new configuration version

2025-12-08 17:22:53 +00:00 · 2025-12-08 16:36:44 +00:00 · 2025-12-05 05:33:24 +00:00 · 2025-12-01 12:12:13 +00:00 · 2025-11-21 08:52:47 +00:00 · 2025-10-21 10:04:49 +00:00
995 changed files with 43595 additions and 94787 deletions
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-auth-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml
@ -16,3 +16,5 @@ spec:
    namespace: "adn-agov-nevisidm-admin-01-uat"
  - name: "proxy-idm-saml-sp-nevisidm-admin-realm-identity"
    namespace: "adn-agov-nevisidm-admin-01-uat"
+  - name: "proxy-sp-ident-authenticationrealm-identity"
+    namespace: "adn-agov-nevisidm-admin-01-uat"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisAuth"
  replicas: 1
-  version: "8.2405.2"
-  gitInitVersion: "1.3.0"
+  version: "8.2505.5"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 9000
@ -39,13 +39,14 @@ spec:
    management:
      httpGet:
        path: "/nevisauth/liveness"
+      initialDelaySeconds: 50
      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-47502e417486789dcc0d887ec040d4cac6e4865d"
+    tag: "r-52cf67aa5ec5c56333d2605f507c60bb29159968"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/cert.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/cert.pem
@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFjzCCA3egAwIBAgIUFEFkfNhFmliJmUk1v6WdyJN+05swDQYJKoZIhvcNAQEL
+BQAwVzELMAkGA1UEBhMCY2gxEDAOBgNVBAoMB0Fkbm92dW0xDTALBgNVBAsMBGFn
+b3YxJzAlBgNVBAMMHmlkZW50LmFnb3Ytdy5henVyZS5hZG5vdnVtLm5ldDAeFw0y
+NTA1MDcwNDQ3NDlaFw0zNTA1MDUwNDQ3NDlaMFcxCzAJBgNVBAYTAmNoMRAwDgYD
+VQQKDAdBZG5vdnVtMQ0wCwYDVQQLDARhZ292MScwJQYDVQQDDB5pZGVudC5hZ292
+LXcuYXp1cmUuYWRub3Z1bS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQDIxuUes2jqQdn1usiVTtVpfJ2GZTxp0bqESesFUeRru5d9x00N6oeGL92e
+DXnZfWByzASA6rFWGs44SEpNu97wLMqofPXJ6IGPGXmC7ZHzn4kzLo4Lab3Uy3r+
+Xi5PD3j8G29ll+QIZTXBOD2ahgC5LxibnRPuV3UAXZdzcreDnozWbcYFTNmFT6+W
+H0LRGlohkgO4yVpLLTH9ayoD0R198kcOTyLXr7IwFH8zvhzZAwNdHPHHP0nLuoVq
+gqkNy/eZng4bT3ZWwvoX+RYXs7eJOiMUXd7PzOhvaTi1MMwHroVtFVgoJOSC9UW2
+bchzuc62M3Plt02WI3FRKXFX9wX6aLzVFNDl3+1xvvfjE6zdgNBfrw7Q7xwp2ejJ
+J8vY5bHDGq6OtmjAhELDio/YE611TLbB2r5XbDxVLp46pQvCDcu4091vzeLPCHX5
+msYecamrZJRDL9X+01SeXc/bPMngHE1QaBqa1tAB2JEzg9k72EDj1b/cfmGsO839
+0VSUQ9RqdQy2kJrLXx2GfxGkZdjLZJaCpGEXsedlCg5e2K/7H9Wtr/1ofSoV+0k3
+xe9xuMIbC0wwh+dQ2ATMnTEHZHHwLrKo1qu4GSBdiRMBD92ib5EdRj94gXa0v3Cg
+8uBp49lZHc6l7ctxQ97Ly9gxoobPXDoxh2/EbhCpM4dop74N5QIDAQABo1MwUTAd
+BgNVHQ4EFgQU/LigkPHuQ28Zc/fsi36K4zsmjhIwHwYDVR0jBBgwFoAU/LigkPHu
+Q28Zc/fsi36K4zsmjhIwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
+AgEAIQ0ajadHzIeOmTuPTOJo3+b47dNoZ/LnVn8tRz+q5xHd4bswrHTPyRW1gkP3
+bGY0cp+JMsjKIeqqouhCu+i5OAPZyM57McDj9gMrx33jp4uKJF7Fa47KxZTC8Bam
+tiLcPwXgkEQVWCn8xE6GrgZF93yolcABDW44U0G4yFR33p/IYvNFEQwnAGLN8CZC
+2QIJGhSdCv+SKO2gf9SMOlOe26osgCv2aMQpRso+rbA2xOT9NAe5D/QNeyXX4ljX
+Ghz0Hjen5+vE6vlUUXfflNg6EpA7rscj8R6R5cjY1oBKCuGCkO4MEx/kRTPJIq3g
+dVl0dLSD3hcsOEu+DuCtzhj2avXVdgC/TZMrDl0VxL5Iv+Pmah16DoDZKlI00QHZ
+Lne8n6fBd7U7m5I3EIlptdt8SxzKQ2IdrfJz9iSDzICl7CmYor2K5jYr2SUHLNSi
+kFtSXY9zGHJ0nawzQSQCuXCIoW/utLIWQAfIsrTX325JSbCV62IthzRmoxOsupm0
+O3h5NOnKSJI6oX2YVfWt1qPrNLPJf/IHOT7Khq/10wgd4Cg49JfKPcQ1Bj+4knQ1
+M1Wyhazq24a8cH5eAo02Ckv79Pb5/UMhj7o7ZiFTLhzLATXju1v3+vA7F6PV0C8U
+MNzIMeVZsN3qpcvJSEgkRtHuQe9akc7GmhNL4w+LV20QZy4=
+-----END CERTIFICATE-----
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/key.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/key.pem
@ -0,0 +1,54 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU4I8IE/YYU75bKRAC
+IFTez1dC3OQCAggAMB0GCWCGSAFlAwQBKgQQjNio9EnwBf2SwaLGHoz4sASCCVCU
+bCt2Yy8LyQxnkMa0IBx/TB8IsnEs6NnY1U9x52EP7rgwdLLP3qqb7Rh3rsWxQtZ0
+Xpi62QBNtiOb/y0eIifvwSl+g5GQwbimaH5JQXkdX7uecsjOpYI/KbDwKwUxtPSr
+5nn8nZRR/ivd6C/iNWbbSs5xlZW9FNUouKgbcWsaDkGRHD6xs4TVSuMefYcVoDOD
+ynOEHc3x1DK2Oc36VnFvW/DHJBvUZrTjiKI7WDaXcIVqAsPsCR/VtBuJNWOklMSS
+ZAYtZlrODEWEaBokiZGHqBgieqJ4eq40JZJ6CMiAKbhBYbsGHhXJddQD8II1blHL
+cr4VwtGtkVQ10n+/sFKyy0CkoveGPqi2osYhhIMYLH6r3W+cmDMTADtAOqtu/L87
+esM3OAGcy82L8O/iaXF8pS1vg+6wLQIWEpzJdRLoHzVsgu8oxSbsmBTGX8bHvVQz
+Im4Wx1ofBgfawGjTAWKFQwa5BeN6DiMhgxLhfMtzUNvUfnoxhPKQiLfxvy0IVwkF
+L3iabpkIUJS1qvPd8rZc8stpH5YumNy0rH5IbfG27VH/MBGjibNPMAgXU/eQrSBP
+1ndVDkiTK1YdLMC0fOKIwaxHgJx6rWv613VrOMJMJ55wT6fGNr8hQSEqOI/zfD/N
+1Hlmsmj8blE9rspUXekTShBCFb1x64E/a163V6DpSFFEmgSPJua81dneR/BF+IZX
+AJIagH6gaIRiC7/DP0gVqQzIDXklXblvrZzkd52z2qif2MMTTuY+P/4MDEQXoOVi
+jg28yUGQKkhOFviqJLRvJdpjOOZ6tWm9EKiogQbB7JfufS87ZAIczo1vCemGmJza
+TJKHH0fvHHmoPVZBuRng4SRfZJPzj0HI5z8J87QNdeMAVoZDxuOfVYLNsyj1dUpk
+IKw38AafPzMrIVP5/owkC09LQZwPWGJDX8ZBoV3qXTf2Y4klNbz18jSNkO6UwU6d
+Qk4Kx5CGy/LKkeynIDSyJmbg3Mo4zyD16KCYxm/R4xDm615Xb65ofBQq+LyG1feW
+5yraDCovTLAyLuY3e+1zJJqIMk5q4pAXezjM9zUWFeMLyKTJHlbDiAj+FJsDYHqN
+VhcENiTn25zueoTelSce7bb5rKewfTIoIrx6EJGY3cka5+/cRxOyzS67iusA4JjA
+Uh3qNNvbaUsiei1snYdT2pNw8U5krmWjK1WKB6PDkq3OtalwBxuVkMKuu73aQSh
+MghDP7lfcJNVBcRLHaqIMUKid3+jr6nw8yRVG9tCe5vC1HlUt2FLKP45lN1P6wzI
+jnyn43jqCuzSkJlC1otu9SCZxaPuKzZX5gr/a2b2eLAPZ4LXY49w6egvlzYaS2Uu
+TB8dPsCsGOthBflcrldijmk9M/xsFe2svffWP8gu9DMJKXuNxOoKR6oZIsicpcJG
+lIqsKI+44V9P1YzjoeKndvX1bthWMYQftel9SKl91lQaayXoboU3Cv+DQDZHGlfC
+7EIeE+U+66j1sxW1fkMx/ONb7qTyhIPvfypDcE6vSqgajxyXjCDU+R/EquZAxDwv
+pDy+HCpHoLCJMG6r3hEVrElkGoS8ualEFiIHHxwbfVdbvRBMeWhvNnR3Pl6wLdYc
+Bd+28jbckrGuFC5g62JgVSdUBnhqtrQveO9ia4s0Uxa88T6V/r7lIAzuzWM06/b6
+9Ab0NS/b3xDpucnrvkWJuWWZaeSKRtnHXZW4H2SqGId7uzQ3e5Oir/DhFO3MesTy
+uRYaeqMX/Pa22tOhfO0Etu73KTjqg1x0gD9nucI8c+2j0cY7kupt0SQ7Hd/sH0jn
+9gRx0z/8ORL7F1LvgemxohFJkPbwFDfMikNhMnP83+oEz1sxUVtgF+p6oYJazlrq
+FbnjPZdG7mtdmD/6w5gBlcgnRp+AfzfaXxyIs+p812KC5hq4XpDwiFwMtxNaSKDe
+vj3fqhRhNrVSOTnGA0CiM4WBYsnxZzMuR3EpDYgPmWLSVEoc8cGbzOFO8Pcu5nSn
+Qr5kiPkurazyMGaabgi5qLHuJvhj9tB+bzih6M9MWS0OQvj9jTGfsICT7xkd2px7
+bxBiVQlPVZqiGRCpW/FQTXm1zkGP360yPp60LlxQs+2+zJICCdmKG705rwrL4+p2
+nJazyBizcf2N6HmQVilYqmLsSpdt1FF1WP9JQEG5+rUtHA/LeNXP35ouhrOjmqch
+GAC84aWPiX76WHboj7wxBlTZL5D1UleFO77N8qzvSCJDhUXKiWa+0ju7V3G8ZbHV
+rvPCdSFvYFFc7h6bMbrVflBhbao/y3bX6IvHfwBuo39iMCTHbXy1L92h5e8FjUlU
+4D7BRtqbgNgHjkrEPtq3MC7rGMH2YWlugaOvfzP3smG5QMbVr2ucgjR11eQ1Cw3A
+LAjSvbAoNLl+n99ZPpPnJOZnGvZtmC2T7Rs6dfXmDoAge/gFWUx9xn+hIvR0mT+a
+8zbQR41qkx7t11U82GdpP+F0bmyCGl6BttQA7f+wgzUSdBWv+NDPi4fxcGKwSHZ
+/2oF/1gQGdHFALt2kfu1nWI+etefztNcF2RgdbI9HlqNf/h6Hn1CJ/gXeUpNnV4/
+f03ElWKJ+zFPrHoFbYO5ZGYOux2ZgQNesgIOlaZN0jgbv/gOdbr0TGHjwqUpuNqh
+sI9f7e4fncCYflpCPFtRRCZSlVyjHGCBaRVXug3xWqe6M19rLTayHZ7D33oJlI0V
+ELxQKj0CL2/o0EmkHQWCgUDYVGoKuAm6IZZjHy53vpSNz1zAoLU21gQSg4ts6PXr
+Hl6TOQjpTVfOtM4MbLbqkJFebyH2sOY2Qd2yLOHm7vH/7mmceot8Y3j3a9H6jLJ9
+LDe3c75y8nHkz7pKXMwvPnFng9N7l0nVgW/SFLrKs5HGWkhdgJEdIGPEZn4tKuYI
+Uy9AUPNhW4A8h3rxX+8Hk2jhDgV7WncANMCYsgxy2f7a/lx0SjBXvRDxECDaHDQ4
+lS1tqVuj26Mb5eU1YNDEUQ83zC9mP7kgcWowHf2WSS+/PByuzaZqnIbdJAzx7rfJ
+MCEQkXr33PZDLpFCPcnxKIKmKGf8iTtcIsh6l+7+GvccEcoKlOHEcy2iOLY5j8HL
+ilK9DJ1nSTR8EOGkPqNdpjK/1z6ZL+qrs0+rCwrXBpJLcodtN7fcMf7YetFVXIIx
+4ol0/nBcXC4/ePHSuoJtkQ4khBa3Ifw3VPBphx8Kyg==
+-----END ENCRYPTED PRIVATE KEY-----
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keypass
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keypass
@ -0,0 +1,2 @@
+#!/bin/bash
+echo 'KdBAW9xaXAr+ZUg+DVfaepnTTMRGtnu5s8VEO6Cbpw='
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.jks
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.jks
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.p12
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.p12
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/agov-ident-signer-keystore/keystore.pem
@ -0,0 +1,87 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU4I8IE/YYU75bKRAC
+IFTez1dC3OQCAggAMB0GCWCGSAFlAwQBKgQQjNio9EnwBf2SwaLGHoz4sASCCVCU
+bCt2Yy8LyQxnkMa0IBx/TB8IsnEs6NnY1U9x52EP7rgwdLLP3qqb7Rh3rsWxQtZ0
+Xpi62QBNtiOb/y0eIifvwSl+g5GQwbimaH5JQXkdX7uecsjOpYI/KbDwKwUxtPSr
+5nn8nZRR/ivd6C/iNWbbSs5xlZW9FNUouKgbcWsaDkGRHD6xs4TVSuMefYcVoDOD
+ynOEHc3x1DK2Oc36VnFvW/DHJBvUZrTjiKI7WDaXcIVqAsPsCR/VtBuJNWOklMSS
+ZAYtZlrODEWEaBokiZGHqBgieqJ4eq40JZJ6CMiAKbhBYbsGHhXJddQD8II1blHL
+cr4VwtGtkVQ10n+/sFKyy0CkoveGPqi2osYhhIMYLH6r3W+cmDMTADtAOqtu/L87
+esM3OAGcy82L8O/iaXF8pS1vg+6wLQIWEpzJdRLoHzVsgu8oxSbsmBTGX8bHvVQz
+Im4Wx1ofBgfawGjTAWKFQwa5BeN6DiMhgxLhfMtzUNvUfnoxhPKQiLfxvy0IVwkF
+L3iabpkIUJS1qvPd8rZc8stpH5YumNy0rH5IbfG27VH/MBGjibNPMAgXU/eQrSBP
+1ndVDkiTK1YdLMC0fOKIwaxHgJx6rWv613VrOMJMJ55wT6fGNr8hQSEqOI/zfD/N
+1Hlmsmj8blE9rspUXekTShBCFb1x64E/a163V6DpSFFEmgSPJua81dneR/BF+IZX
+AJIagH6gaIRiC7/DP0gVqQzIDXklXblvrZzkd52z2qif2MMTTuY+P/4MDEQXoOVi
+jg28yUGQKkhOFviqJLRvJdpjOOZ6tWm9EKiogQbB7JfufS87ZAIczo1vCemGmJza
+TJKHH0fvHHmoPVZBuRng4SRfZJPzj0HI5z8J87QNdeMAVoZDxuOfVYLNsyj1dUpk
+IKw38AafPzMrIVP5/owkC09LQZwPWGJDX8ZBoV3qXTf2Y4klNbz18jSNkO6UwU6d
+Qk4Kx5CGy/LKkeynIDSyJmbg3Mo4zyD16KCYxm/R4xDm615Xb65ofBQq+LyG1feW
+5yraDCovTLAyLuY3e+1zJJqIMk5q4pAXezjM9zUWFeMLyKTJHlbDiAj+FJsDYHqN
+VhcENiTn25zueoTelSce7bb5rKewfTIoIrx6EJGY3cka5+/cRxOyzS67iusA4JjA
+Uh3qNNvbaUsiei1snYdT2pNw8U5krmWjK1WKB6PDkq3OtalwBxuVkMKuu73aQSh
+MghDP7lfcJNVBcRLHaqIMUKid3+jr6nw8yRVG9tCe5vC1HlUt2FLKP45lN1P6wzI
+jnyn43jqCuzSkJlC1otu9SCZxaPuKzZX5gr/a2b2eLAPZ4LXY49w6egvlzYaS2Uu
+TB8dPsCsGOthBflcrldijmk9M/xsFe2svffWP8gu9DMJKXuNxOoKR6oZIsicpcJG
+lIqsKI+44V9P1YzjoeKndvX1bthWMYQftel9SKl91lQaayXoboU3Cv+DQDZHGlfC
+7EIeE+U+66j1sxW1fkMx/ONb7qTyhIPvfypDcE6vSqgajxyXjCDU+R/EquZAxDwv
+pDy+HCpHoLCJMG6r3hEVrElkGoS8ualEFiIHHxwbfVdbvRBMeWhvNnR3Pl6wLdYc
+Bd+28jbckrGuFC5g62JgVSdUBnhqtrQveO9ia4s0Uxa88T6V/r7lIAzuzWM06/b6
+9Ab0NS/b3xDpucnrvkWJuWWZaeSKRtnHXZW4H2SqGId7uzQ3e5Oir/DhFO3MesTy
+uRYaeqMX/Pa22tOhfO0Etu73KTjqg1x0gD9nucI8c+2j0cY7kupt0SQ7Hd/sH0jn
+9gRx0z/8ORL7F1LvgemxohFJkPbwFDfMikNhMnP83+oEz1sxUVtgF+p6oYJazlrq
+FbnjPZdG7mtdmD/6w5gBlcgnRp+AfzfaXxyIs+p812KC5hq4XpDwiFwMtxNaSKDe
+vj3fqhRhNrVSOTnGA0CiM4WBYsnxZzMuR3EpDYgPmWLSVEoc8cGbzOFO8Pcu5nSn
+Qr5kiPkurazyMGaabgi5qLHuJvhj9tB+bzih6M9MWS0OQvj9jTGfsICT7xkd2px7
+bxBiVQlPVZqiGRCpW/FQTXm1zkGP360yPp60LlxQs+2+zJICCdmKG705rwrL4+p2
+nJazyBizcf2N6HmQVilYqmLsSpdt1FF1WP9JQEG5+rUtHA/LeNXP35ouhrOjmqch
+GAC84aWPiX76WHboj7wxBlTZL5D1UleFO77N8qzvSCJDhUXKiWa+0ju7V3G8ZbHV
+rvPCdSFvYFFc7h6bMbrVflBhbao/y3bX6IvHfwBuo39iMCTHbXy1L92h5e8FjUlU
+4D7BRtqbgNgHjkrEPtq3MC7rGMH2YWlugaOvfzP3smG5QMbVr2ucgjR11eQ1Cw3A
+LAjSvbAoNLl+n99ZPpPnJOZnGvZtmC2T7Rs6dfXmDoAge/gFWUx9xn+hIvR0mT+a
+8zbQR41qkx7t11U82GdpP+F0bmyCGl6BttQA7f+wgzUSdBWv+NDPi4fxcGKwSHZ
+/2oF/1gQGdHFALt2kfu1nWI+etefztNcF2RgdbI9HlqNf/h6Hn1CJ/gXeUpNnV4/
+f03ElWKJ+zFPrHoFbYO5ZGYOux2ZgQNesgIOlaZN0jgbv/gOdbr0TGHjwqUpuNqh
+sI9f7e4fncCYflpCPFtRRCZSlVyjHGCBaRVXug3xWqe6M19rLTayHZ7D33oJlI0V
+ELxQKj0CL2/o0EmkHQWCgUDYVGoKuAm6IZZjHy53vpSNz1zAoLU21gQSg4ts6PXr
+Hl6TOQjpTVfOtM4MbLbqkJFebyH2sOY2Qd2yLOHm7vH/7mmceot8Y3j3a9H6jLJ9
+LDe3c75y8nHkz7pKXMwvPnFng9N7l0nVgW/SFLrKs5HGWkhdgJEdIGPEZn4tKuYI
+Uy9AUPNhW4A8h3rxX+8Hk2jhDgV7WncANMCYsgxy2f7a/lx0SjBXvRDxECDaHDQ4
+lS1tqVuj26Mb5eU1YNDEUQ83zC9mP7kgcWowHf2WSS+/PByuzaZqnIbdJAzx7rfJ
+MCEQkXr33PZDLpFCPcnxKIKmKGf8iTtcIsh6l+7+GvccEcoKlOHEcy2iOLY5j8HL
+ilK9DJ1nSTR8EOGkPqNdpjK/1z6ZL+qrs0+rCwrXBpJLcodtN7fcMf7YetFVXIIx
+4ol0/nBcXC4/ePHSuoJtkQ4khBa3Ifw3VPBphx8Kyg==
+-----END ENCRYPTED PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIIFjzCCA3egAwIBAgIUFEFkfNhFmliJmUk1v6WdyJN+05swDQYJKoZIhvcNAQEL
+BQAwVzELMAkGA1UEBhMCY2gxEDAOBgNVBAoMB0Fkbm92dW0xDTALBgNVBAsMBGFn
+b3YxJzAlBgNVBAMMHmlkZW50LmFnb3Ytdy5henVyZS5hZG5vdnVtLm5ldDAeFw0y
+NTA1MDcwNDQ3NDlaFw0zNTA1MDUwNDQ3NDlaMFcxCzAJBgNVBAYTAmNoMRAwDgYD
+VQQKDAdBZG5vdnVtMQ0wCwYDVQQLDARhZ292MScwJQYDVQQDDB5pZGVudC5hZ292
+LXcuYXp1cmUuYWRub3Z1bS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQDIxuUes2jqQdn1usiVTtVpfJ2GZTxp0bqESesFUeRru5d9x00N6oeGL92e
+DXnZfWByzASA6rFWGs44SEpNu97wLMqofPXJ6IGPGXmC7ZHzn4kzLo4Lab3Uy3r+
+Xi5PD3j8G29ll+QIZTXBOD2ahgC5LxibnRPuV3UAXZdzcreDnozWbcYFTNmFT6+W
+H0LRGlohkgO4yVpLLTH9ayoD0R198kcOTyLXr7IwFH8zvhzZAwNdHPHHP0nLuoVq
+gqkNy/eZng4bT3ZWwvoX+RYXs7eJOiMUXd7PzOhvaTi1MMwHroVtFVgoJOSC9UW2
+bchzuc62M3Plt02WI3FRKXFX9wX6aLzVFNDl3+1xvvfjE6zdgNBfrw7Q7xwp2ejJ
+J8vY5bHDGq6OtmjAhELDio/YE611TLbB2r5XbDxVLp46pQvCDcu4091vzeLPCHX5
+msYecamrZJRDL9X+01SeXc/bPMngHE1QaBqa1tAB2JEzg9k72EDj1b/cfmGsO839
+0VSUQ9RqdQy2kJrLXx2GfxGkZdjLZJaCpGEXsedlCg5e2K/7H9Wtr/1ofSoV+0k3
+xe9xuMIbC0wwh+dQ2ATMnTEHZHHwLrKo1qu4GSBdiRMBD92ib5EdRj94gXa0v3Cg
+8uBp49lZHc6l7ctxQ97Ly9gxoobPXDoxh2/EbhCpM4dop74N5QIDAQABo1MwUTAd
+BgNVHQ4EFgQU/LigkPHuQ28Zc/fsi36K4zsmjhIwHwYDVR0jBBgwFoAU/LigkPHu
+Q28Zc/fsi36K4zsmjhIwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
+AgEAIQ0ajadHzIeOmTuPTOJo3+b47dNoZ/LnVn8tRz+q5xHd4bswrHTPyRW1gkP3
+bGY0cp+JMsjKIeqqouhCu+i5OAPZyM57McDj9gMrx33jp4uKJF7Fa47KxZTC8Bam
+tiLcPwXgkEQVWCn8xE6GrgZF93yolcABDW44U0G4yFR33p/IYvNFEQwnAGLN8CZC
+2QIJGhSdCv+SKO2gf9SMOlOe26osgCv2aMQpRso+rbA2xOT9NAe5D/QNeyXX4ljX
+Ghz0Hjen5+vE6vlUUXfflNg6EpA7rscj8R6R5cjY1oBKCuGCkO4MEx/kRTPJIq3g
+dVl0dLSD3hcsOEu+DuCtzhj2avXVdgC/TZMrDl0VxL5Iv+Pmah16DoDZKlI00QHZ
+Lne8n6fBd7U7m5I3EIlptdt8SxzKQ2IdrfJz9iSDzICl7CmYor2K5jYr2SUHLNSi
+kFtSXY9zGHJ0nawzQSQCuXCIoW/utLIWQAfIsrTX325JSbCV62IthzRmoxOsupm0
+O3h5NOnKSJI6oX2YVfWt1qPrNLPJf/IHOT7Khq/10wgd4Cg49JfKPcQ1Bj+4knQ1
+M1Wyhazq24a8cH5eAo02Ckv79Pb5/UMhj7o7ZiFTLhzLATXju1v3+vA7F6PV0C8U
+MNzIMeVZsN3qpcvJSEgkRtHuQe9akc7GmhNL4w+LV20QZy4=
+-----END CERTIFICATE-----
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/key.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/key.pem
@ -1,54 +1,54 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
-+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
-Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
-5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
-0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
-2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
-whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
-0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
-62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
-bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
-AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
-6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
-qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
-eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
-tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
-UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
-EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
-fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
-tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
-WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
-nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
-p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
-AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
-XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
-72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
-4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
-FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
-GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
-JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
-dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
-tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
-6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
-xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
-DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
-YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
-IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
-HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
-TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
-G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
-1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
-h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
-Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
-8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
-E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
-rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
-QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
-FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
-6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
-ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
-e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
-Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
-N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUGGvlG1Y3PCk9uFbY
+EsHsOP4fnEYCAggAMB0GCWCGSAFlAwQBKgQQrq/LQU0dLwUGqzqS5WothQSCCVDm
+2K2MK5XvoX+GkgtLyYNpSeouP8LWKQyvnQb5SDPTqPGAHzSG16zy2yTzxsDpzzHF
+RYlkKPOZ0hDu4OKwm6GDveKxd1NtVH9GPPJ9nCHjNHJr1diTTepK5FGq3CZv18Jb
+MGfNzIJdWginyEAvVzE5gaGfl8U7r7/b7uDX0kCpSXV/4cajElOmFBwP4jzA7s3B
+iZIc0qF0Q0L9Ufw3WhblCgMNkTlz4e83qgpNuZoID6BabnQXZtC2DOTUAE39JMnf
+zRC0X8OgTgSHYTboRuhIShDeEmMlly9X5U6ot3RZjF4AskDYTALhdPjb66axfzuh
+5SED7lC/v0HY9J4nfE8NQQGEWR3DT7ezdRfIf5pDzi1HAdbBABtyJuCoIU+G8LzA
+wSEpD0qBk5SIlEPQVFR+wBeT2zC22tRAsW0mIhU+spQFFiGEljKIgHxAEAUN6vsv
+c6SC7B+TUJ0+4luaVlbfYOVSVUAkWTT/DLLjeCx6jaGbPXz2isT4RyfWZM+E4ho/
+guk1uPZJoxNojDAIK50KFMT6D4b4wpH3eqXf9IYqA5g6jIMTecNjYQ/or1A23XDp
+cN4it/ialo70bEvprpFL4wPvj0wMmZ54li8xWBaYkVbkHCYY1G53on9b05FcmmDT
+XXx8v002+l1/iUYUgUCnClqov+TxBoRDOf2fgsK20SAxRHS8ycSbr7ZKV+micA35
+IEvqE3eofqgW/H33Kj1VhmF59YQEVfjnzl4KImGvnMNzo+Aj+NVKmWkSuNiAwq5G
+S24Cy25SOYzkKXFbj5jgd8Ps2FRjCpzsodjWE7zQab37bel+Ini/M1X22ReoHgLj
+C9jHfzYkKo0csjpRyqul8CwsqVfIZY1OVDqcDymyfBTcBiMOPJHCL//XGZuAkbSY
+X5Gu+ner7QjT2VpLqiXH81cWTp5ATIhGfDfN3Lg+Wxy/huW/GdMzB+lQN0WHfvcC
+rHauOAQMsn4SX2pw0904ADASaYzZxoWeXY2u3W4jsjZvS0BFJ6iZtOmJk/yiG1Fg
+8P7x+BGFgGEnw/5hdmLHnQSSH72ooX8XgnzGvY5ydovyTz3+b/jh4yBuGoftekTF
+yh0x7TU4OjDHmx+lBrR7MRLVPEziy79LvjPb0CAa5feyCB0CLKyUEfsQMSxdrXKC
+AWXsP5R2bDPq96Pi7Kbl46rvSFAYL8XLFG3xT5wd4lKKUKlQQKCCccKsyhJE7PCM
+epXzTsZDMsY7XFlaKX6UmhPX57kQ7Dbc4lfDfDmWoHQNXxfVV3VrT61VQcaVV441
+HvEovwfM3lyRg9HuuX5vgfQbDFNwl1u4JuC6kkGVqsg78jOxjdhKhsXY1S/FMapX
+qEmU5wp1KwqiHF2Rt9Ses9r8gfTAqB2bmGNdONm7VKHJp5syPi1q20x+ItA6n5TE
+9rsYk6d7LGnJVHzDhCeSX+SKrHarx6K5LrzXe2v/XWFPX1MBP41m+1xARtsWupWs
+e4G+H5tVfiWOUm8V+/2au9J1QKd7MUqwbdJVA4JjjHcrtmM+Sp0Nj+BJywtYqlS9
+BPYXeOpOfIrWwmTCmeDiNNNKTB4cQfB6MKMtlnw3JGgnNhFi9ZtJpdkxlNO8NEav
+RrG/Lb0ZAnT5jjp8jx1jd1jUE0MhzIX1NlcdazI0+wVrLzAcISFJp2YzvBPi6/nM
+9VlDFidS6LRdio7LRfgJWycQX25Dxqrakoyu7ZrLsw0HhzdQbTvgLuKGDcYnAuhV
+qT9+3jqXxvmf7xFvfE59tYOzm5FAjBTZi/kcBwm+9eCKzU7UTZgKIBK3wTfyWXQL
+iPicXlZ4OtCUx1px4OkGd++2x7Pe2hgJ9Qv318guigUXDu/9fdhe83Ls+m8arb9i
+NGI/GPFhi0zkiEuABkajlxOIilrk4xQp19aMc1A4b+4kYxW7zTx7mrBlxRuhA/eK
+6Kb10/IKuqguL7riarsNH1DJhI8rosAmmqe8b1Qw8I8u522xs/FptTNp1H2QnarA
+jFNz4gFEX73QIW0XP4YFy2A3CCDEs0h1QaU49nzv1zghXVrxZfDgoEZvJLJjKYKT
+8+kkSQgnNbl2LbexPYe2ckwnXUcxK1JrP6sU7EO7MYOLMM/BVu4qwnsCYECdBWlV
+njIDNwzvojUrZiEWeegc90qpNDdXoaQC9c6RANzYfRdbVxnZvKtmWuCjruvDCqeg
+aiTuI/zO0TdYxKUCfaE9uCGOGlswGXc6PYDSDvJ0M4yGqZKNnhgAgmgvZ2f79lNR
+X+H0fj+SF+uLFCoA3DXZPji+hlRKg0WAaQCZIawgb7ET9Ssya3eEbwrjrCzdWyES
+ovU9D9uL6C3MCJWWvh85m7OYHgSuwc8gMCfBWCEQ7PHjZdD8M/qTK7Qc2sF5YclR
+3UKX3YmOMiSdaNNWJqlUfVQQ8kOKIcvMNvMKB4DaT7JzhJwc9LObIAsVF0DaRh6D
+pwYJXox8pwFtyZv7SvX7LxbXdgnCYMCcePWGpgdpJS5f8qw+5ruB/TJ0w9wxybpz
+W7a1o5lMCFtCqpHT3Xptc2xQMfpqzTtvWJWeLpcLR0RnTVafWv28XnCebREvr17o
+GOC+PU8d7wAnbK+9Mp4lcvHNOVNSqC3Co/e10ejndChDbHxM3us3DDTOnD/sRq4S
+mrpKSxv8FfJmXlxksixiTWMXts/r05ewSyroijZki1n/DMeFBUG1oce3jT22ecBM
+4hy6QD38zBo6YmqCN7NfwZeyU50loleR9+qmpkJDyjUcU120RGskFu/GdEiU3uX0
+gIIANSINpDLQsMs7nPFR19dIojzbmX/ac+CgnX7aApGoJjV86nJAzziMMXSmIK+6
+8i3XNEg4SMzC5q4nF9a3xuVBXd243KyQ+0MhcGJd/9Nyj3JrQmPyvIOvunndPa+x
+FTUAS0IRz3sm2asx+5CamRqn+81hP2nFGMUbJNcfwbSlL+QlNtuFU8IZ2EEoxYGq
+wZlppssFqDx/xGtgf/YzTSrm1LZ0FdlpQQ/+BIK4K6jOJSVdkqsUhEwZBVErmCKp
+TyixQ3Kbfc4zOtHuzWgijnbl+R8vk6biNvVrIzWTxOGqUzC1P/apfOt0UEInMiQ2
+tuv0uJshCc7ooC+Eb6AIjFjhf+PKN3tQCVXNFDVD+QQqzO93YsO57oh0pf3D8lWd
+MO7b0SHG3VntlrqGmRhHGacuMsYe9+3eSxk6sFWi1Q==
 -----END ENCRYPTED PRIVATE KEY-----
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.pem
@ -1,56 +1,56 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
-+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
-Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
-5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
-0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
-2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
-whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
-0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
-62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
-bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
-AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
-6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
-qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
-eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
-tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
-UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
-EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
-fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
-tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
-WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
-nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
-p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
-AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
-XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
-72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
-4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
-FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
-GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
-JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
-dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
-tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
-6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
-xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
-DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
-YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
-IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
-HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
-TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
-G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
-1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
-h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
-Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
-8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
-E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
-rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
-QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
-FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
-6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
-ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
-e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
-Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
-N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUGGvlG1Y3PCk9uFbY
+EsHsOP4fnEYCAggAMB0GCWCGSAFlAwQBKgQQrq/LQU0dLwUGqzqS5WothQSCCVDm
+2K2MK5XvoX+GkgtLyYNpSeouP8LWKQyvnQb5SDPTqPGAHzSG16zy2yTzxsDpzzHF
+RYlkKPOZ0hDu4OKwm6GDveKxd1NtVH9GPPJ9nCHjNHJr1diTTepK5FGq3CZv18Jb
+MGfNzIJdWginyEAvVzE5gaGfl8U7r7/b7uDX0kCpSXV/4cajElOmFBwP4jzA7s3B
+iZIc0qF0Q0L9Ufw3WhblCgMNkTlz4e83qgpNuZoID6BabnQXZtC2DOTUAE39JMnf
+zRC0X8OgTgSHYTboRuhIShDeEmMlly9X5U6ot3RZjF4AskDYTALhdPjb66axfzuh
+5SED7lC/v0HY9J4nfE8NQQGEWR3DT7ezdRfIf5pDzi1HAdbBABtyJuCoIU+G8LzA
+wSEpD0qBk5SIlEPQVFR+wBeT2zC22tRAsW0mIhU+spQFFiGEljKIgHxAEAUN6vsv
+c6SC7B+TUJ0+4luaVlbfYOVSVUAkWTT/DLLjeCx6jaGbPXz2isT4RyfWZM+E4ho/
+guk1uPZJoxNojDAIK50KFMT6D4b4wpH3eqXf9IYqA5g6jIMTecNjYQ/or1A23XDp
+cN4it/ialo70bEvprpFL4wPvj0wMmZ54li8xWBaYkVbkHCYY1G53on9b05FcmmDT
+XXx8v002+l1/iUYUgUCnClqov+TxBoRDOf2fgsK20SAxRHS8ycSbr7ZKV+micA35
+IEvqE3eofqgW/H33Kj1VhmF59YQEVfjnzl4KImGvnMNzo+Aj+NVKmWkSuNiAwq5G
+S24Cy25SOYzkKXFbj5jgd8Ps2FRjCpzsodjWE7zQab37bel+Ini/M1X22ReoHgLj
+C9jHfzYkKo0csjpRyqul8CwsqVfIZY1OVDqcDymyfBTcBiMOPJHCL//XGZuAkbSY
+X5Gu+ner7QjT2VpLqiXH81cWTp5ATIhGfDfN3Lg+Wxy/huW/GdMzB+lQN0WHfvcC
+rHauOAQMsn4SX2pw0904ADASaYzZxoWeXY2u3W4jsjZvS0BFJ6iZtOmJk/yiG1Fg
+8P7x+BGFgGEnw/5hdmLHnQSSH72ooX8XgnzGvY5ydovyTz3+b/jh4yBuGoftekTF
+yh0x7TU4OjDHmx+lBrR7MRLVPEziy79LvjPb0CAa5feyCB0CLKyUEfsQMSxdrXKC
+AWXsP5R2bDPq96Pi7Kbl46rvSFAYL8XLFG3xT5wd4lKKUKlQQKCCccKsyhJE7PCM
+epXzTsZDMsY7XFlaKX6UmhPX57kQ7Dbc4lfDfDmWoHQNXxfVV3VrT61VQcaVV441
+HvEovwfM3lyRg9HuuX5vgfQbDFNwl1u4JuC6kkGVqsg78jOxjdhKhsXY1S/FMapX
+qEmU5wp1KwqiHF2Rt9Ses9r8gfTAqB2bmGNdONm7VKHJp5syPi1q20x+ItA6n5TE
+9rsYk6d7LGnJVHzDhCeSX+SKrHarx6K5LrzXe2v/XWFPX1MBP41m+1xARtsWupWs
+e4G+H5tVfiWOUm8V+/2au9J1QKd7MUqwbdJVA4JjjHcrtmM+Sp0Nj+BJywtYqlS9
+BPYXeOpOfIrWwmTCmeDiNNNKTB4cQfB6MKMtlnw3JGgnNhFi9ZtJpdkxlNO8NEav
+RrG/Lb0ZAnT5jjp8jx1jd1jUE0MhzIX1NlcdazI0+wVrLzAcISFJp2YzvBPi6/nM
+9VlDFidS6LRdio7LRfgJWycQX25Dxqrakoyu7ZrLsw0HhzdQbTvgLuKGDcYnAuhV
+qT9+3jqXxvmf7xFvfE59tYOzm5FAjBTZi/kcBwm+9eCKzU7UTZgKIBK3wTfyWXQL
+iPicXlZ4OtCUx1px4OkGd++2x7Pe2hgJ9Qv318guigUXDu/9fdhe83Ls+m8arb9i
+NGI/GPFhi0zkiEuABkajlxOIilrk4xQp19aMc1A4b+4kYxW7zTx7mrBlxRuhA/eK
+6Kb10/IKuqguL7riarsNH1DJhI8rosAmmqe8b1Qw8I8u522xs/FptTNp1H2QnarA
+jFNz4gFEX73QIW0XP4YFy2A3CCDEs0h1QaU49nzv1zghXVrxZfDgoEZvJLJjKYKT
+8+kkSQgnNbl2LbexPYe2ckwnXUcxK1JrP6sU7EO7MYOLMM/BVu4qwnsCYECdBWlV
+njIDNwzvojUrZiEWeegc90qpNDdXoaQC9c6RANzYfRdbVxnZvKtmWuCjruvDCqeg
+aiTuI/zO0TdYxKUCfaE9uCGOGlswGXc6PYDSDvJ0M4yGqZKNnhgAgmgvZ2f79lNR
+X+H0fj+SF+uLFCoA3DXZPji+hlRKg0WAaQCZIawgb7ET9Ssya3eEbwrjrCzdWyES
+ovU9D9uL6C3MCJWWvh85m7OYHgSuwc8gMCfBWCEQ7PHjZdD8M/qTK7Qc2sF5YclR
+3UKX3YmOMiSdaNNWJqlUfVQQ8kOKIcvMNvMKB4DaT7JzhJwc9LObIAsVF0DaRh6D
+pwYJXox8pwFtyZv7SvX7LxbXdgnCYMCcePWGpgdpJS5f8qw+5ruB/TJ0w9wxybpz
+W7a1o5lMCFtCqpHT3Xptc2xQMfpqzTtvWJWeLpcLR0RnTVafWv28XnCebREvr17o
+GOC+PU8d7wAnbK+9Mp4lcvHNOVNSqC3Co/e10ejndChDbHxM3us3DDTOnD/sRq4S
+mrpKSxv8FfJmXlxksixiTWMXts/r05ewSyroijZki1n/DMeFBUG1oce3jT22ecBM
+4hy6QD38zBo6YmqCN7NfwZeyU50loleR9+qmpkJDyjUcU120RGskFu/GdEiU3uX0
+gIIANSINpDLQsMs7nPFR19dIojzbmX/ac+CgnX7aApGoJjV86nJAzziMMXSmIK+6
+8i3XNEg4SMzC5q4nF9a3xuVBXd243KyQ+0MhcGJd/9Nyj3JrQmPyvIOvunndPa+x
+FTUAS0IRz3sm2asx+5CamRqn+81hP2nFGMUbJNcfwbSlL+QlNtuFU8IZ2EEoxYGq
+wZlppssFqDx/xGtgf/YzTSrm1LZ0FdlpQQ/+BIK4K6jOJSVdkqsUhEwZBVErmCKp
+TyixQ3Kbfc4zOtHuzWgijnbl+R8vk6biNvVrIzWTxOGqUzC1P/apfOt0UEInMiQ2
+tuv0uJshCc7ooC+Eb6AIjFjhf+PKN3tQCVXNFDVD+QQqzO93YsO57oh0pf3D8lWd
+MO7b0SHG3VntlrqGmRhHGacuMsYe9+3eSxk6sFWi1Q==
 -----END ENCRYPTED PRIVATE KEY-----

 -----BEGIN CERTIFICATE-----
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/EncodeAndDisplayToken.groovy
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/EncodeAndDisplayToken.groovy
@ -0,0 +1,19 @@
+import ch.nevis.esauth.auth.engine.AuthResponse
+import ch.nevis.esauth.util.httpclient.api.HttpClient
+
+if (outargs['out.JWTToken']) {
+    // we have a token
+    def header = "Bearer ${outargs['out.JWTToken']}"
+    response.setNote('agov.test.token', header)
+    notes.setProperty('agov.test.token', header)
+    response.removeOutArg('out.JWTToken')
+}
+
+// if (!response.getNote('agov.test.token')) {
+//    response.setResult('newToken')
+//    return
+//}
+
+
+// show the GUI
+response.setResult('display')
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy
@ -0,0 +1,79 @@
+import groovy.json.JsonSlurper
+
+def cleanSession(boolean rpcodeToo) {
+  def s = request.getAuthSession(true)
+
+  if (rpcodeToo) {
+	s.removeAttribute('agov.ident.rpcode.backup')
+	s.removeAttribute('agov.ident.rpcode')
+	s.removeAttribute('agov.ident.entityId')
+  }
+  def sessionKeySet = new HashSet(session.keySet())
+  sessionKeySet.each { key ->
+    if ( key ==~ /ch.nevis.auth.saml..*/ ) {
+	  LOG.debug("Deleted session attribute '${key}'")
+	  s.removeAttribute(key)
+	}
+  }
+}
+
+// for auditing
+def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
+def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
+def referer = request.getLoginContext()['connection.HttpHeader.referer'] ?: request.getLoginContext()['connection.HttpHeader' +
+		'.Referer'] ?: '-'
+def origin = request.getLoginContext()['connection.HttpHeader.origin'] ?: request.getLoginContext()['connection.HttpHeader' +
+		'.Origin'] ?: '-'
+
+// 0) clean up, if we have a SAML Response in session
+if (session['ch.nevis.auth.saml.response.id']) {
+  // keep rpcode in session, if retrying after SAML error
+  def keepRpcode = session['ch.nevis.auth.saml.response.statusCode'] == 'urn:oasis:names:tc:SAML:2.0:status:Responder'
+  cleanSession(!keepRpcode)
+}
+
+// 1) we need to know the code of the RP
+def rpcode = inargs['rpcode'] ?: inargs['RelayState'] ?: session['agov.ident.rpcode']
+def rpcodeBackup = session['agov.ident.rpcode']
+def rpentity = '-'
+
+if (rpcode)
+{
+  if (rpcodeBackup) {
+    response.setSessionAttribute('agov.ident.rpcode.backup', rpcodeBackup)
+  }
+  response.setSessionAttribute('agov.ident.rpcode', rpcode)
+} else {
+  cleanSession(true)
+  LOG.info("Event='IDENT-INVALIDREQ', rpcode='missing', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
+  response.setResult('inavlidurl')
+  return
+}
+
+// 2) load rp settings in session (if needed)
+if (rpcode != rpcodeBackup) {
+  def slurper = new JsonSlurper()
+  def rpMap = slurper.parseText(parameters['rpcode.list'])
+  LOG.debug(">>> rpMaP: ${rpMap}")
+  if (!rpMap[rpcode]) {
+	  cleanSession(true)
+	  LOG.info("Event='IDENT-INVALIDREQ', rpcode='${rpcode}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', Origin='${origin}'")
+	  response.setResult('inavlidurl')
+	  return
+  }
+  rpentity=rpMap[rpcode]
+  response.setSessionAttribute('agov.ident.entityId', rpMap[rpcode])
+}
+
+// 3) if we have a response ...
+if (inargs['SAMLResponse']) {
+    response.setResult('processResponse')
+    return
+}
+
+// 4) otherwise
+LOG.info("Event='IDENT-INITREQ', rpcode='${rpcode}', rpentity='${rpentity}', SourceIp=${sourceIp}, UserAgent='${userAgent}', Referer='${referer}', " +
+		"Origin='${origin}'")
+response.setResult('sendAuthnRequest')
+return
+
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties
@ -1,9 +1,40 @@

 accept.button.label=Accept
+agov-ident.done.message=Your AGOV account is now ready for use. Please close this page.
+agov-ident.done.title=Done
+agov-ident.failed.instruction=You need an AGOV account and pass the suggested data verification to successfully finish the on-boarding. Please try again.
+agov-ident.failed.message=Onboarding cancelled or data verification postponed
+agov-ident.failed.title=Verification needed
+agov-ident.invalid-url.instruction=The link you used to access this page isn't valid. Please make sure you use it as received without any typos or click it directly on the page, where it is published.
+agov-ident.invalid-url.message=Link can't be processed
+agov-ident.invalid-url.title=Invalid Link
+agov-ident.onboarding=Registration & Verification
+agov-ident.retry=Try again
 cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
+dimilar.confirm_identity.checkbox=I confirm this is my data
+dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
+dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confirm data
+dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
+dimilar.select_onboarding.error-banner=Please select one option to continue
+dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
+dimilar.select_onboarding.proceeding=How would you like to proceed?
+dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
+dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token expired or already used.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
+error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -13,8 +44,16 @@ error_11=Please use another certficate or login with another credential type.
 error_2=Please select another login name.
 error_3=Your account will be locked if next authentication fails.
 error_4=Your new password does not comply with the security policy. Please choose a different password.
+error_403.description=You are not authorised to access this application.
+error_403.title=Not authorised
+error_404.description=The page you are looking for does not exist.
+error_404.title=Page not found
 error_5=Error in password confirmation.
 error_50=The new password is too short.
+error_500.description=There is currently an outage. We are working on it.
+error_500.title=Something went wrong.
+error_502.description=We are working on it. Please try again later.
+error_502.title=Something went wrong.
 error_55=The new password has to differ from old passwords.
 error_6=Password change required.
 error_7=Change of login ID required.
