new configuration version

2025-08-20 06:58:20 +00:00 · 2025-08-20 06:34:57 +00:00 · 2025-08-20 05:27:40 +00:00 · 2025-08-19 15:33:45 +00:00 · 2025-08-18 14:16:15 +00:00
540 changed files with 12815 additions and 122010 deletions
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
@ -14,7 +14,7 @@ spec:
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-sp-op-onbrdng-authenticationrealm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-idm-saml-sp-nevisidm-admin-realm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-sp-ident-authenticationrealm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-idm-saml-sp-nevisidm-admin-realm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisAuth"
  replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 9000
@ -39,13 +39,14 @@ spec:
    management:
      httpGet:
        path: "/nevisauth/liveness"
      initialDelaySeconds: 50
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
+    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
@ -76,3 +76,4 @@ LOG.info("Event='IDENT-INITREQ', rpcode='${rpcode}', rpentity='${rpentity}', Sou
 		"Origin='${origin}'")
 response.setResult('sendAuthnRequest')
 return
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
@ -14,6 +14,7 @@ cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
 error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -63,7 +64,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required.
+general.fieldRequired=Field required
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -81,8 +82,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -109,7 +110,7 @@ language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -121,8 +122,8 @@ logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -206,7 +207,7 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
-providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -214,17 +215,19 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.enterRecoveryCode=Recovery code
 recovery_check_code.expired=Too many attempts or your recovery code has expired.
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -237,9 +240,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.newRecoveryCode=Introducing recovery code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -283,6 +286,8 @@ recovery_start_info.banner.warning=You will not be able to use your account unti
 recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
 signup.button.label=Signup
 skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@ -291,6 +296,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
 title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
@ -14,6 +14,7 @@ cancel.button.label=Abbrechen
 continue.button.label=Weiter
 darkModeSwitch.aria.label=Dark-Mode-Schalter
 deputy.profile.label=(Profil Stellvertreter)
 error.account.exists=Konto existiert bereits. Melden Sie sich an.
 error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
@ -63,7 +64,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld.
+general.fieldRequired=Erforderliches Feld
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -81,8 +82,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -108,8 +109,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -121,8 +122,8 @@ logout.label=Logout
 logout.text=Sie haben sich erfolgreich abgemeldet.
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -206,7 +207,7 @@ policyInfo.regex.nonLetter=&#9642; muss mindestens {0} Zeichen enthalten, die ke
 policyInfo.regex.numeric=&#9642; muss mindestens {0} numerische Zeichen enthalten.
 policyInfo.regex.upper=&#9642; muss mindestens {0} Grossbuchstaben enthalten.
 policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -214,17 +215,19 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
 qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
 recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
@ -283,6 +286,8 @@ recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis d
 recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
 recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
 reject.button.label=Ablehnen
 signup.button.label=Registrieren
 skip.button.label=&Uuml;berspringen
 submit.button.label=Senden
 tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
 title.login=Login
@ -291,6 +296,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorisierung
 title.saml.failed=Error
 title.signup=Konto erstellen
 title.timeout.page=Logout
 user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
 user_input.invalid.email.required=Erforderliches Feld
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
@ -14,6 +14,7 @@ cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
 error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -63,7 +64,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required.
+general.fieldRequired=Field required
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -81,8 +82,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -109,7 +110,7 @@ language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -121,8 +122,8 @@ logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -206,7 +207,7 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
-providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -214,17 +215,19 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.enterRecoveryCode=Recovery code
 recovery_check_code.expired=Too many attempts or your recovery code has expired.
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -237,9 +240,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.newRecoveryCode=Introducing recovery code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -283,6 +286,8 @@ recovery_start_info.banner.warning=You will not be able to use your account unti
 recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
 signup.button.label=Signup
 skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@ -291,6 +296,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
 title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
@ -2,10 +2,10 @@
 accept.button.label=Accepter
 agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
 agov-ident.done.title=Termin&eacute;
-agov-ident.failed.instruction=Vous avez besoin d'un compte AGOV et de passer la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer avec succ&egrave;s l'enregistrement. Veuillez r&eacute;essayer.
+agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
 agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
 agov-ident.failed.title=V&eacute;rification requise
-agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veillez l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
 agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
 agov-ident.invalid-url.title=Lien non valide
 agov-ident.onboarding=Enregistrement et v&eacute;rification
@ -14,6 +14,7 @@ cancel.button.label=Abandonner
 continue.button.label=Continuer
 darkModeSwitch.aria.label=Activer l'apparence sombre
 deputy.profile.label=(Profil du suppl&eacute;ant)
 error.account.exists=Le compte existe d&#233;j&#224;. Continuez &#224; vous connecter.
 error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
 error_1=Veuillez v&eacute;rifier votre saisie.
 error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
@ -63,7 +64,7 @@ general.edit=Editer
 general.email=E-mail
 general.email.address=Adresse e-mail
 general.entryCode=Entrer le code
-general.fieldRequired=Champ requis.
+general.fieldRequired=Champ requis
 general.getStarted=D&eacute;marrer
 general.goAGOVHelp=Rendez-vous sur AGOV help
 general.goAccessApp=Login avec AGOV access
@ -81,15 +82,15 @@ general.recovery=R&eacute;cup&eacute;ration
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
-general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistr&eacute; correctement, puis essayer de le soumettre &agrave; nouveau.
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
 general.registerNow=Enregistrez-vous d&egrave;s maintenant!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@ -108,8 +109,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=S&eacute;lectionner la langue
-loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
-loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
 loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
 loainfo.later=Plus tard
@ -121,14 +122,14 @@ logout.label=Logout
 logout.text=Au revoir
 mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
-mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
-mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
 mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
 mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@ -206,7 +207,7 @@ policyInfo.regex.nonLetter=&#9642; doit contenir au moins {0} caract&egrave;res
 policyInfo.regex.numeric=&#9642; doit comprendre au minimum {0} caract&#232;res num&#233;riques.
 policyInfo.regex.upper=&#9642; doit contenir au moins {0} caract&egrave;re(s) majuscule(s).
 policyInfo.title=Le mot de passe doit respecter les r&egrave;gles suivantes:
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
 providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
@ -214,18 +215,20 @@ providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacu
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
 providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
 recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
-recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
+recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
@ -237,7 +240,7 @@ recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV he
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
 recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
+recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
 recovery_code.validUntil=Valable jusqu'au:
@ -283,6 +286,8 @@ recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tan
 recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
 recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 reject.button.label=Refuser
 signup.button.label=Inscription
 skip.button.label=Passer
 submit.button.label=Envoyer
 tan.sent=Veuillez saisir le code de s&eacute;curit&eacute; que vous avez re&ccedil;u au votre t&eacute;l&eacute;phone mobile.
 title.login=Login
@ -291,6 +296,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorisation du client
 title.saml.failed=Error
 title.signup=Cr&#233;er un compte
 title.timeout.page=Logout
 user_input.invalid.email=Veuillez saisir un e-mail valable.
 user_input.invalid.email.required=Champ requis
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
@ -1,5 +1,5 @@
-accept.button.label=Accettare
+accept.button.label=Accetta
 agov-ident.done.message=Il vostro conto AGOV &egrave; ora pronto per l'uso. Pu&ograve; chiudere questa pagina.
 agov-ident.done.title=Finito
 agov-ident.failed.instruction=Per completare la registrazione &egrave; necessario disporre di un account AGOV e superare la verifica dei dati suggerita. Riprova.
@ -10,10 +10,11 @@ agov-ident.invalid-url.message=Il link non pu&ograve; essere elaborato
 agov-ident.invalid-url.title=Link non valido
 agov-ident.onboarding=Registrazione e verifica
 agov-ident.retry=Riprova
-cancel.button.label=Abortire
+cancel.button.label=Annulla
 continue.button.label=Continua
 darkModeSwitch.aria.label=Attivare la modalit&agrave; scura
 deputy.profile.label=(profilo del delegato)
 error.account.exists=L'account esiste gi<67>. Prosegui col login.
 error.saml.failed=Chiudi il browser e riprova.
 error_1=Verificare i dati inseriti.
 error_10=Scegliere l&rsquo;account utente corretto.
@ -63,7 +64,7 @@ general.edit=Modificare
 general.email=e-mail
 general.email.address=Indirizzo e-mail
 general.entryCode=Codice
-general.fieldRequired=Campo obbligatorio.
+general.fieldRequired=Campo obbligatorio
 general.getStarted=Iniziare
 general.goAGOVHelp=Vai ad AGOV help
 general.goAccessApp=Login con AGOV access
@ -73,7 +74,7 @@ general.help.link=https://agov.ch/help
 general.login=Accedere
 general.login.accessApp=Accesso con l'App AGOV access
 general.login.securityKey=Login con la chiave di sicurezza
-general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
+general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
 general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
@ -81,8 +82,8 @@ general.recovery=Ripristino
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
-general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
-general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
+general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
 general.recoveryCode.reveal=Mostri il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
@ -108,21 +109,21 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selezionare la lingua
-loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
+loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
-loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
+loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
 loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Pi&ugrave; tardi
-loainfo.startNow=Iniziare la procedura?
+loainfo.startNow=Vuole iniziare il processo ora?
-loainfo.startVerification=Iniziare la verifica
+loainfo.startVerification=Inizi la verificazione
 loainfo.title=Verificare i dati.
 login.button.label=Login
 logout.label=Logout
 logout.text=&Egrave; uscito con successo.
 mauth_usernameless.EID=Continuare con CH e-ID
 mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
-mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
+mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
-mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
+mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
 mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
 mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
 mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
@ -131,7 +132,7 @@ mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app
 mauth_usernameless.noAccount=Non ha ancora un AGOV account?
 mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
 mauth_usernameless.showQR=Visualizza il codice QR
-mauth_usernameless.startRecovery=Inizia il recupero dell'account
+mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
 mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
 mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
 method.certificate.label=Certificato
@ -206,7 +207,7 @@ policyInfo.regex.nonLetter=&#9642; non pu&ograve; contenere pi&ugrave; di {0} nu
 policyInfo.regex.numeric=&#9642; deve contenere un minimo di {0} carattere/i numerico/i.
 policyInfo.regex.upper=&#9642; deve conenere almeno {0} carattere/i maiuscolo/i.
 policyInfo.title=La password deve rispettare le seguenti direttive:
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
+providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
 providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
 providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
 providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
@ -214,17 +215,19 @@ providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recup
 providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
 providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
+providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
 providePhoneNumber.modal.inputLabel=Numero di telefono
 providePhoneNumber.modal.title=Ripetere il numero di telefono
 providePhoneNumber.saveButtonText=Salva
 providePhoneNumber.title=Aggiungi numero di telefono
 qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
 recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
-recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
+recovery_check_code.enterRecoveryCode=Codice di ripristino
 recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
 recovery_check_code.invalid.code=Il codice non &egrave; valido
 recovery_check_code.invalid.code.required=Codice richiesto
@ -237,17 +240,17 @@ recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
 recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=La preghiamo di rivelare il suo nuovo codice per poter continuare.
+recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
-recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
+recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
+recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
 recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
-recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
+recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
 recovery_intro_email.important=Importante:
 recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
 recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
@ -257,7 +260,7 @@ recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il pr
 recovery_on_going.title=Completare il processo di ripristino.
 recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
 recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
-recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
+recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
 recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
 recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
 recovery_questionnaire_loginfactor.no=No
@ -278,11 +281,13 @@ recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o l
 recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
 recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
 recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
-recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
+recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
-recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
+recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
-recovery_start_info.title=Il processo di ripristino sta per iniziare.
+recovery_start_info.title=Sta per iniziare il processo di ripristino
-reject.button.label=Rifiuti
+reject.button.label=Rifiuta
 signup.button.label=Iscriviti
 skip.button.label=Salta
 submit.button.label=Continua
 tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
 title.login=Login
@ -291,6 +296,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorizzazione del client
 title.saml.failed=Error
 title.signup=Crea un account
 title.timeout.page=Logout
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
@ -13,8 +13,9 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
    "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
    "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
@ -45,6 +45,8 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.nevis.session.domain" as="domain"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -65,6 +67,8 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.nevis.session.domain" as="domain"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -1137,8 +1141,6 @@
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="SOAP:showGui" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="default" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="ok" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User" startOver="true"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="showGui" next="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPostProcessing"/>
@ -1157,6 +1159,12 @@
            <property name="detaillevel.default" value="EXCLUDE"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="detaillevel.user" value="MEDIUM"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="detaillevel.profile" value="MEDIUM"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="detaillevel.role" value="LOW"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="forceDataReload" value="true"/>
        </AuthState>
        <AuthState name="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPasswordChange" class="ch.nevis.idm.authstate.IdmChangePasswordState" final="false">
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
@ -1234,7 +1242,7 @@
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
                    <GuiElem name="isiwebnewpw2" type="pw-text" label="prompt.newpassword.confirm"/>
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-                    <GuiElem name="submit" type="submit" label="button.submit"/>
+                    <GuiElem name="submit" type="submit" label="submit.button.label"/>
                </Gui>
            </Response>
            <propertyRef name="nevisIDM_Connector"/>
@ -1342,4 +1350,6 @@
            <property name="generateNow" value="true"/>
        </AuthState>
    </AuthEngine>
    <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
    <RESTService name="ManagementService" class="ch.nevis.esauth.rest.service.session.ManagementService"/>
 </esauth-server>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
@ -16,12 +16,6 @@ Configuration:
      level: "INFO"
    - name: "EsAuthStart"
      level: "INFO"
    - name: "org.apache.catalina.loader.WebappClassLoader"
      level: "FATAL"
    - name: "org.apache.catalina.startup.HostConfig"
      level: "ERROR"
    - name: "ch.nevis.esauth.events"
      level: "FATAL"
    - name: "AGOVOP-ACCT"
      level: "INFO"
    - name: "AGOVOP-IDENT"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = auth
 otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
@ -16,3 +16,4 @@ spec:
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQD2rG9y4zmGttpC7TICcclzAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTEyN1oXDTI2MDUxNzE0\nNTEyN1owVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKBPRMnOhPbVwYUNgEt5ZaC+\nUqqCEqr8EsFfvespgBUpNYByoZWCT1K/iCoG9I7DLzNsrHIJ+HSy2hTXD15naOmb\nQout/E0Lh8sMaA7vx0oWJs9YKkQY3TnHqL8CEU3s/Ko3cylYBhsyjxJv/qqpJIsk\nVSMPmr8A1zh55sOmGzsb09aV0rxe4Z6/N0GH9lHyWsIXFRxSIpmtnYmXc1VKE0a5\n8Nxi4sVePN3phhM7YpW9E/XhCgZ2bie832K99A92Ui9qF7ZVKIrqNt4rfvbUWqch\nKFSsk3prslkAC4fmJ8U+DgpkfG0ihgw7u8BSlu9R/tTVT6eCQiBgoK+U3dZKMwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQCJJwGCbarhhgJ10hQxup5l6VTVa8S5orf1kUQX\nkGYLqgIhANYdMwH8gPzck432bomVRXRVHqbvUIny7/mIRFJGvlne\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwjCCAmigAwIBAgIQQ5naR3IENaVymFpP7DHo3DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTExOVoXDTI2MDUxNzE0\nNTExOVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WQDdm5K7sjpnUGVeWU7MkuN\nfpzGoMBpzgrF0qyOInN0sE7WLuOmbrqQ94hPNcdX5wQ1m+UGj0TCsay+un/vPBWT\nNpj68WUnRD6rIbs14bTGAHZkQ+mYbWfidTUg4cw8WzmSpyTMwAxDEVmUneQjTkDK\nTD8N8kNrYG42ZH6tkRakuYX5gXE26eH2NaAAMFP6b5kfX8idV1WbVjFHdq7PdfQg\njwtVNCn74RbMT8cBBAww/C2K3RAogTuWe8dloItmpK5y8boYyKsOiFFg1OzV9p+L\ndN5tLoiUHnPvRRbGcOua4fvJJXgFEB943Wo1EGRlDEmYQ1YpvGvgukm3LPvbCwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0gAMEUCIFJuHTAtp3mPsEk3G90t6PCY46Kc1AejyqcCP4Gt\nan3CAiEA9inWU6SwPd9pWf7hs9FUIGMZonwHgx66Q9qKdeTnjy0=\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -40,13 +40,14 @@ spec:
    management:
      httpGet:
        path: "/health"
      initialDelaySeconds: 60
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
+    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -2,6 +2,14 @@
 web.gui.languages.default=de
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
 # source: pattern://0116b3002d0e713e23e6be72
 database.connection.pool.size.min=5
 # source: pattern://0116b3002d0e713e23e6be72
 database.connection.pool.size.max=10
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.max.lifetime=1800
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.max.idle.time=600
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.username=adndbadmin
 # source: pattern://0d4bbba28a4a76094d41df81
@ -53,10 +61,6 @@ application.modules.event.repeat.count=-1
 # source: pattern://0116b3002d0e713e23e6be72
 application.modules.provisioning.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
 database.connection.pool.size.max=10
 # source: pattern://0116b3002d0e713e23e6be72
 database.connection.pool.size.min=5
 # source: pattern://0116b3002d0e713e23e6be72
 database.connection.xa.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
 database.transaction.timeout=60
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = idm-job
 otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
@ -0,0 +1,27 @@
 apiVersion: "operator.nevis-security.ch/v1"
 kind: "NevisDatabase"
 metadata:
  name: "idm"
  namespace: "adn-agov-nevisidm-admin-01-uat"
  labels:
    deploymentTarget: "idm"
  annotations:
    projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
    patternId: "ca0629d86201d4c4ac857d60"
 spec:
  type: "NevisIDM"
  databaseType: "MariaDB"
  version: "8.2505.5"
  url: "mariadb-agov-uat.mariadb.database.azure.com"
  port: 3306
  ssl: true
  database: "nevisidm_uat"
  bootstrap: true
  migrate: true
  rootCredentials:
    name: "root-adn-agov-nevisidm-admin-01-uat-idm"
    namespace: "adn-agov-nevisidm-admin-01-uat"
  podSecurity:
    policy: "baseline"
    automountServiceAccountToken: false
  timeZone: "Europe/Zurich"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -16,3 +16,4 @@ spec:
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQD2rG9y4zmGttpC7TICcclzAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTEyN1oXDTI2MDUxNzE0\nNTEyN1owVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKBPRMnOhPbVwYUNgEt5ZaC+\nUqqCEqr8EsFfvespgBUpNYByoZWCT1K/iCoG9I7DLzNsrHIJ+HSy2hTXD15naOmb\nQout/E0Lh8sMaA7vx0oWJs9YKkQY3TnHqL8CEU3s/Ko3cylYBhsyjxJv/qqpJIsk\nVSMPmr8A1zh55sOmGzsb09aV0rxe4Z6/N0GH9lHyWsIXFRxSIpmtnYmXc1VKE0a5\n8Nxi4sVePN3phhM7YpW9E/XhCgZ2bie832K99A92Ui9qF7ZVKIrqNt4rfvbUWqch\nKFSsk3prslkAC4fmJ8U+DgpkfG0ihgw7u8BSlu9R/tTVT6eCQiBgoK+U3dZKMwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQCJJwGCbarhhgJ10hQxup5l6VTVa8S5orf1kUQX\nkGYLqgIhANYdMwH8gPzck432bomVRXRVHqbvUIny7/mIRFJGvlne\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwjCCAmigAwIBAgIQQ5naR3IENaVymFpP7DHo3DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDUxNzE0NTExOVoXDTI2MDUxNzE0\nNTExOVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WQDdm5K7sjpnUGVeWU7MkuN\nfpzGoMBpzgrF0qyOInN0sE7WLuOmbrqQ94hPNcdX5wQ1m+UGj0TCsay+un/vPBWT\nNpj68WUnRD6rIbs14bTGAHZkQ+mYbWfidTUg4cw8WzmSpyTMwAxDEVmUneQjTkDK\nTD8N8kNrYG42ZH6tkRakuYX5gXE26eH2NaAAMFP6b5kfX8idV1WbVjFHdq7PdfQg\njwtVNCn74RbMT8cBBAww/C2K3RAogTuWe8dloItmpK5y8boYyKsOiFFg1OzV9p+L\ndN5tLoiUHnPvRRbGcOua4fvJJXgFEB943Wo1EGRlDEmYQ1YpvGvgukm3LPvbCwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0gAMEUCIFJuHTAtp3mPsEk3G90t6PCY46Kc1AejyqcCP4Gt\nan3CAiEA9inWU6SwPd9pWf7hs9FUIGMZonwHgx66Q9qKdeTnjy0=\n-----END CERTIFICATE-----\n"
  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2411.3"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -40,15 +40,19 @@ spec:
    management:
      httpGet:
        path: "/health"
      initialDelaySeconds: 60
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
+    tag: "r-535a1c58f3e972bdefb25ae1db1c6e392665da01"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
    credentials: "git-credentials"
  database:
    name: "idm"
    requiredVersion: "8.2505.5"
  keystores:
  - "idm-default-identity"
  truststores:
@ -60,5 +64,4 @@ spec:
  timeZone: "Europe/Zurich"
  secrets:
    secret:
    - "a2068eb83a60702322c13949-27ed70d3"
    - "c418560f50e0332d087e85bf-89ec31e5"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -2,10 +2,18 @@
 web.gui.languages.default=de
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
 # source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.pool.size.min=5
 # source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.pool.size.max=10
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.username=adndbadmin
+database.connection.max.lifetime=1800
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
+database.connection.max.idle.time=600
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser}
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword}
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
@ -59,10 +67,6 @@ application.modules.reporting.characterencoding=ISO-8859-1
 # source: pattern://fe4a248ac7b092a6a80624f1
 application.modules.reporting.separator=;
 # source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.pool.size.max=10
 # source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.pool.size.min=5
 # source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.xa.enabled=false
 # source: pattern://fe4a248ac7b092a6a80624f1
 web.gui.facing.cache.size=10000
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = idm
 otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisLogrend"
  replicas: 1
-  version: "8.2411.2"
+  version: "8.2505.5"
-  gitInitVersion: "1.3.0"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    server: 8988
@ -38,13 +38,14 @@ spec:
  startupProbe:
    server:
      tcpSocket: true
      initialDelaySeconds: 30
      periodSeconds: 5
      timeoutSeconds: 4
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-3944ffd65b942f8ce7cea4316e8f0ebdd3fd083a"
+    tag: "r-7e9f2304b72a07725abab4c27833af5cdd73ab53"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend"
    credentials: "git-credentials"
  podSecurity:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
@ -10,5 +10,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
@ -1,3 +1,5 @@
 ico=image/x-icon
 json=application/json
 woff=font/woff
 woff2=font/woff2
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = logrend
 otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
@ -58,7 +58,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld.
+general.fieldRequired=Erforderliches Feld
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -76,8 +76,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -109,8 +109,8 @@ loainfo.startVerification=Verifikation starten
 loainfo.title=Verifizieren Sie Ihre Daten
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht de
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV-op-Onboarding
 op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -164,17 +164,19 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
 qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
 recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
@ -58,7 +58,7 @@ general.edit=&Auml;ndern
 general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.fieldRequired=Erforderliches Feld.
+general.fieldRequired=Erforderliches Feld
 general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
@ -76,8 +76,8 @@ general.recovery=Wiederherstellung
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
-general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
-general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
 general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
 loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
@ -109,8 +109,8 @@ loainfo.startVerification=Verifikation starten
 loainfo.title=Verifizieren Sie Ihre Daten
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
 mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht de
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV-op-Onboarding
 op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
 providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
 providePhoneNumber.inputLabel=Mobilnummer (optional)
@ -164,17 +164,19 @@ providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherst
 providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
 providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
 providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
 providePhoneNumber.modal.inputLabel=Mobilnummer
 providePhoneNumber.modal.title=Mobilnummer wiederholen
 providePhoneNumber.saveButtonText=Speichern
 providePhoneNumber.title=Mobilnummer angeben
 qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
 recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
 recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
 recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
@ -58,7 +58,7 @@ general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
-general.fieldRequired=Field required.
+general.fieldRequired=Field required
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
@ -76,8 +76,8 @@ general.recovery=Recovery
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
-general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
-general.recoveryCode.repeatCodeModal.description=A lost or incorrectly stored recovery code can make it more difficult to recover your account. To ensure you have recorded your code correctly, please repeat it below.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
 general.recoveryCode.repeatCodeModal.title=Repeat recovery code
 general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
@ -100,7 +100,7 @@ language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
-loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
 loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
@ -109,8 +109,8 @@ loainfo.startVerification=Start verification
 loainfo.title=Verify your data
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
 mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
 mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
@ -156,7 +156,7 @@ op-onboarding.intro.message3=If you are using AGOV, and your account doesn't mee
 op-onboarding.intro.title=START
 op-onboarding.onboarding=AGOV op on-boarding
 op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
-providePhoneNumber.banner=Phone number must be able to receive SMS.<br>This phone number will not be used to contact you.
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
 providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
 providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
 providePhoneNumber.inputLabel=Phone number (optional)
@ -164,17 +164,19 @@ providePhoneNumber.laterModal.description1=Without a phone number, a recovery of
 providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
 providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
 providePhoneNumber.laterModal.title=Continue without a phone number?
-providePhoneNumber.modal.description=An incorrectly stored phone number can make it more difficult to recover your account. To ensure you have recorded your phone number correctly, please repeat it below.
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
 providePhoneNumber.modal.inputLabel=Phone number
 providePhoneNumber.modal.title=Repeat phone number
 providePhoneNumber.saveButtonText=Save
 providePhoneNumber.title=Add phone number
 qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
 recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.enterRecoveryCode=Recovery code
 recovery_check_code.expired=Too many attempts or your recovery code has expired.
