description2")
-		</p>
-		<p class="font-body text-body-l text-space-blue dark:text-white">
-			$text.get("providePhoneNumber.laterModal.description3")
-		</p>
-	</div>
-</agov-modal>
-<form class="hidden"
-	  id="$gui.name"
-	  name="$gui.name"
-	  method="POST"
-	  target="_self"
-	  action="$formTarget"
-	  autocomplete="off"
-	  accept-charset="UTF-8">
-	<agov-button
-			data-name="submit"
-			data-id="continueWithoutPhoneNumberButton"
-			data-value="submit"
-			data-label="$text.get("general.continue")"
-			data-type="submit"
-			data-fullwidth="true">
-	</agov-button>
-	<input class="hidden" name="skip" value="persistent">
-	<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-</form>
+        <div id="modalTab" class="mb-6 cursor-pointer hidden">
+            <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
+        </div>
+        <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
+			$text.get("providePhoneNumber.modal.title")
+        </h4>
+        <div class="flex flex-col gap-[72px]">
+            <div class="flex flex-col gap-8">
+                <div id="modalDescription">
+                    <p class="font-body text-body-l text-space-blue dark:text-white">
+						$text.get("providePhoneNumber.modal.description")
+                    </p>
+                </div>
+                <agov-input
+                        id="agovInputRepeatPhoneNumberInput"
+                        data-label="$text.get("providePhoneNumber.modal.inputLabel")"
+                        data-id="repeatPhoneNumberInput"
+                        data-name="repeatPhoneNumberInput"
+                        data-placeholder=""
+                        data-value=""
+                        data-type="tel"
+                        data-autofocus="true"
+                        data-is_icon_padding_ignored="true"
+                        data-email_invalid="$text.get("general.wrongPhoneNumber")"
+                        data-email_required="$text.get("general.fieldRequired")">
+                </agov-input>
+                <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+                      accept-charset="UTF-8"
+                      class="hidden flex flex-col flex-auto block">
+                    <agov-input
+                            id="agovInputMobile"
+                            data-label="$text.get("providePhoneNumber.modal.inputLabel")"
+                            data-id="mobile"
+                            data-name="mobile"
+                            data-placeholder=""
+                            data-value=""
+                            data-type="tel"
+                            data-autofocus="true">
+                    </agov-input>
+                    <agov-button
+                            class="basis-full"
+                            data-name="submit"
+                            data-id="submitPhoneNumber"
+                            data-value="submit"
+                            data-type="submit"
+                            data-label="$text.get("general.continue")"
+                            data-fullwidth="true">
+                    </agov-button>
+                    <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
+                </form>
+            </div>
+            <div class="w-full sm:static mt-auto">
+                <div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
+                    <agov-button
+                            class="block"
+                            id="repeatPhoneNumberModalBack"
+                            data-style="secondary"
+                            data-label="$text.get("general.back")"
+                            data-type="button"
+                            data-fullwidth="true">
+                    </agov-button>
+                    <agov-button
+                            class="block"
+                            id="repeatPhoneNumberModalContinue"
+                            data-style="primary"
+                            data-label="$text.get("general.continue")"
+                            data-type="button"
+                            data-fullwidth="true">
+                    </agov-button>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div id="declineModal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+    <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
+    <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+    <div id="drawer"
+         class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
+        <div id="modalTab" class="mb-6 cursor-pointer hidden">
+            <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
+        </div>
+        <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
+			$text.get("providePhoneNumber.laterModal.title")
+        </h4>
+        <div class="flex flex-col gap-[72px]">
+            <div class="flex flex-col gap-4" id="modalDescription">
+                <p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("providePhoneNumber.laterModal.description1")
+                </p>
+                <p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("providePhoneNumber.laterModal.description2")
+                </p>
+                <p class="font-body text-body-l text-space-blue dark:text-white">
+					$text.get("providePhoneNumber.laterModal.description3")
+                </p>
+            </div>
+            <div class="w-full sm:static mt-auto sm:justify-items-end">
+                <div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
+                    <agov-button
+                            id="declineModalBack"
+                            data-style="secondary"
+                            data-label="$text.get("general.back")"
+                            data-type="button"
+                            data-fullwidth="true">
+                    </agov-button>
+                    <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+                          accept-charset="UTF-8"
+                          class="flex flex-col flex-auto block">
+                        <agov-button
+                                data-name="submit"
+                                data-value="submit"
+                                data-label="$text.get("general.continue")"
+                                data-type="submit"
+                                data-fullwidth="true">
+                        </agov-button>
+                        <input class="hidden" name="skip" value="persistent">
+                        <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