@ -49,29 +88,50 @@ general.cancel=Cancel
 general.confirm=Confirm
 general.contactSupport=Contact Support
 general.continue=Continue
+general.data.birthDate=Date of birth
+general.data.birthDateFormat=DD.MM.YYYY
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
+general.data.firstname=First name
+general.data.lastname=Last name
 general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
+general.fieldRequired=Field required
+general.generalAccessApp=Access app
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
+general.goToAccessApp=Go to AGOV access app
 general.help=Help
 general.help.link=https://agov.ch/help
 general.login=Login
+general.login.accessApp=Login with Access App
+general.login.securityKey=Login with Security Key
 general.loginSecurityKey=Start Security key login
+general.moreOptions=MORE OPTIONS
 general.or=OR
-general.otherOptions=OTHER OPTIONS
+general.otherLoginMethods=Other login methods
 general.recovery=Recovery
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Download as PDF
+general.recoveryCode.inputLabel=Recovery code
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeModal.title=Repeat recovery code
+general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
 general.register=Register
 general.registerNow=Register now!
 general.registration=Registration
+general.registration.dontHaveAnAccountYet=Don't have an AGOV account yet?
+general.registration.seeOptions=See registration options
 general.securityKey=Security key
 general.skip.content=Skip to main content
+general.wrongPhoneNumber=Please enter a valid phone number
 generic.auth.error.message=There was a service interruption. We are working on it.
 generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
-generic.auth.error.subtitle=Something went wrong
+generic.auth.error.subtitle=Something went wrong.
 generic.auth.error.title=Error
 info.logout.confirmation=Please confirm that you want to log out.
 info.logout.reminder=Your session on this application has expired. Try again with a login.
@ -81,26 +141,32 @@ language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
+language.rm=Rumantsch
 languageDropdown.aria.label=Select language
-loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
-loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
 loainfo.startVerification=Start verification
 loainfo.title=Verify your data
+loggedout.description=You have been successfully logged out.
+loggedout.title=Logged out
 login.button.label=Login
 logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
+mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
+mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
 mauth_usernameless.hideQR=Hide QR code
 mauth_usernameless.instructions=Log in by scanning the QR code with your AGOV access app
-mauth_usernameless.noAccount=Don't have an AGOV-Login yet?
+mauth_usernameless.noAccount=Don't have an AGOV account yet?
+mauth_usernameless.selectLoginMethod=Select login method
 mauth_usernameless.showQR=Show QR code
 mauth_usernameless.startRecovery=Start account recovery
 mauth_usernameless.useSecurityKey=Use a security key to log in
@ -115,6 +181,16 @@ method.recovery.label=Recovery Codes
 method.safeword.label=SafeWord
 method.securid.label=SecurID
 method.ticket.label=Ticket
+onboard_linking_account_auth.fido_instructions=A physical security key offers a secure way to onboard with your account without having to use a phone.
+onboard_linking_account_auth.instructions=Onboard with your AGOV account by scanning the QR code with your AGOV access app
+onboarding.cancel-onboarding=Are you sure you want to cancel the onboarding process?
+onboarding.cancel-onboarding-description=In order to proceed with an account recovery, you will have to cancel the onboarding process.
+onboarding.cancel-proceed-recovery=Yes, cancel and proceed to recovery
+onboarding.login-factor=Step 1 - Login factor
+onboarding.with-agov.title=Onboard with AGOV account
+onboarding_account.switchLinking=Switch to onboard with
+onboarding_account_auth.loginSecurityKey=Start onboarding with security key
+onboarding_account_auth.useSecurityKey=Use a security key to onboard with your AGOV account
 op-admin.login=AGOV op admin
 op-admin.login.intro.message=Login with your username and password
 op-admin.login.loginid=LoginId
@ -177,11 +253,27 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
+providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
+providePhoneNumber.inputLabel=Phone number (optional)
+providePhoneNumber.laterModal.description1=Without a phone number, a recovery of your account might take up to 4 days if you lose access to your recovery code.
+providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
+providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
+providePhoneNumber.laterModal.title=Continue without a phone number?
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.inputLabel=Phone number
+providePhoneNumber.modal.title=Repeat phone number
+providePhoneNumber.saveButtonText=Continue
+providePhoneNumber.title=Add phone number
+qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
+recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.enterRecoveryCode=Recovery code
+recovery_check_code.expired=Too many attempts or your recovery code has expired.
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -189,12 +281,14 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_noCode.banner.error=Too many attempts or your recovery code has expired.
-recovery_check_noCode.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_noCode.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
+recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
+recovery_check_noCode.banner.error=Too many attempts.
+recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.newRecoveryCode=Introducing recovery code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -219,13 +313,13 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
 recovery_questionnaire_loginfactor.yes=Yes
 recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
-recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
-recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
-recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app, or it shows there are no accounts defined
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app
@ -235,17 +329,22 @@ recovery_questionnaire_reason_selection.answer9=I have issues with one of my log
 recovery_questionnaire_reason_selection.banner.error=Please select a reason.
 recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
 recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
-recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
+signup.button.label=Signup
+skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
+timeout.description=Your session has timed out. Please close this window and try logging in again.
+timeout.title=Session expired
 title.login=Login
 title.logout=Logout
 title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
+title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties
@ -1,9 +1,40 @@

 accept.button.label=Akzeptieren
+agov-ident.done.message=Ihr AGOV-Konto ist nun einsatzbereit. Bitte schliessen Sie diese Seite.
+agov-ident.done.title=Fertig
+agov-ident.failed.instruction=Sie ben&ouml;tigen ein AGOV-Konto und m&uuml;ssen die vorgeschlagene Daten&uuml;berpr&uuml;fung bestehen, um das Onboarding erfolgreich abzuschliessen. Bitte versuchen Sie es erneut.
+agov-ident.failed.message=Onboarding abgebrochen oder Verifikation der Daten verschoben
+agov-ident.failed.title=Verifikation erforderlich
+agov-ident.invalid-url.instruction=Der Link, den Sie f&uuml;r den Zugriff auf diese Seite verwendet haben, ist ung&uuml;ltig. Bitte stellen Sie sicher, dass Sie ihn so verwenden, wie Sie ihn erhalten haben, ohne Tippfehler, oder klicken Sie ihn direkt auf der Seite an, auf der er ver&ouml;ffentlicht ist.
+agov-ident.invalid-url.message=Link kann nicht verarbeitet werden
+agov-ident.invalid-url.title=Ung&uuml;ltiger Link
+agov-ident.onboarding=Registrierung & Verifikation
+agov-ident.retry=Versuchen Sie es erneut
 cancel.button.label=Abbrechen
 continue.button.label=Weiter
 darkModeSwitch.aria.label=Dark-Mode-Schalter
 deputy.profile.label=(Profil Stellvertreter)
+dimilar.confirm_identity.checkbox=Ich best&auml;tige, dass dies meine Angaben sind
+dimilar.confirm_identity.description=Bitte best&auml;tigen Sie, dass die folgenden Angaben Ihnen geh&ouml;ren, um fortzufahren:
+dimilar.confirm_identity.error=Bitte best&auml;tigen Sie, dass die Angaben Ihnen geh&ouml;ren, um fortzufahren.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Angaben best&auml;tigen
+dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
+dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
+dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AGOV-Konto
+dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
+dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
+dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
+dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
+error.account.exists=Konto existiert bereits. Melden Sie sich an.
 error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
 error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
 error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
@ -13,8 +44,16 @@ error_11=Bitte verwenden Sie ein anderes Zertifikat oder melden Sie sich mit ein
 error_2=Bitte w&auml;hlen Sie einen anderen Login-Namen.
 error_3=Wenn die n&auml;chste Authentifizierung fehlschl&auml;gt, wird Ihr Konto gesperrt.
 error_4=Ihr neues Passwort verst&ouml;sst gegen die Sicherheitsrichtlinien. Bitte w&auml;hlen Sie ein anderes Passwort.
+error_403.description=Sie sind nicht berechtigt, auf diese Anwendung zuzugreifen.
+error_403.title=Nicht zugelassen
+error_404.description=Die von Ihnen gesuchte Seite existiert nicht.
+error_404.title=Seite nicht gefunden
 error_5=Fehler bei der Passwortbest&auml;tigung.
 error_50=Das neue Passwort ist zu kurz.
+error_500.description=Zurzeit liegt eine St&ouml;rung vor. Wir arbeiten daran.
+error_500.title=Etwas ist schiefgegangen.
+error_502.description=Wir arbeiten daran. Bitte versuchen Sie es sp&auml;ter noch einmal.
+error_502.title=Etwas ist schiefgegangen.
 error_55=Das neue Passwort muss sich von alten Passw&ouml;rtern unterscheiden.
 error_6=Passwort&auml;nderung erforderlich.
 error_7=&Auml;nderung der Login-ID erforderlich.
@ -33,7 +72,7 @@ error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitt
 error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
 errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
 fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
-fido2_auth.instruction1=Klicken Sie auf "Weiter"
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
 fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
 fido2_auth.instruction3=Folgen Sie den Anweisungen
 fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
@ -49,29 +88,50 @@ general.cancel=Abbrechen
 general.confirm=Best&auml;tigen
 general.contactSupport=Support kontaktieren
 general.continue=Weiter
+general.data.birthDate=Geburtsdatum
+general.data.birthDateFormat=TT.MM.JJJJ
+general.data.enrollmentNumber=AHV-Nummer (Dienstmanager)
+general.data.firstname=Vorname
+general.data.lastname=Nachname
 general.edit=&Auml;ndern
 general.email=E-Mail
-general.email.address=E-Mailadresse
+general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
-general.getStarted=Get started
+general.fieldRequired=Erforderliches Feld
+general.generalAccessApp=Access App
+general.getStarted=Los geht's
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
+general.goToAccessApp=Zur AGOV access App wechseln
 general.help=Hilfe
 general.help.link=https://agov.ch/help
 general.login=Login
+general.login.accessApp=Login mit AGOV access App
+general.login.securityKey=Login mit Sicherheitsschl&uuml;ssel
 general.loginSecurityKey=Sicherheitsschl&uuml;ssel-Login starten
+general.moreOptions=WEITERE OPTIONEN
 general.or=ODER
-general.otherOptions=WEITERE OPTIONEN
+general.otherLoginMethods=Andere Login-Methoden
 general.recovery=Wiederherstellung
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Als PDF herunterladen
+general.recoveryCode.inputLabel=Wiederherstellungscode
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
+general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
 general.register=Registrieren
 general.registerNow=Jetzt registrieren!
 general.registration=Registrierung
+general.registration.dontHaveAnAccountYet=Haben Sie noch kein AGOV-Konto?
+general.registration.seeOptions=Registrierungsoptionen ansehen
 general.securityKey=Sicherheitsschl&uuml;ssel
 general.skip.content=Direkt zum Hauptteil
+general.wrongPhoneNumber=Bitte geben Sie eine g&uuml;ltige Telefonnummer ein
 generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
 generic.auth.error.next.steps=Versuchen Sie es bitte sp&auml;ter noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
-generic.auth.error.subtitle=Etwas ist schiefgegangen
+generic.auth.error.subtitle=Etwas ist schiefgegangen.
 generic.auth.error.title=Fehler
 info.logout.confirmation=Bitte best&auml;tigen Sie, dass Sie sich abmelden m&ouml;chten.
 info.logout.reminder=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
@ -81,26 +141,32 @@ language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
+language.rm=Rumantsch
 languageDropdown.aria.label=Sprache w&auml;hlen
-loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
-loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
-loainfo.description.400=F&uuml;r den Zugang zu dieser Anwendung m&uuml;ssen Sie Ihre AHV-Nummer angeben.
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
 loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
 loainfo.later=Sp&auml;ter
 loainfo.startNow=M&ouml;chten Sie den Prozess jetzt starten?
 loainfo.startVerification=Verifikation starten
 loainfo.title=Verifizieren Sie Ihre Daten
+loggedout.description=Sie haben sich erfolgreich ausgeloggt.
+loggedout.title=Ausgeloggt
 login.button.label=Login
 logout.label=Logout
 logout.text=Sie haben sich erfolgreich abgemeldet.
 mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
 mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
-mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
-mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
 mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
+mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
+mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
 mauth_usernameless.hideQR=QR-Code ausblenden
 mauth_usernameless.instructions=Melden Sie sich an, indem Sie den QR-Code mit Ihrer AGOV access App scannen
-mauth_usernameless.noAccount=Haben Sie noch kein AGOV-Login?
+mauth_usernameless.noAccount=Haben Sie noch kein AGOV-Konto?
+mauth_usernameless.selectLoginMethod=Login-Methode w&auml;hlen
 mauth_usernameless.showQR=QR-Code anzeigen
 mauth_usernameless.startRecovery=Kontowiederherstellung starten
 mauth_usernameless.useSecurityKey=Verwenden Sie einen Sicherheitsschl&uuml;ssel, um sich anzumelden
@ -115,6 +181,16 @@ method.recovery.label=Wiederherstellungscodes
 method.safeword.label=SafeWord
 method.securid.label=SecurID
 method.ticket.label=Ticket
+onboard_linking_account_auth.fido_instructions=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, das Onboarding mit Ihrem Konto ohne Telefon durchzuf&uuml;hren.
+onboard_linking_account_auth.instructions=F&uuml;hren Sie das Onboarding mit Ihrem AGOV-Konto durch, indem Sie den QR-Code mit Ihrer AGOV access App scannen
+onboarding.cancel-onboarding=Sind Sie sicher, dass Sie den Onboarding-Prozess abbrechen m&ouml;chten?
+onboarding.cancel-onboarding-description=Um mit der Kontowiederherstellung fortzufahren, m&uuml;ssen Sie den Onboarding-Prozess abbrechen.
+onboarding.cancel-proceed-recovery=Ja, abbrechen und mit der Wiederherstellung fortfahren
+onboarding.login-factor=Schritt 1 &ndash; Login-Faktor
+onboarding.with-agov.title=Onboarding mit AGOV-Konto
+onboarding_account.switchLinking=Wechseln zum Onboarding mit
+onboarding_account_auth.loginSecurityKey=Onboarding mit Sicherheitsschl&uuml;ssel starten
+onboarding_account_auth.useSecurityKey=Benutzen Sie einen Sicherheitsschl&uuml;ssel, um das Onboarding mit Ihrem AGOV-Konto durchzuf&uuml;hren
 op-admin.login=AGOV-op-Admin
 op-admin.login.intro.message=Login mit Ihrem Benutzernamen und Passwort
 op-admin.login.loginid=LoginID
@ -177,11 +253,27 @@ policyInfo.regex.nonLetter=&#9642; muss mindestens {0} Zeichen enthalten, die ke
 policyInfo.regex.numeric=&#9642; muss mindestens {0} numerische Zeichen enthalten.
 policyInfo.regex.upper=&#9642; muss mindestens {0} Grossbuchstaben enthalten.
 policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
-recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
+providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
+providePhoneNumber.inputLabel=Mobilnummer (optional)
+providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
+providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
+providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.inputLabel=Mobilnummer
+providePhoneNumber.modal.title=Mobilnummer wiederholen
+providePhoneNumber.saveButtonText=Speichern
+providePhoneNumber.title=Mobilnummer angeben
+qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
+recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
-recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
+recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
 recovery_check_code.invalid.code=Code ist ung&uuml;ltig
 recovery_check_code.invalid.code.required=Code erforderlich
@ -189,17 +281,19 @@ recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
 recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
 recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
 recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
-recovery_check_noCode.banner.error=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
-recovery_check_noCode.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
-recovery_check_noCode.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
 recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
-recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
 recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
 recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
@ -216,21 +310,21 @@ recovery_questionnaire_instructions.instruction1=Geben Sie die E-Mail-Adresse Ih
 recovery_questionnaire_instructions.instruction2=Folgen Sie den Schritten zur Wiederherstellung Ihres Kontos (die Schritte variieren je nach Verifizierungsstufe Ihres Kontos)
 recovery_questionnaire_loginfactor.banner.error=Bitte w&auml;hlen Sie eine Antwort.
 recovery_questionnaire_loginfactor.no=Nein
-recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV Access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
+recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
 recovery_questionnaire_loginfactor.yes=Ja
 recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
-recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> f&uuml;r Support-Artikel.
-recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
-recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
-recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt, oder es wird angezeigt, dass keine Konten definiert sind
 recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
 recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
 recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen
 recovery_questionnaire_reason_selection.answer7=Ich habe meine Sicherheitsschl&uuml;ssel oder AGOV access Apps, hatte aber Probleme beim Einloggen
-recovery_questionnaire_reason_selection.answer8=Ich habe den Zugriff auf alle meine Sicherheitsschl&uuml;ssel und Apps verloren
+recovery_questionnaire_reason_selection.answer8=Ich habe den Zugriff auf alle meine Sicherheitsschl&uuml;ssel und AGOV access Apps verloren
 recovery_questionnaire_reason_selection.answer9=Ich habe Probleme mit einem meiner Loginfaktoren (gel&ouml;scht, zur&uuml;ckgesetzt, vergessene PIN)
 recovery_questionnaire_reason_selection.banner.error=Bitte w&auml;hlen Sie einen Grund aus.
 recovery_questionnaire_reason_selection.instruction=Bitte w&auml;hlen Sie einen Grund wieso Sie den AGOV recovery Prozess starten:
@ -238,14 +332,19 @@ recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis d
 recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
 recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
 reject.button.label=Ablehnen
+signup.button.label=Registrieren
+skip.button.label=&Uuml;berspringen
 submit.button.label=Senden
 tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
+timeout.description=Ihre Sitzung ist abgelaufen. Bitte schliessen Sie dieses Fenster und versuchen Sie erneut, sich einzuloggen.
+timeout.title=Sitzung abgelaufen
 title.login=Login
 title.logout=Logout
 title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorisierung
 title.saml.failed=Error
+title.signup=Konto erstellen
 title.timeout.page=Logout
 user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
 user_input.invalid.email.required=Erforderliches Feld
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties
@ -1,9 +1,40 @@

 accept.button.label=Accept
+agov-ident.done.message=Your AGOV account is now ready for use. Please close this page.
+agov-ident.done.title=Done
+agov-ident.failed.instruction=You need an AGOV account and pass the suggested data verification to successfully finish the on-boarding. Please try again.
+agov-ident.failed.message=Onboarding cancelled or data verification postponed
+agov-ident.failed.title=Verification needed
+agov-ident.invalid-url.instruction=The link you used to access this page isn't valid. Please make sure you use it as received without any typos or click it directly on the page, where it is published.
+agov-ident.invalid-url.message=Link can't be processed
+agov-ident.invalid-url.title=Invalid Link
+agov-ident.onboarding=Registration & Verification
+agov-ident.retry=Try again
 cancel.button.label=Cancel
 continue.button.label=Continue
 darkModeSwitch.aria.label=Dark mode toggle
 deputy.profile.label=(Deputy Profile)
+dimilar.confirm_identity.checkbox=I confirm this is my data
+dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
+dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confirm data
+dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
+dimilar.select_onboarding.error-banner=Please select one option to continue
+dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
+dimilar.select_onboarding.proceeding=How would you like to proceed?
+dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
+dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token expired or already used.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
+error.account.exists=Account already exists. Continue to log in.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
 error_10=Please select the correct user account.
@ -13,8 +44,16 @@ error_11=Please use another certficate or login with another credential type.
 error_2=Please select another login name.
 error_3=Your account will be locked if next authentication fails.
 error_4=Your new password does not comply with the security policy. Please choose a different password.
+error_403.description=You are not authorised to access this application.
+error_403.title=Not authorised
+error_404.description=The page you are looking for does not exist.
+error_404.title=Page not found
 error_5=Error in password confirmation.
 error_50=The new password is too short.
+error_500.description=There is currently an outage. We are working on it.
+error_500.title=Something went wrong.
+error_502.description=We are working on it. Please try again later.
+error_502.title=Something went wrong.
 error_55=The new password has to differ from old passwords.
 error_6=Password change required.
 error_7=Change of login ID required.
@ -49,29 +88,50 @@ general.cancel=Cancel
 general.confirm=Confirm
 general.contactSupport=Contact Support
 general.continue=Continue
+general.data.birthDate=Date of birth
+general.data.birthDateFormat=DD.MM.YYYY
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
+general.data.firstname=First name
+general.data.lastname=Last name
 general.edit=Edit
 general.email=Email
 general.email.address=Email address
 general.entryCode=Code entry
+general.fieldRequired=Field required
+general.generalAccessApp=Access app
 general.getStarted=Get started
 general.goAGOVHelp=Go to AGOV help
 general.goAccessApp=Login with AGOV access
+general.goToAccessApp=Go to AGOV access app
 general.help=Help
 general.help.link=https://agov.ch/help
 general.login=Login
+general.login.accessApp=Login with Access App
+general.login.securityKey=Login with Security Key
 general.loginSecurityKey=Start Security key login
+general.moreOptions=MORE OPTIONS
 general.or=OR
-general.otherOptions=OTHER OPTIONS
+general.otherLoginMethods=Other login methods
 general.recovery=Recovery
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Download as PDF
+general.recoveryCode.inputLabel=Recovery code
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeModal.title=Repeat recovery code
+general.recoveryCode.reveal=Reveal recovery code
 general.recoveryOngoing=Ongoing recovery
 general.register=Register
 general.registerNow=Register now!
 general.registration=Registration
+general.registration.dontHaveAnAccountYet=Don't have an AGOV account yet?
+general.registration.seeOptions=See registration options
 general.securityKey=Security key
 general.skip.content=Skip to main content
+general.wrongPhoneNumber=Please enter a valid phone number
 generic.auth.error.message=There was a service interruption. We are working on it.
 generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
-generic.auth.error.subtitle=Something went wrong
+generic.auth.error.subtitle=Something went wrong.
 generic.auth.error.title=Error
 info.logout.confirmation=Please confirm that you want to log out.
 info.logout.reminder=Your session on this application has expired. Try again with a login.
@ -81,26 +141,32 @@ language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
+language.rm=Rumantsch
 languageDropdown.aria.label=Select language
-loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
-loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
 loainfo.startVerification=Start verification
 loainfo.title=Verify your data
+loggedout.description=You have been successfully logged out.
+loggedout.title=Logged out
 login.button.label=Login
 logout.label=Logout
 logout.text=You have successfully logged out.
 mauth_usernameless.EID=Continue with CH E-ID
 mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
-mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
-mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
 mauth_usernameless.cannotLogin=Lost access to your app / security key?
+mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
+mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
 mauth_usernameless.hideQR=Hide QR code
 mauth_usernameless.instructions=Log in by scanning the QR code with your AGOV access app
-mauth_usernameless.noAccount=Don't have an AGOV-Login yet?
+mauth_usernameless.noAccount=Don't have an AGOV account yet?
+mauth_usernameless.selectLoginMethod=Select login method
 mauth_usernameless.showQR=Show QR code
 mauth_usernameless.startRecovery=Start account recovery
 mauth_usernameless.useSecurityKey=Use a security key to log in
@ -115,6 +181,16 @@ method.recovery.label=Recovery Codes
 method.safeword.label=SafeWord
 method.securid.label=SecurID
 method.ticket.label=Ticket
+onboard_linking_account_auth.fido_instructions=A physical security key offers a secure way to onboard with your account without having to use a phone.
+onboard_linking_account_auth.instructions=Onboard with your AGOV account by scanning the QR code with your AGOV access app
+onboarding.cancel-onboarding=Are you sure you want to cancel the onboarding process?
+onboarding.cancel-onboarding-description=In order to proceed with an account recovery, you will have to cancel the onboarding process.
+onboarding.cancel-proceed-recovery=Yes, cancel and proceed to recovery
+onboarding.login-factor=Step 1 - Login factor
+onboarding.with-agov.title=Onboard with AGOV account
+onboarding_account.switchLinking=Switch to onboard with
+onboarding_account_auth.loginSecurityKey=Start onboarding with security key
+onboarding_account_auth.useSecurityKey=Use a security key to onboard with your AGOV account
 op-admin.login=AGOV op admin
 op-admin.login.intro.message=Login with your username and password
 op-admin.login.loginid=LoginId
@ -177,11 +253,27 @@ policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characte
 policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
 policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
 policyInfo.title=The password has to comply with the following password policy:
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
+providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
+providePhoneNumber.inputLabel=Phone number (optional)
+providePhoneNumber.laterModal.description1=Without a phone number, a recovery of your account might take up to 4 days if you lose access to your recovery code.
+providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
+providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
+providePhoneNumber.laterModal.title=Continue without a phone number?
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.inputLabel=Phone number
+providePhoneNumber.modal.title=Repeat phone number
+providePhoneNumber.saveButtonText=Continue
+providePhoneNumber.title=Add phone number
+qrCode.label=Click to open QR code in pop-up window.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
+recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
-recovery_check_code.enterRecoveryCode=Enter recovery code
+recovery_check_code.enterRecoveryCode=Recovery code
+recovery_check_code.expired=Too many attempts or your recovery code has expired.
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
 recovery_check_code.invalid.code=The code is invalid
 recovery_check_code.invalid.code.required=Code required
@ -189,12 +281,14 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_noCode.banner.error=Too many attempts or your recovery code has expired.
-recovery_check_noCode.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_noCode.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
-recovery_code.banner.error=Please reveal your new code to be able to continue.
+recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
+recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
+recovery_check_noCode.banner.error=Too many attempts.
+recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
 recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
-recovery_code.newRecoveryCode=Introducing Recovery Code
+recovery_code.newRecoveryCode=Introducing recovery code
 recovery_code.validUntil=Valid until:
 recovery_fidokey_auth.button=Start key authentication
 recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
@ -219,13 +313,13 @@ recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
 recovery_questionnaire_loginfactor.yes=Yes
 recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
-recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
-recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
-recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app, or it shows there are no accounts defined
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app
@ -235,17 +329,22 @@ recovery_questionnaire_reason_selection.answer9=I have issues with one of my log
 recovery_questionnaire_reason_selection.banner.error=Please select a reason.
 recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
 recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
-recovery_start_info.instruction=During the recovery process you will register a new login factor. If  your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
 recovery_start_info.title=You are about to start the recovery process
 reject.button.label=Deny
+signup.button.label=Signup
+skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
+timeout.description=Your session has timed out. Please close this window and try logging in again.
+timeout.title=Session expired
 title.login=Login
 title.logout=Logout
 title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Client Authorization
 title.saml.failed=Error
+title.signup=Create account
 title.timeout.page=Logout
 user_input.invalid.email=Please enter a valid email address
 user_input.invalid.email.required=Field required
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties
@ -1,9 +1,40 @@

 accept.button.label=Accepter
+agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
+agov-ident.done.title=Termin&eacute;
+agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
+agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
+agov-ident.failed.title=V&eacute;rification requise
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
+agov-ident.invalid-url.title=Lien non valide
+agov-ident.onboarding=Enregistrement et v&eacute;rification
+agov-ident.retry=Essayez &agrave; nouveau
 cancel.button.label=Abandonner
 continue.button.label=Continuer
 darkModeSwitch.aria.label=Activer l'apparence sombre
 deputy.profile.label=(Profil du suppl&eacute;ant)
+dimilar.confirm_identity.checkbox=Je confirme que ce sont mes donn&eacute;es
+dimilar.confirm_identity.description=Veuillez confirmer que les donn&eacute;es ci-dessous vous appartiennent afin de poursuivre&#160;:
+dimilar.confirm_identity.error=Veuillez confirmer que les donn&eacute;es vous appartiennent afin de poursuivre.
+dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confirmer les donn&eacute;es
+dimilar.select_onboarding.description=Bienvenue sur AGOV. Veuillez terminer votre int&eacute;gration en vous connectant &agrave; un compte AGOV existant ou en cr&eacute;ant un nouveau compte.
+dimilar.select_onboarding.error-banner=Veuillez s&eacute;lectionner une option pour continuer
+dimilar.select_onboarding.existing-account=Se connecter avec un compte AGOV existant
+dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der&#160;?
+dimilar.select_onboarding.registering-account=Se connecter avec un nouveau compte AGOV
+dimilar.select_onboarding.title=Bonjour !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Jeton expir&eacute; ou d&eacute;j&agrave; utilis&eacute;.
+dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Le processus d&rsquo;int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez r&eacute;essayer.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Le processus d'int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez contacter le service de support &agrave;
+dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Cr&eacute;er un compte
+envbanner.label=Environnement d'ex&eacute;cution
+error.account.exists=Le compte existe d&#233;j&#224;. Continuez &#224; vous connecter.
 error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
 error_1=Veuillez v&eacute;rifier votre saisie.
 error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
@ -13,8 +44,16 @@ error_11=Veuillez utiliser un autre certificat ou vous connecter au moyen d&rsqu
 error_2=Veuillez s&eacute;lectionner un autre nom d&rsquo;utilisateur.
 error_3=Votre compte sera bloqu&eacute; si la prochaine tentative d&rsquo;authentification &eacute;choue.
 error_4=Votre nouveau mot de passe n&rsquo;est pas conforme &agrave; la politique de s&eacute;curit&eacute;. Veuillez choisir un autre mot de passe.
+error_403.description=Vous n&rsquo;&ecirc;tes pas autoris&eacute; &agrave; acc&eacute;der &agrave; cette ressource.
+error_403.title=Pas autoris&eacute;
+error_404.description=La page que vous recherchez n'existe pas.
+error_404.title=Page introuvable
 error_5=Erreur de confirmation du mot de passe
 error_50=Le nouveau mot de passe est trop court.
+error_500.description=Un incident est survenu. Nous mettons tout en œuvre pour le r&eacute;soudre.
+error_500.title=Un probl&egrave;me s&rsquo;est produit.
+error_502.description=Nous y travaillons. Veuillez r&eacute;essayer plus tard.
+error_502.title=Un probl&egrave;me s&rsquo;est produit.
 error_55=Le nouveau mot de passe doit &ecirc;tre diff&eacute;rent des pr&eacute;c&eacute;dents.
 error_6=Changement de mot de passe requis.
 error_7=Changement d&rsquo;identifiant de connexion requis.
@ -33,14 +72,14 @@ error_9905=Il y a un probl&egrave;me avec votre compte AGOV operations. Veuillez
 error_9909=Un probl&egrave;me interne s&rsquo;est produit. Veuillez demander un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
 errors.duplicateValue=Votre compte est d&eacute;j&agrave; li&eacute; &agrave; un autre acc&egrave;s &agrave; AGOV operations.
 fido2_auth.cancel.fido=L'authentification avec la cl&eacute; de s&eacute;curit&eacute; a &eacute;t&eacute; interrompue. Veuillez vous assurer que votre cl&eacute; FIDO est enregistr&eacute;e et que votre adresse e-mail est correcte, puis suivez les &eacute;tapes ci-dessous.
-fido2_auth.instruction1=Cliquez sur "Continuer"
+fido2_auth.instruction1=Cliquez sur &laquo;&#160;Continuer&#160;&raquo;
 fido2_auth.instruction2=Une fen&ecirc;tre d'authentification s'affichera
 fido2_auth.instruction3=Suivez les instructions
 fido2_auth.skipInstructions=Passer les instructions la fois suivante
 fido2_auth.switchLogin=S'AUTHENTIFIER AVEC
 footer.link=https://agov.ch
 footer.link.label=Contact
-footer.text=Service d'authentification des autorit&eacute;s suisses AGOV - une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
+footer.text=Service d'authentification des autorit&eacute;s suisses AGOV &ndash; une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
 general.AGOVAccessApp=Application AGOV access
 general.accessApp=Application AGOV access
 general.authenticate=Authentification
@ -49,29 +88,50 @@ general.cancel=Annuler
 general.confirm=Confirmer
 general.contactSupport=Contacter le service d'assistance
 general.continue=Continuer
+general.data.birthDate=Date de naissance
+general.data.birthDateFormat=JJ.MM.AAAA
+general.data.enrollmentNumber=Num&eacute;ro AVS (Gestionnaire de service)
+general.data.firstname=Pr&eacute;nom
+general.data.lastname=Nom
 general.edit=Editer
 general.email=E-mail
 general.email.address=Adresse e-mail
 general.entryCode=Entrer le code
+general.fieldRequired=Champ requis
+general.generalAccessApp=Access app
 general.getStarted=D&eacute;marrer
 general.goAGOVHelp=Rendez-vous sur AGOV help
 general.goAccessApp=Login avec AGOV access
+general.goToAccessApp=Allez sur votre application AGOV access
 general.help=Aide
 general.help.link=https://agov.ch/help
 general.login=Login
+general.login.accessApp=Connexion avec l'application AGOV access
+general.login.securityKey=Connexion avec la cl&eacute; de s&eacute;curit&eacute;
 general.loginSecurityKey=D&eacute;marrer la connexion avec la cl&eacute; de s&eacute;curit&eacute;
+general.moreOptions=PLUS D'OPTIONS
 general.or=OU
-general.otherOptions=AUTRES OPTIONS
+general.otherLoginMethods=Autres m&eacute;thodes de connexion
 general.recovery=R&eacute;cup&eacute;ration
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
+general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
+general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
 general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
 general.register=Cr&eacute;er un compte
-general.registerNow=Enregistrez-vous d&egrave;s maintenant!
+general.registerNow=Enregistrez-vous d&egrave;s maintenant&#160;!
 general.registration=Enregistrement
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV&#160;?
+general.registration.seeOptions=Voir les options d'enregistrement
 general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
 general.skip.content=Passer au contenu principal
+general.wrongPhoneNumber=Veuillez saisir un num&eacute;ro de t&eacute;l&eacute;phone valable
 generic.auth.error.message=Une interruption de service s&rsquo;est produite. Nous nous employons &agrave; r&eacute;soudre le probl&egrave;me.
 generic.auth.error.next.steps=Veuillez r&eacute;essayer plus tard. Veuillez vous rendre sur AGOV help si le probl&egrave;me persiste.
-generic.auth.error.subtitle=Un probl&egrave;me s&rsquo;est produit
+generic.auth.error.subtitle=Un probl&egrave;me s&rsquo;est produit.
 generic.auth.error.title=Erreur
 info.logout.confirmation=Veuillez confirmer que vous souhaitez vous d&eacute;connecter.
 info.logout.reminder=Votre session sur cette application a expir&eacute;e. Essayez encore avec un login.
@ -81,26 +141,32 @@ language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
+language.rm=Rumantsch
 languageDropdown.aria.label=S&eacute;lectionner la langue
-loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
-loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
-loainfo.description.400=Pour acc&eacute;der &agrave; l'application, vous devez ajouter votre num&eacute;ro AVS.
-loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
+loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es&#160;!
 loainfo.later=Plus tard
-loainfo.startNow=Voulez-vous commencer le processus maintenant?
+loainfo.startNow=Voulez-vous commencer le processus maintenant&#160;?
 loainfo.startVerification=D&eacute;marrer la v&eacute;rification
 loainfo.title=V&eacute;rifiez vos donn&eacute;es
+loggedout.description=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
+loggedout.title=D&eacute;connect&eacute;
 login.button.label=Login
 logout.label=Logout
 logout.text=Au revoir
 mauth_usernameless.EID=Continuer avec l'e-ID suisse
 mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
-mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
-mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
-mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
+mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute;&#160;?
+mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access&#160;?
+mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute;&#160;?
 mauth_usernameless.hideQR=Cacher le code QR
 mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
-mauth_usernameless.noAccount=Vous n'avez pas encore d'AGOV-Login ?
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV&#160;?
+mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
 mauth_usernameless.showQR=Afficher le code QR
 mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
 mauth_usernameless.useSecurityKey=Utiliser une cl&eacute; de s&eacute;curit&eacute; pour se connecter
@ -115,6 +181,16 @@ method.recovery.label=Codes de r&eacute;cup&eacute;ration
 method.safeword.label=SafeWord
 method.securid.label=SecurID
 method.ticket.label=Ticket
+onboard_linking_account_auth.fido_instructions=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter &agrave; son compte sans devoir utiliser son t&eacute;l&eacute;phone.
+onboard_linking_account_auth.instructions=Connectez-vous avec votre compte AGOV en scannant le code QR avec votre application AGOV access
+onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration&#160;?
+onboarding.cancel-onboarding-description=Pour proc&eacute;der &agrave; la r&eacute;cup&eacute;ration de votre compte, vous devrez annuler le processus d&rsquo;int&eacute;gration.
+onboarding.cancel-proceed-recovery=Oui, annuler et proc&eacute;der &agrave; la r&eacute;cup&eacute;ration
+onboarding.login-factor=&Eacute;tape 1 - Facteur de connexion
+onboarding.with-agov.title=Se connecter avec un compte AGOV
+onboarding_account.switchLinking=Passer &agrave; l&rsquo;int&eacute;gration avec
+onboarding_account_auth.loginSecurityKey=Commencez l'int&eacute;gration avec une cl&eacute; de s&eacute;curit&eacute;
+onboarding_account_auth.useSecurityKey=Utilisez une cl&eacute; de s&eacute;curit&eacute; pour se connecter avec votre compte AGOV
 op-admin.login=Administration de l&rsquo;acc&egrave;s &agrave; AGOV op
 op-admin.login.intro.message=Connectez-vous avec votre nom d&rsquo;utilisateur et votre mot de passe
 op-admin.login.loginid=Identifiant de connexion
@ -144,7 +220,7 @@ op-onboarding.done.message=L&rsquo;enregistrement a &eacute;t&eacute; effectu&ea
 op-onboarding.done.title=TERMIN&Eacute;
 op-onboarding.failed.title=ERREUR
 op-onboarding.intro.message1=Pour terminer l&rsquo;enregistrement de votre acc&egrave;s &agrave; AGOV operations, vous devez disposer d&rsquo;un compte AGOV ou d&rsquo;un compte FED-LOGIN.
-op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur "Continuer", vous serez redirig&eacute; vers l&rsquo;authentification.
+op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur &laquo;&#160;Continuer&#160;&raquo;, vous serez redirig&eacute; vers l&rsquo;authentification.
 op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a pas encore atteint le niveau de qualit&eacute; d&rsquo;authentification requis, vous aurez la possibilit&eacute; de d&eacute;marrer la v&eacute;rification d&rsquo;identit&eacute; n&eacute;cessaire pour l&rsquo;atteindre.
 op-onboarding.intro.title=D&Eacute;MARRER
 op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
@ -177,27 +253,45 @@ policyInfo.regex.nonLetter=&#9642; doit contenir au moins {0} caract&egrave;res
 policyInfo.regex.numeric=&#9642; doit comprendre au minimum {0} caract&#232;res num&#233;riques.
 policyInfo.regex.upper=&#9642; doit contenir au moins {0} caract&egrave;re(s) majuscule(s).
 policyInfo.title=Le mot de passe doit respecter les r&egrave;gles suivantes:
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
+providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
+providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
+providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
+providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
+providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone&#160;?
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
+providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
+providePhoneNumber.saveButtonText=Sauvegarder
+providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
+qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
-recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
+recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
+recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
-recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
-recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
+recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
+recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
 recovery_check_code.invalid.code=Le code est invalide
 recovery_check_code.invalid.code.required=Code requis
 recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
-recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
+recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration&#160;?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_check_noCode.banner.error=Trop de tentatives ou expiration de votre code de r&eacute;cup&eacute;ration.
-recovery_check_noCode.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
-recovery_check_noCode.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
+recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
+recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
+recovery_check_noCode.banner.error=Trop de tentatives.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
-recovery_code.validUntil=Valable jusqu'au:
+recovery_code.validUntil=Valable jusqu'au&#160;:
 recovery_fidokey_auth.button=D&eacute;marrer l'authentification par cl&eacute; de s&eacute;curit&eacute;
-recovery_fidokey_auth.fidoInstruction=Cliquez sur "D&eacute;marrer l'enregistrement de la cl&eacute;"
+recovery_fidokey_auth.fidoInstruction=Cliquez sur &laquo;&#160;D&eacute;marrer l'enregistrement de la cl&eacute;&#160;&raquo;
 recovery_fidokey_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle cl&eacute; de s&eacute;curit&eacute; !!!SECURITY_KEY_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_fidokey_auth.instruction2=Veuillez utiliser !!!SECURITY_KEY_NAME!!! pour suivre les &eacute;tapes ci-dessous afin de vous identifier.
 recovery_fidokey_auth.keyRegistered=Cl&eacute; de s&eacute;curit&eacute; d&eacute;j&agrave; enregistr&eacute;e
@ -205,8 +299,8 @@ recovery_intro_email.banner.error=Le lien que vous avez utilis&eacute; a expir&e
 recovery_intro_email.banner.info=Veuillez saisir votre adresse e-mail. Nous vous enverrons un e-mail vous permettant de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 recovery_intro_email.important=Important:
 recovery_intro_email.process=Le processus de r&eacute;cup&eacute;ration ne doit &ecirc;tre utilis&eacute; que si vous avez perdu l'acc&egrave;s &agrave; vos facteurs de connexion (application AGOV access supprim&eacute;e, cl&eacute; de s&eacute;curit&eacute; perdue, t&eacute;l&eacute;phone perdu, etc.).
-recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email?
-recovery_intro_email_sent.banner.success=Merci! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
+recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email&#160;?
+recovery_intro_email_sent.banner.success=Merci&#160;! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
 recovery_on_going.finishRecovery=Terminer la r&eacute;cup&eacute;ration
 recovery_on_going.instruction=Vous n&rsquo;avez pas encore termin&eacute; le processus de r&eacute;cup&eacute;ration. Dans le cadre du processus de r&eacute;cup&eacute;ration, votre identit&eacute; peut faire l&rsquo;objet d&rsquo;une v&eacute;rification. Pour acc&eacute;der &agrave; des applications au moyen de votre identifiant AGOV, vous devez terminer la v&eacute;rification d&rsquo;identit&eacute;.
 recovery_on_going.title=Veuillez terminer le processus de r&eacute;cup&eacute;ration.
@ -216,16 +310,16 @@ recovery_questionnaire_instructions.instruction1=Fournissez l'adresse &eacute;le
 recovery_questionnaire_instructions.instruction2=Suivez les &eacute;tapes pour r&eacute;cup&eacute;rer votre compte (les &eacute;tapes varient en fonction du niveau de v&eacute;rification de votre compte)
 recovery_questionnaire_loginfactor.banner.error=Veuillez choisir une r&eacute;ponse.
 recovery_questionnaire_loginfactor.no=Non
-recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte ?
+recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte&#160;?
 recovery_questionnaire_loginfactor.yes=Oui
 recovery_questionnaire_no_recovery.explanation1=D'apr&egrave;s vos r&eacute;ponses, l'option de r&eacute;cup&eacute;ration d'AGOV ne semble pas n&eacute;cessaire pour l'instant.
-recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> pour obtenir des articles de soutien.
-recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
-recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
+recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> pour obtenir des articles de soutien.
+recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
+recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
-recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute;, ou r&eacute;initialis&eacute; mon application AGOV access, ou cela indique qu'aucun compte n'est d&eacute;fini
 recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
 recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access
@ -233,19 +327,24 @@ recovery_questionnaire_reason_selection.answer7=J'ai mes cl&eacute;s de s&eacute
 recovery_questionnaire_reason_selection.answer8=J'ai perdu l'acc&egrave;s &agrave; toutes mes cl&eacute;s de s&eacute;curit&eacute; et aux applications AGOV access
 recovery_questionnaire_reason_selection.answer9=J'ai des probl&egrave;mes avec l'un de mes facteurs d'authentification (effac&eacute;, r&eacute;initialis&eacute;, PIN oubli&eacute;)
 recovery_questionnaire_reason_selection.banner.error=Veuillez s&eacute;lectionner un motif.
-recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration :
+recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration&#160;:
 recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tant que le processus de r&eacute;cup&eacute;ration n'aura pas &eacute;t&eacute; termin&eacute;.
 recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
 recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
 reject.button.label=Refuser
+signup.button.label=Inscription
+skip.button.label=Passer
 submit.button.label=Envoyer
 tan.sent=Veuillez saisir le code de s&eacute;curit&eacute; que vous avez re&ccedil;u au votre t&eacute;l&eacute;phone mobile.
+timeout.description=Votre session a expir&eacute;. Veuillez fermer cette fen&ecirc;tre et essayer de vous reconnecter.
+timeout.title=Session expir&eacute;e
 title.login=Login
 title.logout=Logout
 title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorisation du client
 title.saml.failed=Error
+title.signup=Cr&#233;er un compte
 title.timeout.page=Logout
 user_input.invalid.email=Veuillez saisir un e-mail valable.
 user_input.invalid.email.required=Champ requis
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
@ -1,9 +1,40 @@

-accept.button.label=Accettare
-cancel.button.label=Abortire
+accept.button.label=Accetta
+agov-ident.done.message=Il vostro conto AGOV &egrave; ora pronto per l'uso. Pu&ograve; chiudere questa pagina.
+agov-ident.done.title=Finito
+agov-ident.failed.instruction=Per completare la registrazione &egrave; necessario disporre di un account AGOV e superare la verifica dei dati suggerita. Riprova.
+agov-ident.failed.message=Registrazione annullata o verifica dei dati posticipata
+agov-ident.failed.title=Verifica necessaria
+agov-ident.invalid-url.instruction=Il link utilizzato per accedere a questa pagina non &egrave; valido. Assicuratevi di utilizzarlo come ricevuto, senza errori di battitura, oppure cliccate direttamente sulla pagina in cui &egrave; pubblicato.
+agov-ident.invalid-url.message=Il link non pu&ograve; essere elaborato
+agov-ident.invalid-url.title=Link non valido
+agov-ident.onboarding=Registrazione e verifica
+agov-ident.retry=Riprova
+cancel.button.label=Annulla
 continue.button.label=Continua
 darkModeSwitch.aria.label=Attivare la modalit&agrave; scura
 deputy.profile.label=(profilo del delegato)
+dimilar.confirm_identity.checkbox=Confermo che questi sono i miei dati
+dimilar.confirm_identity.description=Confermi che i dati riportati di seguito le appartengono per poter procedere:
+dimilar.confirm_identity.error=Confermi che i dati sono i suoi per poter procedere.
+dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confermare i dati
+dimilar.select_onboarding.description=Benvenuto in AGOV. Completi la procedura di registrazione collegando un account AGOV esistente o creandone uno nuovo.
+dimilar.select_onboarding.error-banner=Selezioni un&rsquo;opzione per continuare
+dimilar.select_onboarding.existing-account=Proceda con un account AGOV esistente
+dimilar.select_onboarding.proceeding=Come desidera procedere?
+dimilar.select_onboarding.registering-account=Proceda con un nuovo account AGOV
+dimilar.select_onboarding.title=Buongiorno !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token scaduto o gi&agrave; utilizzato.
+dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=La procedura di registrazione &egrave; stata interrotta. Provi di nuovo.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=La procedura di registrazione &egrave; stata interrotta. Contatti il supporto al
+dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Registrarsi
+envbanner.label=Ambiente di esecuzione
+error.account.exists=L'account esiste gi<67>. Prosegui col login.
 error.saml.failed=Chiudi il browser e riprova.
 error_1=Verificare i dati inseriti.
 error_10=Scegliere l&rsquo;account utente corretto.
@ -13,8 +44,16 @@ error_11=Utilizzare un altro certificato o accedere con altre credenziali.
 error_2=Selezionare un altro nome di accesso.
 error_3=Se la prossima autenticazione fallisce, l&rsquo;account sar&agrave; bloccato.
 error_4=La nuova password non rispetta le norme di sicurezza. Scegliere un&rsquo;altra password.
+error_403.description=Accesso non autorizzato a questa risorsa.
+error_403.title=Non &egrave; autorizatto
+error_404.description=La pagina che state cercando non esiste.
+error_404.title=Pagina non trovata
 error_5=Errore nella conferma della password.
 error_50=La nuova password &egrave; troppo corta.
+error_500.description=Al momento si &egrave; verificato un disservizio. Stiamo intervenendo.
+error_500.title=Qualcosa non ha funzionato.
+error_502.description=Stiamo intervenendo. Riprovi pi&ugrave; tardi.
+error_502.title=Qualcosa non ha funzionato.
 error_55=La nuova password deve differire da quelle precedenti.
 error_6=&Egrave; richiesta la modifica della password.
 error_7=&Egrave; richiesta la modifica dell&rsquo;ID di accesso.
@ -33,14 +72,14 @@ error_9905=Si &egrave; verificato un problema con l&rsquo;account AGOV operation
 error_9909=Si &egrave; verificato un errore interno. Richiedere al supporto un nuovo link di registrazione.
 errors.duplicateValue=Il suo account &egrave; gi&agrave; collegato ad un altro accesso operativo.
 fido2_auth.cancel.fido=L'autenticazione con la chiave di sicurezza &egrave; stata interrotta. Assicurarsi che la chiave FIDO sia registrata e che l'indirizzo e-mail sia corretto, poi seguire le istruzioni.