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -187,9 +189,9 @@ recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.newRecoveryCode=Introducing recovery code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
@ -1,10 +1,10 @@
 agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
 agov-ident.done.title=Termin&eacute;
-agov-ident.failed.instruction=Vous avez besoin d'un compte AGOV et de passer la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer avec succ&egrave;s l'enregistrement. Veuillez r&eacute;essayer.
+agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
 agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
 agov-ident.failed.title=V&eacute;rification requise
-agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veillez l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
 agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
 agov-ident.invalid-url.title=Lien non valide
 agov-ident.onboarding=Enregistrement et v&eacute;rification
@ -58,7 +58,7 @@ general.edit=Editer
 general.email=E-mail
 general.email.address=Adresse e-mail
 general.entryCode=Entrer le code
-general.fieldRequired=Champ requis.
+general.fieldRequired=Champ requis
 general.getStarted=D&eacute;marrer
 general.goAGOVHelp=Rendez-vous sur AGOV help
 general.goAccessApp=Login avec AGOV access
@ -76,15 +76,15 @@ general.recovery=R&eacute;cup&eacute;ration
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
 general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
-general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistr&eacute; correctement, puis essayer de le soumettre &agrave; nouveau.
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
-general.recoveryCode.repeatCodeModal.description=Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
 general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
 general.registerNow=Enregistrez-vous d&egrave;s maintenant!
 general.registration=Enregistrement
-general.registration.dontHaveAnAccountYet=Vous n'avez pas de compte AGOV ?
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV ?
 general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
@ -99,8 +99,8 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=S&eacute;lectionner la langue
-loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
-loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
 loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
 loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
 loainfo.later=Plus tard
@ -109,14 +109,14 @@ loainfo.startVerification=D&eacute;marrer la v&eacute;rification
 loainfo.title=V&eacute;rifiez vos donn&eacute;es
 mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
-mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
-mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
 mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access ?
 mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute; ?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas de compte AGOV ?
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV ?
 mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a
 op-onboarding.intro.title=D&Eacute;MARRER
 op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
 op-onboarding.process.message=Un probl&egrave;me s&rsquo;est produit. Veuillez contacter le service d&rsquo;assistance AGOV afin de demander un nouveau lien d&rsquo;enregistrement.
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
 providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
 providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
@ -164,18 +164,20 @@ providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacu
 providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
 providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
 providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
 providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
 providePhoneNumber.saveButtonText=Sauvegarder
 providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
 recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
-recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
+recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
+recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans &laquo; AGOV me &raquo;.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
@ -187,7 +189,7 @@ recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV he
 recovery_check_noCode.banner.error=Trop de tentatives.
 recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
 recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
+recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
 recovery_code.validUntil=Valable jusqu'au:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
@ -58,7 +58,7 @@ general.edit=Modificare
 general.email=e-mail
 general.email.address=Indirizzo e-mail
 general.entryCode=Codice
-general.fieldRequired=Campo obbligatorio.
+general.fieldRequired=Campo obbligatorio
 general.getStarted=Iniziare
 general.goAGOVHelp=Vai ad AGOV help
 general.goAccessApp=Login con AGOV access
@ -68,7 +68,7 @@ general.help.link=https://agov.ch/help
 general.login=Accedere
 general.login.accessApp=Accesso con l'App AGOV access
 general.login.securityKey=Login con la chiave di sicurezza
-general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
+general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
 general.moreOptions=ALTRE OPZIONI
 general.or=O
 general.otherLoginMethods=Altri metodi di login
@ -76,8 +76,8 @@ general.recovery=Ripristino
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
-general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
-general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
+general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
 general.recoveryCode.reveal=Mostri il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
@ -99,18 +99,18 @@ language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selezionare la lingua
-loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
+loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
-loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
+loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
 loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Pi&ugrave; tardi
-loainfo.startNow=Iniziare la procedura?
+loainfo.startNow=Vuole iniziare il processo ora?
-loainfo.startVerification=Iniziare la verifica
+loainfo.startVerification=Inizi la verificazione
 loainfo.title=Verificare i dati.
 mauth_usernameless.EID=Continuare con CH e-ID
 mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
-mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
+mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
-mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
+mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
 mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
 mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
 mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
@ -119,7 +119,7 @@ mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app
 mauth_usernameless.noAccount=Non ha ancora un AGOV account?
 mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
 mauth_usernameless.showQR=Visualizza il codice QR
-mauth_usernameless.startRecovery=Inizia il recupero dell'account
+mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
 mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
 mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
 op-admin.login=AGOV op admin
@ -156,7 +156,7 @@ op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa anc
 op-onboarding.intro.title=INIZIARE
 op-onboarding.onboarding=Registrazione AGOV op
 op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
+providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
 providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
 providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
 providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
@ -164,17 +164,19 @@ providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recup
 providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
 providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
 providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
+providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
 providePhoneNumber.modal.inputLabel=Numero di telefono
 providePhoneNumber.modal.title=Ripetere il numero di telefono
 providePhoneNumber.saveButtonText=Salva
 providePhoneNumber.title=Aggiungi numero di telefono
 qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
 recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
-recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
+recovery_check_code.enterRecoveryCode=Codice di ripristino
 recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
 recovery_check_code.invalid.code=Il codice non &egrave; valido
 recovery_check_code.invalid.code.required=Codice richiesto
@ -187,17 +189,17 @@ recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di
 recovery_check_noCode.banner.error=Troppi tentativi.
 recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
 recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.banner.error=La preghiamo di rivelare il suo nuovo codice per poter continuare.
+recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
-recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
+recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
+recovery_fidokey_auth.fidoInstruction=Clicchi su "Inizi l'authenticazione della chiave"
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
 recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
-recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
+recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
 recovery_intro_email.important=Importante:
 recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
 recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
@ -207,7 +209,7 @@ recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il pr
 recovery_on_going.title=Completare il processo di ripristino.
 recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
 recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
-recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
+recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
 recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
 recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
 recovery_questionnaire_loginfactor.no=No
@ -228,10 +230,10 @@ recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o l
 recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
 recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
 recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
-recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
+recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
-recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
+recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
-recovery_start_info.title=Il processo di ripristino sta per iniziare.
+recovery_start_info.title=Sta per iniziare il processo di ripristino
 title=NEVIS SSO Portal
 title.login=Login
 user_input.invalid.email=Inserire un'e-mail valida.
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
@ -10,42 +10,42 @@ agov-ident.invalid-url.title=Invalid Link
 agov-ident.onboarding=Registration & Verification
 agov-ident.retry=Try again
 darkModeSwitch.aria.label=Activar l'apparientscha stgira
-error_1=Please check your input.
+error_1=Controllai Vossas indicaziuns per plaschair.
-error_10=Please select the correct user account.
+error_10=Selecziunai il conto d'utilisader correct.
-error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
+error_100=I n'&egrave; betg pussaivel da chargiar si il certificat. Quest certificat exista gia. Contactai il helpdesk.
-error_101=The entered email address is not valid.
+error_101=L'adressa d'e-mail endatada n'&egrave; betg valaivla.
-error_11=Please use another certficate or login with another credential type.
+error_11=Duvrai in auter certificat u As annunziai cun in auter factur da login.
-error_2=Please select another login name.
+error_2=Selecziunai in auter num d'utilisader.
-error_3=Your account will be locked if next authentication fails.
+error_3=Sche la proxima autentificaziun na reussescha betg vegn Voss conto blocc&agrave;.
-error_4=Your new password does not comply with the security policy. Please choose a different password.
+error_4=Voss nov pled-clav n'&egrave; betg confurm a las directivas da segirezza. Selecziunai in auter pled-clav per plaschair.
-error_5=Error in password confirmation.
+error_5=Sbagl da confermar il pled-clav.
-error_50=The new password is too short.
+error_50=Il nov pled-clav &egrave; memia curt.
-error_55=The new password has to differ from old passwords.
+error_55=Il nov pled-clav sto esser different da pled-clavs vegls.
-error_6=Password change required.
+error_6=Midada d'il pled-clav &egrave; necessaria.
-error_7=Change of login ID required.
+error_7=Midada da la login ID &egrave; necessaria.
-error_8=Your account has been locked due to repeated authentication failures.
+error_8=Voss conto &egrave; vegn&igrave; blocc&agrave; pervia da memia bleras emprovas d'autentificaziun che n'&egrave;n betg reussidas.
-error_81=No access card found, access from internet denied.
+error_81=Chatt&agrave; nagina carta d'access, l'access sur l'internet &egrave; vegni refus&agrave;.
-error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
+error_83=Vossa carta d'access n'&egrave; betg pli valaivla. Contactai Voss consulent per survegnir ina nova carta d'access.
-error_9=Session take over failed.
+error_9=I n'ha betg funcziun&agrave; da surpigliar la sessiun.
-error_97=You are not authorized to access this resource.
+error_97=Vus n'essas betg autoris&agrave; d'acceder a questa resursa.
-error_98=Your account has been locked.
+error_98=Voss conto &egrave; vegn&igrave; blocc&agrave;.
-error_99=System problems. Please try later.
+error_99=Problems da sistem: Empruvai anc ina giada pli tard.
-error_9901=You need a valid on-boarding link to access this page.
+error_9901=Vus duvrais in link da onboarding valaivel per pudair acceder a questa pagina.
-error_9902=The email used for authentication doesn't match the expected one in operations. Please ask for a new on-boarding link.
+error_9902=L'adressa d'e-mail che vegn duvrada per l'autentificaziun na correspunda betg a l'adressa dad e-mail da AGOV operations. Dumandai per in nov link da onboarding.
-error_9903=The used IdP didn't send us a valid assertion. Please make sure, you use the correct IdP. Ask the support for a new on-boarding link.
+error_9903=L'IdP n'ans ha betg tramess ina assertion valaivla. Controllai che Vus dovrias la correcta IdP. Dumandai il support per in nov link da onboarding.
-error_9904=Your link is not valid anymore. Please make sure, that you are using the latest Link received from operations. Ask for a new link, if the problem persists.
+error_9904=Voss link n'&egrave; betg pli valaivel. Controllai che Vus dovrias il link il pli actual che Vus avais survegn&igrave; d'AGOV operations. Dumandai per in nov link en cass che il problem persista vinavant.
-error_9905=There is a problem with your operations account. Please contact the support.
+error_9905=I dat in problem cun Voss conto AGOV operations. Contactai per plaschair il support.
-error_9909=An internal error occured. Please ask the support for a new on-boarding link.
+error_9909=Igl &egrave; capit&agrave; in sbagl intern. Dumandai il support per in nov link da onboarding.
-errors.duplicateValue=Your account is already linked with another operations access.
+errors.duplicateValue=Voss conto &egrave; gia colli&agrave; cun in auter access d'operaziun.
 fido2_auth.cancel.fido=L'autentificaziun cun la clav da segirezza &egrave; vegnida interrutta. Controllai che Vossa clav FIDO saja registrada e che Voss e-mail saja correct.
 fido2_auth.instruction1=Cliccai sin "Vinavant"
-fido2_auth.instruction2=En curt ina fanestra d'autentificaziun vegn ad aviar
+fido2_auth.instruction2=En curt vegn ina fanestra d'autentificaziun ad aviar
 fido2_auth.instruction3=Suandai las instrucziuns
 fido2_auth.skipInstructions=Sursiglir las instrucziuns la proxima giada
-fido2_auth.switchLogin=AS ANNUNZIAR CUN
+fido2_auth.switchLogin=ANNUNZIAR CUN
 footer.link=https://agov.ch
 footer.link.label=Contact
-footer.text=Authentication service of Swiss authorities AGOV - a collaboration between cantons, their municipalities, and the federal administration. -
+footer.text=Servetsch d&rsquo;autentificaziun da las autoritads svizras AGOV &ndash; Ina collavuraziun dals chantuns, lur vischnancas e l&rsquo;administraziun federala. -
 general.AGOVAccessApp=App AGOV access
 general.accessApp=App AGOV access
 general.authenticate=Autentifitgar
@ -53,12 +53,12 @@ general.back=Enavos
 general.cancel=Interrumper
 general.confirm=Confermar
 general.contactSupport=Contactar il support
-general.continue=Cuntinuar
+general.continue=Vinavant
 general.edit=Modifitgar
 general.email=E-mail
-general.email.address=Adressa dad e-mail
+general.email.address=Adressa d'e-mail
-general.entryCode=Endatai il code
+general.entryCode=Endatar il code
-general.fieldRequired=Champ obligatoric.
+general.fieldRequired=Champ obligatoric
 general.getStarted=Cumenzar
 general.goAGOVHelp=Vinavant a AGOV help
 general.goAccessApp=Login cun AGOV access
@ -66,51 +66,51 @@ general.goToAccessApp=Cuntinuai a Vossa app AGOV access
 general.help=Agid
 general.help.link=https://agov.ch/help
 general.login=Login
-general.login.accessApp=As Annunziar cun la App Access
+general.login.accessApp=Annunziar cun la App Access
-general.login.securityKey=As Annunziar cun la clav da segirezza
+general.login.securityKey=Annunziar cun la clav da segirezza
 general.loginSecurityKey=Iniziar il login cun la clav da segirezza
 general.moreOptions=DAPLI OPTIONS
 general.or=U
-general.otherLoginMethods=Ulteriuras methodas da registraziun
+general.otherLoginMethods=Ulteriuras metodas da login
 general.recovery=Recuperaziun
 general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Telechargiar en furma da PDF
 general.recoveryCode.inputLabel=Code da recuperaziun
-general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai anc ina giada il code.
+general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai el anc ina giada.
-general.recoveryCode.repeatCodeModal.description=In code da restabiliment pers u betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto. Per verifitgar che Vus hajas arcun&agrave; correctamain Voss code, al repeti qua sutvart per plaschair.
+general.recoveryCode.repeatCodeModal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss code, al repeti qua sutvart per plaschair. In code da recuperaziun pers u betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
-general.recoveryCode.repeatCodeModal.title=Repeti il code da recuperaziun
+general.recoveryCode.repeatCodeModal.title=Repeter il code da recuperaziun
-general.recoveryCode.reveal=Revelar il code da recuperaziun
+general.recoveryCode.reveal=Scuvrir il code da recuperaziun
 general.recoveryOngoing=Recuperaziun betg terminada
 general.register=Registrar
 general.registerNow=As registrai ussa!
 general.registration=Registraziun
 general.registration.dontHaveAnAccountYet=N'avais Vus anc nagin account AGOV?
-general.registration.seeOptions=Mussar las methodas da registraziun
+general.registration.seeOptions=Mussar las metodas da registraziun
 general.securityKey=Clav da segirezza
 general.skip.content=Avanzar a la part principala
 general.wrongPhoneNumber=Endatai in numer da telefonin valid
-generic.auth.error.message=There was a service interruption. We are working on it.
+generic.auth.error.message=Igl ha d&agrave; ina interrupziun dal servetsch. Nus lavurain vidlonder.
-generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
+generic.auth.error.next.steps=Empruvai pli tard anc ina giada per plaschair. Visitai AGOV help en cass che il problem persista vinavant.
-generic.auth.error.subtitle=Something went wrong
+generic.auth.error.subtitle=Insatge n'ha betg funcziun&agrave;
-generic.auth.error.title=Error
+generic.auth.error.title=Errur
 language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
 language.rm=Rumantsch
 languageDropdown.aria.label=Selecziunar la lingua
-loainfo.description.200=Ina verificaziun da Vossas datas &egrave; necessaria per acceder a questa applicaziun. Quest process po durar fin 2 u 3 dis.
+loainfo.description.200=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Quest process po durar fin 2&ndash;3 dis.
-loainfo.description.300=Per acceder a questa applicaziun, stuain nus verifitgar Vossas indicaziuns cun in da dus process. Vus pudais selecziunar la metoda preferida en il proxim pass.
+loainfo.description.300=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Vus pudais selecziunar vossa metoda preferida en il proxim pass.
 loainfo.description.400=Per acceder a questa applicaziun stuais Vus inditgar Voss numer AVS.
 loainfo.helper=Vossas datas persunalas ston vegnir verifitgadas!
 loainfo.later=Pli tard
 loainfo.startNow=Vulais Vus ussa cumenzar cun il process?
-loainfo.startVerification=Cumenzar cun la verificaziun
+loainfo.startVerification=Cumenzar
 loainfo.title=Verifitgai Vossas datas
-mauth_usernameless.EID=Cuntinuar cun la e-ID svizra
+mauth_usernameless.EID=Vinavant cun la e-ID svizra
-mauth_usernameless.banner.error=Autentificaziun interrutta. <br>Empruvai anc ina giada per plaschair, suenter che la pagina &egrave; rechargiada.
+mauth_usernameless.banner.error=Autentificaziun interrutta. <br>Empruvai anc ina giada suenter che la pagina &egrave; rechargiada per plaschair.
-mauth_usernameless.banner.info=Scan reuss&igrave; <br>Cuntinuai per plaschair en l'app AGOV access.
+mauth_usernameless.banner.info=Scan reuss&igrave;. Cuntinuai per plaschair en l'app AGOV access.
-mauth_usernameless.banner.success=Autentificaziun reussida! <br>Spetgai fin che Vus essas annunziads.
+mauth_usernameless.banner.success=Autentificaziun reussida <br>Spetgai fin che Vus essas annunziads per plaschair.
 mauth_usernameless.cannotLogin=Avais Vus pers l'access a l'app / la clav da segirezza?
 mauth_usernameless.cannotLogin.accessApp=Avais Vus pers l'access a Vossa app?
 mauth_usernameless.cannotLogin.securityKey=Avais Vus pers l'access a Vossa clav da segirezza?
@ -123,40 +123,40 @@ mauth_usernameless.startRecovery=Cumenzar cun la recuperaziun dal conto
 mauth_usernameless.useSecurityKey=Duvrai ina clav da segirezza per As annunziar
 mauth_usernameless.useSecurityKeyInfo=Ina clav da segirezza fisica pussibilitescha ina annunzia segira senza telefonin.
 op-admin.login=AGOV op admin
-op-admin.login.intro.message=Login with your username and password
+op-admin.login.intro.message=Login cun Voss num d'utilisader e cun Voss pled-clav
 op-admin.login.loginid=LoginId
-op-admin.login.password=Passwort
+op-admin.login.password=Pled-clav
 op-admin.login.title=Login
 op-admin.logout=AGOV op admin
-op-admin.logout.message=You have successfully logged out.
+op-admin.logout.message=Voss logout &egrave; reuss&igrave;.
-op-admin.logout.title=Logout
+op-admin.logout.title=Deconnectar
-op-admin.pwchange.intro.message=Password change required
+op-admin.pwchange.intro.message=Midada d'il pled-clav &egrave; necessaria
-op-admin.pwchange.newpassword=New password
+op-admin.pwchange.newpassword=Nov pled-clav
-op-admin.pwchange.newpassword2=Repeat new password
+op-admin.pwchange.newpassword2=Repeter il nov pled-clav
-op-admin.pwchange.password=Current password
+op-admin.pwchange.password=Pled-clav actual
-op-admin.pwchange.title=Password Change
+op-admin.pwchange.title=Midada d'il pled-clav
-op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
+op-idmlogin.role.accs-mgmt-idm=Management dals dretgs d'access IDM
-op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
+op-idmlogin.role.accs-mgmt-nonidm=Management dals dretgs d'access
 op-idmlogin.role.idmcfg-mgmt=IDM set-up
-op-idmlogin.role.readonly-access=Default access (readonly)
+op-idmlogin.role.readonly-access=Access da standard (mo dretgs da leger)
-op-idmlogin.role.support-basic=Support cases (recovery, ...)
+op-idmlogin.role.support-basic=Cas da support (recuperaziun, …)
-op-idmlogin.role.support-priv=3rd level support (archiving, off-boarding)
+op-idmlogin.role.support-priv=Support dal 3. nivel (archivaziun, deconnecziuns)
-op-idmlogin.role.usr-mgmt=User management (operations)
+op-idmlogin.role.usr-mgmt=Administraziun dals utilisaders (operations)
-op-idmlogin.role.usr-unit-mgmt=User and organization management (operations)
+op-idmlogin.role.usr-unit-mgmt=Administraziun dals utilisaders e da l'organisaziun (operations)
 op-idmlogin.select=AGOV idm
-op-idmlogin.select.intro=Please select one of the profiles below...
+op-idmlogin.select.intro=Selecziunai in d'ils profils suandants per plaschair...
-op-idmlogin.select.note=Profiles marked with a * should only be used if required for a specific support or release tasks.
+op-idmlogin.select.note=Ils profils marcads cun * duessan mo vegnir duvrads per tschertas incumbensas da support u da release.
-op-idmlogin.select.title=Profile selection
+op-idmlogin.select.title=Selecziun dal profil
-op-onboarding.done.message=On-boarding was successfull. You can now use your AGOV operations access. Please close the browser, before accessing on of the operations application.
+op-onboarding.done.message=Il onboarding &egrave; reuss&igrave;. Vus pudais ussa duvrar Voss access AGOV operations. Serrai il browser per plaschair avant che acceder ad AGOV operations.
-op-onboarding.done.title=DONE
+op-onboarding.done.title=FIN&Igrave;
-op-onboarding.failed.title=ERROR
+op-onboarding.failed.title=ERRUR
-op-onboarding.intro.message1=To complete your on-boarding for your AGOV operations access, you need either an AGOV or a FED-LOGIN account.
+op-onboarding.intro.message1=Per concluder la registraziun da Voss access AGOV operations duvrais Vus in conto AGOV u in conto FED-LOGIN.
-op-onboarding.intro.message2=After clicking on "Continue", you will be redirected for authentication.
+op-onboarding.intro.message2=Suenter avair clicc&agrave; sin &laquo;Vinavant&raquo; vegnis Vus dirig&igrave; a l'autentificaziun.
-op-onboarding.intro.message3=If you are using AGOV, and your account doesn't meet yet the required AGOVaq level, you will be given the possibility to start the required ID verification.
+op-onboarding.intro.message3=Sche Vus utilisais AGOV ed il conto na correspunda anc betg al nivel dad AGOVaq necessari, survegnis Vus la pussaivladad da cumenzar la verificaziun d'identitad che &egrave; necessaria.
 op-onboarding.intro.title=START
-op-onboarding.onboarding=AGOV op on-boarding
+op-onboarding.onboarding=AGOV op onboarding
-op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
+op-onboarding.process.message=Igl ha d&agrave; in sbagl. Contactai il support dad AGOV e dumandai per in nov link da registraziun, sche necessari.
-providePhoneNumber.banner=Il numer da telefonin sto esser capabla da retschaiver SMS. <br>Quest numer da telefonin na vegn betg duvr&agrave; per As contactar.
+providePhoneNumber.banner=Il numer da telefonin sto esser capabel da retschaiver SMS. El na vegn betg duvr&agrave; per As contactar.
 providePhoneNumber.description=AGOV pussibilitescha ussa la recuperaziun cun agid dal numer da telefonin. Durant la recuperaziun pudais Vus ussa cuntinuar cun in SMS, en cas che Vus avais pers Voss code da recuperaziun.
 providePhoneNumber.errorBanner=Ils numers da telefonin na correspundan betg in a l'auter. Empruvai danovamain per plaschair.
 providePhoneNumber.inputLabel=Numer da telefonin (opziunal)
@ -164,56 +164,58 @@ providePhoneNumber.laterModal.description1=Senza numer da telefonin po la recupe
 providePhoneNumber.laterModal.description2=Agiuntar in numer da telefonin pussibilitescha ina recuperaziun da Voss conto en paucas minutas.
 providePhoneNumber.laterModal.description3=Quest numer da telefonin na vegn betg duvr&agrave; per As contactar.
 providePhoneNumber.laterModal.title=Cuntinuar senza numer da telefonin?
-providePhoneNumber.modal.description=In numer da telefonin che n'&egrave; betg vegn&igrave; arcun&agrave; correctamain, po difficultar la recuperaziun da Voss conto. Per verifitgar che Vus hajas arcun&agrave; correctamain Voss numer da telefonin, al repeti qua sutvart per plaschair.
+providePhoneNumber.modal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss numer da telefonin, al repeti qua sutvart per plaschair. In numer da telefonin betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
 providePhoneNumber.modal.inputLabel=Numer da telefonin
-providePhoneNumber.modal.title=Repeti il numer da telefonin
+providePhoneNumber.modal.title=Reper il numer da telefonin
 providePhoneNumber.saveButtonText=Arcunar
 providePhoneNumber.title=Inditgar in numer da telefonin
-recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
+qrCode.label=Cliccai per avrir il code QR en ina fanestra separada.
-recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
+recovery_accessapp_auth.accessAppRegistered=App AGOV access gia registrada
-recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
+recovery_accessapp_auth.instruction1=Vus avais gia registr&agrave; ina nova app AGOV access !!!ACCESS_APP_NAME!!! durant il process da recuperaziun.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
+recovery_accessapp_auth.instruction2=Utilisai per plaschair !!!ACCESS_APP_NAME!!! per As identifitgar.
-recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
+recovery_check_code.banner.lockedError=Memia bleras emprovas d'endataziun nunvalaivlas. Empruvai anc ina giada en intginas minutas.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.codeIncorrect=Il code endat&agrave; n'&egrave; betg correct. Empruvai anc ina giada.
-recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
+recovery_check_code.enterRecoveryCode=Code da recuperaziun
-recovery_check_code.invalid.code=The code is invalid
+recovery_check_code.expired=Memia bleras emprovas u Voss code da recuperaziun &egrave; scad&igrave;.