 <script src="${login.appDataPath}/static/js-code/ask_mobile.js">
 </script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/default.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/default.vm
@ -1,5 +1,3 @@
-## modern login template
-
 #set($jsValidation = 1) ## enable JS validation, client-side

 #set($useFormEncryption = $gui.encryption && ($gui.encryption.length() > 0))
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/footer.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/footer.vm
@ -3,7 +3,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p data-test="footer.info.right">1.12.0.0.3113-20250818T085306Z</p>
+		<p data-test="agovVersionNumber">1.11.0.local-20250704T042155Z-haburger: Fri Jul  4 06:28:02 CEST 2025</p>
 	</footer>
 	<script src="${login.appDataPath}/static/bundle.js"></script>
 </body>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/form.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/form.vm
@ -1,91 +1,127 @@
 ## if only form, then we include javascript here (start of body)
 #if ($isFormRequest)
-  #parse("${templatePath}/js_start.vm")
+    #parse("${templatePath}/js_start.vm")
 #end

 #set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
-<form id="$gui.name" name="$gui.name" method="POST" action="$formTarget" novalidate>

-  ## "Hidden" button which is triggered when clicking on a received SMS notification on a mobile phone to paste it automatically. Otherwise, the first submit button found (back arrow) is clicked.
-  <button class="hidden-verification-code-submit-button" type="submit" value="true" tabindex="-1"></button>
-
-  ## Common header with logo above the content.
-  #if (!$minimalHeader)
-    <div class="login-container-header">
-      #renderHeader($gui)
-      <img class="mb-1 max-w-full" src="${login.appDataPath}/resources/logo.png?v=1b26ec26" alt="Company Logo">
-      <span class="brand-name">$text.get("title")</span>
+#if ($useFormEncryption)
+    <div id="e2eeSplashScreen" style="display:none;">
+        <h2 class="logintitle text-center">$gui.label</h2>
+        <div class="field info" id="info">$text.get("e2ee.splashscreen.msg")</div>
    </div>
-  #end
-
-  <div class="login-container-body printable">
-    #set($topPaddingModifier = '')
-
-    ## Setting cancel button and language selection dropdown as part of the body, as minimal header.
-    #if ($minimalHeader)
-      #set($topPaddingModifier = 'pt-0') ## Removing padding from top of content.
-      <div class="login-container-minimal-header">
-        #renderHeader($gui)
-      </div>
-    #end
-
-    <div class="login-container-body-content printable $topPaddingModifier form-group">
-
-      #renderTitle($gui)
-
-      ## this block applies for usernameless mobile authentication
-      #if ($gui.name == "mauth_usernameless")
-        <center id="mauth_started" style="display: none">
-            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
-            <br><br>
-              <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
-              <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
-              </canvas>
-              <div id="mauth_link_parent" class="form-group" style="display: none">
-                  <a href="" id="mauth_link">$text.get("mobile_auth.link")</a>
-              </div>
-        </center>
-      #end
-
-      #renderGeneric($gui)
-
-      ## this block applies when Channel is set to Push / Link
-      #if ($gui.name == "mauth_link_qr" || $gui.name == "mauth_onboard")
-        <!-- shown after dispatching -->
-        <center id="mauth_started">
-            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
-            <br><br>
-            <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
-            <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
-            </canvas>
-            <div id="mauth_link_parent" class="form-group" style="display: none">
-                $text.get("mobile_auth.link")
-            </div>
-        </center>
-      #end
-
-      ## this block applies when Channel is set to Push / QR-code (in-app)
-      #if ($gui.name == "mauth_push_qr")
-        <!-- shown if the user has multiple devices -->
-        <ul id="mauth_devices" style="display: none">
-        </ul>
-        <!-- shown after selecting the device -->
-        <center id="mauth_started" style="display: none">
-            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
-            <p id="mauth_match_numbers" style="font-size: 64px; display: none;"></p>
-            <p id="mauth_qrcode_info">$text.get("mobile_auth.push-or-scan")</p>
-            <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
-            </canvas>
-        </center>
-      #end
-
-      #renderSocialLoginButtons($gui)
-      #renderFormLinks($gui)
-    </div>
-  </div>
-</form>
-
-## if only form, then we include javascript here (end of body)
-#if ($isFormRequest)
-  #parse("${templatePath}/js_end.vm")
 #end
+
+<div id="loginform">
+
+    <form id="$gui.name" name="$gui.name"