-fido2_auth.instruction1=Cliccare su "Continua"
+fido2_auth.instruction1=Cliccare su &laquo;Continua&raquo;.
 fido2_auth.instruction2=A breve si aprir&agrave; una finestra per l'autenticazione.
 fido2_auth.instruction3=Seguire le istruzioni.
 fido2_auth.skipInstructions=Non mostrare pi&ugrave; le istruzioni
 fido2_auth.switchLogin=ACCEDERE CON
 footer.link=https://agov.ch
 footer.link.label=Contatto
-footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV - una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
+footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV &ndash; una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
 general.AGOVAccessApp=App AGOV access
 general.accessApp=App AGOV access
 general.authenticate=Autentifica
@ -49,26 +88,47 @@ general.cancel=Annullare
 general.confirm=Confermare
 general.contactSupport=Contattare il supporto
 general.continue=Continuare
+general.data.birthDate=Data di nascita
+general.data.birthDateFormat=GG.MM.AAAA
+general.data.enrollmentNumber=Numero AVS (Gestione dei servizi)
+general.data.firstname=Nome
+general.data.lastname=Cognome
 general.edit=Modificare
 general.email=e-mail
 general.email.address=Indirizzo e-mail
 general.entryCode=Codice
+general.fieldRequired=Campo obbligatorio
+general.generalAccessApp=App AGOV access
 general.getStarted=Iniziare
 general.goAGOVHelp=Vai ad AGOV help
 general.goAccessApp=Login con AGOV access
+general.goToAccessApp=Vai all'app AGOV access
 general.help=Aiuto
 general.help.link=https://agov.ch/help
 general.login=Accedere
-general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
+general.login.accessApp=Accesso con l'App AGOV access
+general.login.securityKey=Login con la chiave di sicurezza
+general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
+general.moreOptions=ALTRE OPZIONI
 general.or=O
-general.otherOptions=ALTRE OPZIONI
+general.otherLoginMethods=Altri metodi di login
 general.recovery=Ripristino
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Salva come PDF
+general.recoveryCode.inputLabel=Codice di ripristino
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
+general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
+general.recoveryCode.reveal=Mostri il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
 general.register=Registrarsi
 general.registerNow=Si registri ora!
 general.registration=Registrazione
+general.registration.dontHaveAnAccountYet=Non ha ancora un AGOV account?
+general.registration.seeOptions=Vedere le opzioni di registrazione
 general.securityKey=Chiave di sicurezza
 general.skip.content=Vai al contenuto principale
+general.wrongPhoneNumber=Inserire un numero di cellulare valido
 generic.auth.error.message=Si &egrave; verificata un&rsquo;interruzione. Stiamo lavorando per ripristinare l&rsquo;esercizio.
 generic.auth.error.next.steps=Riprovare pi&ugrave; tardi. Se il problema persiste, consultare AGOV help.
 generic.auth.error.subtitle=Qualcosa non ha funzionato.
@ -81,28 +141,34 @@ language.de=Deutsch
 language.en=English
 language.fr=Fran&ccedil;ais
 language.it=Italiano
+language.rm=Rumantsch
 languageDropdown.aria.label=Selezionare la lingua
-loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
-loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
-loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
+loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
+loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
+loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Pi&ugrave; tardi
-loainfo.startNow=Iniziare la procedura?
-loainfo.startVerification=Iniziare la verifica
+loainfo.startNow=Vuole iniziare il processo ora?
+loainfo.startVerification=Inizi la verificazione
 loainfo.title=Verificare i dati.
+loggedout.description=Disconnessione effettuata con successo.
+loggedout.title=Disconnessione eseguita
 login.button.label=Login
 logout.label=Logout
 logout.text=&Egrave; uscito con successo.
 mauth_usernameless.EID=Continuare con CH e-ID
 mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
-mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
-mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
+mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
+mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
 mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
+mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
+mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
 mauth_usernameless.hideQR=Nascondi il codice QR
 mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app AGOV access.
-mauth_usernameless.noAccount=Non ha ancora un AGOV-Login ?
+mauth_usernameless.noAccount=Non ha ancora un AGOV account?
+mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
 mauth_usernameless.showQR=Visualizza il codice QR
-mauth_usernameless.startRecovery=Inizia il recupero dell'account
+mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
 mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
 mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
 method.certificate.label=Certificato
@ -115,6 +181,16 @@ method.recovery.label=Codici di ripristino
 method.safeword.label=SafeWord
 method.securid.label=SecurID
 method.ticket.label=Ticket
+onboard_linking_account_auth.fido_instructions=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
+onboard_linking_account_auth.instructions=Proceda con il suo account AGOV scansionando il codice QR con l&rsquo;app AGOV access
+onboarding.cancel-onboarding=Sei sicuro di voler annullare la registrazione?
+onboarding.cancel-onboarding-description=Per procedere con il recupero dell&rsquo;account, &egrave; necessario annullare la registrazione.
+onboarding.cancel-proceed-recovery=S&igrave;, annulla e procedi con il recupero
+onboarding.login-factor=Passaggio 1 &ndash; Fattore di login
+onboarding.with-agov.title=Proceda con l&rsquo;account AGOV
+onboarding_account.switchLinking=Passa alla registrazione con
+onboarding_account_auth.loginSecurityKey=Inizia la registrazione con la chiave di sicurezza
+onboarding_account_auth.useSecurityKey=Utilizzi una chiave di sicurezza per procedere con il suo account AGOV
 op-admin.login=AGOV op admin
 op-admin.login.intro.message=Accedere con nome utente e password
 op-admin.login.loginid=ID di accesso
@ -144,8 +220,8 @@ op-onboarding.done.message=La registrazione &egrave; riuscita. Ora l&rsquo;acces
 op-onboarding.done.title=FINITO
 op-onboarding.failed.title=ERRORE
 op-onboarding.intro.message1=Per completare la registrazione per l'accesso AGOV operations, &egrave; necessario avere un account AGOV o FED-LOGIN.
-op-onboarding.intro.message2=Dopo aver cliccato su "Continua", si &egrave; reindirizzati al servizio di autenticazione.
-op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; avviare la verifica dell&rsquo;identit&agrave; richiesta.
+op-onboarding.intro.message2=Dopo aver cliccato su &laquo;Continua&raquo;, si &egrave; reindirizzati al servizio di autenticazione.
+op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; iniziare la verifica dell&rsquo;identit&agrave; richiesta.
 op-onboarding.intro.title=INIZIARE
 op-onboarding.onboarding=Registrazione AGOV op
 op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
@ -177,11 +253,27 @@ policyInfo.regex.nonLetter=&#9642; non pu&ograve; contenere pi&ugrave; di {0} nu
 policyInfo.regex.numeric=&#9642; deve contenere un minimo di {0} carattere/i numerico/i.
 policyInfo.regex.upper=&#9642; deve conenere almeno {0} carattere/i maiuscolo/i.
 policyInfo.title=La password deve rispettare le seguenti direttive:
+providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
+providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
+providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
+providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
+providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
+providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
+providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
+providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
+providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+providePhoneNumber.modal.inputLabel=Numero di telefono
+providePhoneNumber.modal.title=Ripetere il numero di telefono
+providePhoneNumber.saveButtonText=Salva
+providePhoneNumber.title=Aggiungi numero di telefono
+qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
+recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
-recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
+recovery_check_code.enterRecoveryCode=Codice di ripristino
+recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
 recovery_check_code.invalid.code=Il codice non &egrave; valido
 recovery_check_code.invalid.code.required=Codice richiesto
@ -189,20 +281,22 @@ recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
 recovery_check_code.noAccess=Non ho il mio codice.
 recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
 recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
-recovery_check_noCode.banner.error=Troppi tentativi o codice di ripristino scaduto
-recovery_check_noCode.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
-recovery_check_noCode.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
-recovery_code.banner.error=Per procedere, inserire il nuovo codice.
+recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
+recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
 recovery_code.validUntil=Valido fino a:
-recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
-recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
+recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
+recovery_fidokey_auth.fidoInstruction=Clicchi su &laquo;Inizi l'authenticazione della chiave&raquo;
 recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
 recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
 recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
-recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
+recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
 recovery_intro_email.important=Importante:
 recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
 recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
@ -212,20 +306,20 @@ recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il pr
 recovery_on_going.title=Completare il processo di ripristino.
 recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
 recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
-recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
+recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
 recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
 recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
 recovery_questionnaire_loginfactor.no=No
 recovery_questionnaire_loginfactor.question=Ha registrato pi&ugrave; di un fattore di accesso (app AGOV access o chiave di sicurezza) al suo account?
 recovery_questionnaire_loginfactor.yes=Si
 recovery_questionnaire_no_recovery.explanation1=In base alle sue risposte, l'opzione di ripristino AGOV non sembra necessaria al momento.
-recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per articoli di supporto.
-recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
-recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
+recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per articoli di supporto.
+recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
+recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
-recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
+recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato l&rsquo;app AGOV access, oppure risulta che non ci sono account definiti
 recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
 recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
 recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access
@ -233,19 +327,24 @@ recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o l
 recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
 recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
 recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
-recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
+recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
 recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
-recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
-recovery_start_info.title=Il processo di ripristino sta per iniziare.
-reject.button.label=Rifiuti
+recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
+recovery_start_info.title=Sta per iniziare il processo di ripristino
+reject.button.label=Rifiuta
+signup.button.label=Iscriviti
+skip.button.label=Salta
 submit.button.label=Continua
 tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
+timeout.description=La sessione &egrave; scaduta. Chiuda questa finestra e provi ad accedere nuovamente.
+timeout.title=Sessione scaduta
 title.login=Login
 title.logout=Logout
 title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorizzazione del client
 title.saml.failed=Error
+title.signup=Crea un account
 title.timeout.page=Logout
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf
@ -3,6 +3,7 @@ RTENV_SECURITY_CHECK=no_shell
 JAVA_OPTS=(
    "-XX:+UseContainerSupport"
    "-Dfile.encoding=UTF-8"
+    "-Dotel.instrumentation.metro.enabled=false"
    "-XX:MaxRAMPercentage=80.0"
    "-Djava.net.preferIPv4Stack=true"
    "-Djava.net.connectionTimeout=10000"
@ -12,8 +13,9 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
    "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
    "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )

+
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/esauth4.xml
@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE esauth-server SYSTEM "/opt/nevisauth/dtd/esauth4.dtd">
 <esauth-server instance="auth">
-    <!-- source: pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf -->
+    <!-- source: pattern://6df66943ca713eed2a25d935, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf -->
    <SessionCoordinator sessionInitialInactivityTimeout="1200" sessionInactivityTimeout="28800" sessionInitialMaxLifetime="1200" sessionMaxLifetime="28800" sessionIdPreGenerate="true">
        <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
        <LocalSessionStore maxSessions="100000"/>
        <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
        <TokenAssembler name="DefaultTokenAssembler">
            <Selector default="true"/>
-            <!-- source: pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17 -->
+            <!-- source: pattern://3fd09bb6cfbd34874595c263, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17 -->
            <TokenSpec ttl="28800">
                <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
                <field src="session" key="ch.nevis.session.sessid" as="sessid"/>
@ -45,6 +45,8 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
+                <field src="session" key="ch.nevis.session.domain" as="domain"/>
+                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -65,6 +67,8 @@
                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="session" key="ch.adnovum.nevisidm.clientId" as="clientId"/>
                <!-- source: pattern://271d024334021208b71ac80a -->
+                <field src="session" key="ch.nevis.session.domain" as="domain"/>
+                <!-- source: pattern://271d024334021208b71ac80a -->
                <field src="request" key="ActualRoles" as="roles"/>
            </TokenSpec>
            <!-- source: pattern://271d024334021208b71ac80a -->
@ -79,6 +83,11 @@
            <!-- source: pattern://271d024334021208b71ac80a -->
            <KeyObject name="Signer_NEVIS_SecToken" certificate="/var/opt/keys/own/auth-sh4r3d-nevisidm-sectoken-signer/cert.pem" privateKey="/var/opt/keys/own/auth-sh4r3d-nevisidm-sectoken-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/auth-sh4r3d-nevisidm-sectoken-signer/keypass"/>
        </KeyStore>
+        <!-- source: pattern://6589067d403de8c65bcdcb16 -->
+        <KeyStore name="AGOV_IDENT_KS">
+            <!-- source: pattern://6589067d403de8c65bcdcb16 -->
+            <KeyObject name="AGOV_IDENT_SIGNER" certificate="/var/opt/keys/own/agov-ident-signer-keystore/cert.pem" privateKey="/var/opt/keys/own/agov-ident-signer-keystore/keystore.jks" passPhrase="pipe:///var/opt/keys/own/agov-ident-signer-keystore/keypass"/>
+        </KeyStore>
        <!-- source: pattern://7e94f2eb346f07f78440e884 -->
        <KeyStore name="Store_SAML_SP_nevisidm_admin_Realm">
            <!-- source: pattern://7e94f2eb346f07f78440e884 -->
@ -96,8 +105,15 @@
    </SessionCoordinator>
    <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
    <LocalOutOfContextDataStore reaperPeriod="60"/>
-    <!-- source: pattern://2787b678d9cce5310a335419, pattern://fd3912c7af7a88b6342a4c78, pattern://12c979b6af0f15f1328656a4, pattern://24cbc652d3166c8374eda3cd, pattern://56955e7b6b92c254d7d1aae1, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf, pattern://ac27dd7daad0ca2b7229bfaf -->
+    <!-- source: pattern://2787b678d9cce5310a335419, pattern://fd3912c7af7a88b6342a4c78, pattern://12c979b6af0f15f1328656a4, pattern://24cbc652d3166c8374eda3cd, pattern://56955e7b6b92c254d7d1aae1, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://6f9c9f982dcc7ef59a34f1f7, pattern://7518c6cc61e47eec6322ae17, pattern://ac27dd7daad0ca2b7229bfaf, pattern://6df66943ca713eed2a25d935, pattern://ac27dd7daad0ca2b7229bfaf, pattern://ac27dd7daad0ca2b7229bfaf -->
    <AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/opt/nevisidmcl/nevisauth/lib:/opt/nevisauth/plugin" propagateSession="false">
+        <!-- source: pattern://3fd09bb6cfbd34874595c263 -->
+        <Domain name="IDENT-AuthenticationRealm" default="false" inactiveInterval="60" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
+            <Entry method="authenticate" state="IDENT-AuthenticationRealm_IDENT-Process-and-Dispatch"/>
+            <Entry method="authenticate" state="IDENT-AuthenticationRealm_IDENT-Process-and-Dispatch" selector="${request:currentResource:^http[s]?\u003A//[^/]+/process($|\?.*)$:true}"/>
+            <Entry method="stepup" state="IDENT-AuthenticationRealm_Selector"/>
+            <Entry method="stepup" state="IDENT-AuthenticationRealm_IDENT-Process-and-Dispatch" selector="${request:currentResource:^http[s]?\u003A//[^/]+/process($|\?.*)$:true}"/>
+        </Domain>
        <!-- source: pattern://6df66943ca713eed2a25d935 -->
        <Domain name="OP-ONBRDNG-AuthenticationRealm" default="false" inactiveInterval="1200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
            <Entry method="authenticate" state="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
@ -115,151 +131,131 @@
        </Domain>
        <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
        <Domain name="SAML_SP_nevisidm_operations_Realm" default="false" inactiveInterval="1800" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
-            <Entry method="authenticate" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
-            <Entry method="logout" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
-            <Entry method="stepup" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <Entry method="authenticate" state="SAML_SP_nevisidm_operations_Realm_CheckIsTokenGeneration"/>
+            <Entry method="authenticate" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/SAML2/ACS/.*$:true}"/>
+            <Entry method="logout" state="SAML_SP_nevisidm_operations_Realm_CheckIsTokenGeneration"/>
+            <Entry method="stepup" state="SAML_SP_nevisidm_operations_Realm_CheckIsTokenGeneration"/>
+            <Entry method="stepup" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/SAML2/ACS/.*$:true}"/>
+            <Entry method="stepup" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/SAML2/stepup/.*$:true}"/>
            <Entry method="stepup" state="SAML_SP_nevisidm_operations_Realm_NEVIS_SecToken" selector="${request:requiredRoles:^token.NEVIS_SecToken$:true}"/>
-            <Entry method="unlock" state="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <Entry method="unlock" state="SAML_SP_nevisidm_operations_Realm_CheckIsTokenGeneration"/>
        </Domain>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="processResponse" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-ProcessResponse"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="sendAuthnRequest" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-AuthnRequest"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="verifyTicket" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://2787b678d9cce5310a335419 -->
-                <Gui name="op_onbrdng_intro" label="op-onboarding.intro.title">
-                    <!-- source: pattern://2787b678d9cce5310a335419 -->
-                    <GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
-                    <!-- source: pattern://2787b678d9cce5310a335419 -->
-                    <GuiElem name="submit" type="button" label="continue.button.label" value="go"/>
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-Process-and-Dispatch" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <ResultCond name="inavlidurl" next="IDENT-AuthenticationRealm_IDENT-Failed"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <ResultCond name="processResponse" next="IDENT-AuthenticationRealm_IDENT-SamlServiceProvider-ProcessResponse"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <ResultCond name="sendAuthnRequest" next="IDENT-AuthenticationRealm_IDENT-SamlServiceProvider-AuthnRequest"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <Response value="AUTH_ERROR"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <property name="scriptTraceGroup" value="AGOVOP-IDENT"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <property name="script" value="file:///var/opt/nevisauth/default/conf/IdentProcessAndDispatch.groovy"/>
+            <!-- source: pattern://0f6977caedca600b17221f0a -->
+            <property name="parameter.rpcode.list" value="{&quot;f942502d-6c89-471b-af45-4d3806305e74&quot;: &quot;ch-agov-ident-work-epd-300&quot;, &quot;1ed07e93-2289-42ab-8feb-173ef8a8bdb6&quot;: &quot;ch-agov-ident-work-epd-400&quot;, &quot;4c81a70f-d0f6-455d-9bad-0837b42159ab&quot;: &quot;ch-agov-ident-work-dimilar-400&quot;}"/>
+        </AuthState>
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="true">
+            <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6 -->
+                <Gui name="IDENT-Failed" label="title.login">
+                    <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6 -->
+                    <GuiElem name="error" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
                </Gui>
            </Response>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/OpOnbrdng-PreProcessing.groovy"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="parameter.cookie.domain" value=".agov-w.azure.adnovum.net"/>
        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-ProcessResponse" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="false">
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
-            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" authLevel="auth.strong"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
-            <ResultCond name="status-Requester" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
-            <ResultCond name="status-Responder" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-SamlServiceProvider-ProcessResponse" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="false">
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
+            <ResultCond name="ok" next="IDENT-AuthenticationRealm_IDENT-Succeeded"/>
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
+            <ResultCond name="status-Requester" next="IDENT-AuthenticationRealm_IDENT-Failed-WithRetry"/>
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
+            <ResultCond name="status-Responder" next="IDENT-AuthenticationRealm_IDENT-Failed-WithRetry"/>
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <Response value="AUTH_ERROR">
-                <!-- source: pattern://9be76d365909bb2ec294569c -->
+                <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
                <Gui name="NoGui"/>
            </Response>
            <propertyRef name="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="idpURL" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
-            <property name="consumerURL" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING/"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
+            <property name="consumerURL" value="https://ident.agov-w.azure.adnovum.net/process"/>
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="relayState" value=""/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="out.binding" value="none"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="in.binding" value="auto"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="in.relayState" value=""/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
-            <property name="in.audienceRegex" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
+            <property name="in.audienceRegex" value="${session:agov.ident.entityId}"/>
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="in.audience.checkrequired" value="true"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="in.map_issuer_certificate" value="false"/>
-            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <!-- source: pattern://ac1151fe6a973b135fd4a460 -->
            <property name="in.verify" value="Response Assertion"/>
        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-AuthnRequest" class="ch.nevis.esauth.auth.states.saml.AssertionRequestState" final="false" resumeState="false">
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" authLevel="auth.strong"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-SamlServiceProvider-AuthnRequest" class="ch.nevis.esauth.auth.states.saml.AssertionRequestState" final="false" resumeState="false">
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <ResultCond name="default" next="IDENT-AuthenticationRealm_Authentication_Failed"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <ResultCond name="ok" next="IDENT-AuthenticationRealm_Prepare_Done"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <Response value="AUTH_ERROR">
-                <!-- source: pattern://d56823f55065139ba437dc5c -->
+                <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
                <Gui name="NoGui"/>
            </Response>
-            <propertyRef name="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="idpURL" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <property name="consumerURL" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING/"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <property name="consumerURL" value="https://ident.agov-w.azure.adnovum.net/process"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="out.binding" value="http-post"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="out.requestType" value="AuthnRequest"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="out.sign" value="AuthnRequest"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="out.signatureKeyInfo" value="Certificate"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <property name="out.issuer" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <property name="request.RequestedAuthnContext.AuthnContextClassRef" value="${sess:agov.op.onboarding.ctxClass}"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <property name="request.RequestedAuthnContext.Comparison" value="minimum"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <property name="out.keystoreref" value="AGOV_IDENT_KS"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <property name="out.keyobjectref" value="AGOV_IDENT_SIGNER"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <property name="out.issuer" value="${sess:agov.ident.entityId}"/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
            <property name="request.ttl" value="60"/>
-            <!-- source: pattern://d56823f55065139ba437dc5c -->
-            <property name="relayState" value=""/>
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <property name="relayState" value="${sess:agov.ident.rpcode}"/>
        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket" class="ch.nevis.idm.authstate.IdmURLTicketVerifyState" final="false" resumeState="false">
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="failed" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="lockWarn" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="locked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="nowLocked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing" authLevel="auth.weak"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="tmpLocked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-Succeeded" class="ch.nevis.esauth.auth.states.standard.AuthError" final="true">
+            <!-- source: pattern://5f2cdff72cb899bff468ad90 -->
            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://2787b678d9cce5310a335419 -->
-                <Gui name="NoGui"/>
-            </Response>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="client.name" value="OPERATIONS"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.ticket" value="${sess:agov.op.onboarding.code}"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.loginid" value="${sess:agov.op.onboarding.code}"/>
-        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="createSamlFedCredential" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="done" next="OP-ONBRDNG-AuthenticationRealm_op_onbrdng_success"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="failure" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-                <Gui name="op_onbrdng_error" label="op-onboarding.process.title">
-                    <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-                    <GuiElem name="info" type="info" label="op-onboarding.process.message"/>
-                    <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-                    <GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
+                <!-- source: pattern://5f2cdff72cb899bff468ad90 -->
+                <Gui name="IDENT-Succeeded" label="title.login">
+                    <!-- source: pattern://5f2cdff72cb899bff468ad90 -->
+                    <GuiElem name="info" type="info" label="not-used"/>
+                </Gui>
+            </Response>
+        </AuthState>
+        <AuthState name="IDENT-AuthenticationRealm_IDENT-Failed-WithRetry" class="ch.nevis.esauth.auth.states.standard.AuthError" final="true">
+            <!-- source: pattern://ea2c110e0adfa95722c2cc99 -->
+            <ResultCond name="continue" next="IDENT-AuthenticationRealm_IDENT-Process-and-Dispatch"/>
+            <!-- source: pattern://ea2c110e0adfa95722c2cc99 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://ea2c110e0adfa95722c2cc99 -->
+                <Gui name="IDENT-Failed-WithRetry" label="title.login">
+                    <!-- source: pattern://ea2c110e0adfa95722c2cc99 -->
+                    <GuiElem name="error" type="error"/>
+                    <!-- source: pattern://ea2c110e0adfa95722c2cc99 -->
+                    <GuiElem name="continue" type="button" label="continue.button.label" value="true"/>
                </Gui>
            </Response>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/OpOnbrdng-PostProcessing.groovy"/>
        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="true">
            <!-- source: pattern://36af90d50b0d6ba66136dbde -->
@ -314,107 +310,29 @@
            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
            <property name="out.keyobjectref" value="Signer_SAML_SP_nevisidm_operations_Realm"/>
        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://2787b678d9cce5310a335419 -->
-                <Gui name="NoGui"/>
-            </Response>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="notes:lasterror" value="9904"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="notes:lasterrorinfo" value="Problem with URL-ticket (${notes:lasttransition}): ${notes:lasterrorinfo}"/>
-        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing" class="ch.nevis.idm.authstate.IdmGetPropertiesState" final="false" resumeState="false">
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="clientNotFound" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing" authLevel="auth.normal"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://2787b678d9cce5310a335419 -->
-                <Gui name="NoGui"/>
-            </Response>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="detaillevel.default" value="MEDIUM"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="detaillevel.user" value="MEDIUM"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="detaillevel.profile" value="MEDIUM"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="detaillevel.credential" value="MEDIUM"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="detaillevel.saml_federation" value="MEDIUM"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="chooseDefaultProfile" value="true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.attributes" value="firstName,name,email,language"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation1.issuerNameId" value=" true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation1.subjectNameId" value="true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation2.issuerNameId" value="true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation2.subjectNameId" value="true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation3.issuerNameId" value="true"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="user.cred.saml_federation3.subjectNameId" value="true"/>
-        </AuthState>
-        <AuthState name="nevisIDM_Connector" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="false">
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="login.service.connection.0" value="https://idm:8989/nevisidm/services/v1/LoginService"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <property name="admin.service.connection.0" value="https://idm:8989/nevisidm/services/v1/AdminService"/>
-        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential" class="ch.nevis.idm.authstate.IdmCreateCredentialState" final="false" resumeState="false">
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="credentialExists" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="failed" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-                <Gui name="NoGui"/>
-            </Response>
-            <propertyRef name="nevisIDM_Connector"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="user.loginId" value="${sess:ch.adnovum.nevisidm.user.loginId}"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="client.name" value="${sess:ch.adnovum.nevisidm.user.clientName}"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="cred.type" value="saml_federation"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="cred.modificationComment" value="Automatically on-boarded based on assertionId: '${sess:ch.nevis.auth.saml.assertion.id}'"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="cred.state" value="ACTIVE"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="cred.issuerNameId" value="${sess:agov.op.onboarding.homeName}"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="cred.subjectNameId" value="${sess:agov.op.onboarding.subject}"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="operationIfExists" value="ADD"/>
-        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_op_onbrdng_success" class="ch.nevis.esauth.auth.states.standard.AuthError" final="true">
-            <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
-                <Gui name="op_onbrdng_success" label="op-onboarding.done.title">
-                    <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
-                    <GuiElem name="info" type="info" label="op-onboarding.done.message"/>
+        <AuthState name="IDENT-AuthenticationRealm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
+            <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+                <Gui name="Error">
+                    <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+                    <GuiElem name="info" type="error" label="error_99"/>
+                    <!-- source: pattern://dce20cc904f88df4b77f93d9 -->
+                    <GuiElem name="submit" type="button" label="continue.button.label"/>
                </Gui>
            </Response>
        </AuthState>
+        <AuthState name="IDENT-AuthenticationRealm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
+            <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+            <ResultCond name="default" next="IDENT-AuthenticationRealm_Auth_Done"/>
+            <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+            <Response value="AUTH_DONE">
+                <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+                <Gui name="ContinueResponse"/>
+            </Response>
+            <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+            <property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
+        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_Logout_Fail" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="true">
            <!-- source: pattern://36af90d50b0d6ba66136dbde -->
            <Response value="AUTH_ERROR">
@ -456,31 +374,12 @@
            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
            <property name="script" value="file:///var/opt/nevisauth/default/conf/saml_sp_level.groovy"/>
        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://2787b678d9cce5310a335419 -->
-                <Gui name="NoGui"/>
+        <AuthState name="IDENT-AuthenticationRealm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
+            <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+            <Response value="AUTH_DONE">
+                <!-- source: pattern://026e4ae8ef4cc5496a7fe8c6, pattern://dce20cc904f88df4b77f93d9, pattern://5f2cdff72cb899bff468ad90, pattern://3fd09bb6cfbd34874595c263 -->
+                <Gui name="ContinueResponse"/>
            </Response>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="notes:lasterror" value="9905"/>
-            <!-- source: pattern://2787b678d9cce5310a335419 -->
-            <property name="notes:lasterrorinfo" value="Problem with operations account (${sess:ch.adnovum.nevisidm.user.extId}): ${notes:lasterrorinfo}"/>
-        </AuthState>
-        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-                <Gui name="NoGui"/>
-            </Response>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="notes:lasterror" value="9905"/>
-            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
-            <property name="notes:lasterrorinfo" value="Problem with creation of SamlFed credential: ${notes:lasttransition} - ${notes:lasterrorinfo}"/>
        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_set_userExtId_Groovy_Script_Step" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
            <!-- source: pattern://488949a743edb1f46f73f232 -->
@ -557,6 +456,12 @@
            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
            <property name="script" value="file:///var/opt/nevisauth/default/conf/selectIdmProfile.groovy"/>
        </AuthState>
+        <AuthState name="nevisIDM_Connector" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="false">
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="login.service.connection.0" value="https://idm:8989/nevisidm/services/v1/LoginService"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="admin.service.connection.0" value="https://idm:8989/nevisidm/services/v1/AdminService"/>
+        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_fetch_User_Authentication_Step_IdmGetPropertiesState" class="ch.nevis.idm.authstate.IdmGetPropertiesState" final="false" resumeState="true">
            <!-- source: pattern://56955e7b6b92c254d7d1aae1 -->
            <ResultCond name="clientNotFound" next="SAML_SP_nevisidm_operations_Realm_Authentication_Failed"/>
@ -695,6 +600,276 @@
                <Gui name="ContinueResponse"/>
            </Response>
        </AuthState>
+        <AuthState name="IDENT-AuthenticationRealm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
+            <!-- source: pattern://3fd09bb6cfbd34874595c263 -->
+            <ResultCond name="nomatch" next="IDENT-AuthenticationRealm_Prepare_Done"/>
+            <!-- source: pattern://3fd09bb6cfbd34874595c263 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://3fd09bb6cfbd34874595c263 -->
+                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
+            </Response>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="processResponse" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-ProcessResponse"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="sendAuthnRequest" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-AuthnRequest"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="verifyTicket" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://2787b678d9cce5310a335419 -->
+                <Gui name="op_onbrdng_intro" label="op-onboarding.intro.title">
+                    <!-- source: pattern://2787b678d9cce5310a335419 -->
+                    <GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
+                    <!-- source: pattern://2787b678d9cce5310a335419 -->
+                    <GuiElem name="submit" type="button" label="continue.button.label" value="go"/>
+                </Gui>
+            </Response>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="script" value="file:///var/opt/nevisauth/default/conf/OpOnbrdng-PreProcessing.groovy"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="parameter.cookie.domain" value="agov-w.azure.adnovum.net"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-ProcessResponse" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="false">
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" authLevel="auth.strong"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <ResultCond name="status-Requester" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <ResultCond name="status-Responder" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://9be76d365909bb2ec294569c -->
+                <Gui name="NoGui"/>
+            </Response>
+            <propertyRef name="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="idpURL" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="consumerURL" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING/"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="relayState" value=""/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="out.binding" value="none"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.binding" value="auto"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.relayState" value=""/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.audienceRegex" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.audience.checkrequired" value="true"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.map_issuer_certificate" value="false"/>
+            <!-- source: pattern://9be76d365909bb2ec294569c -->
+            <property name="in.verify" value="Response Assertion"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-SamlServiceProvider-AuthnRequest" class="ch.nevis.esauth.auth.states.saml.AssertionRequestState" final="false" resumeState="false">
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" authLevel="auth.strong"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://d56823f55065139ba437dc5c -->
+                <Gui name="NoGui"/>
+            </Response>
+            <propertyRef name="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="idpURL" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="consumerURL" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING/"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="out.binding" value="http-post"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="out.requestType" value="AuthnRequest"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="out.sign" value="AuthnRequest"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="out.signatureKeyInfo" value="Certificate"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="out.issuer" value="https://op.agov-w.azure.adnovum.net/AUTH/ONBOARDING"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="request.RequestedAuthnContext.AuthnContextClassRef" value="${sess:agov.op.onboarding.ctxClass}"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="request.RequestedAuthnContext.Comparison" value="minimum"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="request.ttl" value="60"/>
+            <!-- source: pattern://d56823f55065139ba437dc5c -->
+            <property name="relayState" value=""/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket" class="ch.nevis.idm.authstate.IdmURLTicketVerifyState" final="false" resumeState="false">
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="failed" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="lockWarn" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="locked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="nowLocked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing" authLevel="auth.weak"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="tmpLocked" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://2787b678d9cce5310a335419 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <propertyRef name="nevisIDM_Connector"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="client.name" value="OPERATIONS"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.ticket" value="${sess:agov.op.onboarding.code}"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.loginid" value="${sess:agov.op.onboarding.code}"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="createSamlFedCredential" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="done" next="OP-ONBRDNG-AuthenticationRealm_op_onbrdng_success"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="failure" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+                <Gui name="op_onbrdng_error" label="op-onboarding.process.title">
+                    <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+                    <GuiElem name="info" type="info" label="op-onboarding.process.message"/>
+                    <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+                    <GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
+                </Gui>
+            </Response>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="scriptTraceGroup" value="AGOVOP-ACCT"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="script" value="file:///var/opt/nevisauth/default/conf/OpOnbrdng-PostProcessing.groovy"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_VerifyURLTicket_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://2787b678d9cce5310a335419 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="notes:lasterror" value="9904"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="notes:lasterrorinfo" value="Problem with URL-ticket (${notes:lasttransition}): ${notes:lasterrorinfo}"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing" class="ch.nevis.idm.authstate.IdmGetPropertiesState" final="false" resumeState="false">
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="clientNotFound" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing" authLevel="auth.normal"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://2787b678d9cce5310a335419 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <propertyRef name="nevisIDM_Connector"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="detaillevel.default" value="MEDIUM"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="detaillevel.user" value="MEDIUM"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="detaillevel.profile" value="MEDIUM"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="detaillevel.credential" value="MEDIUM"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="detaillevel.saml_federation" value="MEDIUM"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="chooseDefaultProfile" value="true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.attributes" value="firstName,name,email,language"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation1.issuerNameId" value=" true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation1.subjectNameId" value="true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation2.issuerNameId" value="true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation2.subjectNameId" value="true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation3.issuerNameId" value="true"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="user.cred.saml_federation3.subjectNameId" value="true"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential" class="ch.nevis.idm.authstate.IdmCreateCredentialState" final="false" resumeState="false">
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="credentialExists" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="failed" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="ok" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <propertyRef name="nevisIDM_Connector"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="user.loginId" value="${sess:ch.adnovum.nevisidm.user.loginId}"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="client.name" value="${sess:ch.adnovum.nevisidm.user.clientName}"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="cred.type" value="saml_federation"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="cred.modificationComment" value="Automatically on-boarded based on assertionId: '${sess:ch.nevis.auth.saml.assertion.id}'"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="cred.state" value="ACTIVE"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="cred.issuerNameId" value="${sess:agov.op.onboarding.homeName}"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="cred.subjectNameId" value="${sess:agov.op.onboarding.subject}"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="operationIfExists" value="ADD"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_op_onbrdng_success" class="ch.nevis.esauth.auth.states.standard.AuthError" final="true">
+            <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
+                <Gui name="op_onbrdng_success" label="op-onboarding.done.title">
+                    <!-- source: pattern://50ca1ad35a73847a81e2ece8 -->
+                    <GuiElem name="info" type="info" label="op-onboarding.done.message"/>
+                </Gui>
+            </Response>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing_IdmPostProcessing_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://2787b678d9cce5310a335419 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="notes:lasterror" value="9905"/>
+            <!-- source: pattern://2787b678d9cce5310a335419 -->
+            <property name="notes:lasterrorinfo" value="Problem with operations account (${sess:ch.adnovum.nevisidm.user.extId}): ${notes:lasterrorinfo}"/>
+        </AuthState>
+        <AuthState name="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PostProcessing_SamlFedCredential_Failed" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <ResultCond name="default" next="OP-ONBRDNG-AuthenticationRealm_OP-ONBRDNG-PreProcessing"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+                <Gui name="NoGui"/>
+            </Response>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="notes:lasterror" value="9905"/>
+            <!-- source: pattern://fd3912c7af7a88b6342a4c78 -->
+            <property name="notes:lasterrorinfo" value="Problem with creation of SamlFed credential: ${notes:lasttransition} - ${notes:lasterrorinfo}"/>
+        </AuthState>
        <AuthState name="OP-ONBRDNG-AuthenticationRealm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
            <!-- source: pattern://6df66943ca713eed2a25d935 -->
            <ResultCond name="nomatch" next="OP-ONBRDNG-AuthenticationRealm_Prepare_Done"/>
@ -969,8 +1144,6 @@
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="SOAP:showGui" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-            <ResultCond name="default" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User"/>
-            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="ok" next="SAML_SP_nevisidm_admin_Realm_Log_Login_User" startOver="true"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <ResultCond name="showGui" next="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPostProcessing"/>
@ -989,6 +1162,12 @@
            <property name="detaillevel.default" value="EXCLUDE"/>
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
            <property name="detaillevel.user" value="MEDIUM"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="detaillevel.profile" value="MEDIUM"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="detaillevel.role" value="LOW"/>
+            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
+            <property name="forceDataReload" value="true"/>
        </AuthState>
        <AuthState name="SAML_SP_nevisidm_admin_Realm_admin_nevisIDM_Password_Login-IdmPasswordChange" class="ch.nevis.idm.authstate.IdmChangePasswordState" final="false">
            <!-- source: pattern://12c979b6af0f15f1328656a4 -->
@ -1066,7 +1245,7 @@
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
                    <GuiElem name="isiwebnewpw2" type="pw-text" label="prompt.newpassword.confirm"/>
                    <!-- source: pattern://12c979b6af0f15f1328656a4 -->
-                    <GuiElem name="submit" type="submit" label="button.submit"/>
+                    <GuiElem name="submit" type="submit" label="submit.button.label"/>
                </Gui>
            </Response>
            <propertyRef name="nevisIDM_Connector"/>
@ -1103,6 +1282,74 @@
            <!-- source: pattern://271d024334021208b71ac80a -->
            <property name="generateNow" value="true"/>
        </AuthState>
+        <AuthState name="SAML_SP_nevisidm_operations_Realm_CheckIsTokenGeneration" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
+            <!-- source: pattern://65330385b309bfe32943c8ad -->
+            <ResultCond name="generateToken" next="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration"/>
+            <!-- source: pattern://65330385b309bfe32943c8ad -->
+            <ResultCond name="nomatch" next="SAML_SP_nevisidm_operations_Realm_PreProcess_Done"/>
+            <!-- source: pattern://65330385b309bfe32943c8ad -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://65330385b309bfe32943c8ad -->
+                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
+            </Response>
+            <!-- source: pattern://65330385b309bfe32943c8ad -->
+            <property name="condition:generateToken" value="${request:requiredRoles:generateToken}"/>
+        </AuthState>
+        <AuthState name="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration_Prepare"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <Response value="AUTH_ERROR"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="out.audience" value="https://op.agov-w.azure.adnovum.net/SAML2/ACS/"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="out.issuer" value="https://op.agov-w.azure.adnovum.net/SAML2/ACS/"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="token.header.includeType" value="true"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="token.algorithm" value="RS512"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="keystoreref" value="DefaultKeyStore"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="keyobjectref" value="DefaultSigner"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="out.subject" value="${request:userId}"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="out.include.jwtId" value="true"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="out.time_to_live" value="14400"/>
+        </AuthState>
+        <AuthState name="SAML_SP_nevisidm_operations_Realm_PreProcess_Done" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <ResultCond name="authenticate" next="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <ResultCond name="logout" next="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <ResultCond name="stepup" next="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <ResultCond name="unlock" next="SAML_SP_nevisidm_operations_Realm_Extract_Issuer"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
+            </Response>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <property name="condition:authenticate" value="${request:method:^authenticate$:true}"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <property name="condition:stepup" value="${request:method:^stepup$:true}"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <property name="condition:unlock" value="${request:method:^unlock$:true}"/>