-recovery_check_code.invalid.code.required=Code required
+recovery_check_code.instruction=Endatai qua sutvart Voss code da recuperaziun persunal cun 12 cifras. Vus avais survegn&igrave; il code da recuperaziun en ina datoteca PDF a chaschun da la registraziun u en AGOV me.
-recovery_check_code.invalid.code.tooLong=The code is too long
+recovery_check_code.invalid.code=Il code &egrave; nunvalaivel
-recovery_check_code.noAccess=I do not have access to my code
+recovery_check_code.invalid.code.required=Code necessari
-recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
+recovery_check_code.invalid.code.tooLong=Il code &egrave; memia lung
-recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
+recovery_check_code.noAccess=Jau n'hai betg access a mes code
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
+recovery_check_code.noCodeAccess=Essas Vus segirs che Vus n'avais betg access a Voss code da recuperaziun?
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
+recovery_check_code.noCodeAccessInstructions=Sche Vus avais pers access a Voss code da recuperaziun giai ad AGOV help per contactar insatgi d'il support dad AGOV. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
-recovery_check_noCode.banner.error=Too many attempts.
+recovery_check_code.too_many_tries.instruction1=Il code da recuperaziun che Vus avais endat&agrave; &egrave; eventualmain scad&igrave; u Vuss avais empruv&agrave; da l'endatar memia bleras giadas.
-recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
+recovery_check_code.too_many_tries.instruction2=Giai per plaschair ad AGOV help per contactar insatgi d'il support. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
-recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.banner.error=Memia bleras emprovas.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_check_noCode.instruction1=Vuss avais eventualmain empruv&agrave; da endatar il code da recuperaziun memia bleras giadas.
-recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
+recovery_check_noCode.instruction2=Serrai per plaschair il browser da web e cumenzai anc ina giada cun la recuperaziun da Voss conto en 10 minutas a <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.banner.error=Scuvrir Voss code da recuperaziun per pudair cuntinuar.
-recovery_code.validUntil=Valid until:
+recovery_code.instruction=Il code da recuperaziun As permetta d'acceder a Voss conto en cas che Vus avais pers tut Voss facturs da login. Tegnai en salv quest code da recuperaziun en in lieu segir per plaschair.
-recovery_fidokey_auth.button=Start key authentication
+recovery_code.newRecoveryCode=Introducziun dal code da recuperaziun
-recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
+recovery_code.validUntil=Valaivel enfin:
-recovery_fidokey_auth.instruction1=You have already registered a new security key !!!SECURITY_KEY_NAME!!! as part of the recovery process.
+recovery_fidokey_auth.button=Cumenzar la autentificaziun da clav
-recovery_fidokey_auth.instruction2=Please use !!!SECURITY_KEY_NAME!!! to follow the steps below to identify you.
+recovery_fidokey_auth.fidoInstruction=Cliccai sin &laquo;Cumenzar la autentificaziun da clav&raquo;
-recovery_fidokey_auth.keyRegistered=Security key already registered
+recovery_fidokey_auth.instruction1=Vus avais gia registr&agrave; ina nova clav da segirezza !!!SECURITY_KEY_NAME!!! durant il process da recuperaziun.
-recovery_intro_email.banner.error=Il link che Vus avais duvr&agrave; &egrave; scad&igrave;. Endatai Vossa adressa dad e-mail per survegnir in nov link.
+recovery_fidokey_auth.instruction2=Utilisai per plaschair !!!SECURITY_KEY_NAME!!! e suandai ils pass qua sutvart per As identifitgar.
-recovery_intro_email.banner.info=Inditgai Vossa adressa dad e-mail. Nus As tramettain in link, cun il qual Vus pudais cumenzar cun il process da recuperaziun.
+recovery_fidokey_auth.keyRegistered=Clav da sgirezza gia registrada
 recovery_intro_email.banner.error=Il link che Vus avais duvr&agrave; &egrave; scad&igrave;. Endatai Vossa adressa d'e-mail per survegnir in nov link.
 recovery_intro_email.banner.info=Inditgai Vossa adressa d'e-mail. Nus As tramettain in link cun il qual Vus pudais cumenzar cun il process da recuperaziun.
 recovery_intro_email.important=Impurtant:
-recovery_intro_email.process=Il process da restabiliment duess mo vegnir duvr&agrave; en cas che Vus avais pers l'access a Voss facturs da login (stizz&agrave; l'app AGOV access, pers la clav da segirezza, pers il telefonin etc.).
+recovery_intro_email.process=Il process da recuperaziun duess mo vegnir duvr&agrave; en cas che Vus avais pers l'access a Voss facturs da login (stizz&agrave; l'app AGOV access, pers la clav da segirezza, pers il telefonin etc.).
 recovery_intro_email_sent.banner.button=N'avais betg retschav&igrave; il e-mail?
 recovery_intro_email_sent.banner.success=Grazia fitg! Proximamain vegnis Vus a retschaiver in e-mail cun in link da recupraziun ed instrucziuns.
-recovery_on_going.finishRecovery=Finish recovery
+recovery_on_going.finishRecovery=Concluder la recuperaziun
-recovery_on_going.instruction=You have an ongoing recovery process. Part of the recovery process can include an identity verification. To access applications with your AGOV-Login you need to finish the identity verification as well.
+recovery_on_going.instruction=In process da recuperaziun &egrave; en curs. Il process da recuperaziun po cumpigliar ina verificaziun d'identitad. Per avair access ad applicaziuns cun Voss AGOV-Login, stuais Vus terminar la verificaziun d'identitad.
-recovery_on_going.title=Please finish your recovery process.
+recovery_on_going.title=Concludai Voss process da recuperaziun per plaschair.
 recovery_questionnaire_instructions.banner.info=Resguardai che en tscherts cas stuais Vus avair access a Voss code da recuperaziun per che la recupraziun po reussir.
 recovery_questionnaire_instructions.explanation=Sin basa da Vossas respostas pari d'esser necessari da recuperar Voss login AGOV. Cliccai sin Vinavant e suandai las instrucziuns sin il monitur.
-recovery_questionnaire_instructions.instruction1=Inditgai l'adressa dad e-mail da Voss login AGOV. Nus As tramettain in link, cun il qual Vus pudais cumenzar il process da recuperaziun
+recovery_questionnaire_instructions.instruction1=Inditgai l'adressa d'e-mail da Voss login AGOV. Nus As tramettain in link cun il qual Vus pudais cumenzar il process da recuperaziun
 recovery_questionnaire_instructions.instruction2=Suandai ils pass per recuperar Voss conto (ils pass varieschan tenor il nivel da verificaziun da Voss conto)
-recovery_questionnaire_loginfactor.banner.error=Per plaschair selecziunai ina resposta.
+recovery_questionnaire_loginfactor.banner.error=Selecziunai ina resposta per plaschair.
 recovery_questionnaire_loginfactor.no=Na
 recovery_questionnaire_loginfactor.question=Avais Vus registr&agrave; pli che in factur da login (app AGOV access u clav da segirezza) per Voss login AGOV?
 recovery_questionnaire_loginfactor.yes=Gea
-recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari per il mument betg d'esser necessari da recuperar Voss login AGOV.
+recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari betg d'esser necessari da recuperar Voss login AGOV per il mument.
 recovery_questionnaire_no_recovery.explanation2=Sche Vus duvrais ulteriuras infurmaziuns, consultai <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per artitgels da support.
 recovery_questionnaire_no_recovery.instruction1=Sche Vus avais difficultads d'As annunziar per in'applicaziun, visitai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifitgai sche Vus As pudais annunziar cun success.
 recovery_questionnaire_no_recovery.instruction2=Sche Vus avais registr&agrave; plirs facturs da login, ma avais pers l'access ad in dad els, consultai <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per stizzar il factur da login pers.
@ -227,11 +229,11 @@ recovery_questionnaire_reason_selection.answer6=Jau hai emblid&agrave; il PIN pe
 recovery_questionnaire_reason_selection.answer7=Jau hai mias clavs da segirezza u mias apps, hai dentant g&igrave; problems da m'annunziar
 recovery_questionnaire_reason_selection.answer8=Jau hai pers l'access a tut mias clavs da segirezza ed apps AGOV
 recovery_questionnaire_reason_selection.answer9=Jau hai problems cun in da mes facturs da login (stizz&agrave;, mess enavos, PIN emblid&agrave;)
-recovery_questionnaire_reason_selection.banner.error=Per plaschair selecziunai in motiv.
+recovery_questionnaire_reason_selection.banner.error=Selecziunai in motiv per plaschair.
-recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv, pertge che Vus cumenzais il process da recuperaziun:
+recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv pertge che Vus cumenzais il process da recuperaziun:
 recovery_start_info.banner.warning=Vus na pudais betg utilisar Voss conto, fin ch'il process da recuperaziun &egrave; termin&agrave;.
-recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain er far in process da verificaziun per pudair terminar il process da restabiliment.
+recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain er far in process da verificaziun per pudair terminar il process da recuperaziun.
 recovery_start_info.title=Vus essas vidlonder da cumenzar cun il process da recuperaziun
-user_input.invalid.email=Endatai in'adressa dad e-mail valida
+user_input.invalid.email=Endatai in'adressa d'e-mail valida
 user_input.invalid.email.required=Champ obligatoric
 user_input.invalid.email.tooLong=Il text endat&agrave; e memia lung
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
@ -0,0 +1,10 @@
 <svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
 <g clip-path="url(#clip0)">
 <path d="M13.9697 17.2808C12.9941 18.2276 11.9177 18.08 10.8917 17.6336C9.80091 17.1782 8.80371 17.1494 7.65171 17.6336C6.21711 18.2528 5.45571 18.0728 4.59171 17.2808C-0.28628 12.2588 0.433719 4.60879 5.97771 4.32079C7.32231 4.39279 8.26371 5.06419 9.05571 5.11999C10.2329 4.88059 11.3597 4.19479 12.6197 4.28479C14.1335 4.40719 15.2657 5.00479 16.0217 6.07938C12.9077 7.95138 13.6457 12.0554 16.5059 13.2074C15.9335 14.7104 15.1991 16.1954 13.9679 17.2934L13.9697 17.2808ZM8.94771 4.26679C8.80191 2.03479 10.6109 0.198798 12.6917 0.0187988C12.9779 2.59279 10.3517 4.51879 8.94771 4.26679Z" fill="#1F2F33"/>
 </g>
 <defs>
 <clipPath id="clip0">
 <rect width="15.156" height="18" fill="white" transform="translate(1.3335)"/>
 </clipPath>
 </defs>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
@ -66,7 +66,7 @@ const Status = {
 };
 function setDeepLinkLabel(button) {
-    const text = document.getElementsByName('info.deeplink')[0].value;
+    const text = document.getElementById('info.login.access_app').innerText;
    button.innerHTML = text;
 }
@ -80,7 +80,13 @@ function messageCheckPhone() {
    infoElement.innerHTML = text;
 }
-const Element = {
+function showError() {
    const text = document.getElementsByName('error.authcloud.login')[0].value;
    errorElement.innerHTML = text;
    infoElement.style.display = "none";
 }
 const AccessAppElement = {
    _elem: null, // QR code or deep link depending on device
@ -91,8 +97,11 @@ const Element = {
        if (isAndroid || isIphone) {
            this._elem = document.createElement('a');
            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
+            this._elem.setAttribute('class', 'btn btn-primary w-100 mt-4');
            this._elem.setAttribute('target', '_blank');
            // distinguishes style for platforms
            dispatcherElement.classList.add('mobile-platform');
            dispatcherElement.appendChild(this._elem);
            setDeepLinkLabel(this._elem);
        }
@ -103,13 +112,23 @@ const Element = {
            }
            else {
                messageScanQR();
                const qrSize = 280;
                // Element to render the QR code
                this._elem = document.createElement('canvas');
-                dispatcherElement.appendChild(this._elem);
+                // Wrapper div to render corners
-                var qrcode = new QRious({
+                const qrCodeWrapper = document.createElement('div');
                qrCodeWrapper.setAttribute('id','qr-code-wrapper');
                qrCodeWrapper.style.width = `${qrSize}px`;
                qrCodeWrapper.style.height = `${qrSize}px`;
                qrCodeWrapper.appendChild(this._elem)
                dispatcherElement.style.height = `${qrSize}px`;
                dispatcherElement.appendChild(qrCodeWrapper);
                const qrcode = new QRious({
                  element: this._elem,
-                  foreground: "#168CA9",
+                  // use --nevis-gray-900 CSS variable value
                  foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
                  level: "M",
-                  size: 280,
+                  size: qrSize,
                  value: appLink
                });
            }
@ -125,20 +144,31 @@ const Element = {
 };
 function authenticateUser(appLink) {
-    Element.show(appLink);
+
-    console.log('Starting Authentication Cloud status polling...');
+    AccessAppElement.show(appLink);
    console.log('Starting Auth Cloud status polling...');
    Status.startPolling(statusToken, (st, done) => {
        if (st.status === 'succeeded') {
-            console.log('Authentication Cloud login done.');
+
            console.log('Auth Cloud success.');
            // auto submit form with outcome
            submitStatus('succeeded')
        }
        else if (st.status === 'failed') {
            // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Authentication Cloud login failed. User abort or timeout.');
+            console.warn('Auth Cloud login failed. User abort or timeout.');
            submitStatus('failed')
        }
        else if (st.status === 'unknown') {
-            console.error('Authentication Cloud login failed. Unknown status.');
+
            console.error('Auth Cloud login failed. Unknown status.');
            submitStatus('unknown')
        }
    });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
@ -75,7 +75,12 @@ function messageScanQR() {
    infoElement.innerHTML = text;
 }
-const Element = {
+function messageInstalledAccessApp() {
  const text = document.getElementById('info.access_app.installed').innerText;
  infoElement.innerHTML = text;
 }
 const AccessAppElement = {
    _elem: null, // QR code or deep link depending on device
@ -84,22 +89,47 @@ const Element = {
        const isIphone = 'iPhone' === navigator.platform;
        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
        if (isAndroid || isIphone) {
            if (isAndroid) {
                document.getElementById('install_apple').style.display = 'none';
            }
            if (isIphone) {
                document.getElementById('install_google').style.display = 'none';
            }
            this._elem = document.createElement('a');
            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
+            this._elem.setAttribute('class', 'btn btn-primary w-100');
            this._elem.setAttribute('target', '_blank');
            // distinguishes style for platforms
            dispatcherElement.classList.add('mobile-platform');
            const accessApplinks = document.getElementById('access-app-download-link');
            accessApplinks.classList.add('access-app-download-link-mobile-spacing');
            dispatcherElement.appendChild(this._elem);
            setDeepLinkLabel(this._elem);
            // info text is displayed before access app links
            accessApplinks.parentNode.insertBefore(infoElement.parentNode, accessApplinks);
            messageInstalledAccessApp();
        }
        else {
            messageScanQR();
            const qrSize = 280;
            // Element to render the QR code
            this._elem = document.createElement('canvas');
-            dispatcherElement.appendChild(this._elem);
+            // Wrapper div to render corners
-            var qrcode = new QRious({
+            const qrCodeWrapper = document.createElement('div');
            qrCodeWrapper.setAttribute('id','qr-code-wrapper');
            qrCodeWrapper.style.width = `${qrSize}px`;
            qrCodeWrapper.style.height = `${qrSize}px`;
            qrCodeWrapper.appendChild(this._elem)
            dispatcherElement.style.height = `${qrSize}px`;
            dispatcherElement.appendChild(qrCodeWrapper);
            const qrcode = new QRious({
              element: this._elem,
-              foreground: "#168CA9",
+              // use --nevis-gray-900 CSS variable value
              foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
              level: "M",
-              size: 280,
+              size: qrSize,
              value: appLink
            });
        }
@ -114,25 +144,47 @@ const Element = {
 };
 function onboardUser(appLink) {
-    Element.show(appLink);
+
-    console.log('Starting Authentication Cloud status polling...');
+    AccessAppElement.show(appLink);
    console.log('Starting Auth Cloud status polling...');
    Status.startPolling(statusToken, (st, done) => {
        if (st.status === 'succeeded') {
-            console.log('Authentication Cloud onboarding done.');
+
            console.log('Auth Cloud success.');
            // auto submit form with outcome
            submitStatus('succeeded')
        }
        else if (st.status === 'failed') {
            // failed: The transaction failed, either by timeout or because the user did not accept.
            console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
            submitStatus('failed')
        }
        else if (st.status === 'unknown') {
            console.error('Authentication Cloud onboarding failed. Unknown status.');
            submitStatus('unknown')
        }
    });
 }
 const swap = function (nodeA, nodeB) {
    const parentA = nodeA.parentNode;
    const siblingA = nodeA.nextSibling === nodeB ? nodeA : nodeA.nextSibling;
    // Move `nodeA` to before the `nodeB`
    nodeB.parentNode.insertBefore(nodeA, nodeB);
    // Move `nodeB` to before the sibling of `nodeA`
    parentA.insertBefore(nodeB, siblingA);
 };
 function init() {
    const form = document.getElementById('authcloud_onboard');
@ -145,6 +197,9 @@ function init() {
    dispatcherElement = document.getElementById('authcloud_dispatch');
    // info texts are displayed underneath QR code
    swap(infoElement.parentNode, dispatcherElement.parentNode);
    const appLink = form.appLink.value;
    onboardUser(appLink);
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap-theme.min.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap-theme.min.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
@ -0,0 +1,3 @@
 <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M12.6667 6L8 10.6667L3.33333 6" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
@ -0,0 +1,3 @@
 <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
  <path d="M6 3.33332L10.6667 7.99999L6 12.6667" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
@ -0,0 +1,27 @@
 function copyToClipboard(containerid) {
  if (document.selection) {
    var range = document.body.createTextRange();
    range.moveToElementText(document.getElementById(containerid));
    range.select().createTextRange();
    document.execCommand("copy");
  } else if (window.getSelection) {
    var range = document.createRange();
    range.selectNode(document.getElementById(containerid));
    window.getSelection().addRange(range);
    document.execCommand("copy");
  }
  // clear selection
  if (window.getSelection) {
    if (window.getSelection().empty) {
      // Chrome
      window.getSelection().empty();
    } else if (window.getSelection().removeAllRanges) {
      // Firefox
      window.getSelection().removeAllRanges();
    }
  } else if (document.selection) {
    // IE
    document.selection.empty();
  }
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
@ -0,0 +1,755 @@
 /*!
 * Bootstrap v5.1.3 (https://getbootstrap.com/)
 * Copyright 2011-2021 The Bootstrap Authors
 * Copyright 2011-2021 Twitter, Inc.
 * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
 */
 /*
 * This file contains customized bootstrap classes which are in the same name, however differ in the implementation.
 * Classes use CSS custom properties from :root to be runtime modifiable.
 * Used a portion of bootstrap classes which satisfy the requirements without to include the whole bootstrap bundle.
 * If you would like to add new classes as "override" or extension please use the bootstrap naming convention.