+    #if ($useFormEncryption) onsubmit="new e2eenc().encryptForm('$gui.encryption','$gui.name')" #end
+    method="POST" target="_self" action="$formTarget" autocomplete="off" accept-charset="UTF-8" class="form-horizontal">
+
+		<h1 class="logintitle text-center">$gui.label</h1>
+
+        #set ($tabindex = 0)
+        #set ($policyFailureOpen = false)
+	    #set ($policyInfoOpen = false)
+
+	    #foreach ($guiElem in $gui.getGuiElems())
+	        #set ($tabindex = $tabindex+1)
+            #if ($guiElem.name.startsWith("policyInfo") && $guiElem.label && $guiElem.label.length() > 0)
+                #if (!$policyInfoOpen)
+                    <div class="form-group">
+                        <div class="col-sm-offset-3 col-sm-6">
+                    #set ($policyInfoOpen = true)
+                #end
+                <span class="help-block small" id="$guiElem.name">$guiElem.label</span>
+            #elseif ($guiElem.name.startsWith("policyFailure") && $guiElem.label && $guiElem.label.length() > 0)
+                #if (!$policyFailureOpen)
+                    <div class="form-group has-error">
+                        <div class="col-sm-offset-3 col-sm-6">
+                    #set ($policyFailureOpen = true)
+                #end
+                <span class="help-block small" id="$guiElem.name">$guiElem.label</span>
+            #else
+                #if (!$guiElem.name.startsWith("policyInfo") && $policyInfoOpen) ## close
+                        </div>
+                    </div>
+                    #set ($policyInfoOpen = false)
+                #end
+                #if (!$guiElem.name.startsWith("policyFailure") && $policyFailureOpen) ## close
+                        </div>
+                    </div>
+                    #set ($policyFailureOpen = false)
+                #end
+                #renderFormField($guiElem, $gui, $tabindex)
+            #end
+	    #end
+
+        ## this block applies when Channel is set to Push / Link
+	    #if ($gui.name == "mauth_link_qr" || $gui.name == "mauth_onboard")
+            <!-- shown after dispatching -->
+	        <center id="mauth_started">
+	            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
+	            <br><br>
+                <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
+                <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
+                </canvas>
+                <div id="mauth_link_parent" class="form-group" style="display: none">
+                    $text.get("mobile_auth.link")
+                </div>
+	        </center>
+	    #end
+
+        ## this block applies when Channel is set to Push / QR-code (in-app)
+        #if ($gui.name == "mauth_push_qr")
+            <!-- shown if the user has multiple devices -->
+            <ul id="mauth_devices" style="display: none">
+            </ul>
+            <!-- shown after selecting the device -->
+            <center id="mauth_started" style="display: none">
+                <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
+                <p id="mauth_match_numbers" style="font-size: 64px; display: none;"></p>
+                <p id="mauth_qrcode_info">$text.get("mobile_auth.push-or-scan")</p>
+                <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
+                </canvas>
+            </center>
+        #end
+
+        ## this block applies for usernameless mobile authentication
+        #if ($gui.name == "mauth_usernameless")
+	        <center id="mauth_started" style="display: none">
+	            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
+	            <br><br>
+                <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
+                <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
+                </canvas>
+                <div id="mauth_link_parent" class="form-group" style="display: none">
+                    <a href="" id="mauth_link">$text.get("mobile_auth.link")</a>
+                </div>
+	        </center>
+        #end
+
+        #if ($useFormEncryption)
+            <input type="hidden" name="e2eenc.fields" value="not-set">
+            <input type="hidden" name="e2eenc.iv" value="not-set">
+            <input type="hidden" name="e2eenc.encapsulation" value="not-set">
+        #end
+
+        #renderFormControls($gui)
+        #renderFormLinks($gui)
+    </form>
+
+    <!-- position input focus into first element of form -->
+    <script type="text/javascript">
+        const form = document.forms['$gui.name'];
+        if (form) {
+          const input = form.elements[0];
+          if (input) {
+            input.focus();
+          }
+        }
+    </script>
+
+    ## if only form, then we include javascript here (end of body)
+    #if ($isFormRequest)
+        #parse("${templatePath}/js_end.vm")
+    #end
+</div>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/generic_auth_error.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/generic_auth_error.vm
@ -36,4 +36,3 @@