+            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
+            <property name="condition:logout" value="${request:method:^logout$:true}"/>
+        </AuthState>
+        <AuthState name="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration_Prepare" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <ResultCond name="display" next="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration_DisplayMe"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <ResultCond name="newToken" next="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration"/>
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <property name="script" value="file:///var/opt/nevisauth/default/conf/EncodeAndDisplayToken.groovy"/>
+        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_Extract_Issuer" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
            <ResultCond name="ok" next="SAML_SP_nevisidm_operations_Realm_IDP_Selection"/>
@ -1114,6 +1361,16 @@
            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
            <property name="script" value="file:///var/opt/nevisauth/default/conf/saml_sp_nevisidm_operations_realm_extract_issuer.groovy"/>
        </AuthState>
+        <AuthState name="SAML_SP_nevisidm_operations_Realm_DoTokenGeneration_DisplayMe" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="true" resumeState="false">
+            <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+            <Response value="AUTH_CONTINUE">
+                <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+                <Gui name="TestTokenDisplayDialog" label="test.token.title">
+                    <!-- source: pattern://541e5c4aaf4cf98ed6b574dc -->
+                    <GuiElem name="info" type="text" label="test.token.label" value="#{ notes.getProperty('agov.test.token', 'missing') }" optional="true"/>
+                </Gui>
+            </Response>
+        </AuthState>
        <AuthState name="SAML_SP_nevisidm_operations_Realm_IDP_Selection" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
            <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
            <ResultCond name="authenticate:https\u003A//trustbroker.agov-d.azure.adnovum.net_continuation" next="SAML_SP_nevisidm_operations_Realm_SAML_IDP_op_Connector_Connector"/>
@ -1174,4 +1431,6 @@
            <property name="generateNow" value="true"/>
        </AuthState>
    </AuthEngine>
+    <!-- source: pattern://ac27dd7daad0ca2b7229bfaf -->
+    <RESTService name="ManagementService" class="ch.nevis.esauth.rest.service.session.ManagementService"/>
 </esauth-server>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml
@ -12,26 +12,22 @@ Configuration:
        onMismatch: "ACCEPT"
  Loggers:
    Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
    - name: "EsAuthStart"
      level: "INFO"
-    - name: "org.apache.catalina.loader.WebappClassLoader"
-      level: "FATAL"
-    - name: "org.apache.catalina.startup.HostConfig"
-      level: "ERROR"
-    - name: "ch.nevis.esauth.events"
-      level: "FATAL"
    - name: "AGOVOP-ACCT"
      level: "INFO"
+    - name: "AGOVOP-IDENT"
+      level: "INFO"
    - name: "AuthEngine"
      level: "INFO"
-    - name: "AuthPerf"
+    - name: "IdmAuth"
      level: "INFO"
    - name: "Script"
-      level: "INFO"
-    - name: "StdStates"
-      level: "INFO"
-    - name: "Vars"
      level: "DEBUG"
+    - name: "Vars"
+      level: "INFO"
    Root:
      level: "WARN"
      additivity: "false"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/nevisauth.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/nevisauth.yml
@ -3,6 +3,7 @@ server:
  protocol: "https"
  port: "8991"
  host: "0.0.0.0"
+  max-threads: "200"
  tls:
    keystore: "/var/opt/keys/own/auth-default-identity/keystore.p12"
    keystore-passphrase: "${exec:/var/opt/keys/own/auth-default-identity/keypass}"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = auth
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-default-signer-trust-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-default-signer-trust-641ac4edf0c17383d3c0ea38.yaml
@ -1,12 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "idm-job-default-signer-trust"
-  namespace: "adn-agov-nevisidm-admin-01-uat"
-  labels:
-    deploymentTarget: "idm-job"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
-    patternId: "641ac4edf0c17383d3c0ea38"
-spec:
-  keystores: []
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-idm-job-nevisidm-sectoken-truststore-641ac4edf0c17383d3c0ea38.yaml
@ -0,0 +1,19 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisTrustStore"
+metadata:
+  name: "idm-job-nevisidm-sectoken-truststore"
+  namespace: "adn-agov-nevisidm-admin-01-uat"
+  labels:
+    deploymentTarget: "idm-job"
+  annotations:
+    projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
+    patternId: "641ac4edf0c17383d3c0ea38"
+spec:
+  keystores:
+  - name: "auth-sh4r3d-nevisidm-sectoken-signer"
+    namespace: "adn-agov-nevisidm-admin-01-uat"
+  extraCerts:
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmmgAwIBAgIRANQcuUgBqTwxVM2Cp+Jo5WYwCgYIKoZIzj0EAwIwGDEW\nMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNTA5MTUxNDAyNTlaFw0yNjA5MTUx\nNDAyNTlaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4\nUzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL0dZGTGXepz1MuYlMWG78ps\nkUbH+9WeNVVN46qVFo+ctvbLmi3/rcVeJ58iCw75El03gkJJZs4p0OOAeyMkoM8q\nNA18dV2ZpOF8j7w8MR9HuC+5PPoCr5LV9KfuAWBdi1SNJxUTNnF99KbGKEjtxosG\nYVe6n9v59D9sU6uJeKwx0C9xMBVCKLsEN9EXDVEXEf1wA7u+qWj+R6wAnf1EptRP\nkRdebSSSDrwS5G82NSA3BTYVxuD8MehhlkI+Qi+xKpVy/92DZqLOxMxIvX4BoDmj\ntjcOYz4WbSzUL3oPlrZRUsavjiDtBXywPhzNktBmQQA3bb78/h7XBsMOb5zgyTEC\nAwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML\n5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp\nbjAKBggqhkjOPQQDAgNIADBFAiEA3NUbrAsBLT83syA8FogSJ809pBQS4joZAaFB\nPz1HBNQCIDmDcN+vRliO6mV5+ncDERwBU8EBmHbVFHIiS718e/PP\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQWsbRHj5FvgDfPvvM45fH0jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDkxNTE0MDMwOFoXDTI2MDkxNTE0\nMDMwOFowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oziOMcCj9YniMf2cu6e3b9j\npIM0nj3vFfW6KpGtU4+vH6530ChmFJLFdAm9frez55v/ywEmJAaojT5T2+0bdOM8\n4V+WET9AhjKtNOtgv8XPh63VQMbf5LYpRkCzzxu0wNEEk1vy6OBZt3fkTSlvfAXR\nNvs/KolTJ2q2gEEXtOy5iy84IjQiTEEdZcNs9xWZSe4LPezeh6CU/JP0xEczZit2\nyrjG1GBdAPOW3WUoOWGEJinADoVyMFupIsjsj8Y0R++LdOZJJCPMqG2MTzlycHPB\nn1vlHuGLy9E2ag7xm1pAXbggCkDetcc36U+I6LBz7YNqQX4qe9d+kwkpLKT1ZQID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQD+yZAI0sfh610YK6jEjW1r4I0SGsx/B3NGVOxe\nawyvPQIhAMPabVmakBk/hHoguxcybsp+EmDHFb8jUuOkwnY4HTQm\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2405.2"
-  gitInitVersion: "1.3.0"
+  version: "8.2505.5"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -28,32 +28,33 @@ spec:
    management:
      httpGet:
        path: "/liveness"
-      periodSeconds: 30
+      periodSeconds: 5
      timeoutSeconds: 6
  readinessProbe:
    management:
      httpGet:
        path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
      timeoutSeconds: 6
  startupProbe:
    management:
      httpGet:
        path: "/health"
-      periodSeconds: 30
+      initialDelaySeconds: 60
+      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 10
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-868174843070c36c5da54e3a43d558da046b6ce7"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job"
    credentials: "git-credentials"
  keystores:
  - "idm-job-default-identity"
  truststores:
  - "idm-job-default-tls-client-trust"
-  - "idm-job-default-signer-trust"
+  - "idm-job-nevisidm-sectoken-truststore"
  podSecurity:
    policy: "baseline"
    automountServiceAccountToken: false
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/keypass
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/keypass
@ -1,2 +0,0 @@
-#!/bin/bash
-echo 'password'
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem
@ -1,45 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
-MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
-2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
-1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
-q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
-tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
-vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
-BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
-5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
-1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
-NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
-Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
-8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
-pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
-MrY=
-----END CERTIFICATE-----
-
-----BEGIN CERTIFICATE-----
-MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
-RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
-VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
-DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
-ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
-VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
-mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
-IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
-mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
-XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
-dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
-jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
-BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
-DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
-9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
-jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
-Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
-ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
-R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
-----END CERTIFICATE-----
-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/batch.xml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/batch.xml
@ -3,16 +3,22 @@
    <bean class="org.springframework.scheduling.quartz.SchedulerFactoryBean" id="exportScheduler">
        <property name="jobDetails">
            <list>
-                <ref bean="IDM_Prune_History_Job"/>
+                <ref bean="IDM_Default_Prune_History_Job"/>
                <ref bean="pruneShadowAccountsJob"/>
                <ref bean="pruneOperationsAccountsJob"/>
+                <ref bean="IDM_Login_Event_Prune_History_Job"/>
+                <ref bean="deleteExpiredUrlTicketsJob"/>
+                <ref bean="pruneAgovAccountsJob"/>
            </list>
        </property>
        <property name="triggers">
            <list>
-                <ref bean="IDM_Prune_History_Job_Trigger"/>
+                <ref bean="IDM_Default_Prune_History_Job_Trigger"/>
                <ref bean="pruneShadowAccountsJobTrigger"/>
                <ref bean="pruneOperationsAccountsJobTrigger"/>
+                <ref bean="IDM_Login_Event_Prune_History_Job_Trigger"/>
+                <ref bean="deleteExpiredUrlTicketsJobTrigger"/>
+                <ref bean="pruneAgovAccountsJobTrigger"/>
            </list>
        </property>
        <property name="dataSource">
@ -35,9 +41,9 @@
        </property>
        <property name="applicationContextSchedulerContextKey" value="applicationContext"/>
    </bean>
-    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="IDM_Prune_History_Job">
-        <property name="name" value="IDM_Prune_History_Job"/>
-        <property name="description" value="Batch Job IDM Prune History Job"/>
+    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="IDM_Default_Prune_History_Job">
+        <property name="name" value="IDM_Default_Prune_History_Job"/>
+        <property name="description" value="Batch Job IDM Default Prune History Job"/>
        <property name="group" value="BatchGroup"/>
        <property name="jobClass" value="ch.nevis.idm.batch.jobs.PruneHistoryJob"/>
        <property name="durability" value="true"/>
@ -45,7 +51,8 @@
            <bean class="org.quartz.JobDataMap">
                <constructor-arg>
                    <map>
-                        <entry key="days" value="365"/>
+                        <entry key="days" value="70"/>
+                        <entry key="skipList" value="tidma_user_login_info_v,tidma_cred_login_info_v,tidma_credential_v,tidma_fido2_v,tidma_fido_uaf_v"/>
                    </map>
                </constructor-arg>
            </bean>
@ -75,7 +82,7 @@
        </property>
    </bean>
    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="pruneOperationsAccountsJob">
-        <property name="description" value="Archive and delete obsolete shadow accounts"/>
+        <property name="description" value="Archive and delete obsolete operations accounts"/>
        <property name="jobClass" value="ch.nevis.idm.batch.jobs.UpdateUserStateJob"/>
        <property name="durability" value="true"/>
        <property name="jobDataMap">
@ -86,8 +93,8 @@
                        <entry key="considerUsersNeverLoggedIn" value="true"/>
                        <entry key="sendWarning" value="false"/>
                        <entry key="daysGracePeriod" value="1"/>
-                        <entry key="daysStatusDisabled" value="30"/>
-                        <entry key="daysStatusArchived" value="335"/>
+                        <entry key="daysStatusDisabled" value="130"/>
+                        <entry key="daysStatusArchived" value="235"/>
                        <entry key="disableOutdatedUsers" value="true"/>
                        <entry key="disableNotYetActiveUsers" value="false"/>
                        <entry key="excludeTechnicalUsers" value="true"/>
@ -97,12 +104,70 @@
            </bean>
        </property>
    </bean>
-    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="IDM_Prune_History_Job_Trigger">
-        <property name="name" value="IDM_Prune_History_Job_Trigger"/>
+    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="IDM_Login_Event_Prune_History_Job">
+        <property name="name" value="IDM_Login_Event_Prune_History_Job"/>
+        <property name="description" value="Batch Job IDM Login Event Prune History Job"/>
+        <property name="group" value="BatchGroup"/>
+        <property name="jobClass" value="ch.nevis.idm.batch.jobs.PruneHistoryJob"/>
+        <property name="durability" value="true"/>
+        <property name="jobDataMap">
+            <bean class="org.quartz.JobDataMap">
+                <constructor-arg>
+                    <map>
+                        <entry key="days" value="15"/>
+                        <entry key="skipList" value="tidma_application_v,tidma_authorization_appl_v,tidma_authorization_client_v,tidma_authorization_erole_v,tidma_authorization_unit_v,tidma_authorization_v,tidma_cert_info_v,tidma_client_application_v,tidma_client_v,tidma_consent_v,tidma_dict_entry_v,tidma_dict_entry_value_v,tidma_enterprise_auth_v,tidma_enterprise_role_v,tidma_erole_member_v,tidma_mobile_signature_v,tidma_oath_v,tidma_personal_answer_v,tidma_personal_question_v,tidma_policy_configuration_v,tidma_policy_parameter_v,tidma_profile_v,tidma_property_allowed_val_v,tidma_property_v,tidma_property_value_v,tidma_role_v,tidma_saml_federation_v,tidma_template_collection_v,tidma_template_text_v,tidma_template_v,tidma_terms_application_v,tidma_terms_url_v,tidma_terms_v,tidma_unit_cred_policy_v,tidma_unit_v,tidma_user_v"/>
+                    </map>
+                </constructor-arg>
+            </bean>
+        </property>
+    </bean>
+    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="deleteExpiredUrlTicketsJob">
+        <property name="description" value="Delete expired url ticket credentials"/>
+        <property name="jobClass" value="ch.nevis.idm.batch.jobs.UpdateCredentialStateJob"/>
+        <property name="durability" value="true"/>
+        <property name="jobDataMap">
+            <bean class="org.quartz.JobDataMap">
+                <constructor-arg>
+                    <map>
+                        <entry key="credentialTypes" value="URLTICKET"/>
+                        <entry key="expireAction" value="delete"/>
+                        <entry key="sendingMethod" value="None"/>
+                        <entry key="restrictToClients" value="d9a334a6-b6f5-4982-a24e-13ae095a60fa, cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"/>
+                    </map>
+                </constructor-arg>
+            </bean>
+        </property>
+    </bean>
+    <bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="pruneAgovAccountsJob">
+        <property name="description" value="Archive and delete obsolete AGOV accounts (100d no activity)"/>
+        <property name="jobClass" value="ch.nevis.idm.batch.jobs.UpdateUserStateJob"/>
+        <property name="durability" value="true"/>
+        <property name="jobDataMap">
+            <bean class="org.quartz.JobDataMap">
+                <constructor-arg>
+                    <map>
+                        <entry key="daysNoActivity" value="100"/>
+                        <entry key="neverLoggedInDaysNoActivity" value="100"/>
+                        <entry key="considerUsersNeverLoggedIn" value="true"/>
+                        <entry key="sendWarning" value="false"/>
+                        <entry key="daysGracePeriod" value="1"/>
+                        <entry key="daysStatusDisabled" value="100"/>
+                        <entry key="daysStatusArchived" value="10"/>
+                        <entry key="disableOutdatedUsers" value="true"/>
+                        <entry key="disableNotYetActiveUsers" value="false"/>
+                        <entry key="excludeTechnicalUsers" value="true"/>
+                        <entry key="restrictToClients" value="cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"/>
+                    </map>
+                </constructor-arg>
+            </bean>
+        </property>
+    </bean>
+    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="IDM_Default_Prune_History_Job_Trigger">
+        <property name="name" value="IDM_Default_Prune_History_Job_Trigger"/>
        <property name="description" value="Generated by nevisAdmin 4 pattern 0957497767812057fbf138cf"/>
        <property name="group" value="BatchGroup"/>
-        <property name="jobDetail" ref="IDM_Prune_History_Job"/>
-        <property name="cronExpression" value="0 0 0 * * ?"/>
+        <property name="jobDetail" ref="IDM_Default_Prune_History_Job"/>
+        <property name="cronExpression" value="00 10 00 18 * ?"/>
    </bean>
    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="pruneShadowAccountsJobTrigger">
        <property name="description" value="Archive and delete obsolete shadow accounts"/>
@ -114,4 +179,21 @@
        <property name="jobDetail" ref="pruneOperationsAccountsJob"/>
        <property name="cronExpression" value="30 1 0 * * ?"/>
    </bean>
+    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="IDM_Login_Event_Prune_History_Job_Trigger">
+        <property name="name" value="IDM_Login_Event_Prune_History_Job_Trigger"/>
+        <property name="description" value="Generated by nevisAdmin 4 pattern d4c123d7dd5d7126ff7a03b0"/>
+        <property name="group" value="BatchGroup"/>
+        <property name="jobDetail" ref="IDM_Login_Event_Prune_History_Job"/>
+        <property name="cronExpression" value="05 0 0 18 * ?"/>
+    </bean>
+    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="deleteExpiredUrlTicketsJobTrigger">
+        <property name="description" value="Delete expired url ticket credentials"/>
+        <property name="jobDetail" ref="deleteExpiredUrlTicketsJob"/>
+        <property name="cronExpression" value="45 0 0 * * ?"/>
+    </bean>
+    <bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="pruneAgovAccountsJobTrigger">
+        <property name="description" value="Archive and delete obsolete AGOV accounts (100d no activity)"/>
+        <property name="jobDetail" ref="pruneAgovAccountsJob"/>
+        <property name="cronExpression" value="59 23 17 12 * ?"/>
+    </bean>
 </beans>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/facing/admin/css/facing.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/facing/admin/css/facing.css
@ -0,0 +1,828 @@
+#header > div > div.navbar-header.nav.navbar-nav.mr-auto > span::after {
+	content: "AGOV Operations - WORK";
+	color: #AB47BC;
+	display: inline-block;
+	margin-left: 5px
+}
+
+#mainLayoutTable > tbody > tr:nth-child(3) > td.bgCont > footer > img {
+	display: none;
+}
+
+.navbar-default li>a {
+	color: #501eb6;
+}
+
+/* facing.css */
+body {
+	font-family: "Averta-Regular", 'Helvetica Neue', 'Segoe UI', Helvetica, Arial, sans-serif;
+	font-size: 12px;
+	color: #000;
+	margin-top: 0;
+	margin-left: 0;
+	margin-right: 0;
+	margin-bottom: 0;
+	background-color: #fff;
+}
+
+form, div {
+	margin: 0;
+}
+
+table, img {
+	border: 0;
+}
+
+.frmTable, .tblTable {
+	border: 0px solid #009999;
+	width: 100%;
+	border-spacing: 1px;
+}
+
+.border2 {
+	border: 1px solid #a9a9a9;
+}
+
+td.bgNavi {
+	height: 100%;
+}
+
+table.navi {
+	width: 210px;
+	border-spacing: 0px;
+}
+
+table.bgNavi {
+	height: 100%;
+}
+
+/* - - - - - - - - - - - - - - - - - - NAVI LAYOUT  - - - - - - - - - - - - - - - - - - - - - - - */
+ul.lev01 {
+	list-style: none;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	margin-top: 0.0em;
+	margin-bottom: 0em;
+	padding-left: 0.0em;
+	margin-left: 0px; /*IE needs this */
+	white-space: nowrap;
+}
+
+li.lev01 {
+	list-style: none;
+	margin: 0px;
+	padding-top: 0.3em;
+}
+
+li.lev01 p.title {
+	padding-top: 1em;
+	padding-bottom: 0.3em;
+	padding-left: 10px;
+	margin: 0px;
+	border-bottom: 1px solid #501eb6;
+}
+
+ul.lev02, ul.lev02active {
+	list-style: none;
+	font-weight: normal;
+	margin-top: 0.0em;
+	margin-bottom: 0em;
+	padding: 0.0em;
+	margin-left: 0px; /*IE needs this */
+	white-space: nowrap;
+}
+
+li.lev02 {
+	list-style: none;
+	margin: 0px;
+	padding-top: 0.0em;
+}
+
+li.lev02 p.title {
+	padding-top: 1em;
+	padding-bottom: 0.3em;
+	padding-left: 10px;
+	margin: 0px;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	color: #333;
+	border-bottom: 0px solid #a9a9a9;
+}
+
+li.lev02 a {
+	list-style: none;
+	display: block;
+	font-size: 12px;
+	color: #000;
+	text-decoration: none;
+	margin: 0px;
+	padding-top: 0.3em;
+	padding-bottom: 0.3em;
+	padding-left: 10px;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev02 a {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev02 a:link, li.lev02 a:visited {
+	color: #000;
+	text-decoration: none;
+}
+
+li.lev02 a:active, li.lev02 a:hover {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+}
+
+li.lev02 a:link, li.lev02 a:visited {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev02active {
+	color: #501eb6;
+	background-color: #f8f8f8;
+}
+
+li.lev02active p.title {
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	border-bottom: 0;
+}
+
+li.lev02active a {
+	list-style: none;
+	margin: 0px;
+	padding-top: 0.3em;
+	padding-bottom: 0.3em;
+	padding-left: 10px;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev02active a:link, li.lev02active a:visited {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev02active a:link, li.lev02active a:visited {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev02active a:active, li.lev02active a:hover {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+	height: 1em;
+}
+
+li.lev02active a:active, li.lev02active a:hover {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+ul.lev03, ul.lev03active {
+	list-style: none;
+	font-weight: normal;
+	margin-top: 0.0em;
+	margin-bottom: 0em;
+	padding: 0.0em;
+	margin-left: 10px; /*IE needs this */
+	white-space: nowrap;
+}
+
+li.lev03 a {
+	list-style: none;
+	display: block;
+	font-size: 12px;
+	color: #000;
+	text-decoration: none;
+	margin: 0px;
+	padding-top: 0.3em;
+	padding-bottom: 0.3em;
+	padding-left: 20px;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev03 a {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev03 a:link, li.lev03 a:visited {
+	color: #000;
+	text-decoration: none;
+}
+
+li.lev03 a:active, li.lev03 a:hover {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+}
+
+li.lev03 a:link, li.lev03 a:visited {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev03active a {
+	list-style: none;
+	margin: 0px;
+	padding-top: 0.3em;
+	padding-bottom: 0.3em;
+	padding-left: 20px;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev03active a:link, li.lev03active a:visited {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+	height: 1em;
+	/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+li.lev03active a:link, li.lev03active a:visited {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+li.lev03active a:active, li.lev03active a:hover {
+	display: block;
+	color: #501eb6;
+	background-color: #f8f8f8;
+	text-decoration: none;
+	height: 1em;
+}
+
+li.lev03active a:active, li.lev03active a:hover {
+	height: auto;
+	/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
+}
+
+/* ---------- misc settings ------------- */
+.bgHeader {
+	vertical-align: top;
+	background-color: #38373b;
+	width: 100%;
+	border-spacing: 0px;
+	border-collapse: collapse;
+}
+
+/* Header logo styles */
+.site-logo {
+	background: transparent url("../images/AGOV-Logo.png") left top
+		no-repeat;
+	width: 64px;
+	height: 64px;
+	background-size: 64px 64px;
+	transition: background-size 0.25s linear, width 0.25s linear, height
+		0.25s linear;
+}
+
+/* Header logo collapsed styles */
+.scrolled .site-logo {
+	background: transparent url("../images/AGOV-Logo.png") left top
+		no-repeat;
+	width: 36px;
+	height: 36px;
+	background-size: 36px 36px;
+	transition: background-size 0.25s linear, width 0.25s linear, height
+		0.25s linear;
+}
+
+/* Header component name */
+.site-title {
+	font-size: 1.7em;
+	align-self: center;
+	margin-left: 0 !important;
+	color: #501eb6;
+}
+
+.scrolled .site-title {
+	font-size: 1.7em;
+}
+
+.bgCont {
+	vertical-align: top;
+	background-color: #ffffff;
+}
+
+td.bgCont {
+	/*mod teddy for IE6*/
+	width: 100%;
+	padding: 10px;
+	font-size: 12px;
+}
+
+/*Links*/
+.bgCont a:link, .bgCont a:visited {
+	font-size: 12px;
+	color: #501eb6;
+	text-decoration: none;
+}
+
+.bgCont a:active, .bgCont a:hover {
+	font-size: 12px;
+	color: #501eb6;
+	text-decoration: none;
+}
+
+.Headline {
+	font-size: 20px;
+	color: #000000;
+	padding-bottom: 0px;
+	margin-bottom: 4px;
+}
+
+.tblRowNowrap {
+	white-space: nowrap;
+}
+
+/* ---------- color config ---------- */
+#header {
+	background-color: white;
+	border-bottom: 1px solid #501eb6;
+}
+
+#header-navbar-collapse {
+	background-color: #fff;
+}
+
+/* Menu item basic style */
+.navbar-default .navbar-nav>li>a {
+	color: #501eb6;
+	font-size: 14px;
+}
+
+/* Header dropdown menu general styles */
+.nav>li>.dropdown-menu {
+	border: 1px solid #501eb6;
+	border-radius: 3px;
+	padding: 17px 0;
+	margin-top: -5px;
+	right: 0;
+	left: auto;
+	-webkit-box-shadow: 0 6px 12px rgba(0,0,0,.175);
+	box-shadow: 0 6px 12px rgba(0,0,0,.175);
+	line-height: 20px;
+	font-size: 14px;
+}
+
+.dropdown-toggle::after {
+	vertical-align: middle;
+	margin-left: 0;
+}
+
+.dropdown-item>a {
+	display: block;
+}
+
+.navbar-default .navbar-nav>li>a:hover,
+.dropdown>a:hover,
+.dropdown.show>a,
+a>.fa-question-circle:hover {
+	color: #501eb6;
+	text-decoration: none;
+}
+
+.dropdown-item {
+	padding: 0;
+	color: #212529;
+	display: block;
+}
+
+.navbar-default .dropdown-menu li>a:focus,
+.navbar-default .dropdown-menu li>a:hover {
+	background-color: #501eb6;
+	color: white;
+	text-decoration: none;
+}
+
+/* Language dropdown */
+.language-code {
+	text-transform: uppercase;
+	color: #501eb6;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	display: table-cell;
+	/* in order to align the language codes horizontally */
+	width: 23px;
+}
+
+/* Quick Search text field */
+.navbar-form .form-control {
+	height: 28px;
+	width: 320px;
+	border: 1px solid #501eb6;
+	border-radius: 3px;
+}
+
+#header .form-control:focus {
+	box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075), 0 0 8px #501eb6;
+}
+
+td.navi, span.navi, span.navi a, .tblHeader, .tblFooter, td.frmLabel, td.frmConfirmLabel,
+	td.frmInput, td.frmInputStatus, td.frmInputLegend, td.frmConfirmInput,
+	td.frmLabelMandatory, input, textarea {
+	color: #000000;
+}
+
+span.navi, td.navi a:hover {
+	color: #501eb6;
+}
+
+span.mandatory {
+	color: #c80000;
+}
+
+td.tab {
+	background-color: #e3e4e6;
+}
+
+td.tabActive, td.frmTitelSmall {
+	background-color: #bacce1;
+}
+
+a.tab, a.frmEdit, a.frmEdit:hover {
+	color: #501eb6;
+}
+
+a.tab:hover {
+	color: #501eb6;
+}
+
+.tblTitel, td.frmTitel {
+	color: #38373b;
+	background-color: #f8f8f8;
+	border-top: 1px solid #501eb6;
+}
+
+.tblSubTitel2, tblSubTitel1, a.frmTitel, a.frmTitel:hover {
+	color: #1d3e9c;
+}
+
+.tblSubTitel1 {
+	background-color: #cddcec;
+}
+
+.tblHeader, .tblFooter {
+	background-color: #f0f1f3;
+}
+
+.tblHeader a img {
+	margin-left: 8px;
+	margin-top: 2px;
+	vertical-align: text-bottom;
+}
+
+/*Links auf dunekgrauem BG*/
+.tblHeader a, td.tblFooter a.tbl, .tblRowOdd a, .tblRowEven a {
+	color: #501eb6;
+}
+
+.tblRowOdd, .tblRowOddNr, .tblRowOddCentered {
+	font-size: 12px;
+	padding: 3px 7px;
+	background-color: #ffffff;
+	word-wrap: break-word;
+}
+
+.tblRowEven, .tblRowEvenNr, .tblRowEvenCentered {
+	font-size: 12px;
+	padding: 3px 7px;
+	background-color: #f0f1f3;
+	word-wrap: break-word;
+}
+
+.tblRowOddCentered, .tblRowEvenCentered {
+	text-align: center;
+}
+
+.tblRowOdd a, .tblRowEven a, a.tbl {
+	color: #501eb6;
+}
+
+.tblRowOdd a:hover, .tblRowEven a:hover, a.tbl:hover {
+	color: #501eb6;
+}
+
+.deactivated {
+	color: #999;
+}
+
+.deactivated a {
+	color: #999;
+}
+
+.deactivated a:link, .deactivated a:visited {
+	color: #999;
+}
+
+.deactivated a:active, .deactivated a:hover {
+	color: #999;
+}
+
+td.frmTitelSmall {
+	color: #1d2f68;
+}
+
+td.frmLabel, td.frmLabelMandatory, td.frmLabelHi {
+	border: 1px solid #f0f1f3;
+	background-color: #ffffff;
+	color: #323232;
+	text-align: right;
+}
+
+td.frmLabelHi {
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+}
+
+td.frmLabelHi {
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+}
+
+td.frmConfirmLabel {
+	background-color: #fff4c0;
+	text-align: right;
+	vertical-align: middle;
+}
+
+td.frmInput, td.frmInputIcon, td.frmInputStatus {
+	border: 1px solid #f0f1f3;
+	background-color: #ffffff;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	white-space: nowrap;
+}
+
+#historyDiffRecordTable td.frmInput,
+#historyDiffRecordTable td.frmInputIcon,
+#historyDiffRecordTable td.frmInputStatus {
+	white-space: normal;
+}
+
+td.frmConfirmInput {
+	background-color: #fff4c0;
+	text-align: right;
+}
+
+input {
+	background-color: #ffffff;
+	border: 1px solid #a9a9a9;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	height: auto;
+}
+
+textarea {
+	background-color: #ffffff;
+	border: 1px solid #a9a9a9;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	resize: vertical;
+}
+
+input.submit {
+	font-weight: normal;
+}
+
+select {
+	background-color: #ffffff;
+}
+
+/* ---------- Breadcrumbs config ---------- */
+ul.breadcrumbs {
+	padding: 0px;
+	margin-left: 0px;
+	margin-bottom: 4px;
+	margin-right: 90px;
+	margin-top: 4px;
+	font-size: 12px;
+	list-style-type: none;
+	color: #a9a9a9;
+}
+
+ul.breadcrumbs li {
+	display: inline;
+	color: #000;
+}
+
+.breadcrumbs li a {
+	display: block;
+	color: #501eb6;
+	text-decoration: none;
+	height: 1em;
+}
+
+.breadcrumbs li a:link, .breadcrumbs li a:visited {
+	display: inline;
+	color: #501eb6;
+	text-decoration: none;
+}
+
+.breadcrumbs li a:active, .breadcrumbs li a:hover {
+	color: #501eb6;
+	text-decoration: none;
+	height: 1em;
+	/* diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
+}
+
+/* Add a lightgrey slash character as breadcrumb separator between breadcrumbs. */
+.breadcrumbs>li+li::before {
+	padding: 0 5px;
+	color: #ccc;
+	content: "/\00a0";
+}
+
+/* Error Message */
+.error {
+	font-size: 12px;
+	font-style: normal;
+	font-variant: normal;
+	color: #000;
+}
+
+ul.error {
+	list-style-type: disc;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	padding: 8px;
+	margin: 0px 20px 0px 20px;
+}
+
+ul.error li {
+	line-height: 16px;
+}
+
+table.errorBorder {
+	border: 1px solid #ff7700;
+	background-color: #ffeeaa;
+	margin-top: 30px;
+	width: 100%;
+	border-spacing: 0px;
+}
+
+/* Success Message */
+.message {
+	font-size: 12px;
+	font-style: normal;
+	color: #000;
+}
+
+ul.message {
+	list-style-type: disc;
+	font-weight: bold;
+	font-family: "Averta-Bold", sans-serif;
+	padding: 8px;
+	margin: 0px 20px 0px 20px;
+}
+
+ul.message li {
+	line-height: 16px;
+	font-size: 12px;
+}
+
+table.messageBorder {
+	font-size: 12px;
+	border: 1px solid #501eb6;
+	background-color: #deefee;
+	margin-top: 30px;
+	width: 100%;
+	border-spacing: 0px;
+}
+
+/* Info message */
+table.infoBorder {
+	font-size: 12px;
+	border: 1px solid #3783ff;
+	background-color: #3783ff;
+	margin-top: 30px;
+	width: 100%;
+	border-spacing: 0px;
+}
+
+.infoBorder a:link, .infoBorder a:visited {
+	font-size: 12px;
+	color: #fbfbfb;
+	text-decoration: none;
+}
+
+.infoBorder a:active, .infoBorder a:hover {
+	font-size: 12px;
+	color: #ffffff;
+	text-decoration: none;
+}
+
+/* Question message */
+table.questionBorder {
+	font-size: 12px;
+	border: 1px solid #f4c649;
+	background-color: #fff4c0;
+	margin-top: 30px;
+	width: 100%;
+	border-spacing: 0px;
+}
+
+/* Navigation Configuration */
+#nav_user_administration, #nav_new_user, #nav_modify_user,
+	#nav_modify_user, #nav_search_by_profile, #nav_search_by_credential {
+	display: block;
+}
+
+#nav_unit_admin, #nav_new_main_unit, #nav_modify_unit {
+	display: block;
+}
+
+#nav_system_admin, #nav_applications, #nav_new_application,
+	#nav_modify_application {
+	display: block;
+}
+
+#nav_mail_templates, #nav_new_mail_template, #nav_modify_mail_template {
+	display: block;
+}
+
+#nav_policies, #nav_new_policy, #nav_modify_policy {
+	display: block;
+}
+
+#nav_batch_jobs, #nav_planned_jobs {
+	display: block;
+}
+
+#nav_client_administration, #nav_new_client, #nav_modify_client,
+	#nav_assign_roles, #nav_assign_policies, #nav_assign_mail_templates {
+	display: block;
+}
+
+#nav_selfadmin, #nav_my_user_data {
+	display: block;
+}
+
+.placeholder {
+	color: #aaa;
+}
+
+/* Quick Search (autocomplete) */
+.tt-hint {
+	color: #999
+}
+
+.tt-menu {
+	width: 320px;
+	padding: 17px 0;
+	background-color: #fff;
+	border: 1px solid #501eb6;
+	border-radius: 3px;
+	box-shadow: 0 6px 12px rgba(0, 0, 0, .175);
+}
+
+.tt-suggestion {
+	padding: 3px 28px;
+	line-height: 24px;
+}
+
+.tt-suggestion:hover {
+	cursor: pointer;
+	color: #fff;
+	background-color: #501eb6;
+}
+
+.tt-suggestion.tt-cursor {
+	color: #fff;
+	background-color: #9cc;
+}
+
+.empty-message {
+	padding: 3px 28px;
+}
+
+/* - - - - - - - - - - - - - - - - - - FOOTER - - - - - - - - - - - - - - - - - - - - - - - */
+.footer {
+	color: #501eb6;
+	background-color: transparent;
+	height: 40px;
+	padding-top: 0;
+	padding-bottom: 24px;
+	margin-top: 36px;
+	border-top: 1px solid #501eb6;
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/facing/admin/images/AGOV-Logo.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/facing/admin/images/AGOV-Logo.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/logging.yml
@ -20,6 +20,8 @@ Configuration:
        onMismatch: "ACCEPT"
  Loggers:
    Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
    - name: "ch.nevis.idm.batch.jobs"
      level: "INFO"
      additivity: "false"
@ -27,7 +29,13 @@ Configuration:
      - ref: "BATCHJOB"
    - name: "ch.nevis.idm.standalone"
      level: "INFO"
-    - name: "ch.adnovum.nevisidm.service.dbperformance"
+    - name: "ch.nevis.idm.batch.jobs.IdmBatchJob"
+      level: "INFO"
+    - name: "ch.nevis.idm.batch.jobs.PruneHistoryJob"
+      level: "INFO"
+    - name: "ch.nevis.idm.batch.jobs.UpdateCredentialStateJob"
+      level: "INFO"
+    - name: "ch.nevis.idm.batch.jobs.UpdateUserStateJob"
      level: "INFO"
    Root:
      level: "WARN"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -1,13 +1,21 @@
 # source: pattern://641ac4edf0c17383d3c0ea38
 web.gui.languages.default=de
 # source: pattern://0d4bbba28a4a76094d41df81
-database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
+database.connection.url=jdbc:mariadb://session-db-primary-service.adn-agov-database-01-uat:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&sslMode=disable
+# source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.min=5
+# source: pattern://0116b3002d0e713e23e6be72
+database.connection.pool.size.max=10
+# source: pattern://0d4bbba28a4a76094d41df81
+database.connection.max.lifetime=1800
+# source: pattern://0d4bbba28a4a76094d41df81
+database.connection.max.idle.time=600
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.username=adndbadmin
 # source: pattern://0d4bbba28a4a76094d41df81
 database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
 # source: pattern://641ac4edf0c17383d3c0ea38
-application.mail.smtp.host=greenmail.adn-agov-mail-01-dev.svc
+application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://641ac4edf0c17383d3c0ea38
 application.mail.smtp.port=3025
 # source: pattern://641ac4edf0c17383d3c0ea38
@ -53,13 +61,13 @@ application.modules.event.repeat.count=-1
 # source: pattern://0116b3002d0e713e23e6be72
 application.modules.provisioning.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.max=5
-# source: pattern://0116b3002d0e713e23e6be72
-database.connection.pool.size.min=5
-# source: pattern://0116b3002d0e713e23e6be72
 database.connection.xa.enabled=false
 # source: pattern://0116b3002d0e713e23e6be72
 database.transaction.timeout=60
+# source: pattern://0116b3002d0e713e23e6be72
+web.gui.facing.cache.size=10000
+# source: pattern://0116b3002d0e713e23e6be72
+web.gui.facing.location=/var/opt/nevisidm/default/conf/facing
 # source: pattern://641ac4edf0c17383d3c0ea38
 management.server.host=0.0.0.0
 # source: pattern://641ac4edf0c17383d3c0ea38
@ -103,7 +111,7 @@ server.tls.truststore=/var/opt/keys/trust/idm-job-default-tls-client-trust/trust
 # source: pattern://641ac4edf0c17383d3c0ea38
 server.tls.truststore-passphrase=${exec:/var/opt/keys/trust/idm-job-default-tls-client-trust/keypass}
 # source: pattern://641ac4edf0c17383d3c0ea38
-server.auth.ninja.truststore=/var/opt/keys/trust/idm-job-default-signer-trust/truststore.jks
+server.auth.ninja.truststore=/var/opt/keys/trust/idm-job-nevisidm-sectoken-truststore/truststore.jks
 # source: pattern://641ac4edf0c17383d3c0ea38
 management.healthchecks.enabled=true
 # source: pattern://641ac4edf0c17383d3c0ea38
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = idm-job
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/rolesMapping.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/rolesMapping.properties
@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState.14,AccessControl.CredentialCreate.14,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-frontend-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-frontend-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -1,7 +1,7 @@
 apiVersion: "operator.nevis-security.ch/v1"
 kind: "NevisTrustStore"
 metadata:
-  name: "idm-default-tls-client-trust"
+  name: "idm-nevisidm-frontend-truststore"
  namespace: "adn-agov-nevisidm-admin-01-uat"
  labels:
    deploymentTarget: "idm"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -13,4 +13,7 @@ spec:
  - name: "auth-sh4r3d-nevisidm-sectoken-signer"
    namespace: "adn-agov-nevisidm-admin-01-uat"
  extraCerts:
-  - "-----BEGIN CERTIFICATE-----\nMIIC0TCCAnigAwIBAgIQZvy+UXQEyt5CZ4HHs8QE4DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUxOTIyMjgzOFoXDTI1MDUxOTIy\nMjgzOFowXjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEXMBUGA1UEAwwOTkVWSVNfU2Vj\nVG9rZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBiK7GDqcPYMtt\nhWhmx/HkSzatni8aLjyTOaVV2yfmJaiWCGTKs1MdQmKOGKMwXp3w2abThn0ce7Sl\nGipV8xGeLq1Wjr9UnpSjV2WarS6BXDET7dJ858yYISJwu8bk/rXdvft7NSIbjl2M\n4auf5AyVFFZ1vKLPX9drJmrQCnGZXqGm7BMLAjgh1b+utopfrwqcwWyg5JltTsTd\nN4ytHciAWOgILO9Tut/VHmQLZA7P4rDSRMzKA8OXg1DSImYXlZlUQqSiNjpJuwmz\njhgt+4pwys+xLfkaOic5RzMtv3YDXKgiWRH/m8JKdfLbkNsl3bNkB/2Q1Hb/LBPQ\n/OLxW+QNAgMBAAGjgZIwgY8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsG\nAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFM9gPNKd\nzvDU2SS6FLCxzVDyYJwVMC8GA1UdEQQoMCaCDk5FVklTX1NlY1Rva2VugRRub3Jl\ncGx5QGxvY2FsLmRvbWFpbjAKBggqhkjOPQQDAgNHADBEAiAOOc9cD1IjF5MEc2DK\n4D6oQXWVtAiJLVp1zYq11V2e5QIgQ1CyWHKk+HqZJccyGPfnoB19s0X5RvNwUpJ9\nyVhnGXQ=\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmmgAwIBAgIRANQcuUgBqTwxVM2Cp+Jo5WYwCgYIKoZIzj0EAwIwGDEW\nMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNTA5MTUxNDAyNTlaFw0yNjA5MTUx\nNDAyNTlaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4\nUzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL0dZGTGXepz1MuYlMWG78ps\nkUbH+9WeNVVN46qVFo+ctvbLmi3/rcVeJ58iCw75El03gkJJZs4p0OOAeyMkoM8q\nNA18dV2ZpOF8j7w8MR9HuC+5PPoCr5LV9KfuAWBdi1SNJxUTNnF99KbGKEjtxosG\nYVe6n9v59D9sU6uJeKwx0C9xMBVCKLsEN9EXDVEXEf1wA7u+qWj+R6wAnf1EptRP\nkRdebSSSDrwS5G82NSA3BTYVxuD8MehhlkI+Qi+xKpVy/92DZqLOxMxIvX4BoDmj\ntjcOYz4WbSzUL3oPlrZRUsavjiDtBXywPhzNktBmQQA3bb78/h7XBsMOb5zgyTEC\nAwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML\n5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp\nbjAKBggqhkjOPQQDAgNIADBFAiEA3NUbrAsBLT83syA8FogSJ809pBQS4joZAaFB\nPz1HBNQCIDmDcN+vRliO6mV5+ncDERwBU8EBmHbVFHIiS718e/PP\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQWsbRHj5FvgDfPvvM45fH0jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDkxNTE0MDMwOFoXDTI2MDkxNTE0\nMDMwOFowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oziOMcCj9YniMf2cu6e3b9j\npIM0nj3vFfW6KpGtU4+vH6530ChmFJLFdAm9frez55v/ywEmJAaojT5T2+0bdOM8\n4V+WET9AhjKtNOtgv8XPh63VQMbf5LYpRkCzzxu0wNEEk1vy6OBZt3fkTSlvfAXR\nNvs/KolTJ2q2gEEXtOy5iy84IjQiTEEdZcNs9xWZSe4LPezeh6CU/JP0xEczZit2\nyrjG1GBdAPOW3WUoOWGEJinADoVyMFupIsjsj8Y0R++LdOZJJCPMqG2MTzlycHPB\nn1vlHuGLy9E2ag7xm1pAXbggCkDetcc36U+I6LBz7YNqQX4qe9d+kwkpLKT1ZQID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQD+yZAI0sfh610YK6jEjW1r4I0SGsx/B3NGVOxe\nawyvPQIhAMPabVmakBk/hHoguxcybsp+EmDHFb8jUuOkwnY4HTQm\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIICwzCCAmigAwIBAgIQR+vh743RGzZUW3EDMUTNgTAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI1MDgxOTE1MTgwNVoXDTI2MDgxOTE1\nMTgwNVowVjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEPMA0GA1UEAxMGc2lnbmVyMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp888RapeMLXk0KBw27rckQlV\nK8dnz0RRTooWyhVjPBwH/lPsiGb/bpxZ9zSqCy7H2jBIoWjVADHEuUSh9xPqT2gp\n29+PXYkH5YzKrWHe+dAIyjWmgJo3DTkQcvDU9K2HwwHHd1EtKtJopm3v8cTITRZH\ncjXIW7AXj6m1x21SV4juGuRK4w3e32Ry+VQJ3EcfT6B91PicyzYVKXCkRr2eUATd\n35dZOsHZj+KROZRuHNTMo8W9/Z1u5DD4/uDd2bFAgcTKcho136ZR4jQ9M8fA78Qt\nkv5rhmLa2fM7/jQTDGDDwWomJlue10FX1ArtKfQq9+XTlnN1rqDuNmKWjbcfRwID\nAQABo4GKMIGHMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBT7YRoWIjHwkvFicwvk\n0Tx/yA4uUTAnBgNVHREEIDAeggZzaWduZXKBFG5vcmVwbHlAbG9jYWwuZG9tYWlu\nMAoGCCqGSM49BAMCA0kAMEYCIQDHc1LJPHlQddb7zGfh7ALDBvNXkQfP3CgC+HGk\npykc3QIhAKqikhVid7okULyD5xHtoWN0G1OFKML9tKhLwqe5aJo+\n-----END CERTIFICATE-----\n"
+  - "-----BEGIN CERTIFICATE-----\nMIIBcTCCARagAwIBAgIQWRl1eifIt8yohQYzh6yr/jAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTIzMDYyODE0MzI0MFoXDTQzMDYyODE0\nMzI0MFowGDEWMBQGA1UEAxMNc2VsZnNpZ25lZC1jYTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEwcjsIhSyyh0i9zP1G7ReOkFt/djzlGoUtSd5v3ZEk5QoZYjfl9\n04HdaZzrmveB2aRppbXgW7//s2Ma8wTd5uejQjBAMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7YRoWIjHwkvFicwvk0Tx/yA4uUTAK\nBggqhkjOPQQDAgNJADBGAiEAgyg9t0qgb+czuscs07pNGI+12BedrD+y71psIlqx\nt2UCIQC/85UXyjYI9zg7Mg7rROTbGNCU3Jq/KIC3VzbbD+68VA==\n-----END CERTIFICATE-----\n"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisIDM"
  replicas: 1
-  version: "8.2405.2"
-  gitInitVersion: "1.3.0"
+  version: "8.2505.5"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    management: 8998
@ -28,32 +28,33 @@ spec:
    management:
      httpGet:
        path: "/liveness"
-      periodSeconds: 30
+      periodSeconds: 5
      timeoutSeconds: 6
  readinessProbe:
    management:
      httpGet:
        path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
      timeoutSeconds: 6
  startupProbe:
    management:
      httpGet:
        path: "/health"
-      periodSeconds: 30
+      initialDelaySeconds: 60
+      periodSeconds: 5
      timeoutSeconds: 6
-      failureThreshold: 10
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-868174843070c36c5da54e3a43d558da046b6ce7"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
    credentials: "git-credentials"
  keystores:
  - "idm-default-identity"
  truststores:
-  - "idm-default-tls-client-trust"
  - "idm-nevisidm-sectoken-truststore"
+  - "idm-nevisidm-frontend-truststore"
  podSecurity:
    policy: "baseline"
    automountServiceAccountToken: false
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/keypass
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/keypass
@ -1,2 +0,0 @@
-#!/bin/bash
-echo 'password'
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem
@ -1,45 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
-MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
-2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
-1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
-q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
-tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
-vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
-BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
-5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
-1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
-NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
-Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
-8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
-pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
-MrY=
-----END CERTIFICATE-----
-
-----BEGIN CERTIFICATE-----
-MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
-RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
-VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
-DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
-ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
-VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
-mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
-IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
-mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
-XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
-dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
-jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
-BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
-DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
-9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
-jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
-Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
-ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
-R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
-----END CERTIFICATE-----
-
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf
@ -4,5 +4,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/import/property/user_nevisidm_custom_property_verificationtransactionid.json
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/import/property/user_nevisidm_custom_property_verificationtransactionid.json
@ -3,7 +3,7 @@
    "scope": "USER_GLOBAL",
    "encrypted": false,
    "propagated": false,
-    "uniquenessScope": "ABSOLUTE",
+    
    "accessCreate": "READ_WRITE",
    "accessModify": "READ_ONLY",
    "clientExtId": "9f30aa08-4c53-458c-b144-90c16dc5ed6e",
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/logging.yml
@ -20,6 +20,8 @@ Configuration:
        onMismatch: "ACCEPT"
  Loggers:
    Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
    - name: "ch.nevis.idm.batch.jobs"
      level: "INFO"
      additivity: "false"
@ -27,12 +29,14 @@ Configuration:
      - ref: "BATCHJOB"
    - name: "ch.nevis.idm.standalone"
      level: "INFO"
+    - name: "Ninja"
+      level: "WARN"
+    - name: "OpTrace"
+      level: "INFO"
    - name: "ch.adnovum.nevisidm.service.dbperformance"
      level: "INFO"
-    - name: "jcan.Op"
-      level: "INFO"
-    - name: "jcan.OpContent"
-      level: "OFF"
+    - name: "ch.nevis.ninja"
+      level: "WARN"
    Root:
      level: "WARN"
      additivity: "false"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@ -1,18 +1,28 @@
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 web.gui.languages.default=de
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
+database.connection.url=jdbc:mariadb://session-db-primary-service.adn-agov-database-01-uat:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&sslMode=disable
+# source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.min=5
+# source: pattern://fe4a248ac7b092a6a80624f1
+database.connection.pool.size.max=10
+# source: pattern://ca0629d86201d4c4ac857d60
+database.connection.max.lifetime=1800
+# source: pattern://ca0629d86201d4c4ac857d60
+database.connection.max.idle.time=600
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.username=adndbadmin
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
-application.mail.smtp.host=greenmail.adn-agov-mail-01-dev.svc
+application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 application.mail.smtp.port=3025
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 application.mail.sender=noreply-agov-dev@adnovum.ch
 # source: pattern://fe4a248ac7b092a6a80624f1
+application.config.credentialTypesToBeLockedInDatabase=URLTICKET,SAMLFEDERATION,CONTEXTPASSWORD
+# source: pattern://fe4a248ac7b092a6a80624f1
 application.feature.email.validation.enabled=false
 # source: pattern://fe4a248ac7b092a6a80624f1
 application.feature.enterpriserole.enabled=true
@ -57,10 +67,6 @@ application.modules.reporting.characterencoding=ISO-8859-1
 # source: pattern://fe4a248ac7b092a6a80624f1
 application.modules.reporting.separator=;
 # source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.max=5
-# source: pattern://fe4a248ac7b092a6a80624f1
-database.connection.pool.size.min=5
-# source: pattern://fe4a248ac7b092a6a80624f1
 database.connection.xa.enabled=false
 # source: pattern://fe4a248ac7b092a6a80624f1
 web.gui.facing.cache.size=10000
@ -103,9 +109,9 @@ server.tls.keystore=/var/opt/keys/own/idm-default-identity/keystore.p12
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 server.tls.keystore-passphrase=${exec:/var/opt/keys/own/idm-default-identity/keypass}
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
-server.tls.truststore=/var/opt/keys/trust/idm-default-tls-client-trust/truststore.p12
+server.tls.truststore=/var/opt/keys/trust/idm-nevisidm-frontend-truststore/truststore.p12
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
-server.tls.truststore-passphrase=${exec:/var/opt/keys/trust/idm-default-tls-client-trust/keypass}
+server.tls.truststore-passphrase=${exec:/var/opt/keys/trust/idm-nevisidm-frontend-truststore/keypass}
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 server.auth.ninja.truststore=/var/opt/keys/trust/idm-nevisidm-sectoken-truststore/truststore.jks
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = idm
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/rolesMapping.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/rolesMapping.properties
@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState.14,AccessControl.CredentialCreate.14,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml
@ -11,8 +11,8 @@ metadata:
 spec:
  type: "NevisLogrend"
  replicas: 1
-  version: "8.2405.0"
-  gitInitVersion: "1.3.0"
+  version: "8.2505.5"
+  gitInitVersion: "1.4.0"
  runAsNonRoot: true
  ports:
    server: 8988
@ -38,13 +38,14 @@ spec:
  startupProbe:
    server:
      tcpSocket: true
+      initialDelaySeconds: 30
      periodSeconds: 5
      timeoutSeconds: 4
-      failureThreshold: 50
+      failureThreshold: 30
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-47502e417486789dcc0d887ec040d4cac6e4865d"
+    tag: "r-a067bc8dc88872382ee82b06c8c85326557df02e"
    dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend"
    credentials: "git-credentials"
  podSecurity:
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
@ -10,5 +10,5 @@ JAVA_OPTS=(
    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
    "-Dotel.javaagent.logging=application"
    "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
 )
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/logging.yml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/logging.yml
@ -11,7 +11,9 @@ Configuration:
        onMatch: "DENY"
        onMismatch: "ACCEPT"
  Loggers:
-    Logger: []
+    Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
    Root:
      level: "WARN"
      additivity: "false"
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/logrend.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/logrend.properties
@ -9,8 +9,10 @@ application.language.cookie.de=LANG:de:.agov-w.azure.adnovum.net
 application.language.cookie.en=LANG:en:.agov-w.azure.adnovum.net
 application.language.cookie.fr=LANG:fr:.agov-w.azure.adnovum.net
 application.language.cookie.it=LANG:it:.agov-w.azure.adnovum.net
+application.language.cookie.rm=LANG:rm:.agov-w.azure.adnovum.net
+application.languages=de,fr,it,rm,en
 application.loginapp.current=
-application.loginapp.default=OP-ONBRDNG-AuthenticationRealm
+application.loginapp.default=IDENT-AuthenticationRealm
 application.loginapp.override=header:channel
 application.package.name=nevislogrend
 application.render.content.type=text/html; charset=UTF-8
@ -20,9 +22,11 @@ application.webdata.pathparam=logrendresourcepath
 application.webdata.pathparam.default=/login/resources
 cache.revalidate.delay=-1
 cache.source=file
+env.name=WORK
 keytag.end=}
 keytag.start=${
 management.healthchecks.enabled=true
+page.title=AGOV Operations
 path.config=/var/opt/nevislogrend/default/conf
 path.instance=/var/opt/nevislogrend/default
 server.host=0.0.0.0
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/mimetype.properties
@ -1,3 +1,5 @@
+
 ico=image/x-icon
+json=application/json
 woff=font/woff
 woff2=font/woff2
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
@ -1,4 +1,5 @@
 otel.service.name = logrend
+otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/default.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/default.properties
@ -0,0 +1,44 @@
+# source: pattern://3fd09bb6cfbd34874595c263
+application.countries.default=CH
+# source: pattern://3fd09bb6cfbd34874595c263
+cache.file.exempt=
+# source: pattern://3fd09bb6cfbd34874595c263
+cache.filefolder.exempt=
+# source: pattern://3fd09bb6cfbd34874595c263
+application.language.source.1=param:language
+# source: pattern://3fd09bb6cfbd34874595c263
+application.language.source.2=cookie:LANG
+# source: pattern://3fd09bb6cfbd34874595c263
+application.language.source.3=gui
+# source: pattern://3fd09bb6cfbd34874595c263
+application.language.source.4=browser
+# source: pattern://3fd09bb6cfbd34874595c263
+velocity.input.encoding=UTF-8
+# source: pattern://3fd09bb6cfbd34874595c263
+velocity.output.encoding=UTF-8
+# source: pattern://3fd09bb6cfbd34874595c263
+application.inputs.htmlencode=false
+# source: pattern://3fd09bb6cfbd34874595c263
+application.inputs.htmlencode.guielems=false
+# source: pattern://3fd09bb6cfbd34874595c263
+application.render.content.type=text/html; charset=UTF-8
+# source: pattern://3fd09bb6cfbd34874595c263
+cache.revalidate.delay=-1
+# source: pattern://3fd09bb6cfbd34874595c263
+application.languages=de,fr,it,rm,en
+# source: pattern://3fd09bb6cfbd34874595c263, pattern://8401da6318c6915d689cdfc9
+application.language.cookie.de=LANG:de:.agov-w.azure.adnovum.net
+# source: pattern://3fd09bb6cfbd34874595c263, pattern://8401da6318c6915d689cdfc9
+application.language.cookie.fr=LANG:fr:.agov-w.azure.adnovum.net
+# source: pattern://3fd09bb6cfbd34874595c263, pattern://8401da6318c6915d689cdfc9
+application.language.cookie.it=LANG:it:.agov-w.azure.adnovum.net
+# source: pattern://3fd09bb6cfbd34874595c263, pattern://8401da6318c6915d689cdfc9
+application.language.cookie.rm=LANG:rm:.agov-w.azure.adnovum.net
+# source: pattern://3fd09bb6cfbd34874595c263, pattern://8401da6318c6915d689cdfc9
+application.language.cookie.en=LANG:en:.agov-w.azure.adnovum.net
+# source: pattern://3fd09bb6cfbd34874595c263
+env.name=WORK
+# source: pattern://3fd09bb6cfbd34874595c263
+page.title=AGOV Operations
+# source: pattern://3fd09bb6cfbd34874595c263
+application.languages.default=en
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text.properties
@ -0,0 +1,289 @@
+
+agov-ident.done.message=Ihr AGOV-Konto ist nun einsatzbereit. Bitte schliessen Sie diese Seite.
+agov-ident.done.title=Fertig
+agov-ident.failed.instruction=Sie ben&ouml;tigen ein AGOV-Konto und m&uuml;ssen die vorgeschlagene Daten&uuml;berpr&uuml;fung bestehen, um das Onboarding erfolgreich abzuschliessen. Bitte versuchen Sie es erneut.
+agov-ident.failed.message=Onboarding abgebrochen oder Verifikation der Daten verschoben
+agov-ident.failed.title=Verifikation erforderlich
+agov-ident.invalid-url.instruction=Der Link, den Sie f&uuml;r den Zugriff auf diese Seite verwendet haben, ist ung&uuml;ltig. Bitte stellen Sie sicher, dass Sie ihn so verwenden, wie Sie ihn erhalten haben, ohne Tippfehler, oder klicken Sie ihn direkt auf der Seite an, auf der er ver&ouml;ffentlicht ist.