 */
 /* Form controls */
 .form-label {
  margin-bottom: 0.25rem;
 }
 .form-check:has(.form-check-label) {
  padding: 1em 1em 1em 1.6em;
  border-top: solid 1px lightgray;
  margin: 0 1em 0 1em;
 }
 .form-check-label {
  font-size: 0.875rem !important;
 }
 .form-group {}
 .form-control {
  display: block;
  width: 100%;
  padding: 0.5625rem 0.75rem;
  font-size: 1rem;
  font-weight: 400;
  line-height: 1.25rem;
  color: var(--nevis-black);
  background-color: var(--nevis-white);
  background-clip: padding-box;
  border: 0.0625rem solid var(--nevis-form-control-border-color);
  border-radius: var(--nevis-border-radius);
  -webkit-appearance: none;
  -moz-appearance: none;
  appearance: none;
  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
 }
@media (prefers-reduced-motion: reduce) {
  .form-control {
    transition: none;
  }
 }
 .form-control:focus {
  color: var(--nevis-black);
  background-color: var(--nevis-white);
  border-color: var(--nevis-primary);
  outline: 0;
  box-shadow: 0 0 0 0.0625rem var(--nevis-primary);
 }
 .form-control::-webkit-date-and-time-value {
  height: 1.5em;
 }
 .form-control::-moz-placeholder {
  color: var(--nevis-secondary);
  opacity: 1;
 }
 .form-control::placeholder {
  color: var(--nevis-secondary);
  opacity: 1;
 }
 .form-control:disabled {
  font-size: 0.875rem;
  background-color: #e9ecef;
  opacity: 1;
 }
 .form-control[readonly] {
  background: var(--nevis-readonly-bg-color);
  border-color: var(--nevis-readonly-border-color);
  border-radius: var(--nevis-border-radius);
  color: var(--nevis-gray-900);
  font-size: 0.875rem;
 }
 .form-control[readonly]:focus {
  box-shadow: 0 0 0 0.0625rem var(--nevis-readonly-box-shadow-color);
 }
 /* Valdiation */
 .invalid-feedback {
  display: none;
  width: 100%;
  margin-top: 0.25rem;
  font-size: 0.875em;
  color: var(--nevis-danger);
 }
 .was-validated :invalid~.invalid-feedback,
 .was-validated :invalid~.invalid-tooltip,
 .is-invalid~.invalid-feedback,
 .is-invalid~.invalid-tooltip {
  display: block;
 }
 /* Added for 3rd party International Telephone Input */
 .was-validated .iti~.invalid-feedback.invalid-feedback-ready,
 .was-validated .iti~.invalid-tooltip.invalid-feedback-ready {
  display: block;
 }
 .was-validated .form-control:invalid,
 .form-control.is-invalid {
  border-color: var(--nevis-danger);
  border-width: 0.125rem;
  padding-right: inherit;
  background-image: none;
  background-repeat: no-repeat;
  background-position: inherit;
  background-size: inherit;
 }
 .was-validated .form-control:invalid:focus,
 .form-control.is-invalid:focus {
  border-color: var(--nevis-danger);
  box-shadow: none;
 }
 .form-control:valid,
 .form-control.is-valid {
  background-image: none;
 }
 /* remove valid feedback classes */
 .was-validated .form-control:valid,
 .form-control.is-valid {
  border-color: var(--nevis-gray-400);
  padding-right: inherit;
  background-image: inherit;
  background-repeat: no-repeat;
  background-position: inherit;
  background-size: inherit;
 }
 .was-validated .form-control:valid:focus,
 .form-control.is-valid:focus {
  border-color: var(--nevis-gray-400);
  box-shadow: unset;
 }
 .was-validated textarea.form-control:valid,
 textarea.form-control.is-valid {
  padding-right: inherit;
  background-position: inherit;
 }
 .was-validated .form-select:valid,
 .form-select.is-valid {
  border-color: var(--nevis-gray-400);
 }
 .was-validated .form-select:valid:not([multiple]):not([size]),
 .was-validated .form-select:valid:not([multiple])[size="1"],
 .form-select.is-valid:not([multiple]):not([size]),
 .form-select.is-valid:not([multiple])[size="1"] {
  padding-right: inherit;
  background-image: none;
  background-position: inherit;
  background-size: inherit;
 }
 .was-validated .form-select:valid:focus,
 .form-select.is-valid:focus {
  border-color: var(--nevis-gray-400);
  box-shadow: unset;
 }
 .was-validated .form-check-input:valid,
 .form-check-input.is-valid {
  border-color: var(--nevis-gray-400);
 }
 .was-validated .form-check-input:valid:checked,
 .form-check-input.is-valid:checked {
  background-color: inherit;
 }
 .was-validated .form-check-input:valid:focus,
 .form-check-input.is-valid:focus {
  box-shadow: unset;
 }
 .was-validated .form-check-input:valid~.form-check-label,
 .form-check-input.is-valid~.form-check-label {
  color: inherit;
 }
 /* Buttons */
 .btn {
  display: inline-block;
  font-weight: 500;
  line-height: 1.5rem;
  color: var(--nevis-black);
  text-align: center;
  text-decoration: none;
  vertical-align: middle;
  cursor: pointer;
  -webkit-user-select: none;
  -moz-user-select: none;
  user-select: none;
  background-color: transparent;
  border: 0.0625rem solid transparent;
  padding: 0.75rem 1.25rem;
  font-size: 1rem;
  border-radius: var(--nevis-border-radius);
  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
 }
@media (prefers-reduced-motion: reduce) {
  .btn {
    transition: none;
  }
 }
 .btn:hover {
  color: var(--nevis-black);
 }
 .btn:disabled,
 .btn.disabled,
 fieldset:disabled .btn {
  pointer-events: none;
  opacity: 0.65;
 }
 /* remove box-shadows by default, enable later by colors */
 .btn:focus {
  box-shadow: unset;
 }
 .btn-check:checked+.btn-primary:focus,
 .btn-check:active+.btn-primary:focus,
 .btn-primary:active:focus,
 .btn-primary.active:focus,
 .show>.btn-primary.dropdown-toggle:focus {
  box-shadow: unset;
 }
 /* Primary Button */
 .btn-primary {
  color: var(--nevis-white);
  background-color: var(--nevis-primary);
  border-color: var(--nevis-primary);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
 }
 .btn-primary:hover {
  color: var(--nevis-white);
  filter: brightness(110%);
  background-color: var(--nevis-primary);
  border-color: var(--nevis-primary);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
 }
 .btn-primary:focus {
  color: var(--nevis-white);
  background-color: var(--nevis-primary);
  border-color: var(--nevis-primary);
  filter: brightness(110%);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
 }
 .btn-primary:active,
 .btn-primary.active {
  color: var(--nevis-white);
  background-color: var(--nevis-primary);
  border-color: var(--nevis-primary);
  filter: brightness(90%);
 }
 .btn-primary:active:focus,
 .btn-primary.active:focus {
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
 }
 .btn-primary:disabled,
 .btn-primary.disabled {
  color: var(--nevis-secondary);
  background-color: var(--nevis-gray-100);
  border-color: var(--nevis-gray-100);
  box-shadow: none;
  filter: brightness(1);
 }
 /* Secondary Button */
 .btn-secondary {
  color: var(--nevis-gray-900);
  background-color: var(--nevis-gray-200);
  border-color: var(--nevis-gray-200);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
 }
 .btn-secondary:hover {
  color: var(--nevis-gray-900);
  filter: brightness(110%);
  background-color: var(--nevis-gray-200);
  border-color: var(--nevis-gray-200);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
 }
 .btn-secondary:focus {
  color: var(--nevis-gray-900);
  background-color: var(--nevis-gray-200);
  border-color: var(--nevis-gray-200);
  filter: brightness(110%);
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
 }
 .btn-secondary:active,
 .btn-secondary.active {
  color: var(--nevis-gray-900);
  background-color: var(--nevis-gray-200);
  border-color: var(--nevis-gray-200);
  filter: brightness(90%);
 }
 .btn-secondary:active:focus,
 .btn-secondary.active:focus {
  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
 }
 .btn-secondary:disabled,
 .btn-secondary.disabled {
  color: var(--nevis-secondary);
  background-color: var(--nevis-gray-100);
  border-color: var(--nevis-gray-100);
  box-shadow: none;
  filter: brightness(1);
 }
 .btn-link {
  font-size: 0.875rem !important;
  vertical-align: baseline;
  border: none;
  color: var(--nevis-primary);
  background: none;
  text-decoration: none;
  padding: 0;
 }
 /* Componentes */
 .dropdown-toggle::after {
  display: none !important;
 }
 /* Utilities */
 h6,
 .h6,
 h5,
 .h5,
 h4,
 .h4,
 h3,
 .h3,
 h2,
 .h2,
 h1,
 .h1 {
  margin-top: 0;
  font-weight: 500;
  line-height: 1.2;
 }
 h1,
 .h1 {
  font-size: calc(1.375rem + 1.5vw);
 }
@media (min-width: 1200px) {
  h1,
  .h1 {
    font-size: 2.5rem;
  }
 }
 h2,
 .h2 {
  font-size: calc(1.325rem + 0.9vw);
 }
@media (min-width: 1200px) {
  h2,
  .h2 {
    font-size: 2rem;
  }
 }
 h3,
 .h3 {
  font-size: calc(1.3rem + 0.6vw);
 }
@media (min-width: 1200px) {
  h3,
  .h3 {
    font-size: 1.75rem;
  }
 }
 h4,
 .h4 {
  font-size: calc(1.275rem + 0.3vw);
 }
@media (min-width: 1200px) {
  h4,
  .h4 {
    font-size: 1.5rem;
  }
 }
 h5,
 .h5 {
  font-size: 1.25rem;
 }
 h6,
 .h6 {
  font-size: 1rem;
 }
 small,
 .small {
  font-size: 0.875rem !important;
 }
 .text-primary {
  color: var(--nevis-primary) !important;
 }
 .text-secondary {
  color: var(--nevis-secondary) !important;
 }
 .text-success {
  color: var(--nevis-success) !important;
 }
 .text-info {
  color: var(--nevis-info) !important;
 }
 .text-warning {
  color: var(--nevis-warning) !important;
 }
 .text-danger {
  color: var(--nevis-danger) !important;
 }
 .text-light {
  color: var(--nevis-light) !important;
 }
 .text-dark {
  color: var(--nevis-dark) !important;
 }
 .text-white {
  color: var(--nevis-white) !important;
 }
 .bg-primary {
  background-color: var(--nevis-primary) !important;
 }
 .bg-secondary {
  background-color: var(--nevis-secondary) !important;
 }
 .bg-success {
  background-color: var(--nevis-success) !important;
 }
 .bg-info {
  background-color: var(--nevis-info) !important;
 }
 .bg-warning {
  background-color: var(--nevis-warning) !important;
 }
 .bg-danger {
  background-color: var(--nevis-danger) !important;
 }
 .bg-light {
  background-color: var(--nevis-light) !important;
 }
 .bg-dark {
  background-color: var(--nevis-dark) !important;
 }
 .bg-body {
  background-color: var(--nevis-white) !important;
 }
 .bg-white {
  background-color: var(--nevis-white) !important;
 }
 .link-primary {
  color: var(--nevis-primary);
 }
 .link-primary:hover,
 .link-primary:focus {
  color: var(--nevis-primary);
  filter: brightness(80%);
 }
 .link-secondary {
  color: var(--nevis-secondary);
 }
 .link-secondary:hover,
 .link-secondary:focus {
  color: var(--nevis-secondary);
  filter: brightness(80%);
 }
 .link-success {
  color: var(--nevis-success);
 }
 .link-success:hover,
 .link-success:focus {
  color: var(--nevis-success);
  filter: brightness(80%);
 }
 .link-info {
  color: var(--nevis-info);
 }
 .link-info:hover,
 .link-info:focus {
  color: var(--nevis-info);
  filter: brightness(80%);
 }
 .link-warning {
  color: var(--nevis-warning);
 }
 .link-warning:hover,
 .link-warning:focus {
  color: var(--nevis-warning);
  filter: brightness(80%);
 }
 .link-danger {
  color: var(--nevis-danger);
 }
 .link-danger:hover,
 .link-danger:focus {
  color: var(--nevis-danger);
  filter: brightness(80%);
 }
 .link-light {
  color: var(--nevis-light);
 }
 .link-light:hover,
 .link-light:focus {
  color: var(--nevis-light);
  filter: brightness(80%);
 }
 .link-dark {
  color: var(--nevis-dark);
 }
 .link-dark:hover,
 .link-dark:focus {
  color: var(--nevis-dark);
  filter: brightness(80%);
 }
 .border-primary {
  border-color: var(--nevis-primary) !important;
 }
 .border-secondary {
  border-color: var(--nevis-secondary) !important;
 }
 .border-success {
  border-color: var(--nevis-success) !important;
 }
 .border-info {
  border-color: var(--nevis-info) !important;
 }
 .border-warning {
  border-color: var(--nevis-warning) !important;
 }
 .border-danger {
  border-color: var(--nevis-danger) !important;
  border-width: 0.125rem;
 }
 .border-light {
  border-color: var(--nevis-light) !important;
 }
 .border-dark {
  border-color: var(--nevis-dark) !important;
 }
 .border-white {
  border-color: var(--nevis-white) !important;
 }
 /* EXTENSION PART */
 /* Spacing */
 .mt-20 {
  margin-top: 1.25rem;
 }
 .me-5px {
  margin-right: 0.3125rem;
 }
 .my-40 {
  margin: 2.5rem 0;
 }
 .mb-40 {
  margin-bottom: 2.5rem;
 }
 /* Colors */
 .text-nevis-blue {
  color: var(--nevis-blue-600) !important;
 }
 .bg-nevis-blue {
  background-color: var(--nevis-blue-600) !important;
 }
 .border-nevis-blue {
  border-color: var(--nevis-blue-600) !important;
 }
 .link-nevis-blue {
  color: var(--nevis-blue-600);
 }
 .link-nevis-blue:hover,
 .link-nevis-blue:focus {
  color: var(--nevis-blue-600);
  filter: brightness(80%);
 }
 .btn-language-selector {
  display: inline-flex;
  justify-content: center;
  align-items: center;
  flex-shrink: 0;
  padding: 0;
  min-width: 0;
  box-sizing: border-box;
  box-shadow: none;
  font-size: 0.875rem !important;
  line-height: 1.25rem;
  font-weight: normal;
  outline: none;
  border: none;
  vertical-align: baseline;
  text-align: center;
  background-color: initial;
  color: var(--nevis-gray-900);
 }
 .btn-language-selector:hover {
  background: initial;
 }
 .btn-language-selector:active {
  background: initial;
 }
 .btn-language-selector:focus {
  box-shadow: none;
 }
 .btn-language-selector+.dropdown-menu {
  min-width: 0;
  width: 10rem;
  padding: 0.25rem 0;
  /* centering the dropdown */
  margin-left: -0.5rem !important;
  margin-top: 0.5rem !important;
  overflow: hidden;
  box-shadow: 0rem 0rem 0rem 0.0625rem var(--nevis-gray-200),
    0rem 0.1875rem 1.25rem -0.625rem var(--nevis-gray-900);
  border-radius: var(--nevis-border-radius);
  border: 0;
 }
 .btn-language-selector+.dropdown-menu>li {
  overflow: hidden;
 }
 .btn-language-selector+.dropdown-menu .dropdown-item {
  font-style: normal;
  font-weight: normal;
  font-size: 0.875rem;
  line-height: 1.25rem;
  padding: 0.5rem 1rem;
  color: var(--nevis-gray-900);
 }
 .btn-language-selector+.dropdown-menu .dropdown-item:hover {
  background: var(--nevis-blue-100);
 }
 .btn-language-selector+.dropdown-menu .dropdown-item:focus {
  background: none;
 }
 .btn-language-selector+.dropdown-menu .dropdown-item:active,
 .btn-language-selector+.dropdown-menu .dropdown-item.active {
  background: var(--nevis-blue-100);
  filter: brightness(90%);
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/default.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/default.css
@ -1,222 +0,0 @@
 /********************************************************
 * Layout
 ********************************************************/
 html { /* magic to position footer */
 	position: relative;
 	min-height: 100%;
 }
 body {
 	margin-bottom: 76px; /* == footer height */
 }
 .container, .container-fluid {
 	padding-left: 36px;
 	padding-right: 36px;
 }
 nav {
 	min-height: 100px;
 	padding: 36px;
 }
 header {
 	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
 }
 .container {
 	min-width: 260px;
 	max-width: 700px;
 }
 h1 {
 	margin-bottom: 50px;
 }
 footer {
 	width: 100%;
 	position: absolute;
 	bottom: 0;
 	padding: 0 36px;
 }
 img {
 	width: 100%;
 }
 /********************************************************
 * Header
 ********************************************************/
 header .logo {
 	/* width: 20%;*/
 	/*max-width: 600px;*/
 	max-height: 150px;
 	width: auto;
 }
 /********************************************************
 * Dropdown
 ********************************************************/
 a.dropdown-toggle {
 	text-decoration: none;
 }
 a.dropdown-toggle:hover {
 	color: #168CA9;
 	border-bottom: 3px solid #168CA9;
 }
 .dropdown-menu {
 	padding: 5px 0;
 }
 .dropdown-menu li > a {
 	padding: 6px 28px;
 }
 .dropdown-menu a > .prefix {
 	display: inline-block;
 	min-width: 22px;
 	margin-right: 28px;
 	text-align: right;
 }
 /********************************************************
 * Form
 ********************************************************/
 /* Labels should not be bold */
 label {
 	font-weight: normal;
 }
 /* Make error messages bold */
 .has-error .help-block {
 	font-weight: bold;
 }
 /* Change button size, by default 116px in width */
 .btn {
 	min-width: 116px;
 	padding: 3px 12px;
 }
 /* Disable gradient in buttons, ughhhh */
 .btn.btn-primary {
 	border-color: transparent;
 	background-image: none;
 	text-shadow: none;
 	box-shadow: none;
 	-webkit-box-shadow: none;
 }
 .help-block a, .help-block a:visited {
 	color: #168CA9;
  font-weight: bold;
  text-decoration: none;
 }
 .help-block a:hover {
 	color: #168CA9;
  text-decoration: underline;
 }
 /********************************************************
 * Footer
 ********************************************************/
 footer .row {
 	margin: 36px 0 0 0;
 	height: 40px;
 	padding-top: 14px;
 	line-height: 26px; /* to center text: height - padding-top = 26px */
 	border-top: 1px solid #168CA9;
 }
 footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
 	padding: 0;
 }
 footer .logo-round-container {
 	position: relative;
 }
 footer .logo-round {
 	position: absolute;
 	left: 0;
 	right: 0;
 	top: -33px; /* found visually with Chrome Dev Tools */
 	height: 36px;
 	width: 36px;
 	border: 1px solid #00868c;
 	border-radius: 18px;
 	background: #fff;
 	padding: 8px;
 }
 footer .logo-round > img {
 	display: block;
 }
 #dispatchTargets {
 	margin-top: 20px;
 }
 /********************************************************
 * Social login
 ********************************************************/
 .btn.line {
    background-color: transparent;
    display: block;
    width: 100%;
    padding: 0;
    margin: 1.5em 0 1em;
    border: 0.5px solid #ccc;
    pointer-events: none;
 }
 .btn.socialLogin {
    background-color: #fff;
    border: thin solid #ccc;
    color: #000;
    font-weight: 600;
    position: relative;
    margin: 5px;
    min-width: 140px;
    width: 210px;
    border-radius: 8px;
    padding: 8px 12px;
    text-align: left;
 }
 .socialLogin img {
    width: 1.5em;
    height: 108%;
    margin-right: 0.5em;
 }
 .btn.apple img {
    width: 1.2em;
 }
 /********************************************************
 * Show password
 ********************************************************/
 .icon-inside {
  position: relative;
 }
 .icon-inside input {
  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
 }
 .icon-inside button {
  position: absolute;
  right: 0;
  top: 0;
  margin-top: 0.45rem;
  margin-right: 0.45rem;
  background: #FFFFFF;
  border: #FFFFFF;
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
@ -0,0 +1,23 @@
 function displayRecoveryCodes() {
  const recoverCodes = document.getElementById("recovery-codes-raw");
  // early return if recoverCodes not found
  if (!recoverCodes) {
    return;
  }
  var recoveryCodesContent = recoverCodes.innerHTML;
  recoveryCodesContent = recoveryCodesContent.replace("[", "");
  recoveryCodesContent = recoveryCodesContent.replace("]", "");
  recoveryCodesContent = recoveryCodesContent.split(",");
  for (let i = 0; i < recoveryCodesContent.length; i++) {
    if (i % 2 == 0) {
      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-gray printable\">" + recoveryCodesContent[i] + "</div>";
    }
    else {
      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-white printable\">" + recoveryCodesContent[i] + "</div>";
    }
  }
  recoverCodes.remove();
 }
 displayRecoveryCodes();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
@ -0,0 +1,26 @@
 function downloadRecoveryCodes(contentContainerId) {
  const textToDownload = document.getElementById(contentContainerId).innerText;
  // It is necessary to create a new blob object with mime-type explicitly set
  // otherwise only Chrome works like it should
  const newBlob = new Blob([textToDownload], { type: "text/plain" });
  // IE doesn't allow using a blob object directly as link href
  // instead it is necessary to use msSaveOrOpenBlob
  if (window.navigator && window.navigator.msSaveOrOpenBlob) {
    window.navigator.msSaveOrOpenBlob(newBlob, "recovery-codes.txt");
    return;
  }
  // For other browsers:
  // Create a link pointing to the ObjectURL containing the blob.
  const data = window.URL.createObjectURL(newBlob);
  const link = document.createElement("a");
  link.href = data;
  link.download = "recovery-codes.txt";
  link.click();
  setTimeout(() => {
    // For Firefox it is necessary to delay revoking the ObjectURL
    window.URL.revokeObjectURL(data);
  }, 400);
  link.remove();
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/dropdown.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/dropdown.js
@ -1,36 +0,0 @@
 (function() {
  var closeDropdownTimeout;
  function closeDropdown(event) {
    var dropdowns = document.querySelectorAll('.dropdown');
    for (var i = 0; i < dropdowns.length; i++) {
      var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
      if (dropdownMenu.style.display !== 'none' && !dropdowns[i].contains(event.target)) {
        dropdownMenu.style.display = 'none';
      }
    }
    // remove event listener till we have a new dropdown menu open
    if (document.querySelector('.dropdown-menu:not([style*="display: none"])') === null) {
      document.removeEventListener('click', closeDropdown);
    }
  }
  var dropdowns = document.querySelectorAll('.dropdown');
  for (var i = 0; i < dropdowns.length; i++) {
    var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
    dropdownMenu.style.display = 'none'; // ensure menu is initially hidden
    dropdowns[i].addEventListener('click', function(e) {
      // show dropdown menu
      var dropdownMenu = this.querySelector('.dropdown-menu');
      dropdownMenu.style.display = 'block';
      // handle clicking away
      clearTimeout(closeDropdownTimeout);
      closeDropdownTimeout = setTimeout(function() {
        document.addEventListener('click', closeDropdown);
      }, 10);
    });
  }
 }());
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/e2eenc.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/e2eenc.js
@ -1,98 +0,0 @@
 var e2eenc = function() {
 	this.encryptForm = function(algoString, formId) {
 		// TODO: in case of an error we should return false, to prevent the for to be submitted
 		//       or replace the fields with dummy values, just to prevent the the transmission
 		//       of unencrypted values
 		// create the array of input fields to encrypt (needs to be done before setting the form
 		// invisible
 		var fieldsToEncrypt = new Array();
 		$.each($("form input:visible"), function(index, _inputField) { fieldsToEncrypt.push($(_inputField));});
 		// hide the form, and display the splash screen
 		$('#loginform').css('display','none');
 		$('#e2eeSplashScreen').css('display','block');
 		// encryption logic
 		var pubKey = $("input[name='e2eenc.publicKey']").val();
 		var kemSessionKey = readPublicKeyAndGenerateSessionKey(pubKey)
 		var iv = forge.random.getBytesSync(16);
 		keyB64 = forge.util.encode64(kemSessionKey.key);
 		encapsulationB64 = forge.util.encode64(kemSessionKey.encapsulation);
 		ivB64 = forge.util.encode64(iv);
 		//console.log("Encrypting form " + formId + " (" + algoString + ")");
 		var fields = "";
 		$.each(fieldsToEncrypt, function(index, _inputField) {
 			var inputField = $(_inputField);
 			if (inputField.attr("type") == "text" || inputField.attr("type") == "password") {
 				//console.log("Encrypting field " + JSON.stringify(inputField));
 				var plainValue = inputField.val();
 				var encryptedValueB64 = encrypt(kemSessionKey, iv, plainValue);
 				//console.log("Setting encrypted value in b64: " + encryptedValueB64);
 				inputField.val(encryptedValueB64);
 				if (fields.length > 0) {
 					fields = fields + ","
 				}
 				fields = fields + inputField.attr("name");
 			}
 		});
 		$("input[name='e2eenc.iv']").val(ivB64);
 		$("input[name='e2eenc.encapsulation']").val(encapsulationB64);
 		$("input[name='e2eenc.fields']").val(fields);
 	}
 	function getRSApublicKey(pem) {
 	    //console.log("PEM: " + pem);
 	    var msg = forge.pem.decode(pem)[0];
 	    //console.log("msg type: " + msg.type);
 	    if(msg.procType && msg.procType.type === 'ENCRYPTED') {
 		throw new Error('Could not retrieve RSA public key from PEM; PEM is encrypted.');
 	    }
 	    // convert DER to ASN.1 object
 	    var asn1obj = forge.asn1.fromDer(msg.body);
 	    //console.log("ASN.1 obj: " + JSON.stringify(asn1obj))
 	    var pubKey = forge.pki.publicKeyFromAsn1(asn1obj)
 	    //console.log("PubKey: " + JSON.stringify(pubKey))
 	    return pubKey;
 	}
 	function generateKEMSessionKey(rsaPublicKey) {
 	    // generate key-derivation-function and initializes it with sha1
 	    var kdf1 = new forge.kem.kdf1(forge.md.sha1.create());
 	    // creates a KEM function based on the key-derivation-function created above
 	    var kem = forge.kem.rsa.create(kdf1);
 	    // generate and encapsulate a 16-byte secret key. 
 	    // The secret key is generated using the kdf defined above.
 	    var kemSessionKey = kem.encrypt(rsaPublicKey, 16);
 	    // kemSessionKey has 'encapsulation' (= pub key) and 'key' (= generated secret key)
 	    return kemSessionKey;
 	}
 	function readPublicKeyAndGenerateSessionKey(pem) {
 	    var rsaPublicKey = getRSApublicKey(pem);
 	    //console.log("PubKey: " + JSON.stringify(rsaPublicKey))
 	    var kemSessionKey = generateKEMSessionKey(rsaPublicKey);
 	    //console.log("KEM session key: " + JSON.stringify(kemSessionKey))
 	    return kemSessionKey;
 	}
 	function encrypt(kemSessionKey, iv, msg) {
 		var cipher = forge.cipher.createCipher('AES-CBC', kemSessionKey.key);
 		cipher.start({iv: iv});
 		cipher.update(forge.util.createBuffer(msg, 'utf-8'));
 		cipher.finish();
 		var encrypted = cipher.output.getBytes();
 		encryptedB64 = forge.util.encode64(encrypted);
 		return encryptedB64;
 	}
 };
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
@ -0,0 +1,3 @@
 <svg width="10" height="9" viewBox="0 0 10 9" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path fill-rule="evenodd" clip-rule="evenodd" d="M3.95423 0.859245C4.413 0.0436633 5.58725 0.0436629 6.04602 0.859245L9.3942 6.81157C9.84416 7.61149 9.2661 8.59988 8.34831 8.59988H1.65194C0.734151 8.59988 0.156094 7.61149 0.606052 6.81157L3.95423 0.859245ZM5.60007 6.79995C5.60007 7.13132 5.33144 7.39995 5.00007 7.39995C4.6687 7.39995 4.40007 7.13132 4.40007 6.79995C4.40007 6.46858 4.6687 6.19995 5.00007 6.19995C5.33144 6.19995 5.60007 6.46858 5.60007 6.79995ZM5.00007 1.99995C4.6687 1.99995 4.40007 2.26858 4.40007 2.59995V4.39995C4.40007 4.73132 4.6687 4.99995 5.00007 4.99995C5.33144 4.99995 5.60007 4.73132 5.60007 4.39995V2.59995C5.60007 2.26858 5.33144 1.99995 5.00007 1.99995Z" fill="#F25562"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
@ -0,0 +1,10 @@
 <svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M54 10H62C66.4183 10 70 13.5817 70 18V26" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 <path d="M10 26L10 18C10 13.5817 13.5817 10 18 10L26 10" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 <path d="M26 70L18 70C13.5817 70 10 66.4183 10 62L10 54" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 <path d="M70 54L70 62C70 66.4183 66.4183 70 62 70L54 70" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 <circle cx="40" cy="40" r="22" stroke="#168CA9" stroke-width="4"/>
 <path d="M48 48.5C43.5817 53.8333 36.4183 53.8333 32 48.5" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <rect x="49" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
 <rect x="30" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
@ -0,0 +1,4 @@
 <svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M18 9.00002C18 4.02945 13.9706 2.09808e-05 9 2.09808e-05C4.02943 2.09808e-05 0 4.02945 0 9.00002C0 13.4922 3.29117 17.2155 7.59375 17.8907V11.6016H5.30859V9.00002H7.59375V7.01721C7.59375 4.76158 8.93739 3.51565 10.9932 3.51565C11.9779 3.51565 13.0078 3.69143 13.0078 3.69143V5.90627H11.8729C10.7549 5.90627 10.4062 6.60003 10.4062 7.31176V9.00002H12.9023L12.5033 11.6016H10.4062V17.8907C14.7088 17.2155 18 13.4922 18 9.00002Z" fill="#1877F2"/>
 <path d="M12.5033 11.6016L12.9024 9.00006H10.4063V7.3118C10.4063 6.60007 10.7549 5.90631 11.873 5.90631H13.0078V3.69147C13.0078 3.69147 11.9779 3.51569 10.9932 3.51569C8.9374 3.51569 7.59376 4.76162 7.59376 7.01725V9.00006H5.30859V11.6016H7.59376V17.8907C8.05197 17.9626 8.52161 18.0001 9.00001 18.0001C9.47842 18.0001 9.94806 17.9626 10.4063 17.8907V11.6016H12.5033Z" fill="white"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
@ -2,13 +2,13 @@
  'use strict'
  async function assertion(options) {
-    let credential;
+    let assertion;
    try {
-      credential = await navigator.credentials.get({ "publicKey": options });
+      assertion = await navigator.credentials.get({ "publicKey": options });
    } 
    // Cancel and timeout can occur besides error
    catch (error) {
-      console.error(`Failed to get WebAuthn credential: ${error}`);
+      console.error(`Error while trying to collect WebAuthn credential. ${error}`);
      throw error;
    }
    // as this is the last call we have to do a top-level request instead of AJAX
@ -16,11 +16,11 @@
    form.method = "POST";
    form.style.display = "none";
    addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", credential.id);
+    addInput(form, "id", assertion.id);
-    addInput(form, "type", credential.type);
+    addInput(form, "type", assertion.type);
-    addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
+    addInput(form, "response.clientDataJSON", base64url.encode(assertion.response.clientDataJSON));
-    addInput(form, "response.authenticatorData", base64url.encode(credential.response.authenticatorData));
+    addInput(form, "response.authenticatorData", base64url.encode(assertion.response.authenticatorData));
-    addInput(form, "response.signature", base64url.encode(credential.response.signature));
+    addInput(form, "response.signature", base64url.encode(assertion.response.signature));
    document.body.appendChild(form);
    form.submit();
  }
@ -28,6 +28,7 @@
  function authenticate() {
    // WebAuthn feature detection
    if(!isWebAuthnSupportedByTheBrowser()) {
      // Trigger `Login Passwordless Fallback` pattern
      cancelFido2();
      return;
    };
@ -50,9 +51,11 @@
        c.id = base64url.decode(c.id);
        return c;
      });
      return assertion(options);
    }).catch((error) => {
-      console.error(`Error during FIDO2 authentication: ${error}`);
+      console.error(`Error at fido2 authentication: ${error}`);
      // Trigger `Login Passwordless Fallback` pattern
      cancelFido2();
    });
  }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
@ -0,0 +1,25 @@
 function submit(result) {
    // we have to do a top-level request instead of AJAX
    const form = document.createElement("form");
    form.method = "POST";
    form.style.display = "none";
    addInput(form, "result", result)
    document.body.appendChild(form);
    form.submit();
 }
 function check() {
  if (isWebAuthnSupportedByTheBrowser()) {
    submit("ok");
  }
  else {
    submit("error");
  }
 }
 window.onload = () => {
  check();
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
@ -31,7 +31,7 @@ async function attestation(options) {
  form.submit();
 }
-function start() {
+function startFido2() {
  if (!isWebAuthnSupportedByTheBrowser()) {
    dispatch("unsupported");
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
@ -1,10 +1,3 @@
 function addInput(form, name, value) {
    const input = document.createElement("input");
    input.name = name;
    input.value = value;
    form.appendChild(input);
 }
 /**
 * Checks whether WebAuthn is supported by the browser or not.