 	</div>
 </div>
-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/html.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/html.vm
@ -1,47 +1,32 @@
 <!DOCTYPE html>
 <html lang="${utils.escapeHtml($login.localeCode)}">

-  <head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1">
+	<head>
+		<title>$text.get('title')</title>

-    <title>$text.get('title')</title>
+		<meta charset="utf-8">
+		<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">

-    <link href="${login.appDataPath}/resources/variables.css?v=475bfae4" rel="stylesheet">
-    <link href="${login.appDataPath}/resources/bootstrap.min.css?v=3f1c72e8" rel="stylesheet">
-    <link href="${login.appDataPath}/resources/customized-bootstrap.css?v=cd0eaec2" rel="stylesheet">
-    <link href="${login.appDataPath}/resources/main.css?v=e8e5f18f" rel="stylesheet">
-    <link href="${login.appDataPath}/resources/print.css?v=8df37d2d" rel="stylesheet" media="print">
+        <link href="${login.appDataPath}/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="${login.appDataPath}/resources/bootstrap-theme.min.css" rel="stylesheet" type="text/css" media="all">
+        <link href="${login.appDataPath}/resources/default.css" rel="stylesheet" type="text/css" media="all">

-    <style>
-      :root {
-        /* Configurable CSS custom properties START */
-        --primary-color: #168CA9;
-        --border-radius: 0.5rem;
-        --font-family: Roboto;
-        /* Configurable CSS custom properties END*/
-      }
-    </style>
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">

-    <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+        #parse("${templatePath}/js_start.vm")
+	</head>

-    #parse("${templatePath}/js_start.vm")
-  </head>
+	<body>
+	    #parse("${templatePath}/lang.vm")

-  <body>
-    ## show header without brand logo and name for some GUIs
-    #if ($gui.name == "authcloud_onboard")
-      #set ($minimalHeader = true)
-    #end
+        #parse("${templatePath}/header.vm")

-    #set($loginContainerDisplay = 'd-block') ## Default display behavior
-    #if ($loginContainerHidden)
-      #set($loginContainerDisplay = 'd-none') ## Display none
-    #end
-    <main class="login-container $loginContainerDisplay">
-      #parse("${templatePath}/form.vm")
-    </main>
+		<main id="content" class="container">
+            #parse("${templatePath}/form.vm")
+		</main>

-    #parse("${templatePath}/js_end.vm")
-  </body>
+        #parse("${templatePath}/footer.vm")
+
+        #parse("${templatePath}/js_end.vm")
+	</body>
 </html>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_end.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_end.vm
@ -1,37 +1,49 @@
-<script src="${login.appDataPath}/resources/bootstrap.bundle.min.js?v=50efbf3d"></script>
-<script src="${login.appDataPath}/resources/window-onload.js?v=0e43b633"></script>
+<script src="${login.appDataPath}/resources/dropdown.js"></script>
+<script src="${login.appDataPath}/resources/show-password.js"></script>

 #if ($gui.name == "oauth_consent")
-    <script src="${login.appDataPath}/resources/oauth_consent.js?v=339b6d0d"></script>
+    <script src="${login.appDataPath}/resources/oauth_consent.js"></script>
+#end
+
+#if ($gui.name == "authcloud")
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/authcloud.js"></script>
+#end
+
+#if ($gui.name == "authcloud_onboard")
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/authcloud_onboard.js"></script>
+#end
+
+#if ($gui.name == "authcloud_login")
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/authcloud_login.js"></script>
 #end

 #if ($gui.name == "mauth_onboard")
-    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_onboard.js?v=38723856"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_onboard.js"></script>
 #end