+agov-ident.invalid-url.message=Link kann nicht verarbeitet werden
+agov-ident.invalid-url.title=Ung&uuml;ltiger Link
+agov-ident.onboarding=Registrierung & Verifikation
+agov-ident.retry=Versuchen Sie es erneut
+darkModeSwitch.aria.label=Dark-Mode-Schalter
+dimilar.confirm_identity.checkbox=Ich best&auml;tige, dass dies meine Angaben sind
+dimilar.confirm_identity.description=Bitte best&auml;tigen Sie, dass die folgenden Angaben Ihnen geh&ouml;ren, um fortzufahren:
+dimilar.confirm_identity.error=Bitte best&auml;tigen Sie, dass die Angaben Ihnen geh&ouml;ren, um fortzufahren.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Angaben best&auml;tigen
+dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
+dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
+dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AGOV-Konto
+dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
+dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
+dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
+dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
+error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
+error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
+error_100=Zertifikat-Upload nicht m&ouml;glich. Das Zertifikat existiert bereits. Wenden Sie sich an Ihr Helpdesk.
+error_101=Die eingegebene E-Mail-Adresse ist ung&uuml;ltig.
+error_11=Bitte verwenden Sie ein anderes Zertifikat oder melden Sie sich mit einer anderen Art von Credential an.
+error_2=Bitte w&auml;hlen Sie einen anderen Login-Namen.
+error_3=Wenn die n&auml;chste Authentifizierung fehlschl&auml;gt, wird Ihr Konto gesperrt.
+error_4=Ihr neues Passwort verst&ouml;sst gegen die Sicherheitsrichtlinien. Bitte w&auml;hlen Sie ein anderes Passwort.
+error_403.description=Sie sind nicht berechtigt, auf diese Anwendung zuzugreifen.
+error_403.title=Nicht zugelassen
+error_404.description=Die von Ihnen gesuchte Seite existiert nicht.
+error_404.title=Seite nicht gefunden
+error_5=Fehler bei der Passwortbest&auml;tigung.
+error_50=Das neue Passwort ist zu kurz.
+error_500.description=Zurzeit liegt eine St&ouml;rung vor. Wir arbeiten daran.
+error_500.title=Etwas ist schiefgegangen.
+error_502.description=Wir arbeiten daran. Bitte versuchen Sie es sp&auml;ter noch einmal.
+error_502.title=Etwas ist schiefgegangen.
+error_55=Das neue Passwort muss sich von alten Passw&ouml;rtern unterscheiden.
+error_6=Passwort&auml;nderung erforderlich.
+error_7=&Auml;nderung der Login-ID erforderlich.
+error_8=Ihr Konto wurde aufgrund wiederholter fehlgeschlagener Authentifizierungsversuche gesperrt.
+error_81=Keine Zugangskarte gefunden, Zugang &uuml;ber das Internet verweigert.
+error_83=Ihre Zugangskarte ist nicht mehr g&uuml;ltig. Bitte wenden Sie sich an Ihre Beratungsperson, um eine neue Zugangskarte zu erhalten.
+error_9=&Uuml;bernahme der Sitzung fehlgeschlagen.
+error_97=Sie sind nicht berechtigt, auf diese Ressource zuzugreifen.
+error_98=Ihr Konto wurde gesperrt.
+error_99=Systemprobleme: Bitte versuchen Sie es sp&auml;ter noch einmal.
+error_9901=Sie ben&ouml;tigen einen g&uuml;ltigen Onboarding-Link, um auf diese Seite zuzugreifen.
+error_9902=Die f&uuml;r die Authentifizierung verwendete E-Mail-Adresse stimmt nicht mit der erwarteten E-Mail-Adresse in Operations &uuml;berein. Bitte fordern Sie einen neuen Onboarding-Link an.
+error_9903=Der verwendete IdP hat uns keine g&uuml;ltige Assertion gesendet. Bitte stellen Sie sicher, dass Sie den richtigen IdP verwenden. Fordern Sie beim Support einen neuen Onboarding-Link an.
+error_9904=Ihr Link ist nicht mehr g&uuml;ltig. Bitte stellen Sie sicher, dass Sie den neuesten Link verwenden, den Sie von Operations erhalten haben. Fordern Sie einen neuen Link an, falls das Problem weiterhin besteht.
+error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitte den Support.
+error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
+errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
+fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
+fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
+fido2_auth.instruction3=Folgen Sie den Anweisungen
+fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
+fido2_auth.switchLogin=WECHSEL ZU LOGIN MIT
+footer.link=https://agov.ch
+footer.link.label=Kontakt
+footer.text=Authentifizierungsdienst der Schweizer Beh&ouml;rden AGOV &ndash; eine Zusammenarbeit zwischen den Kantonen, deren Gemeinden und der Bundesverwaltung. -
+general.AGOVAccessApp=AGOV access App
+general.accessApp=AGOV access App
+general.authenticate=Authentifizieren
+general.back=Zur&uuml;ck
+general.cancel=Abbrechen
+general.confirm=Best&auml;tigen
+general.contactSupport=Support kontaktieren
+general.continue=Weiter
+general.data.birthDate=Geburtsdatum
+general.data.birthDateFormat=TT.MM.JJJJ
+general.data.enrollmentNumber=AHV-Nummer (Dienstmanager)
+general.data.firstname=Vorname
+general.data.lastname=Nachname
+general.edit=&Auml;ndern
+general.email=E-Mail
+general.email.address=E-Mail-Adresse
+general.entryCode=Code-Eingabe
+general.fieldRequired=Erforderliches Feld
+general.generalAccessApp=Access App
+general.getStarted=Los geht's
+general.goAGOVHelp=Weiter zur AGOV help
+general.goAccessApp=Login mit AGOV access
+general.goToAccessApp=Zur AGOV access App wechseln
+general.help=Hilfe
+general.help.link=https://agov.ch/help
+general.login=Login
+general.login.accessApp=Login mit AGOV access App
+general.login.securityKey=Login mit Sicherheitsschl&uuml;ssel
+general.loginSecurityKey=Sicherheitsschl&uuml;ssel-Login starten
+general.moreOptions=WEITERE OPTIONEN
+general.or=ODER
+general.otherLoginMethods=Andere Login-Methoden
+general.recovery=Wiederherstellung
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Als PDF herunterladen
+general.recoveryCode.inputLabel=Wiederherstellungscode
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
+general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
+general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
+general.register=Registrieren
+general.registerNow=Jetzt registrieren!
+general.registration=Registrierung
+general.registration.dontHaveAnAccountYet=Haben Sie noch kein AGOV-Konto?
+general.registration.seeOptions=Registrierungsoptionen ansehen
+general.securityKey=Sicherheitsschl&uuml;ssel
+general.skip.content=Direkt zum Hauptteil
+general.wrongPhoneNumber=Bitte geben Sie eine g&uuml;ltige Telefonnummer ein
+generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
+generic.auth.error.next.steps=Versuchen Sie es bitte sp&auml;ter noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
+generic.auth.error.subtitle=Etwas ist schiefgegangen.
+generic.auth.error.title=Fehler
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=Sprache w&auml;hlen
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
+loainfo.later=Sp&auml;ter
+loainfo.startNow=M&ouml;chten Sie den Prozess jetzt starten?
+loainfo.startVerification=Verifikation starten
+loainfo.title=Verifizieren Sie Ihre Daten
+loggedout.description=Sie haben sich erfolgreich ausgeloggt.
+loggedout.title=Ausgeloggt
+mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
+mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
+mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
+mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
+mauth_usernameless.hideQR=QR-Code ausblenden
+mauth_usernameless.instructions=Melden Sie sich an, indem Sie den QR-Code mit Ihrer AGOV access App scannen
+mauth_usernameless.noAccount=Haben Sie noch kein AGOV-Konto?
+mauth_usernameless.selectLoginMethod=Login-Methode w&auml;hlen
+mauth_usernameless.showQR=QR-Code anzeigen
+mauth_usernameless.startRecovery=Kontowiederherstellung starten
+mauth_usernameless.useSecurityKey=Verwenden Sie einen Sicherheitsschl&uuml;ssel, um sich anzumelden
+mauth_usernameless.useSecurityKeyInfo=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, sich ohne Telefon anzumelden.
+onboard_linking_account_auth.fido_instructions=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, das Onboarding mit Ihrem Konto ohne Telefon durchzuf&uuml;hren.
+onboard_linking_account_auth.instructions=F&uuml;hren Sie das Onboarding mit Ihrem AGOV-Konto durch, indem Sie den QR-Code mit Ihrer AGOV access App scannen
+onboarding.cancel-onboarding=Sind Sie sicher, dass Sie den Onboarding-Prozess abbrechen m&ouml;chten?
+onboarding.cancel-onboarding-description=Um mit der Kontowiederherstellung fortzufahren, m&uuml;ssen Sie den Onboarding-Prozess abbrechen.
+onboarding.cancel-proceed-recovery=Ja, abbrechen und mit der Wiederherstellung fortfahren
+onboarding.login-factor=Schritt 1 &ndash; Login-Faktor
+onboarding.with-agov.title=Onboarding mit AGOV-Konto
+onboarding_account.switchLinking=Wechseln zum Onboarding mit
+onboarding_account_auth.loginSecurityKey=Onboarding mit Sicherheitsschl&uuml;ssel starten
+onboarding_account_auth.useSecurityKey=Benutzen Sie einen Sicherheitsschl&uuml;ssel, um das Onboarding mit Ihrem AGOV-Konto durchzuf&uuml;hren
+op-admin.login=AGOV-op-Admin
+op-admin.login.intro.message=Login mit Ihrem Benutzernamen und Passwort
+op-admin.login.loginid=LoginID
+op-admin.login.password=Passwort
+op-admin.login.title=Login
+op-admin.logout=AGOV-op-Admin
+op-admin.logout.message=Sie haben sich erfolgreich ausgeloggt.
+op-admin.logout.title=Logout
+op-admin.pwchange.intro.message=Passwort&auml;nderung erforderlich
+op-admin.pwchange.newpassword=Neues Passwort
+op-admin.pwchange.newpassword2=Neues Passwort wiederholen
+op-admin.pwchange.password=Aktuelles Passwort
+op-admin.pwchange.title=&Auml;nderung des Passworts
+op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
+op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
+op-idmlogin.role.idmcfg-mgmt=IDM set-up
+op-idmlogin.role.readonly-access=Standardzugriff (Nur Leseberechtigung)
+op-idmlogin.role.support-basic=Supportf&auml;lle (Wiederherstellung, ...)
+op-idmlogin.role.support-priv=3rd Level Support (Archivierung, Abmeldungen, ...)
+op-idmlogin.role.usr-mgmt=Benutzerverwaltung (Betrieb)
+op-idmlogin.role.usr-unit-mgmt=Benutzer- und Organisationsverwaltung (Betrieb)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Bitte w&auml;hlen Sie ein Profil aus...
+op-idmlogin.select.note=Mit * markierte Profile sollten nur f&uuml;r bestimmte Support oder Release Aufgaben genutzt werden.
+op-idmlogin.select.title=Profilauswahl
+op-onboarding.done.message=Das Onboarding war erfolgreich. Sie k&ouml;nnen nun Ihren AGOV-Operations-Zugang verwenden. Bitte schliessen Sie den Browser, bevor Sie auf eine der Operations-Applikationen zugreifen.
+op-onboarding.done.title=FERTIG
+op-onboarding.failed.title=FEHLER
+op-onboarding.intro.message1=Um das Onboarding f&uuml;r Ihren AGOV-Operations-Zugang abzuschliessen, ben&ouml;tigen Sie entweder ein AGOV- oder ein FED-LOGIN-Konto.
+op-onboarding.intro.message2=Wenn Sie auf &laquo;Weiter&raquo; klicken, werden Sie zur Authentifizierung weitergeleitet.
+op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht der erforderlichen AGOVaq-Stufe entspricht, erhalten Sie die M&ouml;glichkeit, die erforderliche Identit&auml;tspr&uuml;fung zu starten.
+op-onboarding.intro.title=START
+op-onboarding.onboarding=AGOV-op-Onboarding
+op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
+providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
+providePhoneNumber.inputLabel=Mobilnummer (optional)
+providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
+providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
+providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.inputLabel=Mobilnummer
+providePhoneNumber.modal.title=Mobilnummer wiederholen
+providePhoneNumber.saveButtonText=Speichern
+providePhoneNumber.title=Mobilnummer angeben
+qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
+recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
+recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
+recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
+recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
+recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
+recovery_check_code.invalid.code=Code ist ung&uuml;ltig
+recovery_check_code.invalid.code.required=Code erforderlich
+recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
+recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
+recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
+recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
+recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
+recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
+recovery_code.validUntil=G&uuml;ltig bis:
+recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
+recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
+recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
+recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
+recovery_intro_email.important=Wichtig:
+recovery_intro_email.process=Der Wiederherstellungsprozess sollte nur verwendet werden, wenn Sie den Zugriff auf Ihre Login-Faktoren verloren haben (gel&ouml;schte AGOV access App, verlorener Sicherheitsschl&uuml;ssel, verlorenes Telefon usw.).
+recovery_intro_email_sent.banner.button=Keine E-Mail erhalten?
+recovery_intro_email_sent.banner.success=Vielen Dank! Sie werden in K&uuml;rze eine E-Mail mit einem Wiederherstellungslink und Anweisungen erhalten.
+recovery_on_going.finishRecovery=Wiederherstellung abschliessen
+recovery_on_going.instruction=Sie haben einen laufenden Wiederherstellungsprozess. Der Wiederherstellungsprozess kann eine Identit&auml;tspr&uuml;fung umfassen. Um mit Ihrem AGOV-Login auf Applikationen zugreifen zu k&ouml;nnen, m&uuml;ssen Sie auch die Identit&auml;tspr&uuml;fung abschliessen.
+recovery_on_going.title=Bitte schliessen Sie Ihren Wiederherstellungsprozess ab.
+recovery_questionnaire_instructions.banner.info=Bitte beachten Sie, dass Sie in bestimmten F&auml;llen f&uuml;r eine erfolgreiche Wiederherstellung Zugang zu Ihrem Wiederherstellungscode ben&ouml;tigen.
+recovery_questionnaire_instructions.explanation=Aufgrund Ihrer Antworten scheint eine Wiederherstellung Ihres AGOV-Logins erforderlich zu sein. Bitte klicken Sie auf Weiter und folgen Sie den Anweisungen auf dem Bildschirm.
+recovery_questionnaire_instructions.instruction1=Geben Sie die E-Mail-Adresse Ihres AGOV-Logins an, damit wir Ihnen einen Link senden k&ouml;nnen, um den Wiederherstellungsprozess zu beginnen
+recovery_questionnaire_instructions.instruction2=Folgen Sie den Schritten zur Wiederherstellung Ihres Kontos (die Schritte variieren je nach Verifizierungsstufe Ihres Kontos)
+recovery_questionnaire_loginfactor.banner.error=Bitte w&auml;hlen Sie eine Antwort.
+recovery_questionnaire_loginfactor.no=Nein
+recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
+recovery_questionnaire_loginfactor.yes=Ja
+recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
+recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
+recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt, oder es wird angezeigt, dass keine Konten definiert sind
+recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
+recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
+recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen
+recovery_questionnaire_reason_selection.answer7=Ich habe meine Sicherheitsschl&uuml;ssel oder AGOV access Apps, hatte aber Probleme beim Einloggen
+recovery_questionnaire_reason_selection.answer8=Ich habe den Zugriff auf alle meine Sicherheitsschl&uuml;ssel und AGOV access Apps verloren
+recovery_questionnaire_reason_selection.answer9=Ich habe Probleme mit einem meiner Loginfaktoren (gel&ouml;scht, zur&uuml;ckgesetzt, vergessene PIN)
+recovery_questionnaire_reason_selection.banner.error=Bitte w&auml;hlen Sie einen Grund aus.
+recovery_questionnaire_reason_selection.instruction=Bitte w&auml;hlen Sie einen Grund wieso Sie den AGOV recovery Prozess starten:
+recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis der Wiederherstellungsprozess abgeschlossen ist.
+recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
+recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
+timeout.description=Ihre Sitzung ist abgelaufen. Bitte schliessen Sie dieses Fenster und versuchen Sie erneut, sich einzuloggen.
+timeout.title=Sitzung abgelaufen
+title=NEVIS SSO Portal
+title.login=Login
+user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
+user_input.invalid.email.required=Erforderliches Feld
+user_input.invalid.email.tooLong=Eingabe zu lang
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_de.properties
@ -0,0 +1,289 @@
+
+agov-ident.done.message=Ihr AGOV-Konto ist nun einsatzbereit. Bitte schliessen Sie diese Seite.
+agov-ident.done.title=Fertig
+agov-ident.failed.instruction=Sie ben&ouml;tigen ein AGOV-Konto und m&uuml;ssen die vorgeschlagene Daten&uuml;berpr&uuml;fung bestehen, um das Onboarding erfolgreich abzuschliessen. Bitte versuchen Sie es erneut.
+agov-ident.failed.message=Onboarding abgebrochen oder Verifikation der Daten verschoben
+agov-ident.failed.title=Verifikation erforderlich
+agov-ident.invalid-url.instruction=Der Link, den Sie f&uuml;r den Zugriff auf diese Seite verwendet haben, ist ung&uuml;ltig. Bitte stellen Sie sicher, dass Sie ihn so verwenden, wie Sie ihn erhalten haben, ohne Tippfehler, oder klicken Sie ihn direkt auf der Seite an, auf der er ver&ouml;ffentlicht ist.
+agov-ident.invalid-url.message=Link kann nicht verarbeitet werden
+agov-ident.invalid-url.title=Ung&uuml;ltiger Link
+agov-ident.onboarding=Registrierung & Verifikation
+agov-ident.retry=Versuchen Sie es erneut
+darkModeSwitch.aria.label=Dark-Mode-Schalter
+dimilar.confirm_identity.checkbox=Ich best&auml;tige, dass dies meine Angaben sind
+dimilar.confirm_identity.description=Bitte best&auml;tigen Sie, dass die folgenden Angaben Ihnen geh&ouml;ren, um fortzufahren:
+dimilar.confirm_identity.error=Bitte best&auml;tigen Sie, dass die Angaben Ihnen geh&ouml;ren, um fortzufahren.
+dimilar.confirm_identity.link=Wenn diese nicht Ihre Angaben sind, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Angaben best&auml;tigen
+dimilar.select_onboarding.description=Willkommen bei AGOV. Bitte komplettieren Sie Ihr Onboarding, indem Sie ein bestehendes oder neues AGOV Konto verbinden.
+dimilar.select_onboarding.error-banner=Bitte w&auml;hlen Sie eine Option aus, um fortzufahren
+dimilar.select_onboarding.existing-account=Onboarding mit einem existierenden AGOV-Konto
+dimilar.select_onboarding.proceeding=Wie m&ouml;chten Sie fortfahren?
+dimilar.select_onboarding.registering-account=Onboarding mit einem neuen AGOV-Konto
+dimilar.select_onboarding.title=Hallo !!!FIRSTNAME!!! !!!LASTNAME!!!
+dimilar.token_error.support=Um Hilfe zu erhalten, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token abgelaufen oder bereits verwendet.
+dimilar_onboarding.aborted.link=Wenn Sie Hilfe ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding abgebrochen. Bitte versuchen Sie es erneut.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding abgebrochen. Bitte kontaktieren Sie den Support unter
+dimilar_onboarding.successful.message=Onboarding mit AGOV-Konto erfolgreich. Sie k&ouml;nnen sich nun beim Dienstmanager unter <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a> einloggen.
+dimilar_onboarding.title=Registrieren
+envbanner.label=Laufzeitumgebung
+error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
+error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
+error_100=Zertifikat-Upload nicht m&ouml;glich. Das Zertifikat existiert bereits. Wenden Sie sich an Ihr Helpdesk.
+error_101=Die eingegebene E-Mail-Adresse ist ung&uuml;ltig.
+error_11=Bitte verwenden Sie ein anderes Zertifikat oder melden Sie sich mit einer anderen Art von Credential an.
+error_2=Bitte w&auml;hlen Sie einen anderen Login-Namen.
+error_3=Wenn die n&auml;chste Authentifizierung fehlschl&auml;gt, wird Ihr Konto gesperrt.
+error_4=Ihr neues Passwort verst&ouml;sst gegen die Sicherheitsrichtlinien. Bitte w&auml;hlen Sie ein anderes Passwort.
+error_403.description=Sie sind nicht berechtigt, auf diese Anwendung zuzugreifen.
+error_403.title=Nicht zugelassen
+error_404.description=Die von Ihnen gesuchte Seite existiert nicht.
+error_404.title=Seite nicht gefunden
+error_5=Fehler bei der Passwortbest&auml;tigung.
+error_50=Das neue Passwort ist zu kurz.
+error_500.description=Zurzeit liegt eine St&ouml;rung vor. Wir arbeiten daran.
+error_500.title=Etwas ist schiefgegangen.
+error_502.description=Wir arbeiten daran. Bitte versuchen Sie es sp&auml;ter noch einmal.
+error_502.title=Etwas ist schiefgegangen.
+error_55=Das neue Passwort muss sich von alten Passw&ouml;rtern unterscheiden.
+error_6=Passwort&auml;nderung erforderlich.
+error_7=&Auml;nderung der Login-ID erforderlich.
+error_8=Ihr Konto wurde aufgrund wiederholter fehlgeschlagener Authentifizierungsversuche gesperrt.
+error_81=Keine Zugangskarte gefunden, Zugang &uuml;ber das Internet verweigert.
+error_83=Ihre Zugangskarte ist nicht mehr g&uuml;ltig. Bitte wenden Sie sich an Ihre Beratungsperson, um eine neue Zugangskarte zu erhalten.
+error_9=&Uuml;bernahme der Sitzung fehlgeschlagen.
+error_97=Sie sind nicht berechtigt, auf diese Ressource zuzugreifen.
+error_98=Ihr Konto wurde gesperrt.
+error_99=Systemprobleme: Bitte versuchen Sie es sp&auml;ter noch einmal.
+error_9901=Sie ben&ouml;tigen einen g&uuml;ltigen Onboarding-Link, um auf diese Seite zuzugreifen.
+error_9902=Die f&uuml;r die Authentifizierung verwendete E-Mail-Adresse stimmt nicht mit der erwarteten E-Mail-Adresse in Operations &uuml;berein. Bitte fordern Sie einen neuen Onboarding-Link an.
+error_9903=Der verwendete IdP hat uns keine g&uuml;ltige Assertion gesendet. Bitte stellen Sie sicher, dass Sie den richtigen IdP verwenden. Fordern Sie beim Support einen neuen Onboarding-Link an.
+error_9904=Ihr Link ist nicht mehr g&uuml;ltig. Bitte stellen Sie sicher, dass Sie den neuesten Link verwenden, den Sie von Operations erhalten haben. Fordern Sie einen neuen Link an, falls das Problem weiterhin besteht.
+error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitte den Support.
+error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
+errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
+fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
+fido2_auth.instruction1=Klicken Sie auf &laquo;Weiter&raquo;
+fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
+fido2_auth.instruction3=Folgen Sie den Anweisungen
+fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
+fido2_auth.switchLogin=WECHSEL ZU LOGIN MIT
+footer.link=https://agov.ch
+footer.link.label=Kontakt
+footer.text=Authentifizierungsdienst der Schweizer Beh&ouml;rden AGOV &ndash; eine Zusammenarbeit zwischen den Kantonen, deren Gemeinden und der Bundesverwaltung. -
+general.AGOVAccessApp=AGOV access App
+general.accessApp=AGOV access App
+general.authenticate=Authentifizieren
+general.back=Zur&uuml;ck
+general.cancel=Abbrechen
+general.confirm=Best&auml;tigen
+general.contactSupport=Support kontaktieren
+general.continue=Weiter
+general.data.birthDate=Geburtsdatum
+general.data.birthDateFormat=TT.MM.JJJJ
+general.data.enrollmentNumber=AHV-Nummer (Dienstmanager)
+general.data.firstname=Vorname
+general.data.lastname=Nachname
+general.edit=&Auml;ndern
+general.email=E-Mail
+general.email.address=E-Mail-Adresse
+general.entryCode=Code-Eingabe
+general.fieldRequired=Erforderliches Feld
+general.generalAccessApp=Access App
+general.getStarted=Los geht's
+general.goAGOVHelp=Weiter zur AGOV help
+general.goAccessApp=Login mit AGOV access
+general.goToAccessApp=Zur AGOV access App wechseln
+general.help=Hilfe
+general.help.link=https://agov.ch/help
+general.login=Login
+general.login.accessApp=Login mit AGOV access App
+general.login.securityKey=Login mit Sicherheitsschl&uuml;ssel
+general.loginSecurityKey=Sicherheitsschl&uuml;ssel-Login starten
+general.moreOptions=WEITERE OPTIONEN
+general.or=ODER
+general.otherLoginMethods=Andere Login-Methoden
+general.recovery=Wiederherstellung
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Als PDF herunterladen
+general.recoveryCode.inputLabel=Wiederherstellungscode
+general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und versuchen Sie es erneut.
+general.recoveryCode.repeatCodeModal.description=Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten. Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren.
+general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
+general.recoveryCode.reveal=Wiederherstellungscode enth&uuml;llen
+general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
+general.register=Registrieren
+general.registerNow=Jetzt registrieren!
+general.registration=Registrierung
+general.registration.dontHaveAnAccountYet=Haben Sie noch kein AGOV-Konto?
+general.registration.seeOptions=Registrierungsoptionen ansehen
+general.securityKey=Sicherheitsschl&uuml;ssel
+general.skip.content=Direkt zum Hauptteil
+general.wrongPhoneNumber=Bitte geben Sie eine g&uuml;ltige Telefonnummer ein
+generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
+generic.auth.error.next.steps=Versuchen Sie es bitte sp&auml;ter noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
+generic.auth.error.subtitle=Etwas ist schiefgegangen.
+generic.auth.error.title=Fehler
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=Sprache w&auml;hlen
+loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2&ndash;3 Tage dauern.
+loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Sie k&ouml;nnen Ihre bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
+loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
+loainfo.later=Sp&auml;ter
+loainfo.startNow=M&ouml;chten Sie den Prozess jetzt starten?
+loainfo.startVerification=Verifikation starten
+loainfo.title=Verifizieren Sie Ihre Daten
+loggedout.description=Sie haben sich erfolgreich ausgeloggt.
+loggedout.title=Ausgeloggt
+mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
+mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
+mauth_usernameless.banner.info=Scan erfolgreich. Bitte fahren Sie in der AGOV access App fort.
+mauth_usernameless.banner.success=Authentifizierung erfolgreich.<br>Bitte warten Sie, bis Sie eingeloggt werden.
+mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
+mauth_usernameless.cannotLogin.accessApp=Zugriff auf App verloren?
+mauth_usernameless.cannotLogin.securityKey=Zugriff auf Sicherheitsschl&uuml;ssel verloren?
+mauth_usernameless.hideQR=QR-Code ausblenden
+mauth_usernameless.instructions=Melden Sie sich an, indem Sie den QR-Code mit Ihrer AGOV access App scannen
+mauth_usernameless.noAccount=Haben Sie noch kein AGOV-Konto?
+mauth_usernameless.selectLoginMethod=Login-Methode w&auml;hlen
+mauth_usernameless.showQR=QR-Code anzeigen
+mauth_usernameless.startRecovery=Kontowiederherstellung starten
+mauth_usernameless.useSecurityKey=Verwenden Sie einen Sicherheitsschl&uuml;ssel, um sich anzumelden
+mauth_usernameless.useSecurityKeyInfo=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, sich ohne Telefon anzumelden.
+onboard_linking_account_auth.fido_instructions=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, das Onboarding mit Ihrem Konto ohne Telefon durchzuf&uuml;hren.
+onboard_linking_account_auth.instructions=F&uuml;hren Sie das Onboarding mit Ihrem AGOV-Konto durch, indem Sie den QR-Code mit Ihrer AGOV access App scannen
+onboarding.cancel-onboarding=Sind Sie sicher, dass Sie den Onboarding-Prozess abbrechen m&ouml;chten?
+onboarding.cancel-onboarding-description=Um mit der Kontowiederherstellung fortzufahren, m&uuml;ssen Sie den Onboarding-Prozess abbrechen.
+onboarding.cancel-proceed-recovery=Ja, abbrechen und mit der Wiederherstellung fortfahren
+onboarding.login-factor=Schritt 1 &ndash; Login-Faktor
+onboarding.with-agov.title=Onboarding mit AGOV-Konto
+onboarding_account.switchLinking=Wechseln zum Onboarding mit
+onboarding_account_auth.loginSecurityKey=Onboarding mit Sicherheitsschl&uuml;ssel starten
+onboarding_account_auth.useSecurityKey=Benutzen Sie einen Sicherheitsschl&uuml;ssel, um das Onboarding mit Ihrem AGOV-Konto durchzuf&uuml;hren
+op-admin.login=AGOV-op-Admin
+op-admin.login.intro.message=Login mit Ihrem Benutzernamen und Passwort
+op-admin.login.loginid=LoginID
+op-admin.login.password=Passwort
+op-admin.login.title=Login
+op-admin.logout=AGOV-op-Admin
+op-admin.logout.message=Sie haben sich erfolgreich ausgeloggt.
+op-admin.logout.title=Logout
+op-admin.pwchange.intro.message=Passwort&auml;nderung erforderlich
+op-admin.pwchange.newpassword=Neues Passwort
+op-admin.pwchange.newpassword2=Neues Passwort wiederholen
+op-admin.pwchange.password=Aktuelles Passwort
+op-admin.pwchange.title=&Auml;nderung des Passworts
+op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
+op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
+op-idmlogin.role.idmcfg-mgmt=IDM set-up
+op-idmlogin.role.readonly-access=Standardzugriff (Nur Leseberechtigung)
+op-idmlogin.role.support-basic=Supportf&auml;lle (Wiederherstellung, ...)
+op-idmlogin.role.support-priv=3rd Level Support (Archivierung, Abmeldungen, ...)
+op-idmlogin.role.usr-mgmt=Benutzerverwaltung (Betrieb)
+op-idmlogin.role.usr-unit-mgmt=Benutzer- und Organisationsverwaltung (Betrieb)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Bitte w&auml;hlen Sie ein Profil aus...
+op-idmlogin.select.note=Mit * markierte Profile sollten nur f&uuml;r bestimmte Support oder Release Aufgaben genutzt werden.
+op-idmlogin.select.title=Profilauswahl
+op-onboarding.done.message=Das Onboarding war erfolgreich. Sie k&ouml;nnen nun Ihren AGOV-Operations-Zugang verwenden. Bitte schliessen Sie den Browser, bevor Sie auf eine der Operations-Applikationen zugreifen.
+op-onboarding.done.title=FERTIG
+op-onboarding.failed.title=FEHLER
+op-onboarding.intro.message1=Um das Onboarding f&uuml;r Ihren AGOV-Operations-Zugang abzuschliessen, ben&ouml;tigen Sie entweder ein AGOV- oder ein FED-LOGIN-Konto.
+op-onboarding.intro.message2=Wenn Sie auf &laquo;Weiter&raquo; klicken, werden Sie zur Authentifizierung weitergeleitet.
+op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht der erforderlichen AGOVaq-Stufe entspricht, erhalten Sie die M&ouml;glichkeit, die erforderliche Identit&auml;tspr&uuml;fung zu starten.
+op-onboarding.intro.title=START
+op-onboarding.onboarding=AGOV-op-Onboarding
+op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
+providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein. Sie wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
+providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
+providePhoneNumber.inputLabel=Mobilnummer (optional)
+providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
+providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
+providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
+providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
+providePhoneNumber.modal.description=Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten. Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren.
+providePhoneNumber.modal.inputLabel=Mobilnummer
+providePhoneNumber.modal.title=Mobilnummer wiederholen
+providePhoneNumber.saveButtonText=Speichern
+providePhoneNumber.title=Mobilnummer angeben
+qrCode.label=Klicken Sie, um den QR-Code in einem Fenster zu &ouml;ffnen.
+recovery_accessapp_auth.accessAppRegistered=AGOV access App schon registriert
+recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
+recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
+recovery_check_code.enterRecoveryCode=Wiederherstellungscode
+recovery_check_code.expired=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
+recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
+recovery_check_code.invalid.code=Code ist ung&uuml;ltig
+recovery_check_code.invalid.code.required=Code erforderlich
+recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
+recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
+recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
+recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
+recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
+recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
+recovery_code.validUntil=G&uuml;ltig bis:
+recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
+recovery_fidokey_auth.fidoInstruction=Klicken Sie auf &laquo;Schl&uuml;sselauthentifizierung starten&raquo;
+recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
+recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
+recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
+recovery_intro_email.important=Wichtig:
+recovery_intro_email.process=Der Wiederherstellungsprozess sollte nur verwendet werden, wenn Sie den Zugriff auf Ihre Login-Faktoren verloren haben (gel&ouml;schte AGOV access App, verlorener Sicherheitsschl&uuml;ssel, verlorenes Telefon usw.).
+recovery_intro_email_sent.banner.button=Keine E-Mail erhalten?
+recovery_intro_email_sent.banner.success=Vielen Dank! Sie werden in K&uuml;rze eine E-Mail mit einem Wiederherstellungslink und Anweisungen erhalten.
+recovery_on_going.finishRecovery=Wiederherstellung abschliessen
+recovery_on_going.instruction=Sie haben einen laufenden Wiederherstellungsprozess. Der Wiederherstellungsprozess kann eine Identit&auml;tspr&uuml;fung umfassen. Um mit Ihrem AGOV-Login auf Applikationen zugreifen zu k&ouml;nnen, m&uuml;ssen Sie auch die Identit&auml;tspr&uuml;fung abschliessen.
+recovery_on_going.title=Bitte schliessen Sie Ihren Wiederherstellungsprozess ab.
+recovery_questionnaire_instructions.banner.info=Bitte beachten Sie, dass Sie in bestimmten F&auml;llen f&uuml;r eine erfolgreiche Wiederherstellung Zugang zu Ihrem Wiederherstellungscode ben&ouml;tigen.
+recovery_questionnaire_instructions.explanation=Aufgrund Ihrer Antworten scheint eine Wiederherstellung Ihres AGOV-Logins erforderlich zu sein. Bitte klicken Sie auf Weiter und folgen Sie den Anweisungen auf dem Bildschirm.
+recovery_questionnaire_instructions.instruction1=Geben Sie die E-Mail-Adresse Ihres AGOV-Logins an, damit wir Ihnen einen Link senden k&ouml;nnen, um den Wiederherstellungsprozess zu beginnen
+recovery_questionnaire_instructions.instruction2=Folgen Sie den Schritten zur Wiederherstellung Ihres Kontos (die Schritte variieren je nach Verifizierungsstufe Ihres Kontos)
+recovery_questionnaire_loginfactor.banner.error=Bitte w&auml;hlen Sie eine Antwort.
+recovery_questionnaire_loginfactor.no=Nein
+recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
+recovery_questionnaire_loginfactor.yes=Ja
+recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
+recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> f&uuml;r Support-Artikel.
+recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
+recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
+recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
+recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
+recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt, oder es wird angezeigt, dass keine Konten definiert sind
+recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
+recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
+recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen
+recovery_questionnaire_reason_selection.answer7=Ich habe meine Sicherheitsschl&uuml;ssel oder AGOV access Apps, hatte aber Probleme beim Einloggen
+recovery_questionnaire_reason_selection.answer8=Ich habe den Zugriff auf alle meine Sicherheitsschl&uuml;ssel und AGOV access Apps verloren
+recovery_questionnaire_reason_selection.answer9=Ich habe Probleme mit einem meiner Loginfaktoren (gel&ouml;scht, zur&uuml;ckgesetzt, vergessene PIN)
+recovery_questionnaire_reason_selection.banner.error=Bitte w&auml;hlen Sie einen Grund aus.
+recovery_questionnaire_reason_selection.instruction=Bitte w&auml;hlen Sie einen Grund wieso Sie den AGOV recovery Prozess starten:
+recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis der Wiederherstellungsprozess abgeschlossen ist.
+recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
+recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
+timeout.description=Ihre Sitzung ist abgelaufen. Bitte schliessen Sie dieses Fenster und versuchen Sie erneut, sich einzuloggen.
+timeout.title=Sitzung abgelaufen
+title=NEVIS SSO Portal
+title.login=Login
+user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
+user_input.invalid.email.required=Erforderliches Feld
+user_input.invalid.email.tooLong=Eingabe zu lang
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_en.properties
@ -0,0 +1,289 @@
+
+agov-ident.done.message=Your AGOV account is now ready for use. Please close this page.
+agov-ident.done.title=Done
+agov-ident.failed.instruction=You need an AGOV account and pass the suggested data verification to successfully finish the on-boarding. Please try again.
+agov-ident.failed.message=Onboarding cancelled or data verification postponed
+agov-ident.failed.title=Verification needed
+agov-ident.invalid-url.instruction=The link you used to access this page isn't valid. Please make sure you use it as received without any typos or click it directly on the page, where it is published.
+agov-ident.invalid-url.message=Link can't be processed
+agov-ident.invalid-url.title=Invalid Link
+agov-ident.onboarding=Registration & Verification
+agov-ident.retry=Try again
+darkModeSwitch.aria.label=Dark mode toggle
+dimilar.confirm_identity.checkbox=I confirm this is my data
+dimilar.confirm_identity.description=Please confirm the data below is yours in order to proceed:
+dimilar.confirm_identity.error=Please confirm the data is yours to proceed.
+dimilar.confirm_identity.link=If this is not your data, please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confirm data
+dimilar.select_onboarding.description=Welcome to AGOV. Please complete your onboarding by connecting to an existing or new AGOV account.
+dimilar.select_onboarding.error-banner=Please select one option to continue
+dimilar.select_onboarding.existing-account=Onboard with an existing AGOV account
+dimilar.select_onboarding.proceeding=How would you like to proceed?
+dimilar.select_onboarding.registering-account=Onboard with a new AGOV account
+dimilar.select_onboarding.title=Hello !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=For support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token expired or already used.
+dimilar_onboarding.aborted.link=If you require support please visit <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding aborted. Please try again.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding aborted. Please contact support at
+dimilar_onboarding.successful.message=Onboarding with AGOV account successful. You are now able to log in to the Service Manager at <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Register
+envbanner.label=Runtime Environment
+error_1=Please check your input.
+error_10=Please select the correct user account.
+error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
+error_101=The entered email address is not valid.
+error_11=Please use another certficate or login with another credential type.
+error_2=Please select another login name.
+error_3=Your account will be locked if next authentication fails.
+error_4=Your new password does not comply with the security policy. Please choose a different password.
+error_403.description=You are not authorised to access this application.
+error_403.title=Not authorised
+error_404.description=The page you are looking for does not exist.
+error_404.title=Page not found
+error_5=Error in password confirmation.
+error_50=The new password is too short.
+error_500.description=There is currently an outage. We are working on it.
+error_500.title=Something went wrong.
+error_502.description=We are working on it. Please try again later.
+error_502.title=Something went wrong.
+error_55=The new password has to differ from old passwords.
+error_6=Password change required.
+error_7=Change of login ID required.
+error_8=Your account has been locked due to repeated authentication failures.
+error_81=No access card found, access from internet denied.
+error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
+error_9=Session take over failed.
+error_97=You are not authorized to access this resource.
+error_98=Your account has been locked.
+error_99=System problems. Please try later.
+error_9901=You need a valid on-boarding link to access this page.
+error_9902=The email used for authentication doesn't match the expected one in operations. Please ask for a new on-boarding link.
+error_9903=The used IdP didn't send us a valid assertion. Please make sure, you use the correct IdP. Ask the support for a new on-boarding link.
+error_9904=Your link is not valid anymore. Please make sure, that you are using the latest Link received from operations. Ask for a new link, if the problem persists.
+error_9905=There is a problem with your operations account. Please contact the support.
+error_9909=An internal error occured. Please ask the support for a new on-boarding link.
+errors.duplicateValue=Your account is already linked with another operations access.
+fido2_auth.cancel.fido=The security key authentication was interrupted. Please ensure your FIDO key is registered and your email is correct, then follow the steps below.
+fido2_auth.instruction1=Click on "Continue"
+fido2_auth.instruction2=An authentication window will appear
+fido2_auth.instruction3=Follow the instructions
+fido2_auth.skipInstructions=Skip instructions next time
+fido2_auth.switchLogin=SWITCH TO LOGIN WITH
+footer.link=https://agov.ch
+footer.link.label=Contact
+footer.text=Authentication service of Swiss authorities AGOV - a collaboration between cantons, their municipalities, and the federal administration. -
+general.AGOVAccessApp=AGOV access app
+general.accessApp=AGOV access app
+general.authenticate=Authenticate
+general.back=Back
+general.cancel=Cancel
+general.confirm=Confirm
+general.contactSupport=Contact Support
+general.continue=Continue
+general.data.birthDate=Date of birth
+general.data.birthDateFormat=DD.MM.YYYY
+general.data.enrollmentNumber=SSN/AHV number (Service Manager)
+general.data.firstname=First name
+general.data.lastname=Last name
+general.edit=Edit
+general.email=Email
+general.email.address=Email address
+general.entryCode=Code entry
+general.fieldRequired=Field required
+general.generalAccessApp=Access app
+general.getStarted=Get started
+general.goAGOVHelp=Go to AGOV help
+general.goAccessApp=Login with AGOV access
+general.goToAccessApp=Go to AGOV access app
+general.help=Help
+general.help.link=https://agov.ch/help
+general.login=Login
+general.login.accessApp=Login with Access App
+general.login.securityKey=Login with Security Key
+general.loginSecurityKey=Start Security key login
+general.moreOptions=MORE OPTIONS
+general.or=OR
+general.otherLoginMethods=Other login methods
+general.recovery=Recovery
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Download as PDF
+general.recoveryCode.inputLabel=Recovery code
+general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly and try again.
+general.recoveryCode.repeatCodeModal.description=To ensure you have recorded your code correctly, please repeat it below. A lost or incorrectly stored recovery code can make it more difficult to recover your account.
+general.recoveryCode.repeatCodeModal.title=Repeat recovery code
+general.recoveryCode.reveal=Reveal recovery code
+general.recoveryOngoing=Ongoing recovery
+general.register=Register
+general.registerNow=Register now!
+general.registration=Registration
+general.registration.dontHaveAnAccountYet=Don't have an AGOV account yet?
+general.registration.seeOptions=See registration options
+general.securityKey=Security key
+general.skip.content=Skip to main content
+general.wrongPhoneNumber=Please enter a valid phone number
+generic.auth.error.message=There was a service interruption. We are working on it.
+generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
+generic.auth.error.subtitle=Something went wrong.
+generic.auth.error.title=Error
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=Select language
+loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2-3 days.
+loainfo.description.300=To access the application we need to verify your data. You can choose your preferred process in the next step.
+loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.helper=Your data needs to be verified!
+loainfo.later=Later
+loainfo.startNow=Do you want to start the process now?
+loainfo.startVerification=Start verification
+loainfo.title=Verify your data
+loggedout.description=You have been successfully logged out.
+loggedout.title=Logged out
+mauth_usernameless.EID=Continue with CH E-ID
+mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
+mauth_usernameless.banner.info=Scan successful. Please continue in the AGOV access app.
+mauth_usernameless.banner.success=Authentication successful.<br>Please wait to be logged in.
+mauth_usernameless.cannotLogin=Lost access to your app / security key?
+mauth_usernameless.cannotLogin.accessApp=Lost access to your app?
+mauth_usernameless.cannotLogin.securityKey=Lost access to your security key?
+mauth_usernameless.hideQR=Hide QR code
+mauth_usernameless.instructions=Log in by scanning the QR code with your AGOV access app
+mauth_usernameless.noAccount=Don't have an AGOV account yet?
+mauth_usernameless.selectLoginMethod=Select login method
+mauth_usernameless.showQR=Show QR code
+mauth_usernameless.startRecovery=Start account recovery
+mauth_usernameless.useSecurityKey=Use a security key to log in
+mauth_usernameless.useSecurityKeyInfo=A physical security key offers a secure way to login without having to use a phone.
+onboard_linking_account_auth.fido_instructions=A physical security key offers a secure way to onboard with your account without having to use a phone.
+onboard_linking_account_auth.instructions=Onboard with your AGOV account by scanning the QR code with your AGOV access app
+onboarding.cancel-onboarding=Are you sure you want to cancel the onboarding process?
+onboarding.cancel-onboarding-description=In order to proceed with an account recovery, you will have to cancel the onboarding process.
+onboarding.cancel-proceed-recovery=Yes, cancel and proceed to recovery
+onboarding.login-factor=Step 1 - Login factor
+onboarding.with-agov.title=Onboard with AGOV account
+onboarding_account.switchLinking=Switch to onboard with
+onboarding_account_auth.loginSecurityKey=Start onboarding with security key
+onboarding_account_auth.useSecurityKey=Use a security key to onboard with your AGOV account
+op-admin.login=AGOV op admin
+op-admin.login.intro.message=Login with your username and password
+op-admin.login.loginid=LoginId
+op-admin.login.password=Passwort
+op-admin.login.title=Login
+op-admin.logout=AGOV op admin
+op-admin.logout.message=You have successfully logged out.
+op-admin.logout.title=Logout
+op-admin.pwchange.intro.message=Password change required
+op-admin.pwchange.newpassword=New password
+op-admin.pwchange.newpassword2=Repeat new password
+op-admin.pwchange.password=Current password
+op-admin.pwchange.title=Password Change
+op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
+op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
+op-idmlogin.role.idmcfg-mgmt=IDM set-up
+op-idmlogin.role.readonly-access=Default access (readonly)
+op-idmlogin.role.support-basic=Support cases (recovery, ...)
+op-idmlogin.role.support-priv=3rd level support (archiving, off-boarding)
+op-idmlogin.role.usr-mgmt=User management (operations)
+op-idmlogin.role.usr-unit-mgmt=User and organization management (operations)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Please select one of the profiles below...
+op-idmlogin.select.note=Profiles marked with a * should only be used if required for a specific support or release tasks.
+op-idmlogin.select.title=Profile selection
+op-onboarding.done.message=On-boarding was successfull. You can now use your AGOV operations access. Please close the browser, before accessing on of the operations application.
+op-onboarding.done.title=DONE
+op-onboarding.failed.title=ERROR
+op-onboarding.intro.message1=To complete your on-boarding for your AGOV operations access, you need either an AGOV or a FED-LOGIN account.
+op-onboarding.intro.message2=After clicking on "Continue", you will be redirected for authentication.
+op-onboarding.intro.message3=If you are using AGOV, and your account doesn't meet yet the required AGOVaq level, you will be given the possibility to start the required ID verification.
+op-onboarding.intro.title=START
+op-onboarding.onboarding=AGOV op on-boarding
+op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
+providePhoneNumber.banner=Phone number must be able to receive SMS. It will not be used to contact you.
+providePhoneNumber.description=AGOV now supports recovery with your phone number. This will allow you to continue with an SMS during recovery if you have lost access to your recovery code.
+providePhoneNumber.errorBanner=Phone numbers do not match. Please try again.
+providePhoneNumber.inputLabel=Phone number (optional)
+providePhoneNumber.laterModal.description1=Without a phone number, a recovery of your account might take up to 4 days if you lose access to your recovery code.
+providePhoneNumber.laterModal.description2=Adding a phone number helps you to recover your account in a matter of minutes.
+providePhoneNumber.laterModal.description3=This phone number will not be used to contact you.
+providePhoneNumber.laterModal.title=Continue without a phone number?
+providePhoneNumber.modal.description=To ensure you have recorded your phone number correctly, please repeat it below. An incorrectly stored phone number can make it more difficult to recover your account.
+providePhoneNumber.modal.inputLabel=Phone number
+providePhoneNumber.modal.title=Repeat phone number
+providePhoneNumber.saveButtonText=Continue
+providePhoneNumber.title=Add phone number
+qrCode.label=Click to open QR code in pop-up window.
+recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
+recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
+recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
+recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
+recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
+recovery_check_code.enterRecoveryCode=Recovery code
+recovery_check_code.expired=Too many attempts or your recovery code has expired.
+recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
+recovery_check_code.invalid.code=The code is invalid
+recovery_check_code.invalid.code.required=Code required
+recovery_check_code.invalid.code.tooLong=The code is too long
+recovery_check_code.noAccess=I do not have access to my code
+recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
+recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
+recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
+recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
+recovery_check_noCode.banner.error=Too many attempts.
+recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
+recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Please reveal your recovery code to be able to continue.
+recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
+recovery_code.newRecoveryCode=Introducing recovery code
+recovery_code.validUntil=Valid until:
+recovery_fidokey_auth.button=Start key authentication
+recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
+recovery_fidokey_auth.instruction1=You have already registered a new security key !!!SECURITY_KEY_NAME!!! as part of the recovery process.