 * @return true if supported, false if it is not supported or not in secure context
@ -23,7 +16,7 @@ function isWebAuthnSupportedByTheBrowser() {
 }
 /**
- * Trigger on cancel pattern of the FIDO2 authentication step.
+ * Trigger on cancel pattern at the FIDO2 authentication flow.
 * 
 * Provides an alternative when the user decides to 
 * cancel the fido2 credential operation(create or fetch) or
@ -34,7 +27,10 @@ function cancelFido2() {
  const form = document.createElement("form");
  form.method = "POST";
  form.style.display = "none";
  addInput(form, "cancel_fido2", "true");
  document.body.appendChild(form);
  form.submit();
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
@ -0,0 +1,9 @@
 <svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M56.2789 49.5761C56.2789 40.4331 48.8671 33.0213 39.7242 33.0213C30.5813 33.0213 23.1694 40.4331 23.1694 49.5761C23.1694 62.2356 32.2583 70.0261 32.2583 70.0261" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M47.8393 49.5763C47.8393 45.0945 44.206 41.4612 39.7242 41.4612C35.2424 41.4612 31.6091 45.0945 31.6091 49.5763C31.6091 62.5604 41.6718 68.7279 48.8131 71.0001" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M64.7191 49.5748C64.7191 35.7707 53.5287 24.5803 39.7247 24.5803C25.9206 24.5803 14.7302 35.7707 14.7302 49.5748C14.7302 55.093 17.0024 60.6113 17.0024 60.6113" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M66.4485 31.0739C60.6836 22.4617 50.8661 16.7914 39.7242 16.7914C28.5824 16.7914 18.7649 22.4617 13 31.0739" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M58.1132 13.5444C52.623 10.6428 46.3652 9 39.724 9C33.0827 9 26.825 10.6428 21.3347 13.5444" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M64.7185 49.2502C64.7185 53.5527 60.9399 57.0407 56.2788 57.0407C51.6177 57.0407 47.8391 53.5527 47.8391 49.2502" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 <path d="M58.8764 63.8706C57.8276 64.075 56.7421 64.1823 55.6304 64.1823C47.1222 64.1823 40.1431 57.8973 39.4558 49.8997" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/forge.bundle.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/forge.bundle.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/google/google.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/google/google.svg
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/apple/black.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/apple/black.svg
@ -1 +0,0 @@
 <svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/facebook/white.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/facebook/white.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/microsoft/microsoft.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/icons/microsoft/microsoft.svg
@ -1 +0,0 @@
 <svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
@ -0,0 +1,3 @@
 <svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M32 18.6667V32M32 45.3333H32.0333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#EFBA00" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/jquery-3.6.0.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/jquery-3.6.0.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
@ -0,0 +1,3 @@
 <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
    <path d="M6.3335 2.99992H3.00016C2.07969 2.99992 1.3335 3.74611 1.3335 4.66659V12.9999C1.3335 13.9204 2.07969 14.6666 3.00016 14.6666H11.3335C12.254 14.6666 13.0002 13.9204 13.0002 12.9999V9.66659M9.66683 1.33325H14.6668M14.6668 1.33325V6.33325M14.6668 1.33325L6.3335 9.66659" stroke="#168CA9" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo_animated.gif
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo_animated.gif
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
@ -0,0 +1,429 @@
 html,
 body {
  height: 100%;
 }
 body {
  font-family: var(--nevis-font-sans-serif);
  font-size: 0.875rem;
  color: var(--nevis-gray-900);
  display: flex;
  align-items: center;
  padding-top: 2.5rem;
  padding-bottom: 2.5rem;
  background-color: #d1d5d6;
 }
 a {
  text-decoration: none;
  color: var(--nevis-primary);
 }
 /* add icon for links to external sites */
 a[rel~="external"]::after {
  content: url("link.svg");
  padding-left: 7px;
  vertical-align: -2px;
 }
 /* Chrome, Safari, Edge, Opera */
 input::-webkit-outer-spin-button,
 input::-webkit-inner-spin-button {
  -webkit-appearance: none;
  margin: 0;
 }
 /* Firefox */
 input[type="number"] {
  -moz-appearance: textfield;
 }
 button:disabled {
  cursor: not-allowed;
  pointer-events: all !important;
 }
 label {
  font-size: 0.75rem;
 }
 span.text-secondary>div {
  display: inline-block;
 }
 /* Screen specific CSS */
 .login-container {
  width: 100%;
  max-width: 22.5rem;
  margin: auto;
  background-color: var(--nevis-gray-100);
  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
  border-radius: 1.25rem;
 }
 .login-container-header {
  padding: 1.25rem;
  display: flex;
  flex-direction: column;
  align-items: center;
 }
 .login-container-minimal-header {
  padding: 1.25rem;
 }
 .login-container-body {
  background: #ffffff;
  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
  border-radius: 1.25rem;
  min-height: 31.25rem;
 }
 .login-container-body-content {
  padding: 2.5rem;
 }
 .login-container-body-content>.input-error~.input-error {
  margin-top: 0;
 }
 .brand-name {
  font-size: 1rem;
  word-wrap: break-word;
 }
 .sub-title {
  font-style: normal;
  font-weight: 400;
  font-size: 1rem;
  line-height: 1.375rem;
  text-align: center;
 }
 .sub-icon {
  font-style: normal;
  font-weight: 400;
  font-size: 1rem;
  margin-top: 1rem;
  text-align: center;
 }
 .horizontal-line {
  display: flex;
  flex-direction: row;
 }
 .horizontal-line:before,
 .horizontal-line:after {
  content: "";
  flex: 1 1;
  border-bottom: 0.0625rem solid var(--nevis-gray-200);
  margin: auto;
 }
 .horizontal-line:before {
  margin-right: 0.625rem;
  margin-left: -2.5rem;
 }
 .horizontal-line:after {
  margin-left: 0.625rem;
  margin-right: -2.5rem;
 }
 .register-spacing {
  margin-top: 2rem;
  margin-bottom: 2.75rem;
 }
 .social-login-buttons {
  display: flex;
  flex-direction: column;
  gap: 0.75rem;
 }
 .social-login-button {
  background: none;
  flex-grow: 1;
  display: flex;
  flex-direction: row;
  justify-content: center;
  align-items: center;
  padding: 0.375rem 1.125rem;
  width: 100%;
  height: 2.5rem;
  border: 0.0625rem solid var(--nevis-gray-200);
  box-sizing: border-box;
  border-radius: 0.625rem;
  gap: 0.625rem;
 }
 .icon-inside {
  position: relative;
 }
 .icon-inside input {
  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
 }
 .icon-inside button {
  position: absolute;
  right: 0;
  top: 0;
  margin-top: 0.3125rem;
  margin-right: 0.75rem;
 }
 .icon-button {
  display: inline-flex;
  justify-content: center;
  align-items: center;
  flex-shrink: 0;
  width: 1.875rem;
  height: 1.875rem;
  padding: 0;
  margin: 0;
  min-width: 0;
  border-radius: 50%;
  box-sizing: border-box;
  box-shadow: none;
  font-size: inherit;
  font-weight: 500;
  cursor: pointer;
  outline: none;
  border: none;
  vertical-align: baseline;
  text-align: center;
  background-color: initial;
 }
 .icon-button:hover {
  background: var(--nevis-gray-200);
 }
 .icon-button:active {
  background: var(--nevis-gray-300);
 }
 .icon-button.nevis-blue-icon:hover {
  background: var(--nevis-blue-icon-hover-bg-color);
 }
 .icon-button.nevis-blue-icon:active {
  background: var(--nevis-blue-icon-active-bg-color);
 }
 .h-icon-button {
  min-height: 1.875rem;
 }
 .max-w-full {
  max-width: 100%;
 }
 .verification-code-wrapper {
  display: flex;
  flex-direction: row;
  align-items: center;
  justify-content: center;
 }
 .verification-code-label {
  font-size: 1.125rem;
  line-height: 1.5rem;
  margin-right: 0.25rem;
 }
 .verification-code-input {
  text-align: center;
  max-width: 8.75rem;
  letter-spacing: 0.5rem;
  text-indent: 0.25rem;
 }
 .hidden-verification-code-submit-button {
  overflow: visible !important;
  height: 0 !important;
  width: 0 !important;
  margin: 0 !important;
  border: 0 !important;
  padding: 0 !important;
  display: block !important;
 }
 .totp-code-wrapper {
  display: flex;
  flex-direction: row;
  align-items: center;
  justify-content: center;
  margin: 2.5rem 0;
 }
 .totp-code-input {
  text-align: left;
  max-width: 8.75rem;
  letter-spacing: 0.5rem;
  text-indent: 0.25rem;
 }
 .hidden {
  display: none !important;
 }
 .success-icon {
  text-align: center !important;
  margin-top: 5.625rem;
  margin-bottom: 11.75rem;
 }
 .btn-selection-item {
  display: flex;
  flex-direction: row;
  align-items: center;
  justify-content: space-between;
  padding: 0.5rem 0rem;
  gap: 0.5rem;
  border: 0.0625rem solid var(--nevis-gray-200);
  border-left-width: 0;
  border-right-width: 0;
 }
 .btn-selection-item+.btn-selection-item {
  border-top-width: 0;
 }
 .btn-selection-item:first-of-type {
  margin-top: 1.5rem;
 }
 .btn-selection-item:last-of-type {
  margin-bottom: 1.5rem;
 }
 .btn-selection-item .selection-label {
  color: var(--nevis-dark) !important;
  font-weight: 500;
  font-size: 0.875rem;
  line-height: 1.25rem;
 }
 .btn-selection-item .selection-description {
  color: var(--nevis-gray-500) !important;
  font-weight: 400;
  font-size: 0.75rem;
  line-height: 1.125rem;
 }
 /* Passwordless */
 /* Access App*/
 .access-app-download-link-mobile-spacing {
  margin-top: 5rem;
  margin-bottom: 5rem;
 }
 /* add rounded border corners around QR code */
 #authcloud_dispatch,
 #authcloud_dispatch>#qr-code-wrapper {
  position: relative;
  display: block;
 }
 #authcloud_dispatch:not(.mobile-platform):before,
 #authcloud_dispatch:not(.mobile-platform):after,
 #authcloud_dispatch>#qr-code-wrapper:before,
 #authcloud_dispatch>#qr-code-wrapper:after {
  position: absolute;
  width: 1.875rem;
  height: 1.875rem;
  border-color: var(--nevis-primary);
  border-style: solid;
  z-index: 1;
  content: " ";
 }
 #authcloud_dispatch:before {
  top: 0.5rem;
  left: 0.5rem;
  border-width: 0.1875rem 0 0 0.1875rem;
  border-top-left-radius: 1rem;
 }
 #authcloud_dispatch:after {
  top: 0.5rem;
  right: 0.5rem;
  border-width: 0.1875rem 0.1875rem 0 0;
  border-top-right-radius: 1rem;
 }
 #authcloud_dispatch>#qr-code-wrapper:before {
  bottom: 0.5rem;
  right: 0.5rem;
  border-width: 0 0.1875rem 0.1875rem 0;
  border-bottom-right-radius: 1rem;
 }
 #authcloud_dispatch>#qr-code-wrapper:after {
  bottom: 0.5rem;
  left: 0.5rem;
  border-width: 0 0 0.1875rem 0.1875rem;
  border-bottom-left-radius: 1rem;
 }
 .recovery-code-input {
  text-align: left;
  letter-spacing: 0.1875rem;
  font-family: monospace;
 }
 .recovery-codes-wrapper {
  height: 9rem;
  text-align: center;
  overflow-y: auto;
  margin-bottom: 1rem;
  /* Firefox */
  scrollbar-color: var(--nevis-gray-300) #ffffff;
  scrollbar-width: thin;
  border: 1px solid lightgray;
  border-radius: 0.5rem;
 }
 .recovery-codes-wrapper::-webkit-scrollbar {
  width: 0.25rem;
 }
 .recovery-codes-wrapper::-webkit-scrollbar-track {
  background: #ffffff;
 }
 .recovery-codes-wrapper::-webkit-scrollbar-thumb {
  background: var(--nevis-gray-300);
  border-radius: 0.125rem;
 }
 .recovery-codes-wrapper::-webkit-scrollbar-thumb:hover {
  background: var(--nevis-gray-400);
 }
 .recovery-code-gray {
  background: var(--nevis-gray-100);
  font-size: 0.875rem;
  line-height: 1.25rem;
  font-family: monospace;
  letter-spacing: 0.1875rem;
 }
 .recovery-code-white {
  background: #ffffff;
  font-size: 0.875rem;
  line-height: 1.25rem;
  font-family: monospace;
  letter-spacing: 0.1875rem;
 }
 button.btn-recovery-code {
  line-height: 0.75rem;
  margin-top: 0.7rem;
  width: 100%;
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
@ -110,13 +110,15 @@
                if (status == 'clientAuthenticating') {
                    // show process icon
                    document.getElementById("mauth_loading").style.display = 'block';
                    // hide QR code and info message
                    document.getElementById("mauth_qrcode").style.display = 'none';
                    document.getElementById("mauth_qrcode_info").style.display = 'none';
                }
                if (status == 'succeeded') {
                    clearInterval(statusPolling);
                    // as this is the last call we have to do a top-level request instead of AJAX
                    const form = createForm();
-                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "fidoUafDone", "true"); // required for custom dispatching in usernameless
                    document.body.appendChild(form);
                    form.submit();
                } else if (status == 'failed' || status == 'unknown') {
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
@ -0,0 +1,7 @@
 <svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
    <path fill="#f3f3f3" d="M0 0h18v18H0z"/>
    <path fill="#f35325" d="M1 1h8v8H1z"/>
    <path fill="#81bc06" d="M10 1h8v8H10z"/>
    <path fill="#05a6f0" d="M1 10h8v8H1z"/>
    <path fill="#ffba08" d="M10 10h8v8H10z"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
@ -1,43 +1,50 @@
-// display oauth scopes listed in input field 'consentInformation'
+document.addEventListener("DOMContentLoaded", function () {
-// change 'consentInformation' and 'scope_name' to the values used in your configuration.
+    const consentInformationFieldName = "consentInformation"; // Input field name
-$(function() {
+    const scopeDescriptionSource = "scope_name"; // JSON key for scope description
    var consentInformationFieldName = "consentInformation"; // name of the input field from which to parse the value as the consent information JSON
    var scopeDescriptionSource = "scope_name";              // key of the field in the consent information JSON of which to get the value as the scope description
    function displayOAuthScopesConsent() {
-        var jsonData = parseJson();
+        const jsonData = parseJson();
        if (jsonData !== undefined) {
-            mapJsonToHtml(jsonData)
+            mapJsonToHtml(jsonData);
        }
    }
    function mapJsonToHtml(jsonData) {
        mapJsonToHtmlScopeList("listOfRequestedScopesWithExistingConsent", jsonData.requestedScopesWithExistingConsent, "Already accepted scopes:");
-        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require a consent:");
+        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require consent:");
    }
    function mapJsonToHtmlScopeList(elementId, scopeInformation, title) {
-        if (scopeInformation !== undefined && Object.keys(scopeInformation).length > 0) {
+        if (scopeInformation && Object.keys(scopeInformation).length > 0) {
-            $("input[name=" + consentInformationFieldName +"]").after("<p style='margin-top: 0.5em'>" + title + "</p><div class='scopeinfobox'><ul id='" + elementId + "' /> </div>");
+            const consentInput = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-            jQuery.each(scopeInformation, function(key,value) {
+            if (consentInput) {
-                var scopeDescription = value[scopeDescriptionSource];
+                const container = document.createElement("div");
-                if (scopeDescription) {
+                container.innerHTML = `<p style='margin-top: 0.5em'>${title}</p><div class='scopeinfobox'><ul id='${elementId}'></ul></div>`;
-                    $("#" + elementId).append('<li>' + scopeDescription + '</li>');
+                consentInput.insertAdjacentElement("afterend", container);
-                } else {
+
-                    $("#" + elementId).append('<li>' + key + '</li>');
+                const ulElement = document.getElementById(elementId);
                for (const key in scopeInformation) {
                    if (scopeInformation.hasOwnProperty(key)) {
                        const scopeDescription = scopeInformation[key][scopeDescriptionSource] || key;
                        const li = document.createElement("li");
                        li.textContent = scopeDescription;
                        ulElement.appendChild(li);
                    }
                }
            }
            });
        }
    }
    function parseJson() {
-        var consentInformationField = $("input[name=" +consentInformationFieldName +"]");
+        const consentInformationField = document.querySelector(`input[name="${consentInformationFieldName}"]`);
-        if (consentInformationField.length > 0) {
+        if (consentInformationField) {
-            return JSON.parse(consentInformationField.val());
+            try {
                return JSON.parse(consentInformationField.value);
            } catch (e) {
                console.error("Invalid JSON in consent information field:", e);
            }
        }
    }
    displayOAuthScopesConsent();
 });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
@ -0,0 +1,44 @@
 (function() {
  'use strict'
  async function submit(assertion) {
    // as this is the last call we have to do a top-level request instead of AJAX
    const form = document.createElement("form");
    form.method = "POST";
    form.style.display = "none";
    addInput(form, "path", "/nevisfido/fido2/assertion/result")
    addInput(form, "id", assertion.id);
    addInput(form, "type", assertion.type);
    console.log("assertion response:", assertion.response);
    addInput(form, "response.clientDataJSON", assertion.response.clientDataJSON);
    addInput(form, "response.authenticatorData", assertion.response.authenticatorData);
    addInput(form, "response.signature", assertion.response.signature);
    addInput(form, "response.userHandle", assertion.response.userHandle);
    document.body.appendChild(form);
    form.submit();
  }
  function authenticate() {
    const hiddenField = document.querySelector("input[name='fido2_attestation_options']");
    if (hiddenField && hiddenField.value) {
        try {
            const options = JSON.parse(hiddenField.value);
            console.log("parsed attestation options:", JSON.stringify(options));
            SimpleWebAuthnBrowser.startAuthentication({ optionsJSON: options, useBrowserAutofill: true })
                .then(assertionResponse => {
                    console.log("Authentication successful:", JSON.stringify(assertionResponse));
                    submit(assertionResponse);
                })
                .catch(error => {
                    console.log(`Passkey autofill skipped: ${error}`);
                });
        } catch (error) {
            console.error("Error parsing fido2_attestation_options:", error);
        }
    } else {
        console.log("Passkey autofill is disabled.");
    }
  }
  authenticate();
 })();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/print.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/print.css
@ -0,0 +1,67 @@
@media print {
   /* general printing rules */
    body {
      margin: 0;
      color: #000000 !important;
      background-color: #ffffff !important;
      font-size: 12pt;
      font-family: georgia, times, serif;
      box-shadow: none !important;
    }
    header, footer, aside, nav, button, h1, h2, h3, h4, h5, h6 {
      display: none;
    }
    main {
      max-width: 100%;
      box-shadow: none !important;
    }
    .printable {
      display: block;
    }
    div:not(.printable) {
      display: none;
    }
    .btn { 
      display: none;
    }
    /* screen specific rules */
    .login-container-body {
      color: #000000 !important;
      background-color: #ffffff !important;
      box-shadow: none !important;
      border-radius: unset;
    }
    .recovery-codes-wrapper {
      overflow: unset !important;
      height: unset !important;
    }
    #recovery-codes::before {
      content: "Recovery Codes";
      font-size: 16pt;
    }
    .recovery-code-white,
    .recovery-code-gray {
      color: #000000 !important;
      background-color: #ffffff !important;
      font-size: 14pt;
      margin-top: 5pt;
    }
    .recovery-code-gray:first-child {
      margin-top: 15pt;
    }
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/saml_idp_logout.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/saml_idp_logout.js
@ -0,0 +1,63 @@
 function handleLogout(sp_urls, final_url) {
    const request_urls = sp_urls.filter(function(current_url) {
        return current_url.indexOf('SAMLRequest') > 0;
    });
    const response_urls = sp_urls.filter(function(current_url) {
        return current_url.indexOf('SAMLResponse') > 0;
    });
    function kill_session() {
        const current_url = window.location.href;
        if (current_url.indexOf('?logout') == -1 && current_url.indexOf('&logout') == -1) {
            console.log("current URL does not terminate the IDP session");
            let logout_url = '';
            if (current_url.indexOf('?') > 0) {
                logout_url = current_url + "&logout";
            } else {
            }
            fetch(logout_url, {
                method: 'GET',
                credentials: 'include'
            }).then(response => {
                if (!response.ok) {
                    console.error('Logout request failed');
                }
            }).catch(error => {
                console.error('Logout request error', error);
            });
        }
    }
    const requests = request_urls.map(current_url => {
        return fetch(current_url, {
            method: 'GET',
            credentials: 'include',
            mode: 'cors'
        }).then(response => {
            if (!response.ok) {
                console.error('Request failed', current_url);
            }
        }).catch(error => {
            console.error('Request error', current_url, error);
        });
    });
    // send out the requests in parallel
    // in any case we then terminate the IDP session and redirect to the correct destination
    // we have to complete the logout no matter if the requests were successful or if there were failed requests
    Promise.allSettled(requests).then(() => {
        kill_session(); // required to terminate IDP session
    }).finally(() => {
        if (response_urls.length == 0) {
            // redirect to root location on the IDP
            console.log('Finish IDP-initiated SAML logout - redirecting to: ' + final_url);
            window.location.href = final_url;
        } else {
            // only 1 such URL allowed. process ends on SP side
            console.log('Finish SP-initiated SAML logout - redirecting to: ' + response_urls[0]);
            window.location.href = response_urls[0];
        }
    })
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/show-password.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/show-password.js
@ -1,11 +0,0 @@
 function toggleInputType(passwordInputId, eyeIconId, resourcePath) {
    const passwordInput = document.getElementById(passwordInputId);
    const eyeIcon = document.getElementById(eyeIconId);
    if (passwordInput.type === 'text') {
        passwordInput.type = 'password';
        eyeIcon.src = resourcePath + '/resources/eye.svg';
        return;
    }
    passwordInput.type = 'text';
    eyeIcon.src = resourcePath + '/resources/eye-off.svg';
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/simplewebauthn-browser@13.1.0.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/simplewebauthn-browser@13.1.0.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success-solid.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success-solid.svg
@ -0,0 +1,3 @@
 <svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
  <path fill-rule="evenodd" clip-rule="evenodd" d="M9.00005 16.2C12.9765 16.2 16.2 12.9764 16.2 8.99999C16.2 5.02354 12.9765 1.79999 9.00005 1.79999C5.0236 1.79999 1.80005 5.02354 1.80005 8.99999C1.80005 12.9764 5.0236 16.2 9.00005 16.2ZM12.3364 7.83638C12.6879 7.48491 12.6879 6.91506 12.3364 6.56359C11.985 6.21212 11.4151 6.21212 11.0636 6.56359L8.10005 9.5272L6.93644 8.36359C6.58497 8.01212 6.01512 8.01212 5.66365 8.36359C5.31218 8.71506 5.31218 9.28491 5.66365 9.63638L7.46365 11.4364C7.81512 11.7879 8.38497 11.7879 8.73644 11.4364L12.3364 7.83638Z" fill="#52CC65"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/success.svg
@ -0,0 +1,3 @@
 <svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
 <path d="M22 32L28.6667 38.6667L42 25.3333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#52CC65" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
 </svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/utils.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/utils.js
@ -0,0 +1,41 @@
 function addInput(form, name, value, type = "text") {
  if (!form) throw new Error("Form element is required");
  const input = document.createElement("input");
  input.name = name;
  input.type = type;
  input.value = value;
  form.appendChild(input);
 }
 function getSubmitButton() {
  const submitButtons = [...document.querySelectorAll('button[name^="submit"]')];
  if (submitButtons.length === 0) {
    return null;
  }
  if (submitButtons.length > 1) {
    throw new Error('There should be exactly 1 button on the screen with a name starting with "submit". Check the AuthState configuration.');
  }
  return submitButtons[0] || null;
 }
 function toggleEye(passwordInputId, eyeIconId, resourcePath) {
  const passwordInput = document.getElementById(passwordInputId);
  const eyeIcon = document.getElementById(eyeIconId);
  if (!passwordInput || !eyeIcon) return;
  const isPassword = passwordInput.type === 'password';
  passwordInput.type = isPassword ? 'text' : 'password';
  // Ensure correct path format
  const normalizedPath = resourcePath.endsWith('/') ? resourcePath.slice(0, -1) : resourcePath;
  eyeIcon.src = `${normalizedPath}/resources/eye${isPassword ? '-off' : ''}.svg`;
 }
 function formatNumberInput(numberInputId) {
  const numberInput = document.getElementById(numberInputId);
  if (!numberInput) return;
  let value = numberInput.value || ''; // Handle potential null/undefined
  value = value.replace(/[-e]/gi, '');
  if (numberInput.maxLength > 0 && value.length > numberInput.maxLength) {
    value = value.slice(0, numberInput.maxLength);
  }
  numberInput.value = value;
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/variables.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/variables.css
@ -0,0 +1,52 @@
 :root {
    /* Default Colors */
    --nevis-blue: #0d6efd;
    --nevis-indigo: #6610f2;
    --nevis-purple: #6f42c1;
    --nevis-pink: #d63384;
    --nevis-red: #F25562;
    --nevis-orange: #fd7e14;
    --nevis-yellow: #EFBA00;
    --nevis-green: #151615;
    --nevis-teal: #20c997;
    --nevis-cyan: #0dcaf0;
    --nevis-blue-100: #E1F5FB;
    --nevis-blue-300: #A6DFED;
    --nevis-blue-400: #75C3D7;
    --nevis-blue-600: #168CA9;
    --nevis-white: #ffffff;
    --nevis-black: #000000;
    --nevis-gray-100: #EDF1F2;
    --nevis-gray-200: #DADFE0;
    --nevis-gray-300: #C2CACC;
    --nevis-gray-400: #A4AFB2;
    --nevis-gray-500: #8A9699;
    --nevis-gray-900: #1F2F33;
    /* Theme */
    --nevis-primary: var(--primary-color);
    --nevis-secondary: var(--nevis-gray-400);
    --nevis-success: var(--nevis-green);
    --nevis-info: var(--nevis-cyan);
    --nevis-warning: var(--nevis-yellow);
    --nevis-danger: var(--nevis-red);
    --nevis-light: var(--nevis-gray-100);
    --nevis-dark: var(--nevis-gray-900);
    /* Font */
    --nevis-font-sans-serif: var(--font-family), system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", "Liberation Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
    /* Common */
    --nevis-border-radius: var(--border-radius);
    --nevis-form-control-border-color: var(--nevis-gray-300);
    --nevis-blue-icon-color: var(--nevis-blue-600);
    --nevis-blue-icon-hover-bg-color: var(--nevis-blue-300);
    --nevis-blue-icon-active-bg-color: var(--nevis-blue-400);
    /* Components */
    /* Readonly field*/
    --nevis-readonly-bg-color: var(--nevis-blue-100);
    --nevis-readonly-border-color: var(--nevis-blue-300);
    --nevis-readonly-box-shadow-color: var(--nevis-blue-600);
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/window-onload.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/window-onload.js
@ -0,0 +1,101 @@
 // this js should run last
 // DOM is ready (stylesheets, images, and subframes may not have been loaded yet)
 window.addEventListener('DOMContentLoaded', () => {
    'use strict'
    handleLogoutButton();
    onSubmitWithEnter();
    onFormSubmit();
 });
 function handleLogoutButton() {
    const logoutButton = document.getElementById("logout-btn");
    if (logoutButton) {
        logoutButton.addEventListener("click", function (event) {
            event.preventDefault();
            event.stopPropagation();
            const url = new URL(window.location.href);
            // Parse raw query string, split into key=value or key-only
            const rawParams = window.location.search.substring(1).split("&").filter(Boolean);
            // Keep only params that are not 'login' or 'logout'
            const remainingParams = rawParams.filter(p => {
                const key = p.split("=")[0];
                return key !== "login" && key !== "logout";
            });
            // Add 'logout' first
            const finalParams = ["logout", ...remainingParams];
            const newQuery = finalParams.length ? `?${finalParams.join("&")}` : "";
            // Redirect
            window.location.href = url.origin + url.pathname + newQuery;
        });
    }
 }
 /**
 * Trigger to submit the button with name 'submit' and prevent other buttons to submission on 'Enter' keypress
 */
 function onSubmitWithEnter() {
    'use strict'
    document.addEventListener('keypress', function (event) {
        if (event.key === 'Enter') {
            if (['TEXTAREA', 'INPUT'].includes(event.target.tagName) && event.target.type !== 'submit') {
                return; // allow pressing Enter inside text fields
            }
            event.preventDefault();
            event.stopPropagation();
            const submitButton = getSubmitButton();
            if (submitButton !== null) {
                submitButton.click();
            }
        }
    });
 }
 /*
 * Setup form submit event handler for form with a required input.