 #if ($gui.name == "mauth_link_qr")
-    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_link_qr.js?v=fd5fd826"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_link_qr.js"></script>
 #end

 #if ($gui.name == "mauth_push_qr")
-    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_push_qr.js?v=3c6a82b5"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_push_qr.js"></script>
 #end

 #if ($gui.name == "mauth_usernameless")
-    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_usernameless.js?v=f7614de6"></script>
-#end
-
-#if ($gui.name.startsWith("fido2"))
-  <script src="${login.appDataPath}/resources/fido2_utils.js?v=e32b17fe"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_usernameless.js"></script>
 #end

 #if ($gui.name == "fido2_auth")
-  <script src="${login.appDataPath}/resources/base64.js?v=eee75ab4"></script>
-  <script src="${login.appDataPath}/resources/fido2_auth.js?v=67c408f6"></script>
+    <script src="${login.appDataPath}/resources/base64.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_auth.js"></script>
 #end

 #if ($gui.name == "fido2_auth_std")
@ -47,43 +59,18 @@
            userVerification: "$userVerification",
       };
    </script>
-    <script src="${login.appDataPath}/resources/simplewebauthn-browser@7.1.0.min.js?v=2178ec68"></script>
-    <script src="${login.appDataPath}/resources/fido2_utils.js?v=e32b17fe"></script>
-    <script src="${login.appDataPath}/resources/fido2_auth_std.js?v=576c17e9"></script>
+    <script src="${login.appDataPath}/resources/simplewebauthn-browser@7.1.0.min.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_auth_std.js"></script>
 #end

 #if ($gui.name == "fido2_onboard")
-  <script src="${login.appDataPath}/resources/base64.js?v=eee75ab4"></script>
-  <script src="${login.appDataPath}/resources/fido2_onboard.js?v=701888a8"></script>
+    <script src="${login.appDataPath}/resources/base64.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_onboard.js"></script>
 #end

-#if ($gui.name == "fido2_check")
-  <script src="${login.appDataPath}/resources/fido2_check.js?v=41e0e891"></script>
-  ## Hide the login container while check in progress
-  #set ($loginContainerHidden = true)
-#end
-
-#if ($gui.name == "authcloud_onboard")
-  <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-  <script src="${login.appDataPath}/resources/authcloud_onboard.js?v=58fe635a"></script>
-#end
-
-#if ($gui.name == "authcloud_login")
-  <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-  <script src="${login.appDataPath}/resources/authcloud_login.js?v=999ceb11"></script>
-#end
-
-#if ($gui.getGuiElem("fido2_attestation_options"))
-  <script src="${login.appDataPath}/resources/simplewebauthn-browser@13.1.0.min.js?v=1127fa91"></script>
-  <script src="${login.appDataPath}/resources/passkey_autofill.js?v=b694a7c4"></script>
-#end
-
-#if ($gui.name == "recovery_code_onboarding")
-  <script src="${login.appDataPath}/resources/display-recovery-codes.js?v=7b02cbaa"></script>
-  <script src="${login.appDataPath}/resources/download-recovery-codes.js?v=d48fb5c1"></script>
-  <script src="${login.appDataPath}/resources/copy-to-clipboard.js?v=8169a8e6"></script>
-#end
-
-#if ($gui.name == "OATH_Share")
-  <script src="${login.appDataPath}/resources/copy-to-clipboard.js?v=8169a8e6"></script>
+#if ($useFormEncryption)
+    <script src="${login.appDataPath}/resources/forge.bundle.js"></script>
+    <script src="${login.appDataPath}/resources/e2eenc.js"></script>
 #end
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_start.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_start.vm
@ -1,2 +1 @@
-<!-- functions used in the template and in window-onload.js -->
-<script src="${login.appDataPath}/resources/utils.js?v=e4345865"></script>
+<script src="${login.appDataPath}/resources/jquery-3.6.0.min.js"></script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/json.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/json.vm
@ -23,11 +23,11 @@
        "name" : "$guiElem.name",
        "type" : "$guiElem.type",
        "optional" : "$guiElem.optional", 
-        "label" : "$utils.escapeJson($guiElem.label)" #if ($guiElem['validation-failed'] || $guiElem.value || $guiElem.length || $guiElem.format), #end
+        "label" : "$guiElem.label" #if ($guiElem['validation-failed'] || $guiElem.value || $guiElem.length || $guiElem.format), #end
       #if ($guiElem['validation-failed']) "validation-failed" : "$guiGroup.validationFailed" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
       #end ## if ($guiElem['validation-failed'])