+recovery_fidokey_auth.instruction2=Please use !!!SECURITY_KEY_NAME!!! to follow the steps below to identify you.
+recovery_fidokey_auth.keyRegistered=Security key already registered
+recovery_intro_email.banner.error=The link you used has expired. Please enter your email address to receive a new link.
+recovery_intro_email.banner.info=Please enter your email address, so we can send you a link to start the recovery process.
+recovery_intro_email.important=Important:
+recovery_intro_email.process=The recovery process should only be used if you have lost access to your login factors (deleted AGOV access app, lost security key, lost phone, etc.).
+recovery_intro_email_sent.banner.button=Didn't receive the email?
+recovery_intro_email_sent.banner.success=Thank you! You will receive an email with a recovery link and instructions shortly.
+recovery_on_going.finishRecovery=Finish recovery
+recovery_on_going.instruction=You have an ongoing recovery process. Part of the recovery process can include an identity verification. To access applications with your AGOV-Login you need to finish the identity verification as well.
+recovery_on_going.title=Please finish your recovery process.
+recovery_questionnaire_instructions.banner.info=Please note that in certain cases you need access to your recovery code for a successful recovery.
+recovery_questionnaire_instructions.explanation=Based on your answers an AGOV-Login recovery seems to be necessary. Please click on continue and follow the instructions on the screen.
+recovery_questionnaire_instructions.instruction1=Provide your account email address so we can send you a link to begin the recovery process
+recovery_questionnaire_instructions.instruction2=Follow steps to recover your account (steps will vary depending on your account verification level)
+recovery_questionnaire_loginfactor.banner.error=Please select an answer.
+recovery_questionnaire_loginfactor.no=No
+recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
+recovery_questionnaire_loginfactor.yes=Yes
+recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
+recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> for support articles.
+recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> and test if you can log in successfully.
+recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> to remove the one you have lost access to.
+recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
+recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
+recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
+recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app, or it shows there are no accounts defined
+recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
+recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
+recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app
+recovery_questionnaire_reason_selection.answer7=I have my security keys or apps but had trouble logging in
+recovery_questionnaire_reason_selection.answer8=I lost access to all my security keys and AGOV access apps
+recovery_questionnaire_reason_selection.answer9=I have issues with one of my login factors (deleted, reset, forgotten PIN)
+recovery_questionnaire_reason_selection.banner.error=Please select a reason.
+recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
+recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
+recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
+recovery_start_info.title=You are about to start the recovery process
+timeout.description=Your session has timed out. Please close this window and try logging in again.
+timeout.title=Session expired
+title=NEVIS SSO Portal
+title.login=Login
+user_input.invalid.email=Please enter a valid email address
+user_input.invalid.email.required=Field required
+user_input.invalid.email.tooLong=Input is too long
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_fr.properties
@ -0,0 +1,289 @@
+
+agov-ident.done.message=Votre compte AGOV est maintenant pr&ecirc;t &agrave; &ecirc;tre utilis&eacute;. Veuillez fermer cette page.
+agov-ident.done.title=Termin&eacute;
+agov-ident.failed.instruction=Vous devez disposer d'un compte AGOV et passer avec succ&egrave;s la v&eacute;rification des donn&eacute;es sugg&eacute;r&eacute;e pour terminer l'inscription. Veuillez r&eacute;essayer.
+agov-ident.failed.message=Enregistrement annul&eacute; ou v&eacute;rification des donn&eacute;es report&eacute;e
+agov-ident.failed.title=V&eacute;rification requise
+agov-ident.invalid-url.instruction=Le lien que vous avez utilis&eacute; pour acc&eacute;der &agrave; cette page n'est pas valide. Veuillez vous assurer de l'utiliser tel qu'il a &eacute;t&eacute; re&ccedil;u, sans fautes de frappe, ou cliquez directement sur la page o&ugrave; il est publi&eacute;.
+agov-ident.invalid-url.message=Le lien ne peut pas &ecirc;tre trait&eacute;
+agov-ident.invalid-url.title=Lien non valide
+agov-ident.onboarding=Enregistrement et v&eacute;rification
+agov-ident.retry=Essayez &agrave; nouveau
+darkModeSwitch.aria.label=Activer l'apparence sombre
+dimilar.confirm_identity.checkbox=Je confirme que ce sont mes donn&eacute;es
+dimilar.confirm_identity.description=Veuillez confirmer que les donn&eacute;es ci-dessous vous appartiennent afin de poursuivre&#160;:
+dimilar.confirm_identity.error=Veuillez confirmer que les donn&eacute;es vous appartiennent afin de poursuivre.
+dimilar.confirm_identity.link=Si ces donn&eacute;es ne sont pas les v&ocirc;tres, veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confirmer les donn&eacute;es
+dimilar.select_onboarding.description=Bienvenue sur AGOV. Veuillez terminer votre int&eacute;gration en vous connectant &agrave; un compte AGOV existant ou en cr&eacute;ant un nouveau compte.
+dimilar.select_onboarding.error-banner=Veuillez s&eacute;lectionner une option pour continuer
+dimilar.select_onboarding.existing-account=Se connecter avec un compte AGOV existant
+dimilar.select_onboarding.proceeding=Comment voulez-vous proc&eacute;der&#160;?
+dimilar.select_onboarding.registering-account=Se connecter avec un nouveau compte AGOV
+dimilar.select_onboarding.title=Bonjour !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Jeton expir&eacute; ou d&eacute;j&agrave; utilis&eacute;.
+dimilar_onboarding.aborted.link=Si vous avez besoin d'aide veuillez vous rendre sur <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Le processus d&rsquo;int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez r&eacute;essayer.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Le processus d'int&eacute;gration a &eacute;t&eacute; annul&eacute;. Veuillez contacter le service de support &agrave;
+dimilar_onboarding.successful.message=L&rsquo;int&eacute;gration avec le compte AGOV a r&eacute;ussi. Vous pouvez maintenant vous connecter sur le gestionnaire de service <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Cr&eacute;er un compte
+envbanner.label=Environnement d'ex&eacute;cution
+error_1=Veuillez v&eacute;rifier votre saisie.
+error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
+error_100=Le t&eacute;l&eacute;chargement du certificat est impossible. Le certificat existe d&eacute;j&agrave;. Veuillez contacter votre service d&rsquo;assistance.
+error_101=L&rsquo;adresse e-mail saisie n&rsquo;est pas valable.
+error_11=Veuillez utiliser un autre certificat ou vous connecter au moyen d&rsquo;un autre type de facteur d&rsquo;authentification.
+error_2=Veuillez s&eacute;lectionner un autre nom d&rsquo;utilisateur.
+error_3=Votre compte sera bloqu&eacute; si la prochaine tentative d&rsquo;authentification &eacute;choue.
+error_4=Votre nouveau mot de passe n&rsquo;est pas conforme &agrave; la politique de s&eacute;curit&eacute;. Veuillez choisir un autre mot de passe.
+error_403.description=Vous n&rsquo;&ecirc;tes pas autoris&eacute; &agrave; acc&eacute;der &agrave; cette ressource.
+error_403.title=Pas autoris&eacute;
+error_404.description=La page que vous recherchez n'existe pas.
+error_404.title=Page introuvable
+error_5=Erreur de confirmation du mot de passe
+error_50=Le nouveau mot de passe est trop court.
+error_500.description=Un incident est survenu. Nous mettons tout en œuvre pour le r&eacute;soudre.
+error_500.title=Un probl&egrave;me s&rsquo;est produit.
+error_502.description=Nous y travaillons. Veuillez r&eacute;essayer plus tard.
+error_502.title=Un probl&egrave;me s&rsquo;est produit.
+error_55=Le nouveau mot de passe doit &ecirc;tre diff&eacute;rent des pr&eacute;c&eacute;dents.
+error_6=Changement de mot de passe requis.
+error_7=Changement d&rsquo;identifiant de connexion requis.
+error_8=Votre compte a &eacute;t&eacute; bloqu&eacute; en raison de plusieurs &eacute;checs d&rsquo;authentification.
+error_81=Aucune carte d&rsquo;acc&egrave;s n&rsquo;a &eacute;t&eacute; trouv&eacute;e, l&rsquo;acc&egrave;s depuis Internet est refus&eacute;.
+error_83=Votre carte d&rsquo;acc&egrave;s n&rsquo;est plus valable. Veuillez contacter votre conseiller pour obtenir une nouvelle carte d&rsquo;acc&egrave;s.
+error_9=La reprise de session a &eacute;chou&eacute;.
+error_97=Vous n&rsquo;&ecirc;tes pas autoris&eacute; &agrave; acc&eacute;der &agrave; cette ressource.
+error_98=Votre compte a &eacute;t&eacute; bloqu&eacute;.
+error_99=Probl&egrave;mes de syst&egrave;me. Veuillez r&eacute;essayer plus tard.
+error_9901=Vous devez disposer d&rsquo;un lien d&rsquo;enregistrement valable pour acc&eacute;der &agrave; cette page.
+error_9902=L&rsquo;adresse e-mail utilis&eacute;e pour l&rsquo;authentification ne correspond pas &agrave; celle qui est renseign&eacute;e dans AGOV operations. Veuillez demander un nouveau lien d&rsquo;enregistrement.
+error_9903=Le fournisseur d&rsquo;identit&eacute; utilis&eacute; ne nous a pas envoy&eacute; d&rsquo;assertion valide. Assurez-vous d&rsquo;utiliser le bon fournisseur d&rsquo;identit&eacute;. Demandez un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
+error_9904=Le lien que vous avez suivi n&rsquo;est plus valable. Veuillez vous assurer que vous utilisez le dernier lien que vous avez re&ccedil;u d&rsquo;AGOV operations. Demandez un nouveau lien si le probl&egrave;me persiste.
+error_9905=Il y a un probl&egrave;me avec votre compte AGOV operations. Veuillez contacter le service d&rsquo;assistance.
+error_9909=Un probl&egrave;me interne s&rsquo;est produit. Veuillez demander un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
+errors.duplicateValue=Votre compte est d&eacute;j&agrave; li&eacute; &agrave; un autre acc&egrave;s &agrave; AGOV operations.
+fido2_auth.cancel.fido=L'authentification avec la cl&eacute; de s&eacute;curit&eacute; a &eacute;t&eacute; interrompue. Veuillez vous assurer que votre cl&eacute; FIDO est enregistr&eacute;e et que votre adresse e-mail est correcte, puis suivez les &eacute;tapes ci-dessous.
+fido2_auth.instruction1=Cliquez sur &laquo;&#160;Continuer&#160;&raquo;
+fido2_auth.instruction2=Une fen&ecirc;tre d'authentification s'affichera
+fido2_auth.instruction3=Suivez les instructions
+fido2_auth.skipInstructions=Passer les instructions la fois suivante
+fido2_auth.switchLogin=S'AUTHENTIFIER AVEC
+footer.link=https://agov.ch
+footer.link.label=Contact
+footer.text=Service d'authentification des autorit&eacute;s suisses AGOV &ndash; une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
+general.AGOVAccessApp=Application AGOV access
+general.accessApp=Application AGOV access
+general.authenticate=Authentification
+general.back=Retour
+general.cancel=Annuler
+general.confirm=Confirmer
+general.contactSupport=Contacter le service d'assistance
+general.continue=Continuer
+general.data.birthDate=Date de naissance
+general.data.birthDateFormat=JJ.MM.AAAA
+general.data.enrollmentNumber=Num&eacute;ro AVS (Gestionnaire de service)
+general.data.firstname=Pr&eacute;nom
+general.data.lastname=Nom
+general.edit=Editer
+general.email=E-mail
+general.email.address=Adresse e-mail
+general.entryCode=Entrer le code
+general.fieldRequired=Champ requis
+general.generalAccessApp=Access app
+general.getStarted=D&eacute;marrer
+general.goAGOVHelp=Rendez-vous sur AGOV help
+general.goAccessApp=Login avec AGOV access
+general.goToAccessApp=Allez sur votre application AGOV access
+general.help=Aide
+general.help.link=https://agov.ch/help
+general.login=Login
+general.login.accessApp=Connexion avec l'application AGOV access
+general.login.securityKey=Connexion avec la cl&eacute; de s&eacute;curit&eacute;
+general.loginSecurityKey=D&eacute;marrer la connexion avec la cl&eacute; de s&eacute;curit&eacute;
+general.moreOptions=PLUS D'OPTIONS
+general.or=OU
+general.otherLoginMethods=Autres m&eacute;thodes de connexion
+general.recovery=R&eacute;cup&eacute;ration
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=T&eacute;l&eacute;charger en format PDF
+general.recoveryCode.inputLabel=Code de r&eacute;cup&eacute;ration
+general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que l'avez enregistr&eacute; correctement et r&eacute;essayer.
+general.recoveryCode.repeatCodeModal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre code, veuillez le r&eacute;p&eacute;ter ci-dessous. Un code de r&eacute;cup&eacute;ration perdu ou mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+general.recoveryCode.repeatCodeModal.title=R&eacute;p&eacute;ter le code de r&eacute;cup&eacute;ration
+general.recoveryCode.reveal=R&eacute;v&eacute;ler le code de r&eacute;cup&eacute;ration
+general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
+general.register=Cr&eacute;er un compte
+general.registerNow=Enregistrez-vous d&egrave;s maintenant&#160;!
+general.registration=Enregistrement
+general.registration.dontHaveAnAccountYet=Vous n'avez pas encore de compte AGOV&#160;?
+general.registration.seeOptions=Voir les options d'enregistrement
+general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
+general.skip.content=Passer au contenu principal
+general.wrongPhoneNumber=Veuillez saisir un num&eacute;ro de t&eacute;l&eacute;phone valable
+generic.auth.error.message=Une interruption de service s&rsquo;est produite. Nous nous employons &agrave; r&eacute;soudre le probl&egrave;me.
+generic.auth.error.next.steps=Veuillez r&eacute;essayer plus tard. Veuillez vous rendre sur AGOV help si le probl&egrave;me persiste.
+generic.auth.error.subtitle=Un probl&egrave;me s&rsquo;est produit.
+generic.auth.error.title=Erreur
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=S&eacute;lectionner la langue
+loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2&ndash;3 jours.
+loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
+loainfo.description.400=Veuillez saisir votre num&eacute;ro AVS pour acc&eacute;der &agrave; l'application.
+loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es&#160;!
+loainfo.later=Plus tard
+loainfo.startNow=Voulez-vous commencer le processus maintenant&#160;?
+loainfo.startVerification=D&eacute;marrer la v&eacute;rification
+loainfo.title=V&eacute;rifiez vos donn&eacute;es
+loggedout.description=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
+loggedout.title=D&eacute;connect&eacute;
+mauth_usernameless.EID=Continuer avec l'e-ID suisse
+mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
+mauth_usernameless.banner.info=Scan r&eacute;ussi. Veuillez continuer dans l'application AGOV access.
+mauth_usernameless.banner.success=Authentification r&eacute;ussie.<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
+mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute;&#160;?
+mauth_usernameless.cannotLogin.accessApp=Vous avez perdu l'acc&egrave;s &agrave; votre application AGOV access&#160;?
+mauth_usernameless.cannotLogin.securityKey=Avez-vous perdu l'acc&egrave;s &agrave; votre cl&eacute; de s&eacute;curit&eacute;&#160;?
+mauth_usernameless.hideQR=Cacher le code QR
+mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
+mauth_usernameless.noAccount=Vous n'avez pas encore de compte AGOV&#160;?
+mauth_usernameless.selectLoginMethod=S&eacute;l&eacute;ctionner la m&eacute;thode de connexion
+mauth_usernameless.showQR=Afficher le code QR
+mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
+mauth_usernameless.useSecurityKey=Utiliser une cl&eacute; de s&eacute;curit&eacute; pour se connecter
+mauth_usernameless.useSecurityKeyInfo=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter sans devoir utiliser son t&eacute;l&eacute;phone.
+onboard_linking_account_auth.fido_instructions=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter &agrave; son compte sans devoir utiliser son t&eacute;l&eacute;phone.
+onboard_linking_account_auth.instructions=Connectez-vous avec votre compte AGOV en scannant le code QR avec votre application AGOV access
+onboarding.cancel-onboarding=&Ecirc;tes-vous s&ucirc;r de vouloir annuler la proc&eacute;dure d'int&eacute;gration&#160;?
+onboarding.cancel-onboarding-description=Pour proc&eacute;der &agrave; la r&eacute;cup&eacute;ration de votre compte, vous devrez annuler le processus d&rsquo;int&eacute;gration.
+onboarding.cancel-proceed-recovery=Oui, annuler et proc&eacute;der &agrave; la r&eacute;cup&eacute;ration
+onboarding.login-factor=&Eacute;tape 1 - Facteur de connexion
+onboarding.with-agov.title=Se connecter avec un compte AGOV
+onboarding_account.switchLinking=Passer &agrave; l&rsquo;int&eacute;gration avec
+onboarding_account_auth.loginSecurityKey=Commencez l'int&eacute;gration avec une cl&eacute; de s&eacute;curit&eacute;
+onboarding_account_auth.useSecurityKey=Utilisez une cl&eacute; de s&eacute;curit&eacute; pour se connecter avec votre compte AGOV
+op-admin.login=Administration de l&rsquo;acc&egrave;s &agrave; AGOV op
+op-admin.login.intro.message=Connectez-vous avec votre nom d&rsquo;utilisateur et votre mot de passe
+op-admin.login.loginid=Identifiant de connexion
+op-admin.login.password=Mot de passe
+op-admin.login.title=Connexion
+op-admin.logout=Administration de l&rsquo;acc&egrave;s &agrave; AGOV op
+op-admin.logout.message=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
+op-admin.logout.title=D&eacute;connexion
+op-admin.pwchange.intro.message=Changement de mot de passe requis
+op-admin.pwchange.newpassword=Nouveau mot de passe
+op-admin.pwchange.newpassword2=R&eacute;p&eacute;ter le nouveau mot de passe
+op-admin.pwchange.password=Mot de passe actuel
+op-admin.pwchange.title=Changer de mot de passe
+op-idmlogin.role.accs-mgmt-idm=Gestion des droits d'acc&egrave;s IDM
+op-idmlogin.role.accs-mgmt-nonidm=Gestion des droits d'acc&egrave;s
+op-idmlogin.role.idmcfg-mgmt=Mise en place de l'IDM
+op-idmlogin.role.readonly-access=Acc&egrave;s par d&eacute;faut (lecture seule)
+op-idmlogin.role.support-basic=Cas de support (r&eacute;cup&eacute;ration, ...)
+op-idmlogin.role.support-priv=Support de 3&egrave;me niveau (archivage, d&eacute;sinscription)
+op-idmlogin.role.usr-mgmt=Gestion des utilisateurs (op&eacute;rations)
+op-idmlogin.role.usr-unit-mgmt=Gestion des utilisateurs et des organisations (op&eacute;rations)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Veuillez s&eacute;lectionner l&rsquo;un des profils ci-dessous...
+op-idmlogin.select.note=Les profils marqu&eacute;s d'un * ne doivent &ecirc;tre utilis&eacute;s que s'ils sont n&eacute;cessaires pour des t&acirc;ches sp&eacute;cifiques de support ou de mise en production.
+op-idmlogin.select.title=S&eacute;l&eacute;ction du profil
+op-onboarding.done.message=L&rsquo;enregistrement a &eacute;t&eacute; effectu&eacute; avec succ&egrave;s. Vous disposez maintenant d&rsquo;un acc&egrave;s &agrave; AGOV operations. Veuillez fermer le navigateur avant d&rsquo;acc&eacute;der &agrave; AGOV operations.
+op-onboarding.done.title=TERMIN&Eacute;
+op-onboarding.failed.title=ERREUR
+op-onboarding.intro.message1=Pour terminer l&rsquo;enregistrement de votre acc&egrave;s &agrave; AGOV operations, vous devez disposer d&rsquo;un compte AGOV ou d&rsquo;un compte FED-LOGIN.
+op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur &laquo;&#160;Continuer&#160;&raquo;, vous serez redirig&eacute; vers l&rsquo;authentification.
+op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a pas encore atteint le niveau de qualit&eacute; d&rsquo;authentification requis, vous aurez la possibilit&eacute; de d&eacute;marrer la v&eacute;rification d&rsquo;identit&eacute; n&eacute;cessaire pour l&rsquo;atteindre.
+op-onboarding.intro.title=D&Eacute;MARRER
+op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
+op-onboarding.process.message=Un probl&egrave;me s&rsquo;est produit. Veuillez contacter le service d&rsquo;assistance AGOV afin de demander un nouveau lien d&rsquo;enregistrement.
+providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS. Il ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
+providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
+providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
+providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
+providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
+providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
+providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone&#160;?
+providePhoneNumber.modal.description=Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veillez le r&eacute;p&eacute;ter ci-dessous. Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre la r&eacute;cup&eacute;ration de votre compte plus difficile.
+providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
+providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
+providePhoneNumber.saveButtonText=Sauvegarder
+providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
+qrCode.label=Cliquez pour ouvrir le code QR dans une fen&ecirc;tre.
+recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
+recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle application AGOV access !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
+recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
+recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
+recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
+recovery_check_code.enterRecoveryCode=Code de r&eacute;cup&eacute;ration
+recovery_check_code.expired=Trop de tentatives ou votre code de r&eacute;cup&eacute;ration a expir&eacute;.
+recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; 12 chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
+recovery_check_code.invalid.code=Le code est invalide
+recovery_check_code.invalid.code.required=Code requis
+recovery_check_code.invalid.code.tooLong=Le code est trop long
+recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
+recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration&#160;?
+recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
+recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
+recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
+recovery_check_noCode.banner.error=Trop de tentatives.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Veuillez r&eacute;v&eacute;ler votre code de r&eacute;cup&eacute;ration pour pouvoir continuer.
+recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
+recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
+recovery_code.validUntil=Valable jusqu'au&#160;:
+recovery_fidokey_auth.button=D&eacute;marrer l'authentification par cl&eacute; de s&eacute;curit&eacute;
+recovery_fidokey_auth.fidoInstruction=Cliquez sur &laquo;&#160;D&eacute;marrer l'enregistrement de la cl&eacute;&#160;&raquo;
+recovery_fidokey_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle cl&eacute; de s&eacute;curit&eacute; !!!SECURITY_KEY_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
+recovery_fidokey_auth.instruction2=Veuillez utiliser !!!SECURITY_KEY_NAME!!! pour suivre les &eacute;tapes ci-dessous afin de vous identifier.
+recovery_fidokey_auth.keyRegistered=Cl&eacute; de s&eacute;curit&eacute; d&eacute;j&agrave; enregistr&eacute;e
+recovery_intro_email.banner.error=Le lien que vous avez utilis&eacute; a expir&eacute;. Veuillez saisir votre adresse e-mail pour recevoir un nouveau lien.
+recovery_intro_email.banner.info=Veuillez saisir votre adresse e-mail. Nous vous enverrons un e-mail vous permettant de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
+recovery_intro_email.important=Important:
+recovery_intro_email.process=Le processus de r&eacute;cup&eacute;ration ne doit &ecirc;tre utilis&eacute; que si vous avez perdu l'acc&egrave;s &agrave; vos facteurs de connexion (application AGOV access supprim&eacute;e, cl&eacute; de s&eacute;curit&eacute; perdue, t&eacute;l&eacute;phone perdu, etc.).
+recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email&#160;?
+recovery_intro_email_sent.banner.success=Merci&#160;! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
+recovery_on_going.finishRecovery=Terminer la r&eacute;cup&eacute;ration
+recovery_on_going.instruction=Vous n&rsquo;avez pas encore termin&eacute; le processus de r&eacute;cup&eacute;ration. Dans le cadre du processus de r&eacute;cup&eacute;ration, votre identit&eacute; peut faire l&rsquo;objet d&rsquo;une v&eacute;rification. Pour acc&eacute;der &agrave; des applications au moyen de votre identifiant AGOV, vous devez terminer la v&eacute;rification d&rsquo;identit&eacute;.
+recovery_on_going.title=Veuillez terminer le processus de r&eacute;cup&eacute;ration.
+recovery_questionnaire_instructions.banner.info=Veuillez noter que dans certains cas, vous devez avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration pour que la r&eacute;cup&eacute;ration soit r&eacute;ussie.
+recovery_questionnaire_instructions.explanation=D'apr&egrave;s vos r&eacute;ponses, une r&eacute;cup&eacute;ration de l'identifiant AGOV-Login semble n&eacute;cessaire. Veuillez cliquer sur continuer et suivre les instructions &agrave; l'&eacute;cran.
+recovery_questionnaire_instructions.instruction1=Fournissez l'adresse &eacute;lectronique de votre compte afin que nous puissions vous envoyer un lien pour commencer le processus de r&eacute;cup&eacute;ration
+recovery_questionnaire_instructions.instruction2=Suivez les &eacute;tapes pour r&eacute;cup&eacute;rer votre compte (les &eacute;tapes varient en fonction du niveau de v&eacute;rification de votre compte)
+recovery_questionnaire_loginfactor.banner.error=Veuillez choisir une r&eacute;ponse.
+recovery_questionnaire_loginfactor.no=Non
+recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte&#160;?
+recovery_questionnaire_loginfactor.yes=Oui
+recovery_questionnaire_no_recovery.explanation1=D'apr&egrave;s vos r&eacute;ponses, l'option de r&eacute;cup&eacute;ration d'AGOV ne semble pas n&eacute;cessaire pour l'instant.
+recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> pour obtenir des articles de soutien.
+recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
+recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
+recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
+recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
+recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute;, ou r&eacute;initialis&eacute; mon application AGOV access, ou cela indique qu'aucun compte n'est d&eacute;fini
+recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
+recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
+recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access
+recovery_questionnaire_reason_selection.answer7=J'ai mes cl&eacute;s de s&eacute;curit&eacute; ou mes applications, mais j'ai du mal &agrave; me connecter
+recovery_questionnaire_reason_selection.answer8=J'ai perdu l'acc&egrave;s &agrave; toutes mes cl&eacute;s de s&eacute;curit&eacute; et aux applications AGOV access
+recovery_questionnaire_reason_selection.answer9=J'ai des probl&egrave;mes avec l'un de mes facteurs d'authentification (effac&eacute;, r&eacute;initialis&eacute;, PIN oubli&eacute;)
+recovery_questionnaire_reason_selection.banner.error=Veuillez s&eacute;lectionner un motif.
+recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration&#160;:
+recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tant que le processus de r&eacute;cup&eacute;ration n'aura pas &eacute;t&eacute; termin&eacute;.
+recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
+recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
+timeout.description=Votre session a expir&eacute;. Veuillez fermer cette fen&ecirc;tre et essayer de vous reconnecter.
+timeout.title=Session expir&eacute;e
+title=NEVIS SSO Portal
+title.login=Login
+user_input.invalid.email=Veuillez saisir un e-mail valable.
+user_input.invalid.email.required=Champ requis
+user_input.invalid.email.tooLong=La saisie est trop longue
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_it.properties
@ -0,0 +1,289 @@
+
+agov-ident.done.message=Il vostro conto AGOV &egrave; ora pronto per l'uso. Pu&ograve; chiudere questa pagina.
+agov-ident.done.title=Finito
+agov-ident.failed.instruction=Per completare la registrazione &egrave; necessario disporre di un account AGOV e superare la verifica dei dati suggerita. Riprova.
+agov-ident.failed.message=Registrazione annullata o verifica dei dati posticipata
+agov-ident.failed.title=Verifica necessaria
+agov-ident.invalid-url.instruction=Il link utilizzato per accedere a questa pagina non &egrave; valido. Assicuratevi di utilizzarlo come ricevuto, senza errori di battitura, oppure cliccate direttamente sulla pagina in cui &egrave; pubblicato.
+agov-ident.invalid-url.message=Il link non pu&ograve; essere elaborato
+agov-ident.invalid-url.title=Link non valido
+agov-ident.onboarding=Registrazione e verifica
+agov-ident.retry=Riprova
+darkModeSwitch.aria.label=Attivare la modalit&agrave; scura
+dimilar.confirm_identity.checkbox=Confermo che questi sono i miei dati
+dimilar.confirm_identity.description=Confermi che i dati riportati di seguito le appartengono per poter procedere:
+dimilar.confirm_identity.error=Confermi che i dati sono i suoi per poter procedere.
+dimilar.confirm_identity.link=Se questi non sono i suoi dati, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confermare i dati
+dimilar.select_onboarding.description=Benvenuto in AGOV. Completi la procedura di registrazione collegando un account AGOV esistente o creandone uno nuovo.
+dimilar.select_onboarding.error-banner=Selezioni un&rsquo;opzione per continuare
+dimilar.select_onboarding.existing-account=Proceda con un account AGOV esistente
+dimilar.select_onboarding.proceeding=Come desidera procedere?
+dimilar.select_onboarding.registering-account=Proceda con un nuovo account AGOV
+dimilar.select_onboarding.title=Buongiorno !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=Per assistenza visita <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token scaduto o gi&agrave; utilizzato.
+dimilar_onboarding.aborted.link=Se ha bisogno di assistenza, visiti <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=La procedura di registrazione &egrave; stata interrotta. Provi di nuovo.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=La procedura di registrazione &egrave; stata interrotta. Contatti il supporto al
+dimilar_onboarding.successful.message=Registrazione con l&rsquo;account AGOV completata con successo. Ora pu&ograve; accedere alla Gestione dei servizi su <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Registrarsi
+envbanner.label=Ambiente di esecuzione
+error_1=Verificare i dati inseriti.
+error_10=Scegliere l&rsquo;account utente corretto.
+error_100=Impossibile caricare il certificato. Il certificato esiste gi&agrave;. Contattare l&rsquo;help desk.
+error_101=L&rsquo;e-mail inserita non &egrave; valida.
+error_11=Utilizzare un altro certificato o accedere con altre credenziali.
+error_2=Selezionare un altro nome di accesso.
+error_3=Se la prossima autenticazione fallisce, l&rsquo;account sar&agrave; bloccato.
+error_4=La nuova password non rispetta le norme di sicurezza. Scegliere un&rsquo;altra password.
+error_403.description=Accesso non autorizzato a questa risorsa.
+error_403.title=Non &egrave; autorizatto
+error_404.description=La pagina che state cercando non esiste.
+error_404.title=Pagina non trovata
+error_5=Errore nella conferma della password.
+error_50=La nuova password &egrave; troppo corta.
+error_500.description=Al momento si &egrave; verificato un disservizio. Stiamo intervenendo.
+error_500.title=Qualcosa non ha funzionato.
+error_502.description=Stiamo intervenendo. Riprovi pi&ugrave; tardi.
+error_502.title=Qualcosa non ha funzionato.
+error_55=La nuova password deve differire da quelle precedenti.
+error_6=&Egrave; richiesta la modifica della password.
+error_7=&Egrave; richiesta la modifica dell&rsquo;ID di accesso.
+error_8=A causa dei ripetuti tentativi di autenticazione falliti, l&rsquo;account &egrave; stato bloccato.
+error_81=Non &egrave; stata trovata alcuna carta di accesso; l&rsquo;accesso da Internet &egrave; negato.
+error_83=La carta di accesso non &egrave; pi&ugrave; valida. Per richiedere una nuova carta di accesso, contattare il responsabile.
+error_9=Takeover di sessione fallito.
+error_97=Accesso non autorizzato a questa risorsa.
+error_98=L&rsquo;account &egrave; stato bloccato.
+error_99=Ci sono problemi di sistema. Riprovare pi&ugrave; tardi.
+error_9901=Per accedere a questa pagina, &egrave; necessario un link di registrazione valido.
+error_9902=L&rsquo;e-mail utilizzata per l&rsquo;autenticazione non corrisponde a quella di AGOV operations. Richiedere un nuovo link di registrazione.
+error_9903=L&rsquo;IdP utilizzato non ha inviato un&rsquo;asserzione valida. Assicurarsi di utilizzare l&rsquo;IdP corretto. Richiedere al supporto un nuovo link di registrazione.
+error_9904=Il link non &egrave; pi&ugrave; valido. Assicurarsi di utilizzare il link pi&ugrave; recente ricevuto in AGOV operations. Se il problema persiste, richiedere un nuovo link.
+error_9905=Si &egrave; verificato un problema con l&rsquo;account AGOV operations. Contattare il supporto.
+error_9909=Si &egrave; verificato un errore interno. Richiedere al supporto un nuovo link di registrazione.
+errors.duplicateValue=Il suo account &egrave; gi&agrave; collegato ad un altro accesso operativo.
+fido2_auth.cancel.fido=L'autenticazione con la chiave di sicurezza &egrave; stata interrotta. Assicurarsi che la chiave FIDO sia registrata e che l'indirizzo e-mail sia corretto, poi seguire le istruzioni.
+fido2_auth.instruction1=Cliccare su &laquo;Continua&raquo;.
+fido2_auth.instruction2=A breve si aprir&agrave; una finestra per l'autenticazione.
+fido2_auth.instruction3=Seguire le istruzioni.
+fido2_auth.skipInstructions=Non mostrare pi&ugrave; le istruzioni
+fido2_auth.switchLogin=ACCEDERE CON
+footer.link=https://agov.ch
+footer.link.label=Contatto
+footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV &ndash; una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
+general.AGOVAccessApp=App AGOV access
+general.accessApp=App AGOV access
+general.authenticate=Autentifica
+general.back=Indietro
+general.cancel=Annullare
+general.confirm=Confermare
+general.contactSupport=Contattare il supporto
+general.continue=Continuare
+general.data.birthDate=Data di nascita
+general.data.birthDateFormat=GG.MM.AAAA
+general.data.enrollmentNumber=Numero AVS (Gestione dei servizi)
+general.data.firstname=Nome
+general.data.lastname=Cognome
+general.edit=Modificare
+general.email=e-mail
+general.email.address=Indirizzo e-mail
+general.entryCode=Codice
+general.fieldRequired=Campo obbligatorio
+general.generalAccessApp=App AGOV access
+general.getStarted=Iniziare
+general.goAGOVHelp=Vai ad AGOV help
+general.goAccessApp=Login con AGOV access
+general.goToAccessApp=Vai all'app AGOV access
+general.help=Aiuto
+general.help.link=https://agov.ch/help
+general.login=Accedere
+general.login.accessApp=Accesso con l'App AGOV access
+general.login.securityKey=Login con la chiave di sicurezza
+general.loginSecurityKey=Inizi l'accesso con chiave di sicurezza
+general.moreOptions=ALTRE OPZIONI
+general.or=O
+general.otherLoginMethods=Altri metodi di login
+general.recovery=Ripristino
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Salva come PDF
+general.recoveryCode.inputLabel=Codice di ripristino
+general.recoveryCode.repeatCodeError=Il codice inserito non &egrave; corretto. Verifichi di averlo salvato correttamente e riprovi.
+general.recoveryCode.repeatCodeModal.description=Per assicurarsi di aver registrato correttamente il suo codice, lo ripeta qui sotto. Un codice di ripristino perso o registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
+general.recoveryCode.reveal=Mostri il codice di ripristino
+general.recoveryOngoing=Ripristino in corso
+general.register=Registrarsi
+general.registerNow=Si registri ora!
+general.registration=Registrazione
+general.registration.dontHaveAnAccountYet=Non ha ancora un AGOV account?
+general.registration.seeOptions=Vedere le opzioni di registrazione
+general.securityKey=Chiave di sicurezza
+general.skip.content=Vai al contenuto principale
+general.wrongPhoneNumber=Inserire un numero di cellulare valido
+generic.auth.error.message=Si &egrave; verificata un&rsquo;interruzione. Stiamo lavorando per ripristinare l&rsquo;esercizio.
+generic.auth.error.next.steps=Riprovare pi&ugrave; tardi. Se il problema persiste, consultare AGOV help.
+generic.auth.error.subtitle=Qualcosa non ha funzionato.
+generic.auth.error.title=Errore
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=Selezionare la lingua
+loainfo.description.200=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Il processo pu&ograve; richiedere da 2&ndash;3 giorni.
+loainfo.description.300=Per accedere all'applicazione, dobbiamo verificare i suoi dati. Potr&agrave; scegliere il processo preferito nel passaggio successivo.
+loainfo.description.400=Per accedere all'applicazione &egrave; necessario inserire il numero AVS.
+loainfo.helper=I dati devono essere verificati!
+loainfo.later=Pi&ugrave; tardi
+loainfo.startNow=Vuole iniziare il processo ora?
+loainfo.startVerification=Inizi la verificazione
+loainfo.title=Verificare i dati.
+loggedout.description=Disconnessione effettuata con successo.
+loggedout.title=Disconnessione eseguita
+mauth_usernameless.EID=Continuare con CH e-ID
+mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
+mauth_usernameless.banner.info=Scansione eseguita. Continuare nell'app AGOV access.
+mauth_usernameless.banner.success=Autenticazione riuscita.<br>Attenda l&rsquo;accesso.
+mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
+mauth_usernameless.cannotLogin.accessApp=Ha perso l'accesso al suo App AGOV access?
+mauth_usernameless.cannotLogin.securityKey=Ha perso l'accesso alla sua chiave di sicurezza?
+mauth_usernameless.hideQR=Nascondi il codice QR
+mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app AGOV access.
+mauth_usernameless.noAccount=Non ha ancora un AGOV account?
+mauth_usernameless.selectLoginMethod=Selezionare il metodo di login
+mauth_usernameless.showQR=Visualizza il codice QR
+mauth_usernameless.startRecovery=Inizi il ripristino dell&rsquo;account
+mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
+mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
+onboard_linking_account_auth.fido_instructions=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
+onboard_linking_account_auth.instructions=Proceda con il suo account AGOV scansionando il codice QR con l&rsquo;app AGOV access
+onboarding.cancel-onboarding=Sei sicuro di voler annullare la registrazione?
+onboarding.cancel-onboarding-description=Per procedere con il recupero dell&rsquo;account, &egrave; necessario annullare la registrazione.
+onboarding.cancel-proceed-recovery=S&igrave;, annulla e procedi con il recupero
+onboarding.login-factor=Passaggio 1 &ndash; Fattore di login
+onboarding.with-agov.title=Proceda con l&rsquo;account AGOV
+onboarding_account.switchLinking=Passa alla registrazione con
+onboarding_account_auth.loginSecurityKey=Inizia la registrazione con la chiave di sicurezza
+onboarding_account_auth.useSecurityKey=Utilizzi una chiave di sicurezza per procedere con il suo account AGOV
+op-admin.login=AGOV op admin
+op-admin.login.intro.message=Accedere con nome utente e password
+op-admin.login.loginid=ID di accesso
+op-admin.login.password=Password
+op-admin.login.title=Accedere
+op-admin.logout=AGOV op admin
+op-admin.logout.message=La sessione &egrave; terminata.
+op-admin.logout.title=Disconnessione
+op-admin.pwchange.intro.message=&Egrave; richiesta la modifica della password.
+op-admin.pwchange.newpassword=Nuova password
+op-admin.pwchange.newpassword2=Ripetere la nuova password
+op-admin.pwchange.password=Password attuale
+op-admin.pwchange.title=Modificare password
+op-idmlogin.role.accs-mgmt-idm=Gestione dei diritti di accesso IDM
+op-idmlogin.role.accs-mgmt-nonidm=Gestione dei diritti di accesso
+op-idmlogin.role.idmcfg-mgmt=Configurazione dell'IDM
+op-idmlogin.role.readonly-access=Accesso predefinito (sola lettura)
+op-idmlogin.role.support-basic=Casi di supporto (ripristino, ...)
+op-idmlogin.role.support-priv=Supporto di terzo livello (archiviazione, off-boarding)
+op-idmlogin.role.usr-mgmt=Gestione utenti (operazioni)
+op-idmlogin.role.usr-unit-mgmt=Gestione utenti e organizzazione (operazioni)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Si prega di selezionare uno dei seguenti profili...
+op-idmlogin.select.note=I profili contrassegnati con * devono essere utilizzati solo se richiesti per attivit&agrave; di supporto o rilascio specifiche.
+op-idmlogin.select.title=Selezione del profilo
+op-onboarding.done.message=La registrazione &egrave; riuscita. Ora l&rsquo;accesso AGOV operations &egrave; pronto. Prima di accedere ad AGOV operations, chiudere il browser.
+op-onboarding.done.title=FINITO
+op-onboarding.failed.title=ERRORE
+op-onboarding.intro.message1=Per completare la registrazione per l'accesso AGOV operations, &egrave; necessario avere un account AGOV o FED-LOGIN.
+op-onboarding.intro.message2=Dopo aver cliccato su &laquo;Continua&raquo;, si &egrave; reindirizzati al servizio di autenticazione.
+op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; iniziare la verifica dell&rsquo;identit&agrave; richiesta.
+op-onboarding.intro.title=INIZIARE
+op-onboarding.onboarding=Registrazione AGOV op
+op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
+providePhoneNumber.banner=Il numero di telefono deve poter ricevere SMS. Non sar&agrave; utilizzato per contattarla.
+providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
+providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
+providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
+providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
+providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
+providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
+providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
+providePhoneNumber.modal.description=Per assicurarsi di aver registrato correttamente il suo numero di telefono, lo ripeta qui sotto. Un numero registrato in modo errato pu&ograve; rendere pi&ugrave; difficile il ripristino del suo account.
+providePhoneNumber.modal.inputLabel=Numero di telefono
+providePhoneNumber.modal.title=Ripetere il numero di telefono
+providePhoneNumber.saveButtonText=Salva
+providePhoneNumber.title=Aggiungi numero di telefono
+qrCode.label=Clicchi per aprire il codice QR in una finestra pop-up.
+recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
+recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
+recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
+recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
+recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
+recovery_check_code.enterRecoveryCode=Codice di ripristino
+recovery_check_code.expired=Troppi tentativi o il codice di ripristino &egrave; scaduto.
+recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
+recovery_check_code.invalid.code=Il codice non &egrave; valido
+recovery_check_code.invalid.code.required=Codice richiesto
+recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
+recovery_check_code.noAccess=Non ho il mio codice.
+recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
+recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
+recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
+recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Mostri il suo codice di ripristino per poter continuare.
+recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
+recovery_code.newRecoveryCode=Introduzione del codice di ripristino
+recovery_code.validUntil=Valido fino a:
+recovery_fidokey_auth.button=Inizi l'authenticazione della chiave
+recovery_fidokey_auth.fidoInstruction=Clicchi su &laquo;Inizi l'authenticazione della chiave&raquo;
+recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
+recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
+recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
+recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
+recovery_intro_email.banner.info=Inserisca il suo indirizzo email, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino.
+recovery_intro_email.important=Importante:
+recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
+recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
+recovery_intro_email_sent.banner.success=Grazie! &Egrave; stata inviata un&rsquo;e-mail contenente il codice di ripristino e le istruzioni.
+recovery_on_going.finishRecovery=Completare il ripristino
+recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il processo di ripristino pu&ograve; includere una verifica dell&rsquo;identit&agrave;. Per accedere alle applicazioni con il proprio AGOV-Login, &egrave; necessario completare la verifica dell&rsquo;identit&agrave;.
+recovery_on_going.title=Completare il processo di ripristino.
+recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
+recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
+recovery_questionnaire_instructions.instruction1=Indichi l&rsquo;indirizzo e-mail associato al suo account, cos&igrave; potremo inviarle un link per iniziare il processo di ripristino
+recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
+recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
+recovery_questionnaire_loginfactor.no=No
+recovery_questionnaire_loginfactor.question=Ha registrato pi&ugrave; di un fattore di accesso (app AGOV access o chiave di sicurezza) al suo account?
+recovery_questionnaire_loginfactor.yes=Si
+recovery_questionnaire_no_recovery.explanation1=In base alle sue risposte, l'opzione di ripristino AGOV non sembra necessaria al momento.
+recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per articoli di supporto.
+recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
+recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
+recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
+recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
+recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
+recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato l&rsquo;app AGOV access, oppure risulta che non ci sono account definiti
+recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
+recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
+recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access
+recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o le mie app, ma ho avuto problemi ad accedere
+recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
+recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
+recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
+recovery_questionnaire_reason_selection.instruction=Selezioni il motivo per cui sta iniziando il processo di ripristino:
+recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
+recovery_start_info.instruction=Durante il processo di ripristino registrer&agrave; un nuovo fattore di login. Se il suo account contiene informazioni verificate, potrebbe dover effettuare anche un processo di verificazione per completare il ripristino.
+recovery_start_info.title=Sta per iniziare il processo di ripristino
+timeout.description=La sessione &egrave; scaduta. Chiuda questa finestra e provi ad accedere nuovamente.
+timeout.title=Sessione scaduta
+title=NEVIS SSO Portal
+title.login=Login
+user_input.invalid.email=Inserire un'e-mail valida.
+user_input.invalid.email.required=Campo obbligatorio
+user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo.
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/resources/conf/text_rm.properties
@ -0,0 +1,287 @@
+
+agov-ident.done.message=Your AGOV account is now ready for use. Please close this page.
+agov-ident.done.title=Done
+agov-ident.failed.instruction=You need an AGOV account and pass the suggested data verification to successfully finish the on-boarding. Please try again.
+agov-ident.failed.message=Onboarding cancelled or data verification postponed
+agov-ident.failed.title=Verification needed
+agov-ident.invalid-url.instruction=The link you used to access this page isn't valid. Please make sure you use it as received without any typos or click it directly on the page, where it is published.
+agov-ident.invalid-url.message=Link can't be processed
+agov-ident.invalid-url.title=Invalid Link
+agov-ident.onboarding=Registration & Verification
+agov-ident.retry=Try again
+darkModeSwitch.aria.label=Activar l'apparientscha stgira
+dimilar.confirm_identity.checkbox=Jau conferm che quest en mias datas
+dimilar.confirm_identity.description=Per cuntinuar, confermai che las datas sutvart saudan a Vus per plaschair
+dimilar.confirm_identity.error=Per cuntinuar, confermai che las datas saudan a Vus per plaschair.
+dimilar.confirm_identity.link=En cass che quei n'&egrave;n betg Vossas inditgaziuns, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.confirm_identity.title=Confermar las datas
+dimilar.select_onboarding.description=Bainvegn&igrave; ad AGOV. Cumplettai Voss Onboarding cun connectar in conto AGOV nov u gia existent.
+dimilar.select_onboarding.error-banner=Selecziunai in'opziun, per cuntinuar
+dimilar.select_onboarding.existing-account=Onboarding cun in conto AGOV gia existent
+dimilar.select_onboarding.proceeding=Co vulais Vus cuntinuar?
+dimilar.select_onboarding.registering-account=Onboarding cun in nov conto AGOV
+dimilar.select_onboarding.title=Allegra !!!FIRSTNAME!!! !!!LASTNAME!!!,
+dimilar.token_error.support=Sche Vus duvrais agid, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar.token_error.token_expired=Token scad&igrave; u gia duvr&agrave;.
+dimilar_onboarding.aborted.link=Sche Vus duvrais agid, visitai per plaschair <a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.aborted.message=Onboarding suspend&igrave;. Empruvai anc ina giada.
+dimilar_onboarding.failed.link=<a class='link' href='https://agov.ch/dimhelp' target='_blank'>agov.ch/dimhelp</a>.
+dimilar_onboarding.failed.message=Onboarding suspend&igrave;. Contactai per plaschair il support.
+dimilar_onboarding.successful.message=Onboarding cun conto AGOV reuss&igrave;. Vus pudais ussa acceder a la Gestiun da servetsch qua <a class='link' href='https://agov.ch/dim' target='_blank'>agov.ch/dim</a>.
+dimilar_onboarding.title=Registrar
+envbanner.label=Ambient d'execuziun
+error_1=Controllai Vossas indicaziuns per plaschair.
+error_10=Selecziunai il conto d'utilisader correct.
+error_100=I n'&egrave; betg pussaivel da chargiar si il certificat. Quest certificat exista gia. Contactai il helpdesk.
+error_101=L'adressa d'e-mail endatada n'&egrave; betg valaivla.
+error_11=Duvrai in auter certificat u As annunziai cun in auter factur da login.
+error_2=Selecziunai in auter num d'utilisader.
+error_3=Sche la proxima autentificaziun na reussescha betg vegn Voss conto blocc&agrave;.
+error_4=Voss nov pled-clav n'&egrave; betg confurm a las directivas da segirezza. Selecziunai in auter pled-clav per plaschair.
+error_403.description=Vus n'essas betg autoris&agrave; d'acceder a questa applicaziun.
+error_403.title=Betg autoris&agrave;
+error_404.description=La pagina che Vus tschertgais n'exista betg.
+error_404.title=Pagina nunchattabla
+error_5=Sbagl da confermar il pled-clav.
+error_50=Il nov pled-clav &egrave; memia curt.
+error_500.description=Igl ha d&agrave; ina interrupziun dal servetsch. Nus lavurain vidlonder.
+error_500.title=Insatge n'ha betg funcziun&agrave;.
+error_502.description=Nus lavurain vidlonder. Empruvai anc ina giada pli tard per plaschair.