 * Manages the submission in case triggered by:
 *   - non-genuine submit button: clear invalid required inputs and proceed the submission
 *   - real submit button: if there is an invalid field prevent submission and trigger validation class addition
 */
 function onFormSubmit() {
    'use strict';
    const form = document.querySelector('form');
    if (!form) return;
    form.addEventListener('submit', function onSubmit(event) {
        const submitter = event.submitter || event.target;
        // Check form validity once at the beginning
        const isValid = form.checkValidity();
        if (!submitter || !submitter.name.startsWith('submit')) {
            // Clear invalid required inputs before submit
            if (!isValid) {
                document.querySelectorAll('input[required]:invalid').forEach(input => {
                    if (input.value.length) {
                        input.value = '';
                    }
                });
            }
            return event;
        }
        if (!isValid) {
            console.log('Form is invalid');
            event.preventDefault();
            event.stopPropagation();
        }
        form.classList.add('was-validated'); // Add validation styling
    }, false);
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/bundle.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/bundle.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/ask_mobile.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/ask_mobile.js
@ -1,16 +1,15 @@
 class ProvidePhoneNumber {
-	modal;
+	repeatModal;
 	declineModal;
 	providePhoneNumberLaterButton;
 	phoneNumberInput;
 	agovInputPhoneNumberInput;
 	repeatPhoneNumberInput;
 	agovInputRepeatPhoneNumberInput;
 	lastOpenedModal;
 	constructor() {
-		this.modal = document.querySelector('#modal');
+		this.repeatModal = document.querySelector('#repeatModal');
 		this.declineModal = document.querySelector('#declineModal');
 		this.providePhoneNumberLaterButton = document.querySelector('#providePhoneNumberLaterButton');
 		this.phoneNumberInput = document.querySelector('#phoneNumberInput');
 		this.agovInputPhoneNumberInput = document.querySelector('#agovInputPhoneNumberInput');
 		this.agovInputRepeatPhoneNumberInput = document.querySelector('#agovInputRepeatPhoneNumberInput');
@ -20,20 +19,6 @@ class ProvidePhoneNumber {
 		this.addPhoneInputEventHandlers(this.phoneNumberInput);
 		this.addPhoneInputEventHandlers(this.repeatPhoneNumberInput);
 		document.querySelector('#declineModalBack').addEventListener('click', () => {
 			this.resetValidation(this.agovInputPhoneNumberInput);
 			this.setInvisible(this.declineModal);
 		});
 		document.querySelector('#repeatPhoneNumberModalBack').addEventListener('click', () => {
 			this.initializePhoneInput(this.phoneNumberInput);
 			this.setInvisible(this.modal);
 		});
 		document.querySelector('#repeatPhoneNumberModalContinue').addEventListener('click', () => {
 			if (this.validateInput(this.agovInputRepeatPhoneNumberInput)) {
 				this.evaluatePhoneNumbersAndSubmit();
 				this.initializePhoneInput(this.phoneNumberInput);
 			}
 		});
 		document.querySelector('#providePhoneNumberContinueButton').addEventListener('click', () => {
 			const dialCode = `+${window.phoneNumberUtils.getDialCode()}`;
 			if (this.validateInput(this.agovInputPhoneNumberInput)) {
@ -41,15 +26,37 @@ class ProvidePhoneNumber {
 				this.initializePhoneInput(this.repeatPhoneNumberInput);
 				this.resetValidation(this.agovInputRepeatPhoneNumberInput);
 				this.showErrorBanner(false);
-				this.setVisible(this.modal);
+				this.lastOpenedModal = 'repeatModal';
 				window.utils.openModal(this.repeatModal);
 			}
 			else if (this.phoneNumberInput.value.trim() === '' ||
 				this.phoneNumberInput.value.trim() === dialCode) {
-				this.setVisible(this.declineModal);
+				window.utils.openModal(this.declineModal);
 			}
 		});
 	}
 	onCloseOpenModal() {
 		if (this.lastOpenedModal === 'declineModal') {
 			window.providePhoneNumber.onCloseDeclineModal();
 		}
 		else {
 			window.providePhoneNumber.onRepeatModalCancel();
 		}
 	}
 	onRepeatModalSubmit() {
 		if (this.validateInput(this.agovInputRepeatPhoneNumberInput)) {
 			this.evaluatePhoneNumbersAndSubmit();
 			this.initializePhoneInput(this.phoneNumberInput);
 		}
 	}
 	onRepeatModalCancel() {
 		this.initializePhoneInput(this.phoneNumberInput);
 		window.utils.closeModal(this.repeatModal);
 	}
 	addPhoneInputEventHandlers(phoneInputElement) {
 		phoneInputElement.addEventListener('input', () => {
 			this.formatAndEmitPhoneNumberValue(phoneInputElement);
@ -97,19 +104,6 @@ class ProvidePhoneNumber {
 		return true;
 	}
 	setInvisible(modalElement) {
 		window.utils.changeDisplay(modalElement, 'hidden', 'block');
 	}
 	setVisible(modalElement) {
 		window.utils.changeDisplay(modalElement, 'block', 'hidden');
 		const isMobile = !!/(iPhone|Android)/.test(window.navigator.userAgent);
 		if (isMobile) {
 			modalElement.classList.add('mobileDrawer');
 			document.dispatchEvent(new Event('initDrawerPopup'));
 		}
 	}
 	arePhoneNumbersEqual() {
 		const phoneNumber = this.phoneNumberInput.value.trim();
 		const repeatedPhoneNumber = this.repeatPhoneNumberInput.value.trim();
@ -118,7 +112,7 @@ class ProvidePhoneNumber {
 	evaluatePhoneNumbersAndSubmit() {
 		if (this.arePhoneNumbersEqual()) {
-			document.querySelector('#mobile').value = this.repeatPhoneNumberInput.value.trim().replaceAll(' ', '');
+			document.querySelector('#mobile').value = window.phoneNumberUtils.formatDefault(this.repeatPhoneNumberInput.value);
 			// Some other 'click' listeners from gsap (used in drawer.js) seem to interfere with the trigger click on
 			// submitPhoneNumber button. It happens only on mobile devices, where the drawer is used. setTimeout seems to help
 			// to avoid the issue (although it is just a workaround).
@ -127,7 +121,7 @@ class ProvidePhoneNumber {
 			}, 100);
 		}
 		else {
-			this.setInvisible(this.modal);
+			window.utils.closeModal(this.repeatModal);
 			this.showErrorBanner(true);
 		}
 	}
@ -141,9 +135,44 @@ class ProvidePhoneNumber {
 			window.utils.changeDisplay(errorBanner, 'hidden', 'block');
 		}
 	}
 	onCloseDeclineModal() {
 		this.resetValidation(this.agovInputPhoneNumberInput);
 		window.utils.closeModal(this.declineModal);
 	}
 	onSubmitDeclineModal() {
 		setTimeout(() => {
 			document.querySelector('#continueWithoutPhoneNumberButton').click();
 		});
 	}
 }
 document.addEventListener('DOMContentLoaded', () => {
 	document.dispatchEvent(new Event('initPhoneNumberUtils'));
 	window.providePhoneNumber = new ProvidePhoneNumber();
 	document.addEventListener('declineModalCancelEvent', () => {
 		window.providePhoneNumber.onCloseDeclineModal();
 	});
 	document.addEventListener('declineModalSubmitEvent', () => {
 		window.providePhoneNumber.onSubmitDeclineModal();
 	});
 	document.addEventListener('repeatModalCancelEvent', () => {
 		window.providePhoneNumber.onRepeatModalCancel();
 	});
 	document.addEventListener('repeatModalSubmitEvent', () => {
 		window.providePhoneNumber.onRepeatModalSubmit();
 	});
 	document.addEventListener('closeDrawerPopup', () => {
 		window.providePhoneNumber.onCloseOpenModal();
 	});
 	document.addEventListener('keyup', (e) => {
 		if (e.key === 'Escape') {
 			window.providePhoneNumber.onCloseOpenModal();
 		}
 	});
 });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/loginMask.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/js-code/loginMask.js
@ -1,3 +1,25 @@
 const mainContent = document.querySelector('#mainContent');
 const mobileLoginContainer = document.querySelector('#mobileLoginContainer');
 const mobileSecurityKeyModal = mobileLoginContainer.querySelector('#securityKeyModal');
 const mobileAccessAppModal = mobileLoginContainer.querySelector('#accessAppModal');
 const desktopTitle = document.querySelector('#desktopTitle');
 const mobileSubtitle = document.querySelector('#mobileSubtitle');
 const cannotLoginSubtitle = document.querySelector('#cannotLoginSubtitle');
 const cannotLoginSubtitleDrawer = document.querySelector('#cannotLoginSubtitleDrawer');
 const accessAppModal = document.querySelector('#accessAppModal');
 const securityKeyModal = document.querySelector('#securityKeyModal');
 const accessAppBtn = document.querySelector('#accessAppLoginBtn');
 const securityKeyBtn = document.querySelector('#securityKeyLoginBtn');
 const labelsToChangeBasedOnSelectedMethod = [
 	desktopTitle,
 	mobileSubtitle,
 	cannotLoginSubtitle,
 	cannotLoginSubtitleDrawer
 ];
 function setValueToSecurityKeyOrAccessAppLabel(element, selectedMethod) {
 	element.textContent = (selectedMethod === 'securityKey'
 		? element.dataset.securitykeylabel
@ -25,6 +47,16 @@ function showAccessAppModal() {
 	changeDisplay(mobileSecurityKeyModal, 'hidden', 'flex');
 }
 function hideSecurityKeyAndShowAccessAppBtn() {
 	changeDisplay(accessAppBtn, 'block', 'hidden');
 	changeDisplay(securityKeyBtn, 'hidden', 'block');
 }
 function hideAccessAppAndShowSecurityKeyBtn() {
 	changeDisplay(securityKeyBtn, 'block', 'hidden');
 	changeDisplay(accessAppBtn, 'hidden', 'block');
 }
 function changeLabelsBasedOnSelectedMethod(selectedMethod) {
 	labelsToChangeBasedOnSelectedMethod.forEach(label => {
 		if (label) {
@ -33,33 +65,14 @@ function changeLabelsBasedOnSelectedMethod(selectedMethod) {
 	});
 }
 const mainContent = document.querySelector('#mainContent');
 const mobileLoginContainer = document.querySelector('#mobileLoginContainer');
 const mobileSecurityKeyModal = mobileLoginContainer.querySelector('#securityKeyModal');
 const mobileAccessAppModal = mobileLoginContainer.querySelector('#accessAppModal');
 const desktopTitle = document.querySelector('#desktopTitle');
 const mobileSubtitle = document.querySelector('#mobileSubtitle');
 const cannotLoginSubtitle = document.querySelector('#cannotLoginSubtitle');
 const cannotLoginSubtitleDrawer = document.querySelector('#cannotLoginSubtitleDrawer');
 const accessAppModal = document.querySelector('#accessAppModal');
 const securityKeyModal = document.querySelector('#securityKeyModal');
 const accessAppBtn = document.querySelector('#accessAppLoginBtn');
 const securityKeyBtn = document.querySelector('#securityKeyLoginBtn');
 const labelsToChangeBasedOnSelectedMethod = [
 	desktopTitle,
 	mobileSubtitle,
 	cannotLoginSubtitle,
 	cannotLoginSubtitleDrawer
 ];
 document.addEventListener('showAccessAppLogin', () => {
 	showAccessAppModal();
 	hideAccessAppAndShowSecurityKeyBtn();
 	changeLabelsBasedOnSelectedMethod('accessApp');
 });
 document.addEventListener('showSecurityKeyLogin', () => {
 	showSecurityKeyModal();
 	hideSecurityKeyAndShowAccessAppBtn();
 	changeLabelsBasedOnSelectedMethod('securityKey');
 });
@ -78,14 +91,12 @@ else {
 securityKeyBtn.addEventListener('click', () => {
 	showSecurityKeyModal();
-	changeDisplay(accessAppBtn, 'block', 'hidden');
+	hideSecurityKeyAndShowAccessAppBtn();
 	changeDisplay(securityKeyBtn, 'hidden', 'block');
 	changeLabelsBasedOnSelectedMethod('securityKey');
 });
 accessAppBtn.addEventListener('click', () => {
 	showAccessAppModal();
-	changeDisplay(securityKeyBtn, 'block', 'hidden');
+	hideAccessAppAndShowSecurityKeyBtn();
 	changeDisplay(accessAppBtn, 'hidden', 'block');
 	changeLabelsBasedOnSelectedMethod('accessApp');
 });
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/tailwind.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/static/tailwind.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/Loggedout.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/Loggedout.vm
@ -77,7 +77,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p data-test="agovVersionNumber">1.11.0.local-20250704T042155Z-haburger: Fri Jul  4 06:28:02 CEST 2025</p>
+		<p data-test="footer.info.right">1.12.0.0.3113-20250818T085306Z</p>
 	</footer>
 </body>
 <script src="${login.appDataPath}/static/bundle.js"></script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/accessAppLogin.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/accessAppLogin.vm
@ -1,56 +1,25 @@
-<div id="accessAppModal" class="h-full hidden sm:min-h-[297px]">
+<div id="accessAppModal"
-	<div id="desktopBannerContainer" class="desktopBanner mb-4 hidden" aria-live="assertive">
+	 class="h-full hidden sm:min-h-[297px]">
-		<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
+	<agov-banner class="hidden mb-4"
-			<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
+				 id="desktopBanner"
-			<p class="font-body text-body-l text-space-blue dark:text-white">
+				 aria-live="assertive"
-				$text.get("mauth_usernameless.banner.info")
+				 data-info-description="$text.get("mauth_usernameless.banner.info")"
-			</p>
+				 data-success-description="$text.get("mauth_usernameless.banner.success")"
-		</div>
+				 data-error-description="$text.get("mauth_usernameless.banner.error")">
-
+	</agov-banner>
 		<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background items-center p-4">
 			<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
 			<div>
 				<p class="font-body text-body-l text-space-blue dark:text-white">
 					$text.get("mauth_usernameless.banner.success")
 				</p>
 			</div>
 		</div>
 		<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
 			<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
 			<p class="font-body text-body-l text-space-blue dark:text-white">
 				$text.get("mauth_usernameless.banner.error")
 			</p>
 		</div>
 	</div>
 	<div class="relative flex flex-col gap-4 h-full">
-		<div id="blurBackdrop" class="hidden absolute backdrop-blur-sm -top-1 -bottom-8 -left-4 -right-4 z-10"></div>
+		<div id="blurBackdrop"
-		<div id="mobileBannerContainer" class="mobileBanner relative z-20 mb-4 hidden" aria-live="assertive">
+			 class="hidden absolute backdrop-blur-sm -top-1 -bottom-8 -left-4 -right-4 z-10">
 			<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
 				<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
 				<p class="font-body text-body-l text-space-blue dark:text-white">
 					$text.get("mauth_usernameless.banner.info")
 				</p>
 			</div>
 			<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background items-center p-4">
 				<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
 				<div>
 					<p class="font-body text-body-l text-space-blue dark:text-white">
 						$text.get("mauth_usernameless.banner.success")
 					</p>
 				</div>
 			</div>
 			<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
 				<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
 				<p class="font-body text-body-l text-space-blue dark:text-white">
 					$text.get("mauth_usernameless.banner.error")
 				</p>
 			</div>
 		</div>
 		<agov-banner class="hidden z-20 mb-4 relative"
 					 id="accessAppMobileBanner"
 					 aria-live="assertive"
 					 data-info-description="$text.get("mauth_usernameless.banner.info")"
 					 data-success-description="$text.get("mauth_usernameless.banner.success")"
 					 data-error-description="$text.get("mauth_usernameless.banner.error")">
 		</agov-banner>
 		<div id="agovLoginImageMobile"
-			 class="hidden max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
+			 class="sm:hidden block max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
 			<img alt=""
 				 src="${login.appDataPath}/static/images/accessApp.svg"
 				 class="block dark:hidden w-[96px] h-[96px]">
@ -59,10 +28,27 @@
 				 src="${login.appDataPath}/static/images/accessApp_dark.svg"
 				 class="hidden dark:block w-[96px] h-[96px]">
 		</div>
-		<div id="QRCodeHolder">
+		<div id="QRCodeHolder" class="hidden sm:block">
 			<div class="relative">
-				<canvas tabindex="0" role="img" aria-labelledby="labelQRCodeInstructions" id="mauth_qrcode"
+				<canvas
-						class="mb-6 mx-auto"></canvas>
+						role="img"
 						aria-describedby="labelQRCodeInstructions"
 						id="mauth_qrcode"
 						class="mb-6 mx-auto">
 				</canvas>
 				<button id="showModalButton"
 						aria-label="$text.get("qrCode.label")"
 						class="absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2
 					 w-[166px] h-[166px]
 					 hover:bg-indigo/5 hover:rounded-[8px]
 					 active:bg-indigo/10
 					 focus-visible:bg-indigo/10 focus:rounded-[8px] focus-visible:outline-offset-2
 					 focus-visible:before:border focus-visible:before:border-indigo
 					 focus-visible:before:absolute
 					 focus-visible:before:-inset-3px focus-visible:before:rounded-[8px]
 					 dark:focus-visible:before:border-lilac dark:focus-visible:outline-offset-2
 					 focus:outline-none">
 				</button>
 				<div class="hidden" id="QRcodeHiddenLink"></div>
 				<span id="spinner" class="hidden absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2 z-20">
 					<img src="${login.appDataPath}/static/images/spinner.svg"
@ -91,11 +77,15 @@
 				</p>
 			</div>
 		</div>
-		<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget"
+		<form class="w-full sm:static mt-auto"
 			  id="$gui.name"
 			  name="$gui.name"
 			  method="POST"
 			  target="_self"
 			  action="$formTarget"
 			  autocomplete="off"
-			  accept-charset="UTF-8" class="w-full sm:static mt-auto">
+			  accept-charset="UTF-8">
-
+			<div id="mobileButtons" class="sm:hidden w-full">
 			<div id="mobileButtons" class="hidden w-full">
 				<div class="flex flex-col">
 					<a id="accessAppLink" href="">
 						<agov-button
@ -120,7 +110,6 @@
 							data-type="button"
 							data-fullwidth="true">
 					</agov-button>
 					<agov-button
 							id="hideQR"
 							class="hidden basis-full"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/ask_mobile_number.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/ask_mobile_number.vm
@ -12,13 +12,10 @@
                </h3>
            </div>
            <div class="flex flex-col gap-8">
-                <div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 hidden"
+				<agov-banner class="hidden error"
-                     id="errorBanner">
+							 id="errorBanner"
-                    <i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+							 data-error-description="$text.get("providePhoneNumber.errorBanner")">
-                    <p class="font-body text-body-l text-space-blue dark:text-white">
+				</agov-banner>
 						$text.get("providePhoneNumber.errorBanner")
                    </p>
                </div>
                <div class="flex flex-col gap-4">
                    <p class="font-body text-body-l text-space-blue dark:text-white">
 						$text.get("providePhoneNumber.description")
@ -39,12 +36,9 @@
                </div>
            </div>
            <div class="flex flex-col gap-4">
-                <div class="info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4">
+				<agov-banner class="info"
-                    <i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
+							 data-info-description="$text.get("providePhoneNumber.banner")">
-                    <p class="font-body text-body-l text-space-blue dark:text-white">
+				</agov-banner>
 						$text.get("providePhoneNumber.banner")
                    </p>
                </div>
                <div class="w-full sm:static mt-auto">
                    <div class="flex flex-col-reverse sm:flex-row gap-4">
                        <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
@ -80,25 +74,14 @@
    </div>
 </div>
-<div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+<agov-modal class="hidden"
-    <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
+			id="repeatModal"
-    <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+			data-title="$text.get("providePhoneNumber.modal.title")"
-    <div id="drawer"
+			data-description="$text.get("providePhoneNumber.modal.description")"
-         class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
+			data-cancel-button-label="$text.get("general.back")"
-
+			data-submit-button-label="$text.get("general.continue")"
-        <div id="modalTab" class="mb-6 cursor-pointer hidden">
+			data-submit-button-event-name="repeatModalSubmitEvent"
-            <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
+			data-cancel-button-event-name="repeatModalCancelEvent">
        </div>
        <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
 			$text.get("providePhoneNumber.modal.title")
        </h4>
        <div class="flex flex-col gap-[72px]">
            <div class="flex flex-col gap-8">
                <div id="modalDescription">
                    <p class="font-body text-body-l text-space-blue dark:text-white">
 						$text.get("providePhoneNumber.modal.description")
                    </p>
                </div>
 	<agov-input
 			id="agovInputRepeatPhoneNumberInput"
 			data-label="$text.get("providePhoneNumber.modal.inputLabel")"
@ -112,68 +95,39 @@
 			data-email_invalid="$text.get("general.wrongPhoneNumber")"
 			data-email_required="$text.get("general.fieldRequired")">
 	</agov-input>
-                <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+</agov-modal>
-                      accept-charset="UTF-8"
+<form class="hidden"
-                      class="hidden flex flex-col flex-auto block">
+	  id="$gui.name"
-                    <agov-input
+	  name="$gui.name"
-                            id="agovInputMobile"
+	  method="POST"
-                            data-label="$text.get("providePhoneNumber.modal.inputLabel")"
+	  target="_self"
 	  action="$formTarget"
 	  autocomplete="off"
 	  accept-charset="UTF-8">
 	<agov-input data-label="$text.get("providePhoneNumber.modal.inputLabel")"
 				data-id="mobile"
 				data-name="mobile"
 				data-placeholder=""
 				data-value=""
-                            data-type="tel"
+				data-type="tel">
                            data-autofocus="true">
 	</agov-input>
-                    <agov-button
+	<agov-button data-name="submit"
                            class="basis-full"
                            data-name="submit"
 				 data-id="submitPhoneNumber"
 				 data-value="submit"
 				 data-type="submit"
-                            data-label="$text.get("general.continue")"
+				 data-label="$text.get("general.continue")">
                            data-fullwidth="true">
 	</agov-button>
 	<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
 </form>
            </div>
            <div class="w-full sm:static mt-auto">
                <div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
                    <agov-button
                            class="block"
                            id="repeatPhoneNumberModalBack"
                            data-style="secondary"
                            data-label="$text.get("general.back")"
                            data-type="button"
                            data-fullwidth="true">
                    </agov-button>
                    <agov-button
                            class="block"
                            id="repeatPhoneNumberModalContinue"
                            data-style="primary"
                            data-label="$text.get("general.continue")"
                            data-type="button"
                            data-fullwidth="true">
                    </agov-button>
                </div>
            </div>
        </div>
    </div>
 </div>
-<div id="declineModal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+<agov-modal class="hidden"
-    <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
+			id="declineModal"
-    <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+			data-title="$text.get("providePhoneNumber.laterModal.title")"
-    <div id="drawer"
+			data-cancel-button-label="$text.get("general.back")"
-         class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
+			data-submit-button-label="$text.get("general.continue")"
-        <div id="modalTab" class="mb-6 cursor-pointer hidden">
+			data-submit-button-event-name="declineModalSubmitEvent"
-            <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
+			data-cancel-button-event-name="declineModalCancelEvent">
-        </div>
+	<div class="flex flex-col gap-4" id="modalDescriptionExtra">
        <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
 			$text.get("providePhoneNumber.laterModal.title")
        </h4>
        <div class="flex flex-col gap-[72px]">
            <div class="flex flex-col gap-4" id="modalDescription">
 		<p class="font-body text-body-l text-space-blue dark:text-white">
 			$text.get("providePhoneNumber.laterModal.description1")
 		</p>
@ -184,20 +138,18 @@
 			$text.get("providePhoneNumber.laterModal.description3")
 		</p>
 	</div>
-            <div class="w-full sm:static mt-auto sm:justify-items-end">
+</agov-modal>
-                <div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
+<form class="hidden"
-                    <agov-button
+	  id="$gui.name"
-                            id="declineModalBack"
+	  name="$gui.name"
-                            data-style="secondary"
+	  method="POST"
-                            data-label="$text.get("general.back")"
+	  target="_self"
-                            data-type="button"
+	  action="$formTarget"
-                            data-fullwidth="true">
+	  autocomplete="off"
-                    </agov-button>
+	  accept-charset="UTF-8">
                    <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
                          accept-charset="UTF-8"
                          class="flex flex-col flex-auto block">
 	<agov-button
 			data-name="submit"
 			data-id="continueWithoutPhoneNumberButton"
 			data-value="submit"
 			data-label="$text.get("general.continue")"
 			data-type="submit"
@ -206,11 +158,6 @@
 	<input class="hidden" name="skip" value="persistent">
 	<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
 </form>
                </div>
            </div>
        </div>
    </div>
 </div>
 <script src="${login.appDataPath}/static/js-code/ask_mobile.js">
 </script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/default.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/default.vm
@ -1,3 +1,5 @@
 ## modern login template
 #set($jsValidation = 1) ## enable JS validation, client-side
 #set($useFormEncryption = $gui.encryption && ($gui.encryption.length() > 0))
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/footer.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/footer.vm
@ -3,7 +3,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p data-test="agovVersionNumber">1.11.0.local-20250704T042155Z-haburger: Fri Jul  4 06:28:02 CEST 2025</p>
+		<p data-test="footer.info.right">1.12.0.0.3113-20250818T085306Z</p>
 	</footer>
 	<script src="${login.appDataPath}/static/bundle.js"></script>
 </body>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/form.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/form.vm
@ -4,62 +4,56 @@
 #end
 #set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
 <form id="$gui.name" name="$gui.name" method="POST" action="$formTarget" novalidate>
-#if ($useFormEncryption)
+  ## "Hidden" button which is triggered when clicking on a received SMS notification on a mobile phone to paste it automatically. Otherwise, the first submit button found (back arrow) is clicked.