-       #if ($guiElem.value) "value" : "$utils.escapeJson($guiElem.value)" #if ($guiElem.length || $guiElem.format), #end
+       #if ($guiElem.value) "value" : "$guiElem.value.replaceAll('\\\\','_ESCAPED_BACKSLASH_').replaceAll('\\"','_ESCAPED_QUOTE_').replaceAll('\\','\\\\').replaceAll('"','\\"').replaceAll('_ESCAPED_BACKSLASH_','\\\\').replaceAll('_ESCAPED_QUOTE_','\\"')" #if ($guiElem.length || $guiElem.format), #end
       #end ## if ($guiElem.value)

       #if ($guiElem.length) "max-length" : "$guiElem.length" #if ($guiElem.format), #end
@ -49,7 +49,7 @@
 	#foreach ($guiGroup in $gui.getGuiGroup())
 	    "name" : "$guiGroup.name",
 	    "type" : "$guiGroup.type",
-	    "label" : "$utils.escapeJson($guiGroup.label)",
+	    "label" : "$guiGroup.label",
 	    "multiple"  : "$guiGroup.multiple",
 	    "format" : "$guiGroup.format",
 	    "optional" : "$guiGroup.optional",
@ -63,9 +63,9 @@
            "type" : "$guiElem.type",
            "optional" : "$guiElem.optional",
            "validation-failed" : "$guiGroup.validationFailed",
-            "label" : "$utils.escapeJson($guiElem.label)" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
+            "label" : "$guiElem.label" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
            #if ($guiElem.value)
-            "value" : "$utils.escapeJson($guiElem.value)" #if ($guiElem.length || $guiElem.format), #end
+            "value" : "$guiElem.value.replaceAll('\\\\','_ESCAPED_BACKSLASH_').replaceAll('\\"','_ESCAPED_QUOTE_').replaceAll('\\','\\\\').replaceAll('"','\\"').replaceAll('_ESCAPED_BACKSLASH_','\\\\').replaceAll('_ESCAPED_QUOTE_','\\"')" #if ($guiElem.length || $guiElem.format), #end
            #end ## if ($guiElem.value)
            #if ($guiElem.length)
            "max-length" : "$guiElem.length" #if ($guiElem.format), #end
@ -86,4 +86,3 @@
    ]
 #end ## if ($gui.getGuiGroup() && $gui.getGuiGroup().length() > 0)
 }
-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/lang.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/lang.vm
@ -0,0 +1,32 @@
+## Nav =================================================================
+<nav id="language-switch" class="container-fluid">
+	<div class="dropdown pull-right">
+		<a id="language-switch-btn" class="dropdown-toggle text-uppercase small" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+			<strong id="language">$login.localeCode</strong>
+			<span class="caret"></span>
+		</a>
+		<ul class="dropdown-menu" aria-labelledby="language-switch-btn">
+			## loop over all defined languages/locales....
+			#foreach ($locale in $login.locales)
+				## find translated label of current locale
+				#if ($text.contains("language.$locale"))
+					#set ($langLabel = $text.get("language.$locale"))
+				#elseif ($locale.length() > 2)
+					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowercase()}"))
+				#else
+					#set ($langLabel = $locale)
+				#end
+				## emit link or text for each language
+				#if ($login.localeCode != $locale && $login.language != $locale)
+					#set ($langTarget = $utils.escapeHtmlAttribute($gui.target('language', $locale)))
+					<li>
+						<a class="lang" href="$langTarget">
+							<strong class="prefix text-primary text-uppercase">$locale</strong>
+							<span>$langLabel</span>
+						</a>
+					</li>
+				#end
+			#end ## end foreach
+		</ul>
+	</div>
+</nav>
--- a/Show More
+++ b/Show More
				`@ -0,0 +1 @@`
				`<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>`
				`@ -0,0 +1 @@`
				`<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>`