+error_502.title=Insatge n'ha betg funcziun&agrave;.
+error_55=Il nov pled-clav sto esser different da pled-clavs vegls.
+error_6=Midada d'il pled-clav &egrave; necessaria.
+error_7=Midada da la login ID &egrave; necessaria.
+error_8=Voss conto &egrave; vegn&igrave; blocc&agrave; pervia da memia bleras emprovas d'autentificaziun che n'&egrave;n betg reussidas.
+error_81=Chatt&agrave; nagina carta d'access, l'access sur l'internet &egrave; vegni refus&agrave;.
+error_83=Vossa carta d'access n'&egrave; betg pli valaivla. Contactai Voss consulent per survegnir ina nova carta d'access.
+error_9=I n'ha betg funcziun&agrave; da surpigliar la sessiun.
+error_97=Vus n'essas betg autoris&agrave; d'acceder a questa resursa.
+error_98=Voss conto &egrave; vegn&igrave; blocc&agrave;.
+error_99=Problems da sistem: Empruvai anc ina giada pli tard.
+error_9901=Vus duvrais in link da onboarding valaivel per pudair acceder a questa pagina.
+error_9902=L'adressa d'e-mail che vegn duvrada per l'autentificaziun na correspunda betg a l'adressa dad e-mail da AGOV operations. Dumandai per in nov link da onboarding.
+error_9903=L'IdP n'ans ha betg tramess ina assertion valaivla. Controllai che Vus dovrias la correcta IdP. Dumandai il support per in nov link da onboarding.
+error_9904=Voss link n'&egrave; betg pli valaivel. Controllai che Vus dovrias il link il pli actual che Vus avais survegn&igrave; d'AGOV operations. Dumandai per in nov link en cass che il problem persista vinavant.
+error_9905=I dat in problem cun Voss conto AGOV operations. Contactai per plaschair il support.
+error_9909=Igl &egrave; capit&agrave; in sbagl intern. Dumandai il support per in nov link da onboarding.
+errors.duplicateValue=Voss conto &egrave; gia colli&agrave; cun in auter access d'operaziun.
+fido2_auth.cancel.fido=L'autentificaziun cun la clav da segirezza &egrave; vegnida interrutta. Controllai che Vossa clav FIDO saja registrada e che Voss e-mail saja correct.
+fido2_auth.instruction1=Cliccai sin "Vinavant"
+fido2_auth.instruction2=En curt vegn ina fanestra d'autentificaziun ad aviar
+fido2_auth.instruction3=Suandai las instrucziuns
+fido2_auth.skipInstructions=Sursiglir las instrucziuns la proxima giada
+fido2_auth.switchLogin=ANNUNZIAR CUN
+footer.link=https://agov.ch
+footer.link.label=Contact
+footer.text=Servetsch d&rsquo;autentificaziun da las autoritads svizras AGOV &ndash; Ina collavuraziun dals chantuns, lur vischnancas e l&rsquo;administraziun federala. -
+general.AGOVAccessApp=App AGOV access
+general.accessApp=App AGOV access
+general.authenticate=Autentifitgar
+general.back=Enavos
+general.cancel=Interrumper
+general.confirm=Confermar
+general.contactSupport=Contactar il support
+general.continue=Vinavant
+general.data.birthDate=Data da naschientscha
+general.data.birthDateFormat=DD.MM.AAAA
+general.data.enrollmentNumber=Numer AVS (gestiun da servetsch)
+general.data.firstname=Prenum
+general.data.lastname=Num
+general.edit=Modifitgar
+general.email=E-mail
+general.email.address=Adressa d'e-mail
+general.entryCode=Endatar il code
+general.fieldRequired=Champ obligatoric
+general.generalAccessApp=App access
+general.getStarted=Cumenzar
+general.goAGOVHelp=Vinavant a AGOV help
+general.goAccessApp=Login cun AGOV access
+general.goToAccessApp=Cuntinuai a Vossa app AGOV access
+general.help=Agid
+general.help.link=https://agov.ch/help
+general.login=Login
+general.login.accessApp=Annunziar cun la App Access
+general.login.securityKey=Annunziar cun la clav da segirezza
+general.loginSecurityKey=Iniziar il login cun la clav da segirezza
+general.moreOptions=DAPLI OPTIONS
+general.or=U
+general.otherLoginMethods=Ulteriuras metodas da login
+general.recovery=Recuperaziun
+general.recovery.help.link=https://agov.ch/recovery
+general.recoveryCode.downloadPdf=Telechargiar en furma da PDF
+general.recoveryCode.inputLabel=Code da recuperaziun
+general.recoveryCode.repeatCodeError=Il code che Vus avais endat&agrave; n'&egrave; betg correct. Controllai che Vus l'hajas arcun&agrave; correctamain ed endatai el anc ina giada.
+general.recoveryCode.repeatCodeModal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss code, al repeti qua sutvart per plaschair. In code da recuperaziun pers u betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
+general.recoveryCode.repeatCodeModal.title=Repeter il code da recuperaziun
+general.recoveryCode.reveal=Scuvrir il code da recuperaziun
+general.recoveryOngoing=Recuperaziun betg terminada
+general.register=Registrar
+general.registerNow=As registrai ussa!
+general.registration=Registraziun
+general.registration.dontHaveAnAccountYet=N'avais Vus anc nagin account AGOV?
+general.registration.seeOptions=Mussar las metodas da registraziun
+general.securityKey=Clav da segirezza
+general.skip.content=Avanzar a la part principala
+general.wrongPhoneNumber=Endatai in numer da telefonin valid
+generic.auth.error.message=Igl ha d&agrave; ina interrupziun dal servetsch. Nus lavurain vidlonder.
+generic.auth.error.next.steps=Empruvai pli tard anc ina giada per plaschair. Visitai AGOV help en cass che il problem persista vinavant.
+generic.auth.error.subtitle=Insatge n'ha betg funcziun&agrave;.
+generic.auth.error.title=Errur
+language.de=Deutsch
+language.en=English
+language.fr=Fran&ccedil;ais
+language.it=Italiano
+language.rm=Rumantsch
+languageDropdown.aria.label=Selecziunar la lingua
+loainfo.description.200=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Quest process po durar fin 2&ndash;3 dis.
+loainfo.description.300=Per acceder a questa applicaziun, stuain nus verifitgar Vossas datas. Vus pudais selecziunar vossa metoda preferida en il proxim pass.
+loainfo.description.400=Per acceder a questa applicaziun stuais Vus inditgar Voss numer AVS.
+loainfo.helper=Vossas datas persunalas ston vegnir verifitgadas!
+loainfo.later=Pli tard
+loainfo.startNow=Vulais Vus ussa cumenzar cun il process?
+loainfo.startVerification=Cumenzar
+loainfo.title=Verifitgai Vossas datas
+loggedout.description=Voss logout &egrave; reuss&igrave;.
+loggedout.title=Deconnect&agrave;
+mauth_usernameless.EID=Vinavant cun la e-ID svizra
+mauth_usernameless.banner.error=Autentificaziun interrutta. <br>Empruvai anc ina giada suenter che la pagina &egrave; rechargiada per plaschair.
+mauth_usernameless.banner.info=Scan reuss&igrave;. Cuntinuai per plaschair en l'app AGOV access.
+mauth_usernameless.banner.success=Autentificaziun reussida <br>Spetgai fin che Vus essas annunziads per plaschair.
+mauth_usernameless.cannotLogin=Avais Vus pers l'access a l'app / la clav da segirezza?
+mauth_usernameless.cannotLogin.accessApp=Avais Vus pers l'access a Vossa app?
+mauth_usernameless.cannotLogin.securityKey=Avais Vus pers l'access a Vossa clav da segirezza?
+mauth_usernameless.hideQR=Zuppentar il code QR
+mauth_usernameless.instructions=Per As annunziar, scannai il code QR cun Vossa app AGOV access
+mauth_usernameless.noAccount=N'avais Vus anc nagin conto AGOV?
+mauth_usernameless.selectLoginMethod=Selecziunai ina metoda da login
+mauth_usernameless.showQR=Mussar il code QR
+mauth_usernameless.startRecovery=Cumenzar cun la recuperaziun dal conto
+mauth_usernameless.useSecurityKey=Duvrai ina clav da segirezza per As annunziar
+mauth_usernameless.useSecurityKeyInfo=Ina clav da segirezza fisica pussibilitescha ina annunzia segira senza telefonin.
+onboard_linking_account_auth.fido_instructions=Ina clav da segirezza fisica pussibilitescha in Onboarding da Voss conto segir senza telefonin.
+onboard_linking_account_auth.instructions=Faschai il Onboarding da Voss conto AGOV entras scannar il code QR cun Vossa app AGOV access
+onboarding.cancel-onboarding=Essas tscherts che Vus vulais interrumper il process d'Onboarding?
+onboarding.cancel-onboarding-description=Per saver cumenzar cun ina recuperaziun da Voss conto stuais Vus interrumper il process d'Onboarding.
+onboarding.cancel-proceed-recovery=Gea, interumper e cumenzar cun la recuperaziun
+onboarding.login-factor=Pass 1 - Factur da login
+onboarding.with-agov.title=Onboarding cun conto AGOV
+onboarding_account.switchLinking=Midar al Onboarding cun
+onboarding_account_auth.loginSecurityKey=Cummenzar il Onboarding cun la clav da segirezza
+onboarding_account_auth.useSecurityKey=Utilisa&igrave; vossa clav da segirezza per cuntinuar cun Voss account AGOV
+op-admin.login=AGOV op admin
+op-admin.login.intro.message=Login cun Voss num d'utilisader e cun Voss pled-clav
+op-admin.login.loginid=LoginId
+op-admin.login.password=Pled-clav
+op-admin.login.title=Login
+op-admin.logout=AGOV op admin
+op-admin.logout.message=Voss logout &egrave; reuss&igrave;.
+op-admin.logout.title=Deconnectar
+op-admin.pwchange.intro.message=Midada d'il pled-clav &egrave; necessaria
+op-admin.pwchange.newpassword=Nov pled-clav
+op-admin.pwchange.newpassword2=Repeter il nov pled-clav
+op-admin.pwchange.password=Pled-clav actual
+op-admin.pwchange.title=Midada d'il pled-clav
+op-idmlogin.role.accs-mgmt-idm=Management dals dretgs d'access IDM
+op-idmlogin.role.accs-mgmt-nonidm=Management dals dretgs d'access
+op-idmlogin.role.idmcfg-mgmt=IDM set-up
+op-idmlogin.role.readonly-access=Access da standard (mo dretgs da leger)
+op-idmlogin.role.support-basic=Cas da support (recuperaziun, …)
+op-idmlogin.role.support-priv=Support dal 3. nivel (archivaziun, deconnecziuns)
+op-idmlogin.role.usr-mgmt=Administraziun dals utilisaders (operations)
+op-idmlogin.role.usr-unit-mgmt=Administraziun dals utilisaders e da l'organisaziun (operations)
+op-idmlogin.select=AGOV idm
+op-idmlogin.select.intro=Selecziunai in d'ils profils suandants per plaschair...
+op-idmlogin.select.note=Ils profils marcads cun * duessan mo vegnir duvrads per tschertas incumbensas da support u da release.
+op-idmlogin.select.title=Selecziun dal profil
+op-onboarding.done.message=Il onboarding &egrave; reuss&igrave;. Vus pudais ussa duvrar Voss access AGOV operations. Serrai il browser per plaschair avant che acceder ad AGOV operations.
+op-onboarding.done.title=FIN&Igrave;
+op-onboarding.failed.title=ERRUR
+op-onboarding.intro.message1=Per concluder la registraziun da Voss access AGOV operations duvrais Vus in conto AGOV u in conto FED-LOGIN.
+op-onboarding.intro.message2=Suenter avair clicc&agrave; sin &laquo;Vinavant&raquo; vegnis Vus dirig&igrave; a l'autentificaziun.
+op-onboarding.intro.message3=Sche Vus utilisais AGOV ed il conto na correspunda anc betg al nivel dad AGOVaq necessari, survegnis Vus la pussaivladad da cumenzar la verificaziun d'identitad che &egrave; necessaria.
+op-onboarding.intro.title=START
+op-onboarding.onboarding=AGOV op onboarding
+op-onboarding.process.message=Igl ha d&agrave; in sbagl. Contactai il support dad AGOV e dumandai per in nov link da registraziun, sche necessari.
+providePhoneNumber.banner=Il numer da telefonin sto esser capabel da retschaiver SMS. El na vegn betg duvr&agrave; per As contactar.
+providePhoneNumber.description=AGOV pussibilitescha ussa la recuperaziun cun agid dal numer da telefonin. Durant la recuperaziun pudais Vus ussa cuntinuar cun in SMS, en cas che Vus avais pers Voss code da recuperaziun.
+providePhoneNumber.errorBanner=Ils numers da telefonin na correspundan betg in a l'auter. Empruvai danovamain per plaschair.
+providePhoneNumber.inputLabel=Numer da telefonin (opziunal)
+providePhoneNumber.laterModal.description1=Senza numer da telefonin po la recuperaziun da Voss conto cuzzar fin 4 dis, en cas che Vus perdais Voss code da recuperaziun.
+providePhoneNumber.laterModal.description2=Agiuntar in numer da telefonin pussibilitescha ina recuperaziun da Voss conto en paucas minutas.
+providePhoneNumber.laterModal.description3=Quest numer da telefonin na vegn betg duvr&agrave; per As contactar.
+providePhoneNumber.laterModal.title=Cuntinuar senza numer da telefonin?
+providePhoneNumber.modal.description=Per verifitgar che Vus hajas arcun&agrave; correctamain Voss numer da telefonin, al repeti qua sutvart per plaschair. In numer da telefonin betg arcun&agrave; correctamain po difficultar la recuperaziun da Voss conto.
+providePhoneNumber.modal.inputLabel=Numer da telefonin
+providePhoneNumber.modal.title=Reper il numer da telefonin
+providePhoneNumber.saveButtonText=Arcunar
+providePhoneNumber.title=Inditgar in numer da telefonin
+qrCode.label=Cliccai per avrir il code QR en ina fanestra separada.
+recovery_accessapp_auth.accessAppRegistered=App AGOV access gia registrada
+recovery_accessapp_auth.instruction1=Vus avais gia registr&agrave; ina nova app AGOV access !!!ACCESS_APP_NAME!!! durant il process da recuperaziun.
+recovery_accessapp_auth.instruction2=Utilisai per plaschair !!!ACCESS_APP_NAME!!! per As identifitgar.
+recovery_check_code.banner.lockedError=Memia bleras emprovas d'endataziun nunvalaivlas. Empruvai anc ina giada en intginas minutas.
+recovery_check_code.codeIncorrect=Il code endat&agrave; n'&egrave; betg correct. Empruvai anc ina giada.
+recovery_check_code.enterRecoveryCode=Code da recuperaziun
+recovery_check_code.expired=Memia bleras emprovas u Voss code da recuperaziun &egrave; scad&igrave;.
+recovery_check_code.instruction=Endatai qua sutvart Voss code da recuperaziun persunal cun 12 cifras. Vus avais survegn&igrave; il code da recuperaziun en ina datoteca PDF a chaschun da la registraziun u en AGOV me.
+recovery_check_code.invalid.code=Il code &egrave; nunvalaivel
+recovery_check_code.invalid.code.required=Code necessari
+recovery_check_code.invalid.code.tooLong=Il code &egrave; memia lung
+recovery_check_code.noAccess=Jau n'hai betg access a mes code
+recovery_check_code.noCodeAccess=Essas Vus segirs che Vus n'avais betg access a Voss code da recuperaziun?
+recovery_check_code.noCodeAccessInstructions=Sche Vus avais pers access a Voss code da recuperaziun giai ad AGOV help per contactar insatgi d'il support dad AGOV. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
+recovery_check_code.too_many_tries.instruction1=Il code da recuperaziun che Vus avais endat&agrave; &egrave; eventualmain scad&igrave; u Vuss avais empruv&agrave; da l'endatar memia bleras giadas.
+recovery_check_code.too_many_tries.instruction2=Giai per plaschair ad AGOV help per contactar insatgi d'il support. Questa Persuna As vegn a sustegnair cun il process da recuperaziun.
+recovery_check_noCode.banner.error=Memia bleras emprovas.
+recovery_check_noCode.instruction1=Vuss avais eventualmain empruv&agrave; da endatar il code da recuperaziun memia bleras giadas.
+recovery_check_noCode.instruction2=Serrai per plaschair il browser da web e cumenzai anc ina giada cun la recuperaziun da Voss conto en 10 minutas a <a class='link' href='https://agov.ch/me'>agov.ch/me</a>.
+recovery_code.banner.error=Scuvrir Voss code da recuperaziun per pudair cuntinuar.
+recovery_code.instruction=Il code da recuperaziun As permetta d'acceder a Voss conto en cas che Vus avais pers tut Voss facturs da login. Tegnai en salv quest code da recuperaziun en in lieu segir per plaschair.
+recovery_code.newRecoveryCode=Introducziun dal code da recuperaziun
+recovery_code.validUntil=Valaivel enfin:
+recovery_fidokey_auth.button=Cumenzar la autentificaziun da clav
+recovery_fidokey_auth.fidoInstruction=Cliccai sin &laquo;Cumenzar la autentificaziun da clav&raquo;
+recovery_fidokey_auth.instruction1=Vus avais gia registr&agrave; ina nova clav da segirezza !!!SECURITY_KEY_NAME!!! durant il process da recuperaziun.
+recovery_fidokey_auth.instruction2=Utilisai per plaschair !!!SECURITY_KEY_NAME!!! e suandai ils pass qua sutvart per As identifitgar.
+recovery_fidokey_auth.keyRegistered=Clav da sgirezza gia registrada
+recovery_intro_email.banner.error=Il link che Vus avais duvr&agrave; &egrave; scad&igrave;. Endatai Vossa adressa d'e-mail per survegnir in nov link.
+recovery_intro_email.banner.info=Inditgai Vossa adressa d'e-mail. Nus As tramettain in link cun il qual Vus pudais cumenzar cun il process da recuperaziun.
+recovery_intro_email.important=Impurtant:
+recovery_intro_email.process=Il process da recuperaziun duess mo vegnir duvr&agrave; en cas che Vus avais pers l'access a Voss facturs da login (stizz&agrave; l'app AGOV access, pers la clav da segirezza, pers il telefonin etc.).
+recovery_intro_email_sent.banner.button=N'avais betg retschav&igrave; il e-mail?
+recovery_intro_email_sent.banner.success=Grazia fitg! Proximamain vegnis Vus a retschaiver in e-mail cun in link da recupraziun ed instrucziuns.
+recovery_on_going.finishRecovery=Concluder la recuperaziun
+recovery_on_going.instruction=In process da recuperaziun &egrave; en curs. Il process da recuperaziun po cumpigliar ina verificaziun d'identitad. Per avair access ad applicaziuns cun Voss AGOV-Login, stuais Vus terminar la verificaziun d'identitad.
+recovery_on_going.title=Concludai Voss process da recuperaziun per plaschair.
+recovery_questionnaire_instructions.banner.info=Resguardai che en tscherts cas stuais Vus avair access a Voss code da recuperaziun per che la recupraziun po reussir.
+recovery_questionnaire_instructions.explanation=Sin basa da Vossas respostas pari d'esser necessari da recuperar Voss login AGOV. Cliccai sin Vinavant e suandai las instrucziuns sin il monitur.
+recovery_questionnaire_instructions.instruction1=Inditgai l'adressa d'e-mail da Voss login AGOV. Nus As tramettain in link cun il qual Vus pudais cumenzar il process da recuperaziun
+recovery_questionnaire_instructions.instruction2=Suandai ils pass per recuperar Voss conto (ils pass varieschan tenor il nivel da verificaziun da Voss conto)
+recovery_questionnaire_loginfactor.banner.error=Selecziunai ina resposta per plaschair.
+recovery_questionnaire_loginfactor.no=Na
+recovery_questionnaire_loginfactor.question=Avais Vus registr&agrave; pli che in factur da login (app AGOV access u clav da segirezza) per Voss login AGOV?
+recovery_questionnaire_loginfactor.yes=Gea
+recovery_questionnaire_no_recovery.explanation1=Sin basa da Vossas respostas na pari betg d'esser necessari da recuperar Voss login AGOV per il mument.
+recovery_questionnaire_no_recovery.explanation2=Sche Vus duvrais ulteriuras infurmaziuns, consultai <a class='link' href='https://agov.ch/help' target='_blank'>agov.ch/help</a> per artitgels da support.
+recovery_questionnaire_no_recovery.instruction1=Sche Vus avais difficultads d'As annunziar per in'applicaziun, visitai <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> e verifitgai sche Vus As pudais annunziar cun success.
+recovery_questionnaire_no_recovery.instruction2=Sche Vus avais registr&agrave; plirs facturs da login, ma avais pers l'access ad in dad els, consultai <a class='link' href='https://agov.ch/me' target='_blank'>agov.ch/me</a> per stizzar il factur da login pers.
+recovery_questionnaire_reason_selection.answer1=Jau hai problems da m'annunziar, malgr&agrave; che jau hai mia app / clav da segirezza
+recovery_questionnaire_reason_selection.answer10=Jau hai pers in da mes facturs da login (app AGOV access u clav da segirezza)
+recovery_questionnaire_reason_selection.answer2=Jau n'hai betg pud&igrave; terminar mia registraziun
+recovery_questionnaire_reason_selection.answer3=Jau hai stizz&agrave;, u reinizialis&agrave; mia app AGOV access, u igl &egrave; inditg&agrave; che nagin conto exista
+recovery_questionnaire_reason_selection.answer4=Jau hai pers mes telefonin / mia clav da segirezza
+recovery_questionnaire_reason_selection.answer5=Jau hai in nov telefonin ed hai emblid&agrave; da transferir mia app AGOV access
+recovery_questionnaire_reason_selection.answer6=Jau hai emblid&agrave; il PIN per mia app AGOV access
+recovery_questionnaire_reason_selection.answer7=Jau hai mias clavs da segirezza u mias apps, hai dentant g&igrave; problems da m'annunziar
+recovery_questionnaire_reason_selection.answer8=Jau hai pers l'access a tut mias clavs da segirezza ed apps AGOV
+recovery_questionnaire_reason_selection.answer9=Jau hai problems cun in da mes facturs da login (stizz&agrave;, mess enavos, PIN emblid&agrave;)
+recovery_questionnaire_reason_selection.banner.error=Selecziunai in motiv per plaschair.
+recovery_questionnaire_reason_selection.instruction=Selecziunai per plaschair il motiv pertge che Vus cumenzais il process da recuperaziun:
+recovery_start_info.banner.warning=Vus na pudais betg utilisar Voss conto, fin ch'il process da recuperaziun &egrave; termin&agrave;.
+recovery_start_info.instruction=Durant il process da recuperaziun vegnis Vus a registrar in nov factur da login. Sche Voss conto cuntegna infurmaziuns verifitgadas, stuais Vus eventualmain era far in process da verificaziun per pudair concluder il process da recuperaziun.
+recovery_start_info.title=Vus essas vidlonder da cumenzar cun il process da recuperaziun
+timeout.description=Vossa sessiun &egrave; scadida. Serrai questa fanestra ed empruvai anc ina giada d'acceder per plaschair.
+timeout.title=Sessiun scadida
+user_input.invalid.email=Endatai in'adressa d'e-mail valida
+user_input.invalid.email.required=Champ obligatoric
+user_input.invalid.email.tooLong=Il text endat&agrave; e memia lung
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/apple.svg
@ -0,0 +1,10 @@
+<svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0)">
+<path d="M13.9697 17.2808C12.9941 18.2276 11.9177 18.08 10.8917 17.6336C9.80091 17.1782 8.80371 17.1494 7.65171 17.6336C6.21711 18.2528 5.45571 18.0728 4.59171 17.2808C-0.28628 12.2588 0.433719 4.60879 5.97771 4.32079C7.32231 4.39279 8.26371 5.06419 9.05571 5.11999C10.2329 4.88059 11.3597 4.19479 12.6197 4.28479C14.1335 4.40719 15.2657 5.00479 16.0217 6.07938C12.9077 7.95138 13.6457 12.0554 16.5059 13.2074C15.9335 14.7104 15.1991 16.1954 13.9679 17.2934L13.9697 17.2808ZM8.94771 4.26679C8.80191 2.03479 10.6109 0.198798 12.6917 0.0187988C12.9779 2.59279 10.3517 4.51879 8.94771 4.26679Z" fill="#1F2F33"/>
+</g>
+<defs>
+<clipPath id="clip0">
+<rect width="15.156" height="18" fill="white" transform="translate(1.3335)"/>
+</clipPath>
+</defs>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_login.js
@ -0,0 +1,195 @@
+let baseURL; // base URL
+let statusToken; // used to check progress
+let dispatcherElement; // to display link or QR code
+let infoElement; // to display info text
+let errorElement; // to display error text
+
+function addInput(form, name, value) {
+  const input = document.createElement("input");
+  input.name = name;
+  input.value = value;
+  form.appendChild(input);
+}
+
+function submitStatus(status) {
+  // we have to do a form POST instead of AJAX
+  const form = document.createElement("form");
+  form.method = "POST";
+  form.style.display = "none";
+  addInput(form, "status", status);
+  document.body.appendChild(form);
+  form.submit();
+}
+
+const Status = {
+    _pollInterval: 2 * 1000, // Check every 2 seconds
+    latest: null,
+
+    startPolling: function (token, uiCallback) {
+        let interval = setInterval(async () => {
+            await this._check(token).then(function (resp) {
+                console.log("Polling status: %o", resp);
+                uiCallback && uiCallback(resp, false);
+                return Status.latest = resp;
+            })
+            .catch(function (err) {
+                console.error("Error during polling: %o", err);
+                return false;
+            });
+            if (Status.latest && (Status.latest.status === 'succeeded' || Status.latest.status === 'failed' || Status.latest.status === 'unknown')) {
+                // Done!
+                console.log('Latest status is: %o', this.latest);
+                uiCallback && uiCallback(this.latest, true);
+                clearInterval(interval);
+            }
+        }, this._pollInterval);
+    },
+
+    _check: async function (token) {
+        const payload = { statusToken: token };
+        const response = await fetch(baseURL + 'api/v1/status', {
+            method: 'POST',
+            mode: 'cors',
+            cache: 'no-cache',
+            credentials: 'omit',
+            headers: {
+                'Accept': 'application/json',
+                'Content-Type': 'application/json;charset=utf-8'
+            },
+            body: JSON.stringify(payload),
+            redirect: 'follow',
+            referrerPolicy: 'no-referrer'
+        });
+
+        return await response.json();
+    }
+};
+
+function setDeepLinkLabel(button) {
+    const text = document.getElementById('info.login.access_app').innerText;
+    button.innerHTML = text;
+}
+
+function messageScanQR() {
+    const text = document.getElementsByName('info.qrcode')[0].value;
+    infoElement.innerHTML = text;
+}
+
+function messageCheckPhone() {
+    const text = document.getElementsByName('info.check.phone')[0].value;
+    infoElement.innerHTML = text;
+}
+
+function showError() {
+    const text = document.getElementsByName('error.authcloud.login')[0].value;
+    errorElement.innerHTML = text;
+    infoElement.style.display = "none";
+}
+
+const AccessAppElement = {
+
+    _elem: null, // QR code or deep link depending on device
+
+    show: function (appLink) {
+        const userAgent = navigator.userAgent || navigator.vendor || window.opera;
+        const isIphone = 'iPhone' === navigator.platform;
+        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
+        if (isAndroid || isIphone) {
+            this._elem = document.createElement('a');
+            this._elem.setAttribute('href', appLink);
+            this._elem.setAttribute('class', 'btn btn-primary w-100 mt-4');
+            this._elem.setAttribute('target', '_blank');
+            // distinguishes style for platforms
+            dispatcherElement.classList.add('mobile-platform');
+
+            dispatcherElement.appendChild(this._elem);
+            setDeepLinkLabel(this._elem);
+        }
+        else {
+            const authenticationType = document.getElementsByName('authenticationType')[0].value;
+            if (authenticationType == 'push') {
+                messageCheckPhone();
+            }
+            else {
+                messageScanQR();
+                const qrSize = 280;
+                // Element to render the QR code
+                this._elem = document.createElement('canvas');
+                // Wrapper div to render corners
+                const qrCodeWrapper = document.createElement('div');
+                qrCodeWrapper.setAttribute('id','qr-code-wrapper');
+                qrCodeWrapper.style.width = `${qrSize}px`;
+                qrCodeWrapper.style.height = `${qrSize}px`;
+                qrCodeWrapper.appendChild(this._elem)
+                dispatcherElement.style.height = `${qrSize}px`;
+                dispatcherElement.appendChild(qrCodeWrapper);
+                const qrcode = new QRious({
+                  element: this._elem,
+                  // use --nevis-gray-900 CSS variable value
+                  foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
+                  level: "M",
+                  size: qrSize,
+                  value: appLink
+                });
+            }
+        }
+    },
+
+    hide: function() {
+        // hide the element which was shown
+        if (this._elem != null) {
+            this._elem.style.display = "none";
+        }
+    }
+};
+
+function authenticateUser(appLink) {
+
+    AccessAppElement.show(appLink);
+
+    console.log('Starting Auth Cloud status polling...');
+
+    Status.startPolling(statusToken, (st, done) => {
+
+        if (st.status === 'succeeded') {
+
+            console.log('Auth Cloud success.');
+
+            // auto submit form with outcome
+            submitStatus('succeeded')
+        }
+        else if (st.status === 'failed') {
+
+            // failed: The transaction failed, either by timeout or because the user did not accept.
+            console.warn('Auth Cloud login failed. User abort or timeout.');
+
+            submitStatus('failed')
+        }
+        else if (st.status === 'unknown') {
+
+            console.error('Auth Cloud login failed. Unknown status.');
+
+            submitStatus('unknown')
+        }
+    });
+}
+
+function init() {
+
+    const form = document.getElementById('authcloud_login');
+
+    baseURL = form.url.value;
+    statusToken = form.statusToken.value;
+
+    infoElement = document.getElementById('authcloud_info');
+    errorElement = document.getElementById('authcloud_error');
+
+    dispatcherElement = document.getElementById('authcloud_dispatch');
+
+    const appLink = form.appLink.value;
+    authenticateUser(appLink);
+}
+
+window.onload = function() {
+  init();
+};
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/authcloud_onboard.js
@ -0,0 +1,209 @@
+let baseURL; // base URL
+let statusToken; // used to check progress
+let dispatcherElement; // to display link or QR code
+let infoElement; // to display info text
+let errorElement; // to display error text
+
+function addInput(form, name, value) {
+  const input = document.createElement("input");
+  input.name = name;
+  input.value = value;
+  form.appendChild(input);
+}
+
+function submitStatus(status) {
+  // we have to do a form POST instead of AJAX
+  const form = document.createElement("form");
+  form.method = "POST";
+  form.style.display = "none";
+  addInput(form, "status", status);
+  document.body.appendChild(form);
+  form.submit();
+}
+
+const Status = {
+    _pollInterval: 2 * 1000, // Check every 2 seconds
+    latest: null,
+
+    startPolling: function (token, uiCallback) {
+        let interval = setInterval(async () => {
+            await this._check(token).then(function (resp) {
+                console.log("Polling status: %o", resp);
+                uiCallback && uiCallback(resp, false);
+                return Status.latest = resp;
+            })
+            .catch(function (err) {
+                console.error("Error during polling: %o", err);
+                return false;
+            });
+            if (Status.latest && (Status.latest.status === 'succeeded' || Status.latest.status === 'failed' || Status.latest.status === 'unknown')) {
+                // Done!
+                console.log('Latest status is: %o', this.latest);
+                uiCallback && uiCallback(this.latest, true);
+                clearInterval(interval);
+            }
+        }, this._pollInterval);
+    },
+
+    _check: async function (token) {
+        const payload = { statusToken: token };
+        const response = await fetch(baseURL + 'api/v1/status', {
+            method: 'POST',
+            mode: 'cors',
+            cache: 'no-cache',
+            credentials: 'omit',
+            headers: {
+                'Accept': 'application/json',
+                'Content-Type': 'application/json;charset=utf-8'
+            },
+            body: JSON.stringify(payload),
+            redirect: 'follow',
+            referrerPolicy: 'no-referrer'
+        });
+
+        return await response.json();
+    }
+};
+
+function setDeepLinkLabel(button) {
+    const text = document.getElementsByName('info.deeplink')[0].value;
+    button.innerHTML = text;
+}
+
+function messageScanQR() {
+    const text = document.getElementsByName('info.qrcode')[0].value;
+    infoElement.innerHTML = text;
+}
+
+function messageInstalledAccessApp() {
+  const text = document.getElementById('info.access_app.installed').innerText;
+  infoElement.innerHTML = text;
+}
+
+const AccessAppElement = {
+
+    _elem: null, // QR code or deep link depending on device
+
+    show: function (appLink) {
+        const userAgent = navigator.userAgent || navigator.vendor || window.opera;
+        const isIphone = 'iPhone' === navigator.platform;
+        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
+        if (isAndroid || isIphone) {
+            if (isAndroid) {
+                document.getElementById('install_apple').style.display = 'none';
+            }
+            if (isIphone) {
+                document.getElementById('install_google').style.display = 'none';
+            }
+            this._elem = document.createElement('a');
+            this._elem.setAttribute('href', appLink);
+            this._elem.setAttribute('class', 'btn btn-primary w-100');
+            this._elem.setAttribute('target', '_blank');
+            // distinguishes style for platforms
+            dispatcherElement.classList.add('mobile-platform');
+            const accessApplinks = document.getElementById('access-app-download-link');
+            accessApplinks.classList.add('access-app-download-link-mobile-spacing');
+
+            dispatcherElement.appendChild(this._elem);
+            setDeepLinkLabel(this._elem);
+
+            // info text is displayed before access app links
+            accessApplinks.parentNode.insertBefore(infoElement.parentNode, accessApplinks);
+            messageInstalledAccessApp();
+        }
+        else {
+            messageScanQR();
+            const qrSize = 280;
+            // Element to render the QR code
+            this._elem = document.createElement('canvas');
+            // Wrapper div to render corners
+            const qrCodeWrapper = document.createElement('div');
+            qrCodeWrapper.setAttribute('id','qr-code-wrapper');
+            qrCodeWrapper.style.width = `${qrSize}px`;
+            qrCodeWrapper.style.height = `${qrSize}px`;
+            qrCodeWrapper.appendChild(this._elem)
+            dispatcherElement.style.height = `${qrSize}px`;
+            dispatcherElement.appendChild(qrCodeWrapper);
+            const qrcode = new QRious({
+              element: this._elem,
+              // use --nevis-gray-900 CSS variable value
+              foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
+              level: "M",
+              size: qrSize,
+              value: appLink
+            });
+        }
+    },
+
+    hide: function() {
+        // hide the element which was shown
+        if (this._elem != null) {
+            this._elem.style.display = "none";
+        }
+    }
+};
+
+function onboardUser(appLink) {
+
+    AccessAppElement.show(appLink);
+
+    console.log('Starting Auth Cloud status polling...');
+
+    Status.startPolling(statusToken, (st, done) => {
+
+        if (st.status === 'succeeded') {
+
+            console.log('Auth Cloud success.');
+
+            // auto submit form with outcome
+            submitStatus('succeeded')
+        }
+        else if (st.status === 'failed') {
+
+            // failed: The transaction failed, either by timeout or because the user did not accept.
+            console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
+
+            submitStatus('failed')
+        }
+        else if (st.status === 'unknown') {
+
+            console.error('Authentication Cloud onboarding failed. Unknown status.');
+
+            submitStatus('unknown')
+        }
+    });
+}
+
+const swap = function (nodeA, nodeB) {
+    const parentA = nodeA.parentNode;
+    const siblingA = nodeA.nextSibling === nodeB ? nodeA : nodeA.nextSibling;
+
+    // Move `nodeA` to before the `nodeB`
+    nodeB.parentNode.insertBefore(nodeA, nodeB);
+
+    // Move `nodeB` to before the sibling of `nodeA`
+    parentA.insertBefore(nodeB, siblingA);
+};
+
+function init() {
+
+    const form = document.getElementById('authcloud_onboard');
+
+    baseURL = form.url.value;
+    statusToken = form.statusToken.value;
+
+    infoElement = document.getElementById('authcloud_info');
+    errorElement = document.getElementById('authcloud_error');
+
+    dispatcherElement = document.getElementById('authcloud_dispatch');
+
+    // info texts are displayed underneath QR code
+    swap(infoElement.parentNode, dispatcherElement.parentNode);
+
+    const appLink = form.appLink.value;
+    onboardUser(appLink);
+}
+
+window.onload = function() {
+  init();
+};
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/base64.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/base64.js
@ -0,0 +1,87 @@
+/*
+ * Base64URL-ArrayBuffer
+ * https://github.com/herrjemand/Base64URL-ArrayBuffer
+ *
+ * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
+ * Copyright (c) 2012 Niklas von Hertzen
+ * Licensed under the MIT license.
+ *
+ */
+(function() {
+    "use strict";
+
+    var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+
+    // Use a lookup table to find the index.
+    var lookup = new Uint8Array(256);
+    for (var i = 0; i < chars.length; i++) {
+        lookup[chars.charCodeAt(i)] = i;
+    }
+
+    var encode = function(arraybuffer) {
+        var bytes = new Uint8Array(arraybuffer),
+        i, len = bytes.length, base64 = "";
+
+        for (i = 0; i < len; i+=3) {
+            base64 += chars[bytes[i] >> 2];
+            base64 += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
+            base64 += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
+            base64 += chars[bytes[i + 2] & 63];
+        }
+
+        if ((len % 3) === 2) {
+            base64 = base64.substring(0, base64.length - 1);
+        } else if (len % 3 === 1) {
+            base64 = base64.substring(0, base64.length - 2);
+        }
+
+        return base64;
+    };
+
+    var decode = function(base64) {
+        var bufferLength = base64.length * 0.75,
+        len = base64.length, i, p = 0,
+        encoded1, encoded2, encoded3, encoded4;
+
+        var arraybuffer = new ArrayBuffer(bufferLength),
+        bytes = new Uint8Array(arraybuffer);
+
+        for (i = 0; i < len; i+=4) {
+            encoded1 = lookup[base64.charCodeAt(i)];
+            encoded2 = lookup[base64.charCodeAt(i+1)];
+            encoded3 = lookup[base64.charCodeAt(i+2)];
+            encoded4 = lookup[base64.charCodeAt(i+3)];
+
+            bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
+            bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
+            bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
+        }
+
+        return arraybuffer;
+    };
+
+     /**
+     * Exporting and stuff
+     */
+    if (typeof module !== 'undefined' && typeof module.exports !== 'undefined') {
+        module.exports = {
+            'encode': encode,
+            'decode': decode
+        }
+
+    } else {
+        if (typeof define === 'function' && define.amd) {
+            define([], function() {
+                return {
+                    'encode': encode,
+                    'decode': decode
+                }
+            });
+        } else {
+            window.base64url = {
+                'encode': encode,
+                'decode': decode
+            }
+        }
+    }
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.bundle.min.js
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/bootstrap.min.css
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-down.svg
@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M12.6667 6L8 10.6667L3.33333 6" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/chevron-right.svg
@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <path d="M6 3.33332L10.6667 7.99999L6 12.6667" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/copy-to-clipboard.js
@ -0,0 +1,27 @@
+function copyToClipboard(containerid) {
+  if (document.selection) {
+    var range = document.body.createTextRange();
+    range.moveToElementText(document.getElementById(containerid));
+    range.select().createTextRange();
+    document.execCommand("copy");
+  } else if (window.getSelection) {
+    var range = document.createRange();
+    range.selectNode(document.getElementById(containerid));
+    window.getSelection().addRange(range);
+    document.execCommand("copy");
+  }
+
+  // clear selection
+  if (window.getSelection) {
+    if (window.getSelection().empty) {
+      // Chrome
+      window.getSelection().empty();
+    } else if (window.getSelection().removeAllRanges) {
+      // Firefox
+      window.getSelection().removeAllRanges();
+    }
+  } else if (document.selection) {
+    // IE
+    document.selection.empty();
+  }
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/customized-bootstrap.css
@ -0,0 +1,755 @@
+/*!
+ * Bootstrap v5.1.3 (https://getbootstrap.com/)
+ * Copyright 2011-2021 The Bootstrap Authors
+ * Copyright 2011-2021 Twitter, Inc.
+ * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
+*/
+
+/*
+ * This file contains customized bootstrap classes which are in the same name, however differ in the implementation.
+ * Classes use CSS custom properties from :root to be runtime modifiable.
+ * Used a portion of bootstrap classes which satisfy the requirements without to include the whole bootstrap bundle.
+ * If you would like to add new classes as "override" or extension please use the bootstrap naming convention.