-    <div id="e2eeSplashScreen" style="display:none;">
+  <button class="hidden-verification-code-submit-button" type="submit" value="true" tabindex="-1"></button>
-        <h2 class="logintitle text-center">$gui.label</h2>
+
-        <div class="field info" id="info">$text.get("e2ee.splashscreen.msg")</div>
+  ## Common header with logo above the content.
  #if (!$minimalHeader)
    <div class="login-container-header">
      #renderHeader($gui)
      <img class="mb-1 max-w-full" src="${login.appDataPath}/resources/logo.png?v=1b26ec26" alt="Company Logo">
      <span class="brand-name">$text.get("title")</span>
    </div>
  #end
-<div id="loginform">
+  <div class="login-container-body printable">
    #set($topPaddingModifier = '')
-    <form id="$gui.name" name="$gui.name"
+    ## Setting cancel button and language selection dropdown as part of the body, as minimal header.
-    #if ($useFormEncryption) onsubmit="new e2eenc().encryptForm('$gui.encryption','$gui.name')" #end
+    #if ($minimalHeader)
-    method="POST" target="_self" action="$formTarget" autocomplete="off" accept-charset="UTF-8" class="form-horizontal">
+      #set($topPaddingModifier = 'pt-0') ## Removing padding from top of content.
      <div class="login-container-minimal-header">
        #renderHeader($gui)
      </div>
    #end
-		<h1 class="logintitle text-center">$gui.label</h1>
+    <div class="login-container-body-content printable $topPaddingModifier form-group">
-        #set ($tabindex = 0)
+      #renderTitle($gui)
        #set ($policyFailureOpen = false)
 	    #set ($policyInfoOpen = false)
-	    #foreach ($guiElem in $gui.getGuiElems())
+      ## this block applies for usernameless mobile authentication
-	        #set ($tabindex = $tabindex+1)
+      #if ($gui.name == "mauth_usernameless")
-            #if ($guiElem.name.startsWith("policyInfo") && $guiElem.label && $guiElem.label.length() > 0)
+        <center id="mauth_started" style="display: none">
-                #if (!$policyInfoOpen)
+            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
-                    <div class="form-group">
+            <br><br>
-                        <div class="col-sm-offset-3 col-sm-6">
+              <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
-                    #set ($policyInfoOpen = true)
+              <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
-                #end
+              </canvas>
-                <span class="help-block small" id="$guiElem.name">$guiElem.label</span>
+              <div id="mauth_link_parent" class="form-group" style="display: none">
-            #elseif ($guiElem.name.startsWith("policyFailure") && $guiElem.label && $guiElem.label.length() > 0)
+                  <a href="" id="mauth_link">$text.get("mobile_auth.link")</a>
                #if (!$policyFailureOpen)
                    <div class="form-group has-error">
                        <div class="col-sm-offset-3 col-sm-6">
                    #set ($policyFailureOpen = true)
                #end
                <span class="help-block small" id="$guiElem.name">$guiElem.label</span>
            #else
                #if (!$guiElem.name.startsWith("policyInfo") && $policyInfoOpen) ## close
              </div>
-                    </div>
+        </center>
                    #set ($policyInfoOpen = false)
                #end
                #if (!$guiElem.name.startsWith("policyFailure") && $policyFailureOpen) ## close
                        </div>
                    </div>
                    #set ($policyFailureOpen = false)
                #end
                #renderFormField($guiElem, $gui, $tabindex)
            #end
      #end
      #renderGeneric($gui)
      ## this block applies when Channel is set to Push / Link
      #if ($gui.name == "mauth_link_qr" || $gui.name == "mauth_onboard")
        <!-- shown after dispatching -->
        <center id="mauth_started">
-	            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
+            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
            <br><br>
            <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
            <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
@ -77,7 +71,7 @@
        </ul>
        <!-- shown after selecting the device -->
        <center id="mauth_started" style="display: none">
-                <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
+            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg?v=1af10281"/>
            <p id="mauth_match_numbers" style="font-size: 64px; display: none;"></p>
            <p id="mauth_qrcode_info">$text.get("mobile_auth.push-or-scan")</p>
            <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
@ -85,43 +79,13 @@
        </center>
      #end
-        ## this block applies for usernameless mobile authentication
+      #renderSocialLoginButtons($gui)
        #if ($gui.name == "mauth_usernameless")
 	        <center id="mauth_started" style="display: none">
 	            <img id="mauth_loading" style="width: 60px; height: 60px; display: none;" src="${login.appDataPath}/resources/loading.svg"/>
 	            <br><br>
                <p id="mauth_qrcode_info">$text.get("mobile_auth.scan")</p>
                <canvas id="mauth_qrcode" style="width: 256px; height: 256px;">
                </canvas>
                <div id="mauth_link_parent" class="form-group" style="display: none">
                    <a href="" id="mauth_link">$text.get("mobile_auth.link")</a>
                </div>
 	        </center>
        #end
        #if ($useFormEncryption)
            <input type="hidden" name="e2eenc.fields" value="not-set">
            <input type="hidden" name="e2eenc.iv" value="not-set">
            <input type="hidden" name="e2eenc.encapsulation" value="not-set">
        #end
        #renderFormControls($gui)
      #renderFormLinks($gui)
    </div>
  </div>
 </form>
    <!-- position input focus into first element of form -->
    <script type="text/javascript">
        const form = document.forms['$gui.name'];
        if (form) {
          const input = form.elements[0];
          if (input) {
            input.focus();
          }
        }
    </script>
 ## if only form, then we include javascript here (end of body)
 #if ($isFormRequest)
  #parse("${templatePath}/js_end.vm")
 #end
 </div>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/generic_auth_error.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/generic_auth_error.vm
@ -36,3 +36,4 @@
 	</div>
 </div>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/html.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/html.vm
@ -2,14 +2,26 @@
 <html lang="${utils.escapeHtml($login.localeCode)}">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>$text.get('title')</title>
-		<meta charset="utf-8">
+    <link href="${login.appDataPath}/resources/variables.css?v=475bfae4" rel="stylesheet">
-		<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+    <link href="${login.appDataPath}/resources/bootstrap.min.css?v=3f1c72e8" rel="stylesheet">
    <link href="${login.appDataPath}/resources/customized-bootstrap.css?v=cd0eaec2" rel="stylesheet">
    <link href="${login.appDataPath}/resources/main.css?v=e8e5f18f" rel="stylesheet">
    <link href="${login.appDataPath}/resources/print.css?v=8df37d2d" rel="stylesheet" media="print">
-        <link href="${login.appDataPath}/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+    <style>
-        <link href="${login.appDataPath}/resources/bootstrap-theme.min.css" rel="stylesheet" type="text/css" media="all">
+      :root {
-        <link href="${login.appDataPath}/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        /* Configurable CSS custom properties START */
        --primary-color: #168CA9;
        --border-radius: 0.5rem;
        --font-family: Roboto;
        /* Configurable CSS custom properties END*/
      }
    </style>
    <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
@ -17,16 +29,19 @@
  </head>
  <body>
-	    #parse("${templatePath}/lang.vm")
+    ## show header without brand logo and name for some GUIs
    #if ($gui.name == "authcloud_onboard")
      #set ($minimalHeader = true)
    #end
-        #parse("${templatePath}/header.vm")
+    #set($loginContainerDisplay = 'd-block') ## Default display behavior
-
+    #if ($loginContainerHidden)
-		<main id="content" class="container">
+      #set($loginContainerDisplay = 'd-none') ## Display none
    #end
    <main class="login-container $loginContainerDisplay">
      #parse("${templatePath}/form.vm")
    </main>
        #parse("${templatePath}/footer.vm")
    #parse("${templatePath}/js_end.vm")
  </body>
 </html>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_end.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_end.vm
@ -1,49 +1,37 @@
-<script src="${login.appDataPath}/resources/dropdown.js"></script>
+<script src="${login.appDataPath}/resources/bootstrap.bundle.min.js?v=50efbf3d"></script>
-<script src="${login.appDataPath}/resources/show-password.js"></script>
+<script src="${login.appDataPath}/resources/window-onload.js?v=0e43b633"></script>
 #if ($gui.name == "oauth_consent")
-    <script src="${login.appDataPath}/resources/oauth_consent.js"></script>
+    <script src="${login.appDataPath}/resources/oauth_consent.js?v=339b6d0d"></script>
 #end
 #if ($gui.name == "authcloud")
    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
    <script src="${login.appDataPath}/resources/authcloud.js"></script>
 #end
 #if ($gui.name == "authcloud_onboard")
    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
    <script src="${login.appDataPath}/resources/authcloud_onboard.js"></script>
 #end
 #if ($gui.name == "authcloud_login")
    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
    <script src="${login.appDataPath}/resources/authcloud_login.js"></script>
 #end
 #if ($gui.name == "mauth_onboard")
-    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_onboard.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_onboard.js?v=38723856"></script>
 #end
 #if ($gui.name == "mauth_link_qr")
-    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_link_qr.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_link_qr.js?v=fd5fd826"></script>
 #end
 #if ($gui.name == "mauth_push_qr")
-    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_push_qr.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_push_qr.js?v=3c6a82b5"></script>
 #end
 #if ($gui.name == "mauth_usernameless")
-    <script src="${login.appDataPath}/resources/qrious.min.js"></script>
+    <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
-    <script src="${login.appDataPath}/resources/mauth_usernameless.js"></script>
+    <script src="${login.appDataPath}/resources/mauth_usernameless.js?v=f7614de6"></script>
 #end
 #if ($gui.name.startsWith("fido2"))
  <script src="${login.appDataPath}/resources/fido2_utils.js?v=e32b17fe"></script>
 #end
 #if ($gui.name == "fido2_auth")
-    <script src="${login.appDataPath}/resources/base64.js"></script>
+  <script src="${login.appDataPath}/resources/base64.js?v=eee75ab4"></script>
-    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+  <script src="${login.appDataPath}/resources/fido2_auth.js?v=67c408f6"></script>
    <script src="${login.appDataPath}/resources/fido2_auth.js"></script>
 #end
 #if ($gui.name == "fido2_auth_std")
@ -59,18 +47,43 @@
            userVerification: "$userVerification",
       };
    </script>
-    <script src="${login.appDataPath}/resources/simplewebauthn-browser@7.1.0.min.js"></script>
+    <script src="${login.appDataPath}/resources/simplewebauthn-browser@7.1.0.min.js?v=2178ec68"></script>
-    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_utils.js?v=e32b17fe"></script>
-    <script src="${login.appDataPath}/resources/fido2_auth_std.js"></script>
+    <script src="${login.appDataPath}/resources/fido2_auth_std.js?v=576c17e9"></script>
 #end
 #if ($gui.name == "fido2_onboard")
-    <script src="${login.appDataPath}/resources/base64.js"></script>
+  <script src="${login.appDataPath}/resources/base64.js?v=eee75ab4"></script>
-    <script src="${login.appDataPath}/resources/fido2_utils.js"></script>
+  <script src="${login.appDataPath}/resources/fido2_onboard.js?v=701888a8"></script>
    <script src="${login.appDataPath}/resources/fido2_onboard.js"></script>
 #end
-#if ($useFormEncryption)
+#if ($gui.name == "fido2_check")
-    <script src="${login.appDataPath}/resources/forge.bundle.js"></script>
+  <script src="${login.appDataPath}/resources/fido2_check.js?v=41e0e891"></script>
-    <script src="${login.appDataPath}/resources/e2eenc.js"></script>
+  ## Hide the login container while check in progress
  #set ($loginContainerHidden = true)
 #end
 #if ($gui.name == "authcloud_onboard")
  <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
  <script src="${login.appDataPath}/resources/authcloud_onboard.js?v=58fe635a"></script>
 #end
 #if ($gui.name == "authcloud_login")
  <script src="${login.appDataPath}/resources/qrious.min.js?v=db99dcaf"></script>
  <script src="${login.appDataPath}/resources/authcloud_login.js?v=999ceb11"></script>
 #end
 #if ($gui.getGuiElem("fido2_attestation_options"))
  <script src="${login.appDataPath}/resources/simplewebauthn-browser@13.1.0.min.js?v=1127fa91"></script>
  <script src="${login.appDataPath}/resources/passkey_autofill.js?v=b694a7c4"></script>
 #end
 #if ($gui.name == "recovery_code_onboarding")
  <script src="${login.appDataPath}/resources/display-recovery-codes.js?v=7b02cbaa"></script>
  <script src="${login.appDataPath}/resources/download-recovery-codes.js?v=d48fb5c1"></script>
  <script src="${login.appDataPath}/resources/copy-to-clipboard.js?v=8169a8e6"></script>
 #end
 #if ($gui.name == "OATH_Share")
  <script src="${login.appDataPath}/resources/copy-to-clipboard.js?v=8169a8e6"></script>
 #end
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_start.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/js_start.vm
@ -1 +1,2 @@
-<script src="${login.appDataPath}/resources/jquery-3.6.0.min.js"></script>
+<!-- functions used in the template and in window-onload.js -->
 <script src="${login.appDataPath}/resources/utils.js?v=e4345865"></script>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/json.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/json.vm
@ -23,11 +23,11 @@
        "name" : "$guiElem.name",
        "type" : "$guiElem.type",
        "optional" : "$guiElem.optional", 
-        "label" : "$guiElem.label" #if ($guiElem['validation-failed'] || $guiElem.value || $guiElem.length || $guiElem.format), #end
+        "label" : "$utils.escapeJson($guiElem.label)" #if ($guiElem['validation-failed'] || $guiElem.value || $guiElem.length || $guiElem.format), #end
       #if ($guiElem['validation-failed']) "validation-failed" : "$guiGroup.validationFailed" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
       #end ## if ($guiElem['validation-failed'])
-       #if ($guiElem.value) "value" : "$guiElem.value.replaceAll('\\\\','_ESCAPED_BACKSLASH_').replaceAll('\\"','_ESCAPED_QUOTE_').replaceAll('\\','\\\\').replaceAll('"','\\"').replaceAll('_ESCAPED_BACKSLASH_','\\\\').replaceAll('_ESCAPED_QUOTE_','\\"')" #if ($guiElem.length || $guiElem.format), #end
+       #if ($guiElem.value) "value" : "$utils.escapeJson($guiElem.value)" #if ($guiElem.length || $guiElem.format), #end
       #end ## if ($guiElem.value)
       #if ($guiElem.length) "max-length" : "$guiElem.length" #if ($guiElem.format), #end
@ -49,7 +49,7 @@
 	#foreach ($guiGroup in $gui.getGuiGroup())
 	    "name" : "$guiGroup.name",
 	    "type" : "$guiGroup.type",
-	    "label" : "$guiGroup.label",
+	    "label" : "$utils.escapeJson($guiGroup.label)",
 	    "multiple"  : "$guiGroup.multiple",
 	    "format" : "$guiGroup.format",
 	    "optional" : "$guiGroup.optional",
@ -63,9 +63,9 @@
            "type" : "$guiElem.type",
            "optional" : "$guiElem.optional",
            "validation-failed" : "$guiGroup.validationFailed",
-            "label" : "$guiElem.label" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
+            "label" : "$utils.escapeJson($guiElem.label)" #if ($guiElem.value || $guiElem.length || $guiElem.format), #end
            #if ($guiElem.value)
-            "value" : "$guiElem.value.replaceAll('\\\\','_ESCAPED_BACKSLASH_').replaceAll('\\"','_ESCAPED_QUOTE_').replaceAll('\\','\\\\').replaceAll('"','\\"').replaceAll('_ESCAPED_BACKSLASH_','\\\\').replaceAll('_ESCAPED_QUOTE_','\\"')" #if ($guiElem.length || $guiElem.format), #end
+            "value" : "$utils.escapeJson($guiElem.value)" #if ($guiElem.length || $guiElem.format), #end
            #end ## if ($guiElem.value)
            #if ($guiElem.length)
            "max-length" : "$guiElem.length" #if ($guiElem.format), #end
@ -86,3 +86,4 @@
    ]
 #end ## if ($gui.getGuiGroup() && $gui.getGuiGroup().length() > 0)
 }
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/lang.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/lang.vm
@ -1,32 +0,0 @@
 ## Nav =================================================================
 <nav id="language-switch" class="container-fluid">
 	<div class="dropdown pull-right">
 		<a id="language-switch-btn" class="dropdown-toggle text-uppercase small" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
 			<strong id="language">$login.localeCode</strong>
 			<span class="caret"></span>
 		</a>
 		<ul class="dropdown-menu" aria-labelledby="language-switch-btn">
 			## loop over all defined languages/locales....
 			#foreach ($locale in $login.locales)
 				## find translated label of current locale
 				#if ($text.contains("language.$locale"))
 					#set ($langLabel = $text.get("language.$locale"))
 				#elseif ($locale.length() > 2)
 					#set ($langLabel = $text.get("language.${locale.substring(0,2).toLowercase()}"))
 				#else
 					#set ($langLabel = $locale)
 				#end
 				## emit link or text for each language
 				#if ($login.localeCode != $locale && $login.language != $locale)
 					#set ($langTarget = $utils.escapeHtmlAttribute($gui.target('language', $locale)))
 					<li>
 						<a class="lang" href="$langTarget">
 							<strong class="prefix text-primary text-uppercase">$locale</strong>
 							<span>$langLabel</span>
 						</a>
 					</li>
 				#end
 			#end ## end foreach
 		</ul>
 	</div>
 </nav>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/macros.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/macros.vm
@ -1,252 +1,30 @@
-
+#macro(renderTitle $gui)
-#macro(renderFormField $guiElem, $gui, $tabindex)
+  <h1 class="h4 mb-3 text-center">$gui.label</h1>
 #if ($guiElem.type == "submit" || $guiElem.type == "button"  ||  $guiElem.type == "reset" ||  $guiElem.type == "link")
 ## do nothing, will be rendered in renderFormControls  nd renderFormLinks
 #elseif ($guiElem.type == "info" || $guiElem.type == "error")
 	#if ($guiElem.label && $guiElem.label.length() > 0)
 		## special fields: display some text only
 		#set ($class = "form-group")
 		#if ($guiElem.type == "error")
 			#set ($class = "$class has-error")
 #end
-		<div class="$class">
+
-			<div class="col-sm-offset-3 col-sm-6">
+#macro(renderInfoIcon)
-				<span class="help-block small" id="$guiElem.name">
+<div class="text-center">
-					$guiElem.label
+  <img src="${login.appDataPath}/resources/info.svg?v=cde656f1" alt="Info icon">
 				</span>
 			</div>
 </div>
 #end
-#elseif ($guiElem.type == "hidden" && $guiElem.name == "saml.logoutURLs")
+#macro(renderSuccessIcon)
-<script>
+<div class="success-icon">
-var sp_urls = '$guiElem.value'.split(',');
+  <img src="${login.appDataPath}/resources/success.svg?v=45e1a941" alt="Success icon">
 var final_url = '$gui.getGuiElem("saml.logoutURL").value';
 function kill_session() {
    var current_url = window.location.href;
    if (current_url.indexOf('?logout') == -1 && current_url.indexOf('&logout') == -1) {
      console.log("current URL does not terminate the IDP session");
      var logout_url = '';
      if (current_url.indexOf('?') > 0) {
        logout_url = current_url + "&logout";
      }
      else {
        logout_url = current_url + "?logout";
      }
      $.ajax({
        type: "GET",
        url: logout_url,
        async: false,
        xhrFields: {
          withCredentials: true
        },
        dataType: "text",
        success: function() {},
        error: function() {}
      });
    }
 }
 var request_urls = sp_urls.filter(function(current_url) {
    return current_url.indexOf('SAMLRequest') > 0;
 });
 var response_urls = sp_urls.filter(function(current_url) {
    return current_url.indexOf('SAMLResponse') > 0;
 });
 function end_logout() {
  if (response_urls.length == 0) {
    console.log('IDP-initiated SAML logout detected');
    kill_session(); // required to terminate IDP session
    window.location.href = final_url;
  }
  else {
    console.log('SP-initiated SAML logout detected');
    kill_session(); // required to terminate IDP session
    window.location.href = response_urls[0]; // only 1 such URL allowed. process ends on SP
  }
 }
 var requests = [];
 for (var i = 0; i < request_urls.length; i++) {
    var current_url = request_urls[i];
    requests.push($.ajax({
      type: "GET",
      url: current_url,
      xhrFields: {
         withCredentials: true
      },
      crossDomain: true,
      dataType: 'jsonp',
      error: function() {}
      })
    );
 }
 // send out the requests in parallel and afterwards terminate the logout process
 // we have to terminate the logout no mather if the requests were successful or if there were failed requests
 $.when.apply($, requests).then(function() { end_logout(); }, function() { end_logout(); });
 </script>
 #elseif ($guiElem.type == "hidden")
    <input type="hidden" name="$guiElem.name" value="$utils.escapeHtml($guiElem.value)">
 #else ## not info, error, button, submit, reset or hidden -> normal visual element
 ## define CSS class of representation in form
 #set ($class = "form-group")
 #if ($guiElem.optional)
 #set ($class = "$class optional")
 #else
 #set ($class = "$class required")
 #end
 ## highlight failed input validation, if flagged
 #if ($guiElem.validationFailed && $guiElem.value && $guiElem.value.length() > 0)
 #set ($class = "$class has-error")
 #end
 #if ($guiElem.validationFailed && (!$guiElem.value || $guiElem.value.length() == 0))
 #set ($class = "$class has-error")
 #end
 ## the form field's container, a label, and optionally a validation-related message
 <div class="$class">
 	## Special handling required for radios + checkboxes
 	#if ($guiElem.type != "radio" && $guiElem.type != "checkbox")
 		<label class="col-sm-3 control-label" for="$guiElem.name">
 			#if ($guiElem.name.startsWith("inputField") && !$guiElem.optional)
 				$guiElem.label<span style="color: red">*</span>
 			#else
 				$guiElem.label
 			#end
 		</label>
 		<div class="col-sm-6">
 			#if ($guiElem.type == "text")
 		        <input class="form-control" type="text" name="$guiElem.name" id="$guiElem.name"
 		            maxlength="$guiElem.length"
 		            value="$utils.escapeHtml($guiElem.value)" tabindex="$tabindex">
 			#elseif ($guiElem.type == "pw-text")
                <div class="icon-inside">
                  <input name="${guiElem.name}" type="password" class="form-control" id="${guiElem.name}" value="$utils.escapeHtml($guiElem.value)" tabindex="$tabindex">
                  <button class="icon-button" type="button" onclick="toggleInputType('${guiElem.name}', '${guiElem.name}eye-icon', '${login.appDataPath}')">
                    <img id="${guiElem.name}eye-icon" src="${login.appDataPath}/resources/eye.svg">
                  </button>
                </div>
 			#elseif ($guiElem.type == "select")
 				#set ($scrollSize = $guiElem.getGuiElems().size())
 				#set ($scrollSize = $math.min($scrollSize,4))
 				#if ($guiElem.multiple)
 		        <select name="$guiElem.name" class="form-control" size="$scrollSize" multiple>
 				#else
 		        <select name="$guiElem.name" class="form-control">
 				#end
 				#foreach ($option in $guiElem.getGuiElems())
 					#if ($option.selected)
 		                <option value="$utils.escapeHtml($option.value)" selected>$option.label</option>
 					#else
 		                <option value="$utils.escapeHtml($option.value)">$option.label</option>
 					#end
 				#end ## foreach option
 		    </select>
 			#elseif ($guiElem.type == "image" )
 		    <img src="$utils.escapeHtml($guiElem.value)" alt="$guiElem.label" />
 			#end
 			#if ($guiElem.validationMessage && $guiElem.validationMessage.length() > 0)
 				<span class="help-block small">$guiElem.validationMessage</span>
 			#end
 			#if ($jsValidation)
 				#renderElementValidation($guiElem, $gui)
 			#end
 		</div>
 	#else
 	## Special handling for checkboxes and radios
 		<div class="col-sm-offset-3 col-sm-6">
 			<label>
 				<input type="$guiElem.type" name="$guiElem.name"
 								value="$utils.escapeHtml($guiElem.value)"
 								#if ($guiElem.checked || $guiElem.value == 'true')
 								checked
 								#end
 								tabindex="$tabindex">
 				$guiElem.label
 			</label>
 			#if ($guiElem.validationMessage && $guiElem.validationMessage.length() > 0)
 				<span class="help-block small">$guiElem.validationMessage</span>
 			#end
 			#if ($jsValidation)
 				#renderElementValidation($guiElem, $gui)
 			#end
 		</div>
 	#end
 </div>
 #end
-#end ## end macro
+#macro(renderPasswordlessIcon)
-
+<div class="text-center">
-
+  <img src="${login.appDataPath}/resources/face.svg?v=a17cbb96" alt="Paswordless first icon">
-
+  <img src="${login.appDataPath}/resources/finger.svg?v=08a4a146" alt="Paswordless second icon">
-
+</div>
 #macro(renderElementValidation $guiElem, $gui)
 #if (($guiElem.validation && $guiElem.validation.length() > 0)||($guiElem.format && $guiElem.format.length() > 0))
 <script type="text/javascript">
 #if ($guiElem.validation && $guiElem.validation.length() > 0)
 #if ($guiElem.validation.indexof('return ') > 0)
 #set ($validationFunc="function () { $guiElem.validation }")
 #else
 #set ($validationFunc="function () { return $guiElem.validation ; }")
 #end
 #else
 #set ($validationFunc="function () { return true; }")
 #end
 	var form = document.getElementById('${gui.name}');
 	var formInput = form.elements["${guiElem.name}"];
 	formInput.onchange = function () {
 		var valid = ${validationFunc}.call(this);
 #if ($guiElem.format && $guiElem.format.length() > 0)
 		valid = valid && (/${guiElem.format}/).test(this.value);
 #end
 		var parent = this.parentNode;
 		if (!valid) {
 			parent.className += " has-error";
 		} else {
 			parent.className = parent.className.replace(/ has-error/g, '');
 		}
 #if (!$guiElem.optional)
 		if (!this.value) {
 			parent.className += " has-warning";
 		} else {
 			parent.className = parent.className.replace(/ has-warning/g,'');
 		}
 #end
 	};
 </script>
 #end
 #end ## macro
 #macro(renderFormLinks $gui)
  #set ($noLinks = true)
  #foreach ($guiElem in $gui.getGuiElems())
-   #if ($guiElem.type == "link")
+    #if ($guiElem.type == "link" && $guiElem.value != "")
      #if ($noLinks)
      <div class="form-group text-center">
        #set ($noLinks = false)
@ -259,37 +37,349 @@ $.when.apply($, requests).then(function() { end_logout(); }, function() { end_lo
  #end
 #end
-#macro(renderFormControls $gui)
+#macro(renderInfo $guiElem)
-<div class="form-group text-center">
+  #set($cssClass = "text-primary")
-#set ($buttonClass = "btn")
+  #if ($renderInfoCalled)
-#if ($isFormRequest)
+    #set($cssClass = "text-secondary")
-	#set ($buttonClass = "$buttonClass btn-default")
+  #end
  #if ($guiElem.name.endsWith('sub-icon'))
    <div class="sub-icon mb-3">
      <span class="text-dark">$guiElem.label</span>
    </div>
  #elseif ($guiElem.name.endsWith('bottom'))
    <div class="text-center mt-4 mb-0">
      <span class="text-secondary">$guiElem.label</span>
    </div>
  #elseif($guiElem.name == "selection")
    #set($methodName=$guiElem.value.replace("-registered", ""))
    #set($methodLabel=$text.get("info.method.$methodName"))
    #if($guiElem.value.endsWith('registered'))
      <button type="button" class="list-group-item list-group-item-action btn-selection-item disabled" value="$guiElem.value">
        <div>
          <span class="d-flex align-items-center gap-1">
            <img src="${login.appDataPath}/resources/${methodName}.svg" alt="${methodLabel}">
            <span class="selection-label">$utils.escapeHtml($methodLabel)</span>
          </span>
          <span class="d-flex selection-description">$utils.escapeHtml($guiElem.label)</span>
        </div>
        <img src="${login.appDataPath}/resources/success-solid.svg?v=d4a18981" alt="${methodLabel} registered">
      </button>
    #else
-	#set ($buttonClass = "$buttonClass btn-primary")
+      <button name="selection" type="submit" class="list-group-item list-group-item-action btn-selection-item" value="$guiElem.value">
-#end
+        <div>
-#foreach ($guiElem in $gui.getGuiElems())
+          <span class="d-flex align-items-center gap-1">
-	#if ($guiElem.type == "submit" || $guiElem.type == "button" || $guiElem.type == "reset")
+            <img src="${login.appDataPath}/resources/${methodName}.svg" alt="${methodLabel}">
-    <button class="$buttonClass $guiElem.cssClass"
+            <span class="selection-label">$utils.escapeHtml($methodLabel)</span>
-        ## special handling for button which execute a JS
+          </span>
-        #if ($guiElem.name == 'onclick')
+          <span class="d-flex selection-description">$utils.escapeHtml($guiElem.label)</span>
-            type="button"
+        </div>
-            onClick="start()"
+        <img src="${login.appDataPath}/resources/chevron-right.svg?v=597ebf66" alt="Select ${methodLabel}">
        #else
            name="$guiElem.name"
            value="$utils.escapeHtml($guiElem.value)"
        #end
        >
        #if ($guiElem.icon != "")
            #if ($guiElem.icon.contains("http"))
                <img src="$guiElem.icon" class="$guiElem.iconCssClass" />
            #else
                <img src="${login.appDataPath}/resources/$guiElem.icon" class="$guiElem.iconCssClass" />
            #end
        #end
        $utils.escapeHtml($guiElem.label)
      </button>
    #end
-#end ## foreach
+  ## special FIDO2 case
  #elseif(($gui.name == "fido2_onboard" || $gui.name == "fido2_auth") && $guiElem.name == "info")
    <div class="sub-title mb-40">
      <span class="text-dark">$guiElem.label</span>
    </div>
  ## special case: recovery codes
  #elseif ($guiElem.name == "displayrecoverycodes")
    <span class="hidden" id="recovery-codes-raw">$guiElem.label</span>
    <div id="recovery-codes" class="recovery-codes-wrapper printable"></div>
  ## special case: OATH copyable secret key
  #elseif ($guiElem.name.endsWith('readonly-copyable'))
    <div class="icon-inside mb-4">
      ## skip name to prevent submitting
      <input readonly type="text" class="form-control text-truncate" id="${guiElem.name}" value="$utils.escapeHtml($guiElem.label)" title="${guiElem.label}">
      <button class="icon-button nevis-blue-icon text-nevis-blue" type="button" onclick="copyToClipboard('${guiElem.name}')">
        ## Use inline svg due to color changing
        <svg width="20" height="21" viewBox="0 0 20 21" fill="none" xmlns="http://www.w3.org/2000/svg" aria-labelledby="copyTitle">
          <title id="copyTitle">Copy setup key icon</title>
          <path d="M6.66683 13.8333H5.00016C4.07969 13.8333 3.3335 13.0871 3.3335 12.1666V5.49992C3.3335 4.57944 4.07969 3.83325 5.00016 3.83325H11.6668C12.5873 3.83325 13.3335 4.57944 13.3335 5.49992V7.16659M8.3335 17.1666H15.0002C15.9206 17.1666 16.6668 16.4204 16.6668 15.4999V8.83325C16.6668 7.91278 15.9206 7.16659 15.0002 7.16659H8.3335C7.41302 7.16659 6.66683 7.91278 6.66683 8.83325V15.4999C6.66683 16.4204 7.41302 17.1666 8.3335 17.1666Z" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
        </svg>
      </button>
    </div>
  #elseif($guiElem.name == "authcloud_info") ## special Access App case
    <div class="sub-icon my-4">
      <span class="text-dark" id="$guiElem.name">$guiElem.label</span>
    </div>
    #if($gui.name == "authcloud_onboard") ## prepare hidden access app installed info for mobile platform
      <span id="info.access_app.installed" class="d-none">$utils.escapeHtml($text.get("info.access_app.installed"))</span>
    #end
  #elseif(($gui.name == "authcloud_onboard" || $gui.name == "authcloud_login") && $guiElem.name == "abort") ## special Access App case
    <div class="text-center mt-4">
      <span id="$guiElem.name" class="text-secondary">$guiElem.label</span>
    </div>
  #elseif($guiElem.name != "policyInfo.title" && $guiElem.name.startsWith('policy'))
    <div class="my-2">
      <span class="text-secondary" id="$guiElem.name">$guiElem.label</span>
    </div>
  #else
    <div class="text-center my-3">
      <span class="$cssClass" id="$guiElem.name">$guiElem.label</span>
    </div>
  #end
  #set($renderInfoCalled = true)
 #end
-#end ## end macro
+#macro(renderHidden $guiElem)
  ## prepare hidden deep link label for mobile app
  #if ($guiElem.name == "info.deeplink")
    ## patched by authcloud_login.js
    <span id="info.login.access_app" class="d-none">$utils.escapeHtml($guiElem.value)</span>
  #elseif ($guiElem.name == "saml.logoutURLs")
    <script src="${login.appDataPath}/resources/saml_idp_logout.js?v=3a0c7b23"></script>
    <script>
      var sp_urls = '$guiElem.value'.split(',');
      var final_url = '$gui.getGuiElem("saml.logoutURL").value';
      handleLogout(sp_urls, final_url);
    </script>
  #else
    <input type="hidden" name="$guiElem.name" value="$utils.escapeHtml($guiElem.value)">
  #end
 #end
 #macro(renderText $guiElem)
  #set ($extraClass = "")
  ## highlight failed input validation
  #if ($guiElem.validationFailed)
    #set ($extraClass = "border-danger")
  #end
  ## special case email/SMS verification
  #if ($guiElem.name == "isiwebotp")
    <div class="verification-code-wrapper my-4">
      <label for="${guiElem.name}" class="verification-code-label form-label">${guiElem.label}</label>
      <input id="${guiElem.name}" name="${guiElem.name}" type="text" placeholder="______" maxlength="6"
             class="verification-code-input form-control $extraClass"
             value="$utils.escapeHtml($guiElem.value)" autofocus autocomplete="one-time-code">
    </div>
  #else
    #set ($autocomplete = "username")
    #if ($gui.getGuiElem("fido2_attestation_options"))
      #set ($autocomplete = "username webauthn")
    #end
    #set ($inputWrapperClass = "my-4") ## default spacing around the input: 24px top and bottom
    <div class="$inputWrapperClass">
      #if ($guiElem.label && $guiElem.label.length() > 0)
        <label for="${guiElem.name}" class="form-label $extraClass">${guiElem.label}</label>
      #end
    #if ($guiElem.name == "isiwebuserid") ## loginId or email
      <input name="isiwebuserid" type="text" class="form-control $extraClass"
             id="isiwebuserid" value="$utils.escapeHtml($guiElem.value)" required autofocus autocomplete="$autocomplete">
      <div class="invalid-feedback" id="isiwebuserid-invalid-feedback">
        <span>$guiElem.validationMessage</span>
      </div>
    #elseif($guiElem.name == "isiwebrecovery") ## special case recovery code input
      <input name="${guiElem.name}" type="${guiElem.type}"
             placeholder="____-____-____-____"  maxlength="19"
             class="recovery-code-input form-control"
             id="${guiElem.name}"
             value="$utils.escapeHtml($guiElem.value)" autofocus>
    #elseif($gui.name.endsWith("OATH_Authentication") && $guiElem.name == "response") ## special case time based one time password code input
      <div class="totp-code-wrapper">
        <input name="${guiElem.name}" type="number" inputmode="numeric" pattern="[0-9]{6}"
               placeholder="______" maxlength="6"
               class="totp-code-input form-control $extraClass"
               id="${guiElem.name}"
               value="$utils.escapeHtml($guiElem.value)" autofocus autocomplete="one-time-code" oninput="formatNumberInput('${guiElem.name}')">
      </div>
    #elseif ($guiElem.type == "pw-text")
      <div class="icon-inside">
        <input name="${guiElem.name}" type="password" class="form-control $extraClass" id="${guiElem.name}" autofocus autocomplete="current-password">
        <button class="icon-button" type="button" onclick="toggleEye('${guiElem.name}', '${guiElem.name}-eye', '${login.appDataPath}')">
          <img id="${guiElem.name}-eye" src="${login.appDataPath}/resources/eye.svg?v=d43998e8">
        </button>
      </div>
    #else
      <input name="${guiElem.name}" type="${guiElem.type}"
             class="form-control $extraClass" id="${guiElem.name}" value="$utils.escapeHtml($guiElem.value)" autofocus>
    #end
    </div>
  #end
 #end
 #macro(renderButton $guiElem)
  ## special cases: FIDO2
  #if ($guiElem.name == "onclick")
    <button class="btn btn-primary w-100" type="button" onclick="startFido2();">
      $utils.escapeHtml($guiElem.label)
    </button>
  ## special cases: recovery codes
  #elseif ($guiElem.name == "copyrecoverycode")
    <button class="btn btn-secondary btn-recovery-code" type="button" onclick="copyToClipboard('recovery-codes')">
      $utils.escapeHtml($guiElem.label)
    </button>
    #set ($btnPrimaryUsed = false)
  #elseif ($guiElem.name == "downloadrecoverycode")
    <button class="btn btn-secondary btn-recovery-code" type="button" onclick="downloadRecoveryCodes('recovery-codes')">
      $utils.escapeHtml($guiElem.label)
    </button>
  #elseif ($guiElem.name == "printrecoverycode")
    <button class="btn btn-secondary btn-recovery-code" type="button" onclick="window.print();">
      $utils.escapeHtml($guiElem.label)
    </button>
  ## default rendering
  #elseif ($guiElem.value != "disabled") ## do not show button if the value is disabled
    #set ($btnWrapperClass = "text-center mt-4")
    #if ($guiElem.name.endsWith('bottom'))
      #set ($btnWrapperClass = "${btnWrapperClass} mb-0")
    #else
      #set ($btnWrapperClass = "${btnWrapperClass} mb-4")
    #end
    #set ($btnClass = "btn w-100")
    #if ($guiElem.cssClass && !$guiElem.cssClass.isEmpty())
      #set ($btnClass = "${btnClass} ${guiElem.cssClass}")
    #else
      #if (!$btnPrimaryUsed)
        #set ($btnClass = "${btnClass} btn-primary")
        #set ($btnPrimaryUsed = true)
      #else
        #set ($btnClass = "${btnClass} btn-secondary")
      #end
    #end
    <div class="$btnWrapperClass">
      <button name="$guiElem.name" type="submit" class="$btnClass"
              value="$utils.escapeHtml($guiElem.value)">$guiElem.label</button>
    </div>
  #end
 #end
 #macro(renderError $guiElem)
  #if($guiElem.name.startsWith('policy'))
    <div class="my-2">
      <span class="text-danger" id="$guiElem.name">$guiElem.label</span>
    </div>
  #else
    <div class="text-center my-4">
      <span class="text-danger" id="$guiElem.name">$guiElem.label</span>
    </div>
  #end
 #end
 #macro(renderRadio $guiElem)
  <div class="form-check">
    <input id="${guiElem.name}" name="${guiElem.name}" type="radio" class="form-check-input" value="$utils.escapeHtml($guiElem.value)" autofocus>
    <label for="${guiElem.name}" class="form-check-label">${guiElem.label}</label>
  </div>
 #end
 #macro(renderCheckbox $guiElem)
  <div class="form-check">
    <label for="${guiElem.name}" class="form-check-label">${guiElem.label}</label>
    <input id="${guiElem.name}" name="${guiElem.name}" type="checkbox" class="form-check-input" value="$utils.escapeHtml($guiElem.value)"
      #if ($guiElem.checked)
        checked
      #end
    >
  </div>
 #end
 #macro(renderImage $guiElem)
  <div class="text-center">
    <img src="${guiElem.value}" alt="${guiElem.name}" class="img-fluid">
  </div>
 #end
 #macro(renderGuiElem $guiElem)
  #if ($guiElem.name.startsWith('social_') || $guiElem.type == "link")
    ## do nothing, will be rendered later
  #elseif ($guiElem.name == "info-icon")
    #renderInfoIcon()
  #elseif ($guiElem.name == "passwordless-icon")
    #renderPasswordlessIcon()
  #elseif ($guiElem.name == "success-icon")
    #renderSuccessIcon()
  #elseif ($guiElem.type == "error" && $guiElem.label && $guiElem.label.length() > 0)
    #renderError($guiElem)
  #elseif ($guiElem.type == "info" && $guiElem.label && $guiElem.label.length() > 0)
    #renderInfo($guiElem)
  #elseif ($guiElem.type == "text" || $guiElem.type == "pw-text")
    #renderText($guiElem)
  #elseif ($guiElem.type == "submit" || $guiElem.type == "button" || $guiElem.type == "reset")
    #renderButton($guiElem)
    ## after buttons were rendered, we enforce usage of the secondary color for subsequent info elements
    #set($renderInfoCalled = true)
  #elseif ($guiElem.type == "radio")
    #renderRadio($guiElem)
  #elseif ($guiElem.type == "checkbox")
    #renderCheckbox($guiElem)
  #elseif ($guiElem.type == "image" && $guiElem.value != "")
    #renderImage($guiElem)
  #elseif ($guiElem.type == "hidden")
    #renderHidden($guiElem)
  #end
 #end
 #macro(renderGeneric $gui)
  #foreach ($guiElem in $gui.getGuiElems())
    #renderGuiElem($guiElem)
  #end
 #end
 #macro(renderSocialLoginButton $button)
  #if ($button.name != "")
    <button name="$button.name" class="btn social-login-button" value="true">
      #if ($button.name.startsWith('social_generic_'))
        ## the generic social login pattern allows to customize the icon
        #if ($button.icon != "")
          <img src="${login.appDataPath}/$button.icon" alt="social login logo" width="18" height="18">
        #else
          $button.label
        #end
      #else
        #set ($logoName = $button.name.substring(7))
        <img src="${login.appDataPath}/resources/${logoName}.svg" alt="${logoName} logo" width="18" height="18">
      #end
    </button>
  #end
 #end
 #macro(renderSocialLoginButtons $gui)
  #set ($socialLoginButtonFound = false) 
  #foreach ($guiElem in $gui.getGuiElems())
    #if ($guiElem.name.startsWith('social_'))
      #set ($socialLoginButtonFound = true)
    #end
  #end
  #if ($socialLoginButtonFound)
    <p class="horizontal-line mt-5 mb-3">$text.get('info.continue.social')</p>
    <div class="social-login-buttons">
      ## loop again to respect order
      #foreach ($guiElem in $gui.getGuiElems())
        #if ($guiElem.name.startsWith('social_'))
          #renderSocialLoginButton($guiElem)
        #end
      #end
    </div>
  #end
 #end
 #macro(renderHeader $gui)
  <div class="d-flex justify-content-between w-100 h-icon-button">
    <button id="logout-btn" class="btn p-0" aria-label="Close">X</button>
    #set ($languages = $login.defaultsBundle.getString("application.languages").split("[,\\s]+"))
    #if ($languages.size() > 1)
      #set ($activeLangLabel = $text.get("language.$login.localeCode"))
      <button class="btn btn-language-selector dropdown-toggle ms-auto" type="button" id="language-switch-btn" data-bs-toggle="dropdown" aria-expanded="false">
        <span class="lang-label">$activeLangLabel</span>
        <img src="${login.appDataPath}/resources/chevron-down.svg?v=cfb90b1c" class="ms-2" alt="Down">
      </button>
      <ul class="dropdown-menu dropdown-menu-end" aria-labelledby="language-switch-btn">
        #foreach ($lang in $languages)
          #set ($langLabelPropertyName = "language." + $lang) ## Strings can't be concatenated in the text.get below, had to outsource.
          #set ($langLabel = $text.get($langLabelPropertyName))
          #set ($langTarget = $utils.escapeHtmlAttribute($gui.target('language', $lang)))
          <li>
            <a class="dropdown-item" href="$langTarget">$langLabel</a>
          </li>
      #end
    </ul>
    #end
  </div>
 #end
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/mauth_usernameless.vm
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/template/mauth_usernameless.vm
@ -27,7 +27,6 @@
 			#end
 		</h1>
 	</div>
 	<div class="grid grid-cols-1 md:grid-cols-2 md:grid-rows-1 gap-6 md:gap-y-0 p-6 items-start rounded-[2.25rem]
 	sm:bg-lily-blue dark:sm:bg-purple-black text-space-blue dark:text-white">
 		<section id="loginCard"
@ -124,7 +123,6 @@
 	</span>
 </main>
 <main id="mobileMainContainer"
 	  class="sm:hidden grow text-space-blue dark:text-white flex flex-col gap-2"
 	  data-lastLoginMethod="$utils.escapeHtmlAttribute($gui.getGuiElem('lastLoginMethod').value)">
@ -167,9 +165,8 @@
 			</form>
 		</span>
 	</span>
 	<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
-		  accept-charset="UTF-8" class="hidden sm:hidden formDrawer">
+		  accept-charset="UTF-8" class="formDrawer">
 		<div class="w-full z-30 fixed left-0 pointer-events-none" id="drawerContainer">
 			<div class="w-full bg-white dark:bg-surface-black px-4 pb-[130px] rounded-t-2xl pointer-events-auto"
 				 id="drawer">
@ -234,21 +231,14 @@
 	</form>
 </main>
-<div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+<agov-modal
-	<div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
+			class="hidden"
-	<div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+			id="QRCodeModal"
-	<div class="inline-flex flex-col overflow-hidden overflow-y-scroll fixed bg-white dark:bg-surface-black rounded-[20px] p-10
+			ishidden="true"
-	 w-11/12
+			data-title="$text.get("general.login.accessApp")"
-	sm:max-w-[440px] max-h-[90vh] top-1/2 left-1/2
+			data-cancel-button-label="$text.get("general.back")"
-	-translate-x-1/2
+			data-cancel-button-event-name="closeQRModal"
-	 -translate-y-1/2">
+			data-cancel-button-style="frameless">
 		<div id="modalTab" class="mb-6 cursor-pointer hidden">
 			<div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
 		</div>
 		<h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
 			$text.get("general.login.accessApp")
 		</h4>
 		<div class="flex flex-col">
 	<div id="QRCodeHolderModal">
 		<div class="relative">
 			<canvas role="img" aria-labelledby="labelQRCodeInstructions" id="mauth_qrcode_modal"
@ -265,17 +255,8 @@
 			</p>
 		</div>
 	</div>
-			<agov-button
+</agov-modal>
-					class="block justify-center mt-10"
+
 					id="showQRModalBack"
 					data-style="frameless"
 					data-label="$text.get("general.back")"
 					data-type="button"
 					data-fullwidth="true">
 			</agov-button>
 		</div>
 	</div>
 </div>
 <script src="${login.appDataPath}/static/js-code/mauth_usernameless.js" defer>
 </script>
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
haburger	51c97beaeb	new configuration version	2025-08-20 06:58:20 +00:00
haburger	a7a76b52eb	new configuration version	2025-08-20 06:34:57 +00:00
haburger	6310d03471	new configuration version	2025-08-20 05:27:40 +00:00
haburger	e9f4f0db51	new configuration version	2025-08-19 15:33:45 +00:00
haburger	bdedbf9fe9	new configuration version	2025-08-18 14:16:15 +00:00
		`@ -1 +0,0 @@`
			`<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>`
		`@ -1 +0,0 @@`
			`<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>`
`@ -1 +1,2 @@`
	`<script src="${login.appDataPath}/resources/jquery-3.6.0.min.js"></script>`	`<!-- functions used in the template and in window-onload.js -->`
		`<script src="${login.appDataPath}/resources/utils.js?v=e4345865"></script>`