+*/
+
+/* Form controls */
+.form-label {
+  margin-bottom: 0.25rem;
+}
+
+.form-check:has(.form-check-label) {
+  padding: 1em 1em 1em 1.6em;
+  border-top: solid 1px lightgray;
+  margin: 0 1em 0 1em;
+}
+
+.form-check-label {
+  font-size: 0.875rem !important;
+}
+
+.form-group {}
+
+.form-control {
+  display: block;
+  width: 100%;
+  padding: 0.5625rem 0.75rem;
+  font-size: 1rem;
+  font-weight: 400;
+  line-height: 1.25rem;
+  color: var(--nevis-black);
+  background-color: var(--nevis-white);
+  background-clip: padding-box;
+  border: 0.0625rem solid var(--nevis-form-control-border-color);
+  border-radius: var(--nevis-border-radius);
+  -webkit-appearance: none;
+  -moz-appearance: none;
+  appearance: none;
+  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+}
+
+@media (prefers-reduced-motion: reduce) {
+  .form-control {
+    transition: none;
+  }
+}
+
+.form-control:focus {
+  color: var(--nevis-black);
+  background-color: var(--nevis-white);
+  border-color: var(--nevis-primary);
+  outline: 0;
+  box-shadow: 0 0 0 0.0625rem var(--nevis-primary);
+}
+
+.form-control::-webkit-date-and-time-value {
+  height: 1.5em;
+}
+
+.form-control::-moz-placeholder {
+  color: var(--nevis-secondary);
+  opacity: 1;
+}
+
+.form-control::placeholder {
+  color: var(--nevis-secondary);
+  opacity: 1;
+}
+
+.form-control:disabled {
+  font-size: 0.875rem;
+  background-color: #e9ecef;
+  opacity: 1;
+}
+
+.form-control[readonly] {
+  background: var(--nevis-readonly-bg-color);
+  border-color: var(--nevis-readonly-border-color);
+  border-radius: var(--nevis-border-radius);
+  color: var(--nevis-gray-900);
+  font-size: 0.875rem;
+}
+
+.form-control[readonly]:focus {
+  box-shadow: 0 0 0 0.0625rem var(--nevis-readonly-box-shadow-color);
+}
+
+/* Valdiation */
+.invalid-feedback {
+  display: none;
+  width: 100%;
+  margin-top: 0.25rem;
+  font-size: 0.875em;
+  color: var(--nevis-danger);
+}
+
+.was-validated :invalid~.invalid-feedback,
+.was-validated :invalid~.invalid-tooltip,
+.is-invalid~.invalid-feedback,
+.is-invalid~.invalid-tooltip {
+  display: block;
+}
+
+/* Added for 3rd party International Telephone Input */
+.was-validated .iti~.invalid-feedback.invalid-feedback-ready,
+.was-validated .iti~.invalid-tooltip.invalid-feedback-ready {
+  display: block;
+}
+
+.was-validated .form-control:invalid,
+.form-control.is-invalid {
+  border-color: var(--nevis-danger);
+  border-width: 0.125rem;
+  padding-right: inherit;
+  background-image: none;
+  background-repeat: no-repeat;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-control:invalid:focus,
+.form-control.is-invalid:focus {
+  border-color: var(--nevis-danger);
+  box-shadow: none;
+}
+
+.form-control:valid,
+.form-control.is-valid {
+  background-image: none;
+}
+
+/* remove valid feedback classes */
+.was-validated .form-control:valid,
+.form-control.is-valid {
+  border-color: var(--nevis-gray-400);
+  padding-right: inherit;
+  background-image: inherit;
+  background-repeat: no-repeat;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-control:valid:focus,
+.form-control.is-valid:focus {
+  border-color: var(--nevis-gray-400);
+  box-shadow: unset;
+}
+
+.was-validated textarea.form-control:valid,
+textarea.form-control.is-valid {
+  padding-right: inherit;
+  background-position: inherit;
+}
+
+.was-validated .form-select:valid,
+.form-select.is-valid {
+  border-color: var(--nevis-gray-400);
+}
+
+.was-validated .form-select:valid:not([multiple]):not([size]),
+.was-validated .form-select:valid:not([multiple])[size="1"],
+.form-select.is-valid:not([multiple]):not([size]),
+.form-select.is-valid:not([multiple])[size="1"] {
+  padding-right: inherit;
+  background-image: none;
+  background-position: inherit;
+  background-size: inherit;
+}
+
+.was-validated .form-select:valid:focus,
+.form-select.is-valid:focus {
+  border-color: var(--nevis-gray-400);
+  box-shadow: unset;
+}
+
+.was-validated .form-check-input:valid,
+.form-check-input.is-valid {
+  border-color: var(--nevis-gray-400);
+}
+
+.was-validated .form-check-input:valid:checked,
+.form-check-input.is-valid:checked {
+  background-color: inherit;
+}
+
+.was-validated .form-check-input:valid:focus,
+.form-check-input.is-valid:focus {
+  box-shadow: unset;
+}
+
+.was-validated .form-check-input:valid~.form-check-label,
+.form-check-input.is-valid~.form-check-label {
+  color: inherit;
+}
+
+/* Buttons */
+.btn {
+  display: inline-block;
+  font-weight: 500;
+  line-height: 1.5rem;
+  color: var(--nevis-black);
+  text-align: center;
+  text-decoration: none;
+  vertical-align: middle;
+  cursor: pointer;
+  -webkit-user-select: none;
+  -moz-user-select: none;
+  user-select: none;
+  background-color: transparent;
+  border: 0.0625rem solid transparent;
+  padding: 0.75rem 1.25rem;
+  font-size: 1rem;
+  border-radius: var(--nevis-border-radius);
+  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+}
+
+@media (prefers-reduced-motion: reduce) {
+  .btn {
+    transition: none;
+  }
+}
+
+.btn:hover {
+  color: var(--nevis-black);
+}
+
+.btn:disabled,
+.btn.disabled,
+fieldset:disabled .btn {
+  pointer-events: none;
+  opacity: 0.65;
+}
+
+/* remove box-shadows by default, enable later by colors */
+.btn:focus {
+  box-shadow: unset;
+}
+
+.btn-check:checked+.btn-primary:focus,
+.btn-check:active+.btn-primary:focus,
+.btn-primary:active:focus,
+.btn-primary.active:focus,
+.show>.btn-primary.dropdown-toggle:focus {
+  box-shadow: unset;
+}
+
+/* Primary Button */
+.btn-primary {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:hover {
+  color: var(--nevis-white);
+  filter: brightness(110%);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:focus {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  filter: brightness(110%);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:active,
+.btn-primary.active {
+  color: var(--nevis-white);
+  background-color: var(--nevis-primary);
+  border-color: var(--nevis-primary);
+  filter: brightness(90%);
+}
+
+.btn-primary:active:focus,
+.btn-primary.active:focus {
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
+}
+
+.btn-primary:disabled,
+.btn-primary.disabled {
+  color: var(--nevis-secondary);
+  background-color: var(--nevis-gray-100);
+  border-color: var(--nevis-gray-100);
+  box-shadow: none;
+  filter: brightness(1);
+}
+
+/* Secondary Button */
+.btn-secondary {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:hover {
+  color: var(--nevis-gray-900);
+  filter: brightness(110%);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:focus {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  filter: brightness(110%);
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:active,
+.btn-secondary.active {
+  color: var(--nevis-gray-900);
+  background-color: var(--nevis-gray-200);
+  border-color: var(--nevis-gray-200);
+  filter: brightness(90%);
+}
+
+.btn-secondary:active:focus,
+.btn-secondary.active:focus {
+  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
+}
+
+.btn-secondary:disabled,
+.btn-secondary.disabled {
+  color: var(--nevis-secondary);
+  background-color: var(--nevis-gray-100);
+  border-color: var(--nevis-gray-100);
+  box-shadow: none;
+  filter: brightness(1);
+}
+
+.btn-link {
+  font-size: 0.875rem !important;
+  vertical-align: baseline;
+  border: none;
+  color: var(--nevis-primary);
+  background: none;
+  text-decoration: none;
+  padding: 0;
+}
+
+/* Componentes */
+.dropdown-toggle::after {
+  display: none !important;
+}
+
+/* Utilities */
+h6,
+.h6,
+h5,
+.h5,
+h4,
+.h4,
+h3,
+.h3,
+h2,
+.h2,
+h1,
+.h1 {
+  margin-top: 0;
+  font-weight: 500;
+  line-height: 1.2;
+}
+
+h1,
+.h1 {
+  font-size: calc(1.375rem + 1.5vw);
+}
+
+@media (min-width: 1200px) {
+
+  h1,
+  .h1 {
+    font-size: 2.5rem;
+  }
+}
+
+h2,
+.h2 {
+  font-size: calc(1.325rem + 0.9vw);
+}
+
+@media (min-width: 1200px) {
+
+  h2,
+  .h2 {
+    font-size: 2rem;
+  }
+}
+
+h3,
+.h3 {
+  font-size: calc(1.3rem + 0.6vw);
+}
+
+@media (min-width: 1200px) {
+
+  h3,
+  .h3 {
+    font-size: 1.75rem;
+  }
+}
+
+h4,
+.h4 {
+  font-size: calc(1.275rem + 0.3vw);
+}
+
+@media (min-width: 1200px) {
+
+  h4,
+  .h4 {
+    font-size: 1.5rem;
+  }
+}
+
+h5,
+.h5 {
+  font-size: 1.25rem;
+}
+
+h6,
+.h6 {
+  font-size: 1rem;
+}
+
+small,
+.small {
+  font-size: 0.875rem !important;
+}
+
+.text-primary {
+  color: var(--nevis-primary) !important;
+}
+
+.text-secondary {
+  color: var(--nevis-secondary) !important;
+}
+
+.text-success {
+  color: var(--nevis-success) !important;
+}
+
+.text-info {
+  color: var(--nevis-info) !important;
+}
+
+.text-warning {
+  color: var(--nevis-warning) !important;
+}
+
+.text-danger {
+  color: var(--nevis-danger) !important;
+}
+
+.text-light {
+  color: var(--nevis-light) !important;
+}
+
+.text-dark {
+  color: var(--nevis-dark) !important;
+}
+
+.text-white {
+  color: var(--nevis-white) !important;
+}
+
+.bg-primary {
+  background-color: var(--nevis-primary) !important;
+}
+
+.bg-secondary {
+  background-color: var(--nevis-secondary) !important;
+}
+
+.bg-success {
+  background-color: var(--nevis-success) !important;
+}
+
+.bg-info {
+  background-color: var(--nevis-info) !important;
+}
+
+.bg-warning {
+  background-color: var(--nevis-warning) !important;
+}
+
+.bg-danger {
+  background-color: var(--nevis-danger) !important;
+}
+
+.bg-light {
+  background-color: var(--nevis-light) !important;
+}
+
+.bg-dark {
+  background-color: var(--nevis-dark) !important;
+}
+
+.bg-body {
+  background-color: var(--nevis-white) !important;
+}
+
+.bg-white {
+  background-color: var(--nevis-white) !important;
+}
+
+.link-primary {
+  color: var(--nevis-primary);
+}
+
+.link-primary:hover,
+.link-primary:focus {
+  color: var(--nevis-primary);
+  filter: brightness(80%);
+}
+
+.link-secondary {
+  color: var(--nevis-secondary);
+}
+
+.link-secondary:hover,
+.link-secondary:focus {
+  color: var(--nevis-secondary);
+  filter: brightness(80%);
+}
+
+.link-success {
+  color: var(--nevis-success);
+}
+
+.link-success:hover,
+.link-success:focus {
+  color: var(--nevis-success);
+  filter: brightness(80%);
+}
+
+.link-info {
+  color: var(--nevis-info);
+}
+
+.link-info:hover,
+.link-info:focus {
+  color: var(--nevis-info);
+  filter: brightness(80%);
+}
+
+.link-warning {
+  color: var(--nevis-warning);
+}
+
+.link-warning:hover,
+.link-warning:focus {
+  color: var(--nevis-warning);
+  filter: brightness(80%);
+}
+
+.link-danger {
+  color: var(--nevis-danger);
+}
+
+.link-danger:hover,
+.link-danger:focus {
+  color: var(--nevis-danger);
+  filter: brightness(80%);
+}
+
+.link-light {
+  color: var(--nevis-light);
+}
+
+.link-light:hover,
+.link-light:focus {
+  color: var(--nevis-light);
+  filter: brightness(80%);
+}
+
+.link-dark {
+  color: var(--nevis-dark);
+}
+
+.link-dark:hover,
+.link-dark:focus {
+  color: var(--nevis-dark);
+  filter: brightness(80%);
+}
+
+.border-primary {
+  border-color: var(--nevis-primary) !important;
+}
+
+.border-secondary {
+  border-color: var(--nevis-secondary) !important;
+}
+
+.border-success {
+  border-color: var(--nevis-success) !important;
+}
+
+.border-info {
+  border-color: var(--nevis-info) !important;
+}
+
+.border-warning {
+  border-color: var(--nevis-warning) !important;
+}
+
+.border-danger {
+  border-color: var(--nevis-danger) !important;
+  border-width: 0.125rem;
+}
+
+.border-light {
+  border-color: var(--nevis-light) !important;
+}
+
+.border-dark {
+  border-color: var(--nevis-dark) !important;
+}
+
+.border-white {
+  border-color: var(--nevis-white) !important;
+}
+
+
+/* EXTENSION PART */
+
+/* Spacing */
+.mt-20 {
+  margin-top: 1.25rem;
+}
+
+.me-5px {
+  margin-right: 0.3125rem;
+}
+
+.my-40 {
+  margin: 2.5rem 0;
+}
+
+.mb-40 {
+  margin-bottom: 2.5rem;
+}
+
+/* Colors */
+
+.text-nevis-blue {
+  color: var(--nevis-blue-600) !important;
+}
+
+.bg-nevis-blue {
+  background-color: var(--nevis-blue-600) !important;
+}
+
+.border-nevis-blue {
+  border-color: var(--nevis-blue-600) !important;
+}
+
+.link-nevis-blue {
+  color: var(--nevis-blue-600);
+}
+
+.link-nevis-blue:hover,
+.link-nevis-blue:focus {
+  color: var(--nevis-blue-600);
+  filter: brightness(80%);
+}
+
+.btn-language-selector {
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  flex-shrink: 0;
+  padding: 0;
+  min-width: 0;
+  box-sizing: border-box;
+  box-shadow: none;
+  font-size: 0.875rem !important;
+  line-height: 1.25rem;
+  font-weight: normal;
+  outline: none;
+  border: none;
+  vertical-align: baseline;
+  text-align: center;
+  background-color: initial;
+  color: var(--nevis-gray-900);
+}
+
+.btn-language-selector:hover {
+  background: initial;
+}
+
+.btn-language-selector:active {
+  background: initial;
+}
+
+.btn-language-selector:focus {
+  box-shadow: none;
+}
+
+.btn-language-selector+.dropdown-menu {
+  min-width: 0;
+  width: 10rem;
+  padding: 0.25rem 0;
+  /* centering the dropdown */
+  margin-left: -0.5rem !important;
+  margin-top: 0.5rem !important;
+  overflow: hidden;
+  box-shadow: 0rem 0rem 0rem 0.0625rem var(--nevis-gray-200),
+    0rem 0.1875rem 1.25rem -0.625rem var(--nevis-gray-900);
+  border-radius: var(--nevis-border-radius);
+  border: 0;
+}
+
+.btn-language-selector+.dropdown-menu>li {
+  overflow: hidden;
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item {
+  font-style: normal;
+  font-weight: normal;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  padding: 0.5rem 1rem;
+  color: var(--nevis-gray-900);
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:hover {
+  background: var(--nevis-blue-100);
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:focus {
+  background: none;
+}
+
+.btn-language-selector+.dropdown-menu .dropdown-item:active,
+.btn-language-selector+.dropdown-menu .dropdown-item.active {
+  background: var(--nevis-blue-100);
+  filter: brightness(90%);
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/display-recovery-codes.js
@ -0,0 +1,23 @@
+function displayRecoveryCodes() {
+  const recoverCodes = document.getElementById("recovery-codes-raw");
+  // early return if recoverCodes not found
+  if (!recoverCodes) {
+    return;
+  }
+
+  var recoveryCodesContent = recoverCodes.innerHTML;
+  recoveryCodesContent = recoveryCodesContent.replace("[", "");
+  recoveryCodesContent = recoveryCodesContent.replace("]", "");
+  recoveryCodesContent = recoveryCodesContent.split(",");
+  for (let i = 0; i < recoveryCodesContent.length; i++) {
+    if (i % 2 == 0) {
+      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-gray printable\">" + recoveryCodesContent[i] + "</div>";
+    }
+    else {
+      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-white printable\">" + recoveryCodesContent[i] + "</div>";
+    }
+  }
+  recoverCodes.remove();
+}
+
+displayRecoveryCodes();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/download-recovery-codes.js
@ -0,0 +1,26 @@
+function downloadRecoveryCodes(contentContainerId) {
+  const textToDownload = document.getElementById(contentContainerId).innerText;
+  // It is necessary to create a new blob object with mime-type explicitly set
+  // otherwise only Chrome works like it should
+  const newBlob = new Blob([textToDownload], { type: "text/plain" });
+
+  // IE doesn't allow using a blob object directly as link href
+  // instead it is necessary to use msSaveOrOpenBlob
+  if (window.navigator && window.navigator.msSaveOrOpenBlob) {
+    window.navigator.msSaveOrOpenBlob(newBlob, "recovery-codes.txt");
+    return;
+  }
+
+  // For other browsers:
+  // Create a link pointing to the ObjectURL containing the blob.
+  const data = window.URL.createObjectURL(newBlob);
+  const link = document.createElement("a");
+  link.href = data;
+  link.download = "recovery-codes.txt";
+  link.click();
+  setTimeout(() => {
+    // For Firefox it is necessary to delay revoking the ObjectURL
+    window.URL.revokeObjectURL(data);
+  }, 400);
+  link.remove();
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/exclamation.svg
@ -0,0 +1,3 @@
+<svg width="10" height="9" viewBox="0 0 10 9" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M3.95423 0.859245C4.413 0.0436633 5.58725 0.0436629 6.04602 0.859245L9.3942 6.81157C9.84416 7.61149 9.2661 8.59988 8.34831 8.59988H1.65194C0.734151 8.59988 0.156094 7.61149 0.606052 6.81157L3.95423 0.859245ZM5.60007 6.79995C5.60007 7.13132 5.33144 7.39995 5.00007 7.39995C4.6687 7.39995 4.40007 7.13132 4.40007 6.79995C4.40007 6.46858 4.6687 6.19995 5.00007 6.19995C5.33144 6.19995 5.60007 6.46858 5.60007 6.79995ZM5.00007 1.99995C4.6687 1.99995 4.40007 2.26858 4.40007 2.59995V4.39995C4.40007 4.73132 4.6687 4.99995 5.00007 4.99995C5.33144 4.99995 5.60007 4.73132 5.60007 4.39995V2.59995C5.60007 2.26858 5.33144 1.99995 5.00007 1.99995Z" fill="#F25562"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye-off.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye-off.svg
@ -0,0 +1,3 @@
+<svg width="22" height="20" viewBox="0 0 22 20" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/eye.svg
@ -0,0 +1,4 @@
+<svg width="22" height="16" viewBox="0 0 22 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/face.svg
@ -0,0 +1,10 @@
+<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M54 10H62C66.4183 10 70 13.5817 70 18V26" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M10 26L10 18C10 13.5817 13.5817 10 18 10L26 10" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M26 70L18 70C13.5817 70 10 66.4183 10 62L10 54" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<path d="M70 54L70 62C70 66.4183 66.4183 70 62 70L54 70" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+<circle cx="40" cy="40" r="22" stroke="#168CA9" stroke-width="4"/>
+<path d="M48 48.5C43.5817 53.8333 36.4183 53.8333 32 48.5" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<rect x="49" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
+<rect x="30" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/facebook.svg
@ -0,0 +1,4 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M18 9.00002C18 4.02945 13.9706 2.09808e-05 9 2.09808e-05C4.02943 2.09808e-05 0 4.02945 0 9.00002C0 13.4922 3.29117 17.2155 7.59375 17.8907V11.6016H5.30859V9.00002H7.59375V7.01721C7.59375 4.76158 8.93739 3.51565 10.9932 3.51565C11.9779 3.51565 13.0078 3.69143 13.0078 3.69143V5.90627H11.8729C10.7549 5.90627 10.4062 6.60003 10.4062 7.31176V9.00002H12.9023L12.5033 11.6016H10.4062V17.8907C14.7088 17.2155 18 13.4922 18 9.00002Z" fill="#1877F2"/>
+<path d="M12.5033 11.6016L12.9024 9.00006H10.4063V7.3118C10.4063 6.60007 10.7549 5.90631 11.873 5.90631H13.0078V3.69147C13.0078 3.69147 11.9779 3.51569 10.9932 3.51569C8.9374 3.51569 7.59376 4.76162 7.59376 7.01725V9.00006H5.30859V11.6016H7.59376V17.8907C8.05197 17.9626 8.52161 18.0001 9.00001 18.0001C9.47842 18.0001 9.94806 17.9626 10.4063 17.8907V11.6016H12.5033Z" fill="white"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth.js
@ -0,0 +1,64 @@
+(function() {
+  'use strict'
+
+  async function assertion(options) {
+    let assertion;
+    try {
+      assertion = await navigator.credentials.get({ "publicKey": options });
+    } 
+    // Cancel and timeout can occur besides error
+    catch (error) {
+      console.error(`Error while trying to collect WebAuthn credential. ${error}`);
+      throw error;
+    }
+    // as this is the last call we have to do a top-level request instead of AJAX
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.style.display = "none";
+    addInput(form, "path", "/nevisfido/fido2/assertion/result")
+    addInput(form, "id", assertion.id);
+    addInput(form, "type", assertion.type);
+    addInput(form, "response.clientDataJSON", base64url.encode(assertion.response.clientDataJSON));
+    addInput(form, "response.authenticatorData", base64url.encode(assertion.response.authenticatorData));
+    addInput(form, "response.signature", base64url.encode(assertion.response.signature));
+    document.body.appendChild(form);
+    form.submit();
+  }
+  
+  function authenticate() {
+    // WebAuthn feature detection
+    if(!isWebAuthnSupportedByTheBrowser()) {
+      // Trigger `Login Passwordless Fallback` pattern
+      cancelFido2();
+      return;
+    };
+
+    const request = {};
+    request.path = "/nevisfido/fido2/attestation/options";
+
+    // calling nevisFIDO through nevisAuth on current URL using AJAX
+    fetch("", {
+      method: "POST",
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify(request)
+    })
+    .then(res => res.json())
+    .then(options => {
+      options.challenge = base64url.decode(options.challenge);
+      options.allowCredentials = options.allowCredentials.map((c) => {
+        c.id = base64url.decode(c.id);
+        return c;
+      });
+        
+      return assertion(options);
+    }).catch((error) => {
+      console.error(`Error at fido2 authentication: ${error}`);
+      // Trigger `Login Passwordless Fallback` pattern
+      cancelFido2();
+    });
+  }
+
+  authenticate();
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth_std.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_auth_std.js
@ -0,0 +1,175 @@
+(function() {
+    'use strict'
+
+    async function authenticate(username, params) {
+
+        try {
+            const { authenticationOptionsEndpoint, authenticationEndpoint, statusServiceEndpoint, userVerification, originalResource, nevisAuthEndpoint } = params;
+            const { startAuthentication } = SimpleWebAuthnBrowser;
+
+            // fetch authentication options from nevisFIDO and save the returned fido2SessionId for later use
+            const authOptRespJson = await getAuthenticationOptions(username, userVerification, nevisAuthEndpoint);
+            const fido2SessionId = authOptRespJson.fido2SessionId;
+
+            // do the client side authentication using the SimpleWebAuthn JS library
+            const authRespJson = await startAuthentication(authOptRespJson);
+
+            // in case the authentication response does not contain a userHandle (e.g. virtual authenticators used in system tests)
+            // then we have to obtain it (in our case it is the IDM extId) using the Status Service since at the moment nevisFIDO always expects it
+            if (!authRespJson.response.userHandle) {
+                const statusRespJson = await getFido2SessionStatus(fido2SessionId, statusServiceEndpoint);
+
+                if (statusRespJson && statusRespJson.userId) {
+                    console.log("adding userHandle: " + statusRespJson.userId);
+                    authRespJson.response.userHandle = btoa(statusRespJson.userId); // add missing userHandle
+                }
+                else {
+                   throw new Error('userHandle is missing and could not determine it using the status service');
+                }
+            }
+            else {
+                console.log("userHandle already set: " + authRespJson.response.userHandle);
+            }
+
+            // send the assertion response created by the authenticator to nevisFIDO
+            const serverRespJson = await submitAssertion(authRespJson, authenticationEndpoint);
+
+            // checking the server response of nevisFIDO
+            if ((!serverRespJson) || (serverRespJson && serverRespJson.status !== 'ok')) {
+                let errorMessage = (serverRespJson && serverRespJson.errorMessage) ? serverRespJson.errorMessage : 'unexpected error';
+                throw new Error('authentication failed: ' + errorMessage);
+            }
+
+            // send a request to nevisAuth with the fido2SessionId in the header to trigger the synchronisation of the
+            // nevisFIDO and nevisAuth sessions (FIDO2 AuthState -> SyncFido2SessionStatusHandler) to reach AUTH_DONE
+            await updateNevisAuth(fido2SessionId, nevisAuthEndpoint);
+
+            console.log('authentication was successful');
+
+            console.log('reloading page...');
+            window.location.reload();
+        }
+        catch (error) {
+            console.error(`Error during FIDO2 authentication: ${error}`);
+            cancelFido2();
+        }
+    };
+
+    async function getAuthenticationOptions(username, userVerification, authenticationOptionsEndpoint) {
+
+        const authOptReqJson = {
+            'username': username,
+            'userVerification': userVerification,
+        };
+
+        const authOptReq = JSON.stringify(authOptReqJson);
+        console.log('authOptReq ==> ' + authOptReq);
+
+        const authOptResp = await fetch(authenticationOptionsEndpoint, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: authOptReq,
+        });
+
+        if (!authOptResp.ok) {
+            throw new Error('authOptResp error: HTTP ' + authOptResp.status + ' ' + authOptResp.statusText);
+        }
+
+        const authOptRespJson = await authOptResp.json()
+        console.log('authOptResp <== ' + JSON.stringify(authOptRespJson));
+
+        return authOptRespJson;
+    };
+
+    async function getFido2SessionStatus(fido2SessionId, statusServiceEndpoint) {
+
+        const statusReqJson = {
+            'fido2SessionId': fido2SessionId,
+        };
+
+        const statusReq = JSON.stringify(statusReqJson);
+        console.log('statusReq ==> ' + statusReq);
+
+        const statusResp = await fetch(statusServiceEndpoint, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: statusReq,
+        });
+
+        if (!statusResp.ok) {
+            throw new Error('statusResp error: HTTP ' + statusResp.status + ' ' + statusResp.statusText);
+        }
+
+        const statusRespJson = await statusResp.json();
+        console.log('statusResp <== ' + JSON.stringify(statusRespJson));
+
+        return statusRespJson;
+    }
+
+    async function submitAssertion(authRespJson, authenticationEndpoint) {
+
+        console.log("submitting assertion for userHandle: " + authRespJson.response.userHandle);
+
+        // TODO koenig 20230504: read btoa once nevisFIDO is adapted
+        let encodedAuthResp = {
+            "id": authRespJson.id,
+            "response": {
+                "authenticatorData": authRespJson.response.authenticatorData,
+                "signature": authRespJson.response.signature,
+                "userHandle": authRespJson.response.userHandle,
+                "clientDataJSON": authRespJson.response.clientDataJSON
+            },
+            "type": authRespJson.type
+        }
+
+        const authResp = JSON.stringify(encodedAuthResp);
+        console.log('authResp ==> ' + authResp);
+
+        const serverResp = await fetch(authenticationEndpoint, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: authResp,
+        });
+
+        if (!serverResp.ok) {
+            throw new Error('submitAssertion error: HTTP ' + submitAssertion.status + ' ' + submitAssertion.statusText);
+        }
+
+        const serverRespJson = await serverResp.json();
+        console.log('serverResp <== ' + JSON.stringify(serverRespJson));
+
+        return serverRespJson;
+    };
+
+    async function updateNevisAuth(fido2SessionId, nevisAuthEndpoint) {
+
+        console.log('updateNevisAuth ==> ' + fido2SessionId);
+
+        const updateNevisAuthResponse = await fetch(nevisAuthEndpoint, {
+            method: 'GET',
+            credentials: 'same-origin',
+            headers: {
+                'nevis-fido2-session-id': fido2SessionId,
+            }
+        });
+
+        if (!updateNevisAuthResponse.ok) {
+            throw new Error('updateNevisAuthResponse error: HTTP ' + updateNevisAuthResponse.status + ' ' + updateNevisAuthResponse.statusText);
+        }
+
+        console.log('updateNevisAuth <== OK');
+
+        return;
+    };
+
+    // TODO koenig 20230206: we don't generate IDs into the HTML yet
+    let username = document.getElementsByName("username")[0].value;
+    params.nevisAuthEndpoint = window.location.href;
+    authenticate(username, params);
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_check.js
@ -0,0 +1,25 @@
+function submit(result) {
+    // we have to do a top-level request instead of AJAX
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.style.display = "none";
+
+    addInput(form, "result", result)
+
+    document.body.appendChild(form);
+
+    form.submit();
+}
+
+function check() {
+  if (isWebAuthnSupportedByTheBrowser()) {
+    submit("ok");
+  }
+  else {
+    submit("error");
+  }
+}
+
+window.onload = () => {
+  check();
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_onboard.js
@ -0,0 +1,70 @@
+function dispatch(name) {
+  // we have to do a top-level request instead of AJAX
+  const form = document.createElement("form");
+  form.method = "POST";
+  form.style.display = "none";
+  addInput(form, name, "true");
+  document.body.appendChild(form);
+  form.submit();
+}
+
+async function attestation(options) {
+  let credential;
+  try {
+    credential = await navigator.credentials.create({ "publicKey": options });
+  }
+  // cancel and timeout can occur besides error
+  catch (error) {
+    console.error(`Failed to create WebAuthn credential: ${error}`);
+    throw error;
+  }
+  // as this is the last call we have to do a top-level request instead of AJAX
+  const form = document.createElement("form");
+  form.method = "POST";
+  form.style.display = "none";
+  addInput(form, "path", "/nevisfido/fido2/attestation/result")
+  addInput(form, "id", credential.id);
+  addInput(form, "type", credential.type);
+  addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
+  addInput(form, "response.attestationObject", base64url.encode(credential.response.attestationObject));
+  document.body.appendChild(form);
+  form.submit();
+}
+
+function startFido2() {
+
+  if (!isWebAuthnSupportedByTheBrowser()) {
+    dispatch("unsupported");
+    return;
+  };
+
+  const request = {};
+  request.path = "/nevisfido/fido2/attestation/options";
+
+  // calling nevisFIDO through nevisAuth on current URL using AJAX
+  fetch("", {
+    method: "POST",
+    headers: {
+      'Content-Type': 'application/json'
+    },
+    body: JSON.stringify(request)
+  })
+  .then(res => res.json())
+  .then(options => {
+    options.user.id = base64url.decode(options.user.id);
+    options.challenge = base64url.decode(options.challenge);
+    if (options.excludeCredentials != null) {
+      options.excludeCredentials = options.excludeCredentials.map((c) => {
+        c.id = base64url.decode(c.id);
+        return c;
+      });
+    }
+    if (options.authenticatorSelection.authenticatorAttachment === null) {
+      options.authenticatorSelection.authenticatorAttachment = undefined;
+    }
+    return attestation(options);
+  }).catch((error) => {
+    console.log('Error during FIDO2 onboarding: ' + error);
+    dispatch("failed");
+  });
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/fido2_utils.js
@ -0,0 +1,36 @@
+/**
+ * Checks whether WebAuthn is supported by the browser or not.
+ * @return true if supported, false if it is not supported or not in secure context
+ */
+function isWebAuthnSupportedByTheBrowser() {
+  if (window.isSecureContext) {
+    // This feature is available only in secure contexts in some or all supporting browsers.
+    if ('credentials' in navigator) {
+      return true;
+    }
+    console.warn('Oh no! This browser does not support WebAuthn.');
+    return false;
+  }
+  console.warn('WebAuthn feature is available only in secure contexts. For testing over HTTP, you can use the origin "localhost".');
+  return false;
+}
+
+/**
+ * Trigger on cancel pattern at the FIDO2 authentication flow.
+ * 
+ * Provides an alternative when the user decides to 
+ * cancel the fido2 credential operation(create or fetch) or
+ * the operation fails and the error cannot be handled.
+ */
+function cancelFido2() {
+  // we have to do a top-level request instead of AJAX
+  const form = document.createElement("form");
+  form.method = "POST";
+  form.style.display = "none";
+
+  addInput(form, "cancel_fido2", "true");
+
+  document.body.appendChild(form);
+
+  form.submit();
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/finger.svg
@ -0,0 +1,9 @@
+<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M56.2789 49.5761C56.2789 40.4331 48.8671 33.0213 39.7242 33.0213C30.5813 33.0213 23.1694 40.4331 23.1694 49.5761C23.1694 62.2356 32.2583 70.0261 32.2583 70.0261" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M47.8393 49.5763C47.8393 45.0945 44.206 41.4612 39.7242 41.4612C35.2424 41.4612 31.6091 45.0945 31.6091 49.5763C31.6091 62.5604 41.6718 68.7279 48.8131 71.0001" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M64.7191 49.5748C64.7191 35.7707 53.5287 24.5803 39.7247 24.5803C25.9206 24.5803 14.7302 35.7707 14.7302 49.5748C14.7302 55.093 17.0024 60.6113 17.0024 60.6113" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M66.4485 31.0739C60.6836 22.4617 50.8661 16.7914 39.7242 16.7914C28.5824 16.7914 18.7649 22.4617 13 31.0739" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M58.1132 13.5444C52.623 10.6428 46.3652 9 39.724 9C33.0827 9 26.825 10.6428 21.3347 13.5444" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M64.7185 49.2502C64.7185 53.5527 60.9399 57.0407 56.2788 57.0407C51.6177 57.0407 47.8391 53.5527 47.8391 49.2502" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+<path d="M58.8764 63.8706C57.8276 64.075 56.7421 64.1823 55.6304 64.1823C47.1222 64.1823 40.1431 57.8973 39.4558 49.8997" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/generated.txt
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/icons/google/google.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/icons/google/google.svg
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/info.svg
@ -0,0 +1,3 @@
+<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M32 18.6667V32M32 45.3333H32.0333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#EFBA00" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/link.svg
@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+    <path d="M6.3335 2.99992H3.00016C2.07969 2.99992 1.3335 3.74611 1.3335 4.66659V12.9999C1.3335 13.9204 2.07969 14.6666 3.00016 14.6666H11.3335C12.254 14.6666 13.0002 13.9204 13.0002 12.9999V9.66659M9.66683 1.33325H14.6668M14.6668 1.33325V6.33325M14.6668 1.33325L6.3335 9.66659" stroke="#168CA9" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/loading.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/loading.svg
@ -0,0 +1,31 @@
+<svg width="38" height="38" viewBox="0 0 38 38" xmlns="http://www.w3.org/2000/svg">
+    <defs>
+        <linearGradient x1="8.042%" y1="0%" x2="65.682%" y2="23.865%" id="a">
+            <stop stop-color="#168CA9" stop-opacity="0" offset="0%"/>
+            <stop stop-color="#168CA9" stop-opacity=".631" offset="63.146%"/>
+            <stop stop-color="#168CA9" offset="100%"/>
+        </linearGradient>
+    </defs>
+    <g fill="none" fill-rule="evenodd">
+        <g transform="translate(1 1)">
+            <path d="M36 18c0-9.94-8.06-18-18-18" id="Oval-2" stroke="url(#a)" stroke-width="2">
+                <animateTransform
+                    attributeName="transform"
+                    type="rotate"
+                    from="0 18 18"
+                    to="360 18 18"
+                    dur="0.9s"
+                    repeatCount="indefinite" />
+            </path>
+            <circle fill="#fff" cx="36" cy="18" r="1">
+                <animateTransform
+                    attributeName="transform"
+                    type="rotate"
+                    from="0 18 18"
+                    to="360 18 18"
+                    dur="0.9s"
+                    repeatCount="indefinite" />
+            </circle>
+        </g>
+    </g>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/logo.png
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/main.css
@ -0,0 +1,429 @@
+html,
+body {
+  height: 100%;
+}
+
+body {
+  font-family: var(--nevis-font-sans-serif);
+  font-size: 0.875rem;
+  color: var(--nevis-gray-900);
+  display: flex;
+  align-items: center;
+  padding-top: 2.5rem;
+  padding-bottom: 2.5rem;
+  background-color: #d1d5d6;
+}
+
+a {
+  text-decoration: none;
+  color: var(--nevis-primary);
+}
+
+/* add icon for links to external sites */
+a[rel~="external"]::after {
+  content: url("link.svg");
+  padding-left: 7px;
+  vertical-align: -2px;
+}
+
+/* Chrome, Safari, Edge, Opera */
+input::-webkit-outer-spin-button,
+input::-webkit-inner-spin-button {
+  -webkit-appearance: none;
+  margin: 0;
+}
+
+/* Firefox */
+input[type="number"] {
+  -moz-appearance: textfield;
+}
+
+button:disabled {
+  cursor: not-allowed;
+  pointer-events: all !important;
+}
+
+label {
+  font-size: 0.75rem;
+}
+
+span.text-secondary>div {
+  display: inline-block;
+}
+
+/* Screen specific CSS */
+.login-container {
+  width: 100%;
+  max-width: 22.5rem;
+  margin: auto;
+  background-color: var(--nevis-gray-100);
+  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
+  border-radius: 1.25rem;
+}
+
+.login-container-header {
+  padding: 1.25rem;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+}
+
+.login-container-minimal-header {
+  padding: 1.25rem;
+}
+
+.login-container-body {
+  background: #ffffff;
+  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
+  border-radius: 1.25rem;
+  min-height: 31.25rem;
+}
+
+.login-container-body-content {
+  padding: 2.5rem;
+}
+
+.login-container-body-content>.input-error~.input-error {
+  margin-top: 0;
+}
+
+.brand-name {
+  font-size: 1rem;
+  word-wrap: break-word;
+}
+
+.sub-title {
+  font-style: normal;
+  font-weight: 400;
+  font-size: 1rem;
+  line-height: 1.375rem;
+  text-align: center;
+}
+
+.sub-icon {
+  font-style: normal;
+  font-weight: 400;
+  font-size: 1rem;
+  margin-top: 1rem;
+  text-align: center;
+}
+
+.horizontal-line {
+  display: flex;
+  flex-direction: row;
+}
+
+.horizontal-line:before,
+.horizontal-line:after {
+  content: "";
+  flex: 1 1;
+  border-bottom: 0.0625rem solid var(--nevis-gray-200);
+  margin: auto;
+}
+
+.horizontal-line:before {
+  margin-right: 0.625rem;
+  margin-left: -2.5rem;
+}
+
+.horizontal-line:after {
+  margin-left: 0.625rem;
+  margin-right: -2.5rem;
+}
+
+.register-spacing {
+  margin-top: 2rem;
+  margin-bottom: 2.75rem;
+}
+
+.social-login-buttons {
+  display: flex;
+  flex-direction: column;
+  gap: 0.75rem;
+}
+
+.social-login-button {
+  background: none;
+  flex-grow: 1;
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+  align-items: center;
+  padding: 0.375rem 1.125rem;
+  width: 100%;
+  height: 2.5rem;
+  border: 0.0625rem solid var(--nevis-gray-200);
+  box-sizing: border-box;
+  border-radius: 0.625rem;
+  gap: 0.625rem;
+}
+
+.icon-inside {
+  position: relative;
+}
+
+.icon-inside input {
+  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
+}
+
+.icon-inside button {
+  position: absolute;
+  right: 0;
+  top: 0;
+  margin-top: 0.3125rem;
+  margin-right: 0.75rem;
+}
+
+.icon-button {
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  flex-shrink: 0;
+  width: 1.875rem;
+  height: 1.875rem;
+  padding: 0;
+  margin: 0;
+  min-width: 0;
+  border-radius: 50%;
+  box-sizing: border-box;
+  box-shadow: none;
+  font-size: inherit;
+  font-weight: 500;
+  cursor: pointer;
+  outline: none;
+  border: none;
+  vertical-align: baseline;
+  text-align: center;
+  background-color: initial;
+}
+
+.icon-button:hover {
+  background: var(--nevis-gray-200);
+}
+
+.icon-button:active {
+  background: var(--nevis-gray-300);
+}
+
+.icon-button.nevis-blue-icon:hover {
+  background: var(--nevis-blue-icon-hover-bg-color);
+}
+
+.icon-button.nevis-blue-icon:active {
+  background: var(--nevis-blue-icon-active-bg-color);
+}
+
+.h-icon-button {
+  min-height: 1.875rem;
+}
+
+.max-w-full {
+  max-width: 100%;
+}
+
+.verification-code-wrapper {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+}
+
+.verification-code-label {
+  font-size: 1.125rem;
+  line-height: 1.5rem;
+  margin-right: 0.25rem;
+}
+
+.verification-code-input {
+  text-align: center;
+  max-width: 8.75rem;
+  letter-spacing: 0.5rem;
+  text-indent: 0.25rem;
+}
+
+.hidden-verification-code-submit-button {
+  overflow: visible !important;
+  height: 0 !important;
+  width: 0 !important;
+  margin: 0 !important;
+  border: 0 !important;
+  padding: 0 !important;
+  display: block !important;
+}
+
+.totp-code-wrapper {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+  margin: 2.5rem 0;
+}
+
+.totp-code-input {
+  text-align: left;
+  max-width: 8.75rem;
+  letter-spacing: 0.5rem;
+  text-indent: 0.25rem;
+}
+
+.hidden {
+  display: none !important;
+}
+
+.success-icon {
+  text-align: center !important;
+  margin-top: 5.625rem;
+  margin-bottom: 11.75rem;
+}
+
+.btn-selection-item {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: space-between;
+  padding: 0.5rem 0rem;
+  gap: 0.5rem;
+
+  border: 0.0625rem solid var(--nevis-gray-200);
+  border-left-width: 0;
+  border-right-width: 0;
+}
+
+.btn-selection-item+.btn-selection-item {
+  border-top-width: 0;
+}
+
+.btn-selection-item:first-of-type {
+  margin-top: 1.5rem;
+}
+
+.btn-selection-item:last-of-type {
+  margin-bottom: 1.5rem;
+}
+
+.btn-selection-item .selection-label {
+  color: var(--nevis-dark) !important;
+  font-weight: 500;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+}
+
+.btn-selection-item .selection-description {
+  color: var(--nevis-gray-500) !important;
+  font-weight: 400;
+  font-size: 0.75rem;
+  line-height: 1.125rem;
+}
+
+/* Passwordless */
+
+/* Access App*/
+.access-app-download-link-mobile-spacing {
+  margin-top: 5rem;
+  margin-bottom: 5rem;
+}
+
+/* add rounded border corners around QR code */
+#authcloud_dispatch,
+#authcloud_dispatch>#qr-code-wrapper {
+  position: relative;
+  display: block;
+}
+
+#authcloud_dispatch:not(.mobile-platform):before,
+#authcloud_dispatch:not(.mobile-platform):after,
+#authcloud_dispatch>#qr-code-wrapper:before,
+#authcloud_dispatch>#qr-code-wrapper:after {
+  position: absolute;
+  width: 1.875rem;
+  height: 1.875rem;
+  border-color: var(--nevis-primary);
+  border-style: solid;
+  z-index: 1;
+  content: " ";
+}
+
+#authcloud_dispatch:before {
+  top: 0.5rem;
+  left: 0.5rem;
+  border-width: 0.1875rem 0 0 0.1875rem;
+  border-top-left-radius: 1rem;
+}
+
+#authcloud_dispatch:after {
+  top: 0.5rem;
+  right: 0.5rem;
+  border-width: 0.1875rem 0.1875rem 0 0;
+  border-top-right-radius: 1rem;
+}
+
+#authcloud_dispatch>#qr-code-wrapper:before {
+  bottom: 0.5rem;
+  right: 0.5rem;
+  border-width: 0 0.1875rem 0.1875rem 0;
+  border-bottom-right-radius: 1rem;
+}
+
+#authcloud_dispatch>#qr-code-wrapper:after {
+  bottom: 0.5rem;
+  left: 0.5rem;
+  border-width: 0 0 0.1875rem 0.1875rem;
+  border-bottom-left-radius: 1rem;
+}
+
+.recovery-code-input {
+  text-align: left;
+  letter-spacing: 0.1875rem;
+  font-family: monospace;
+}
+
+.recovery-codes-wrapper {
+  height: 9rem;
+  text-align: center;
+  overflow-y: auto;
+  margin-bottom: 1rem;
+  /* Firefox */
+  scrollbar-color: var(--nevis-gray-300) #ffffff;
+  scrollbar-width: thin;
+  border: 1px solid lightgray;
+  border-radius: 0.5rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar {
+  width: 0.25rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-track {
+  background: #ffffff;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-thumb {
+  background: var(--nevis-gray-300);
+  border-radius: 0.125rem;
+}
+
+.recovery-codes-wrapper::-webkit-scrollbar-thumb:hover {
+  background: var(--nevis-gray-400);
+}
+
+.recovery-code-gray {
+  background: var(--nevis-gray-100);
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  font-family: monospace;
+  letter-spacing: 0.1875rem;
+}
+
+.recovery-code-white {
+  background: #ffffff;
+  font-size: 0.875rem;
+  line-height: 1.25rem;
+  font-family: monospace;
+  letter-spacing: 0.1875rem;
+}
+
+button.btn-recovery-code {
+  line-height: 0.75rem;
+  margin-top: 0.7rem;
+  width: 100%;
+}
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_link_qr.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_link_qr.js
@ -0,0 +1,142 @@
+(function () {
+
+    function createForm() {
+        const form = document.createElement("form");
+        form.method = "POST";
+        form.style.display = "none";
+        return form;
+    }
+
+    function addInput(form, name, value) {
+        const input = document.createElement("input");
+        input.name = name;
+        input.value = value;
+        form.appendChild(input);
+    }
+
+    let statusPolling;
+
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
+    function dispatchLink() {
+
+        document.getElementById("mauth_started").style.display = "block"; // show
+
+    	const request = {};
+
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        }).then(res => {
+            res.json().then(o => {
+                // example response: {"dispatchResult":"..."}
+                if (o.dispatchResult == 'dispatched') {
+                    // example response: {..., "dispatcherInformation":{..., "response":"admin4testing://authenticate?dispatchTokenResponse=ey..."}}
+                    var link = o.dispatcherInformation.response;
+                    console.log("received link: " + link);
+                    var linkElem = document.getElementById("mauth_link");
+                    linkElem.href = link; // custom scheme link does not work in Android 13
+                    const isMobile = !!/(iPhone|iPad|Android)/.test(window.navigator.userAgent);
+                    if (isMobile) {
+                        document.getElementById("mauth_link_parent").style.display = "inline"; // show
+                    }
+                    var url = new URL(link);
+                    var dispatchTokenResponse = url.searchParams.get("dispatchTokenResponse");
+                    // render QR code
+                    var qrCodeElem = document.getElementById("mauth_qrcode");
+                    var qrcode = new QRious({
+                      element: qrCodeElem,
+                      foreground: "#168CA9",
+                      level: "M",
+                      size: 256,
+                      value: link
+                    });
+                    var sessionId = o.sessionId;
+                    console.log("started polling for session ID: " + sessionId);
+                    poll(sessionId);
+                }
+                else {
+                    console.log("authentication failed: " + o.dispatchResult);
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            });
+        }).catch((err) => console.error("error: ", err));
+    }
+
+    function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
+
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
+                var status = o.status;
+                console.log("status: " + status);
+
+                if (status == 'clientAuthenticating') {
+                    // show process icon
+                    document.getElementById("mauth_loading").style.display = 'block';
+                    // hide QR-code and information
+                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_qrcode_info").style.display = 'none';
+                }
+                if (status == 'succeeded') {
+                    clearInterval(statusPolling);
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
+                    document.body.appendChild(form);
+                    form.submit();
+                } else if (status == 'failed' || status == 'unknown') {
+                    clearInterval(statusPolling);
+                    console.error("authentication failed with status: " + status);
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "fidoUafSessionId", sessionId);
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
+            });
+    }
+
+    dispatchLink();
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_onboard.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_onboard.js
@ -0,0 +1,128 @@
+(function () {
+
+    function createForm() {
+        const form = document.createElement("form");
+        form.method = "POST";
+        form.style.display = "none";
+        return form;
+    }
+
+    function addInput(form, name, value) {
+        const input = document.createElement("input");
+        input.name = name;
+        input.value = value;
+        form.appendChild(input);
+    }
+
+    let statusPolling;
+
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
+    function renderEnrollment() {
+
+        // link is provided by a hidden GuiElem
+        var link = document.getElementsByName("mauth_dispatcher_link")[0].value;
+        console.log("received dispatcher link: " + link);
+
+        const isMobile = !!/(iPhone|iPad|Android)/.test(window.navigator.userAgent);
+        if (isMobile) {
+            var linkElem = document.getElementById("mauth_link");
+            linkElem.href = link;
+            document.getElementById("mauth_link_parent").style.display = "inline"; // show
+        }
+
+        var url = new URL(link);
+        var dispatchTokenResponse = url.searchParams.get("dispatchTokenResponse");
+
+        // render QR code into mauth_qrcode element
+        var qrCodeElem = document.getElementById("mauth_qrcode");
+        var qrcode = new QRious({
+          element: qrCodeElem,
+          foreground: "#168CA9",
+          level: "M",
+          size: 256,
+          value: link
+        });
+
+        // show entire element
+        document.getElementById("mauth_started").style.display = "block";
+
+        console.log("scheduling status polling (2s interval)");
+        statusPolling = window.setInterval(function () {
+            poll();
+        }, 2000);
+    }
+
+    function poll() {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
+
+        // state is held on backend side
+        const request = {};
+
+        const fetchRequest = fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
+                var status = o.status;
+                console.log("status: " + status);
+
+                if (status == 'clientRegistering') {
+                    // show process icon
+                    document.getElementById("mauth_loading").style.display = 'block';
+
+                    // hide QR-code and information
+                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_qrcode_info").style.display = 'none';
+                } else if (status == 'succeeded') {
+                    clearInterval(statusPolling);
+                    console.log("onboarding successful");
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                } else if (status == 'failed' || status == 'unknown') {
+                    clearInterval(statusPolling);
+                    console.error("onboarding failed with status: " + status);
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(), POLLING_INTERVAL);
+            });
+    }
+
+    renderEnrollment();
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_push_qr.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_push_qr.js
@ -0,0 +1,193 @@
+(function () {
+
+    function createForm() {
+        const form = document.createElement("form");
+        form.method = "POST";
+        form.style.display = "none";
+        return form;
+    }
+
+    function addInput(form, name, value) {
+        const input = document.createElement("input");
+        input.name = name;
+        input.value = value;
+        form.appendChild(input);
+    }
+
+    let statusPolling;
+
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
+    function dispatch(id) {
+
+        document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
+        document.getElementById("mauth_started").style.display = "block"; // show
+
+    	const request = {};
+	    request.dispatchTargetId = id;
+	    request.dispatcher = "firebase-cloud-messaging";
+
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        }).then(res => {
+            res.json().then(o => {
+                console.log("dispatch response: " + JSON.stringify(o));
+                // example response: {"dispatchResult":"..."}
+                if (o.dispatchResult == 'dispatched') {
+                    // example response: {"token":"...","sessionId":"...","dispatchResult":"dispatched","dispatcherInformation":{"name":"firebase-cloud-messaging","response":"..."}}
+                    console.log("push dispatching successful");
+                    // set numbers for number matching
+                    if (o.channelLinking) {
+                        document.getElementById('mauth_match_numbers').innerHTML = o.channelLinking.content;
+                    }
+                    // preparing content for QR-code
+                    var token = o.token;
+                    console.log("found token: " + token);
+                    // hidden GuiElem
+                    var redeemUrl = document.querySelector('input[name=redeem_url]').value;
+                    console.log("found redeem URL: " + redeemUrl);
+                    let qrCodeContents = {
+                      nma_data_version: "1",
+                      nma_data_content_type: "application/json",
+                      nma_data: {
+                        token: token,
+                        redeem_url: redeemUrl
+                      }
+                    };
+                    var qrCodeValue = window.btoa(JSON.stringify(qrCodeContents));
+                    // render QR code
+                    var qrCodeElem = document.getElementById("mauth_qrcode");
+                    console.log("rendering QR code");
+                    var qrcode = new QRious({
+                      element: qrCodeElem,
+                      foreground: "#168CA9",
+                      level: "M",
+                      size: 256,
+                      value: qrCodeValue
+                    });
+                    var sessionId = o.sessionId;
+                    console.log("started polling for session ID: " + sessionId);
+                    poll(sessionId);
+                }
+                else {
+                    console.log("authentication failed: " + o.dispatchResult);
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            });
+        }).catch((err) => console.error("error: ", err));
+    }
+
+    function renderDeviceList() {
+
+        const request = {};
+
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        }).then(res => {
+            res.json().then(o => {
+                // example response: {"dispatchTargets":[{"id":"40a41ac7-0189-4c0b-8db9-cafcaa3e3f11","name":"Android Google Pixel 4 23.11.2022 07:26:25"}]}
+                var devices = o.dispatchTargets;
+                if (devices.length > 1) {
+                    console.log("multiple devices found, selection menu required.");
+                    let list = document.getElementById("mauth_devices");
+                    for (let i = 0; i < devices.length; i++) {
+                        let device = devices[i];
+                        var item = document.createElement("li");
+                        item.class = "list-group-item list-group-item-action";
+                        item.onclick = function() { dispatch(device.id) };
+                        item.innerHTML += device.name;
+                        list.appendChild(item);
+                    }
+                    list.style.display = "block"; // show selection menu
+                }
+                else if (devices.length == 1) {
+                    console.log("user has only 1 device, no selection required.");
+                    dispatch(devices[0].id);
+                }
+                else {
+                    console.error("user has no device.");
+                    // TODO koenig 20221124: design this case
+                }
+            });
+        }).catch((err) => console.error("error: ", err));
+    }
+
+    function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+        isPolling = true;
+
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
+                var status = o.status;
+                console.log("status: " + status);
+
+                if (status == 'clientAuthenticating') {
+                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_qrcode_info").style.display = 'none';
+                    document.getElementById("mauth_match_numbers").style.display = 'block';
+                    document.getElementById("mauth_loading").style.display = 'block';
+                }
+
+                if (status == 'succeeded') {
+                    clearInterval(statusPolling);
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                } else if (status == 'failed' || status == 'unknown') {
+                    clearInterval(statusPolling);
+                    console.error("authentication failed with status: " + status);
+                    const form = createForm();
+                    addInput(form, "fidoUafSessionId", sessionId);
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
+            });
+    }
+
+    renderDeviceList();
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/mauth_usernameless.js
@ -0,0 +1,145 @@
+(function () {
+
+    function createForm() {
+        const form = document.createElement("form");
+        form.method = "POST";
+        form.style.display = "none";
+        return form;
+    }
+
+    function addInput(form, name, value) {
+        const input = document.createElement("input");
+        input.name = name;
+        input.value = value;
+        form.appendChild(input);
+    }
+
+    let statusPolling;
+
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
+    function dispatch() {
+
+        console.log("initiating usernameless mobile authentication...");
+
+        document.getElementById("mauth_started").style.display = "block"; // show
+
+    	const request = {};
+
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        }).then(res => {
+            res.json().then(o => {
+                console.log(o);
+                // example response: {"dispatchResult":"..."}
+                if (o.dispatchResult == 'dispatched') {
+                    // example response: {..., "dispatcherInformation":{..., "response":"admin4testing://authenticate?dispatchTokenResponse=ey..."}}
+                    var link = o.dispatcherInformation.response;
+                    console.log("received link: " + link);
+                    var linkElem = document.getElementById("mauth_link");
+                    linkElem.href = link; // custom scheme link does not work in Android 13
+                    const isMobile = !!/(iPhone|iPad|Android)/.test(window.navigator.userAgent);
+                    if (isMobile) {
+                        document.getElementById("mauth_link_parent").style.display = "inline"; // show
+                    }
+                    var url = new URL(link);
+                    var dispatchTokenResponse = url.searchParams.get("dispatchTokenResponse");
+                    // render QR code
+                    var qrCodeElem = document.getElementById("mauth_qrcode");
+                    var qrcode = new QRious({
+                      element: qrCodeElem,
+                      foreground: "#168CA9",
+                      level: "M",
+                      size: 256,
+                      value: link
+                    });
+                    var sessionId = o.sessionId;
+                    console.log("started polling for session ID: " + sessionId);
+                    poll(sessionId);
+                }
+                else {
+                    console.log("authentication failed: " + o.dispatchResult);
+                    const form = createForm();
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            });
+        }).catch((err) => console.error("error: ", err));
+    }
+
+    function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
+
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
+            method: "POST",
+            headers: {
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(request)
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
+                var status = o.status;
+                console.log("status: " + status);
+
+                if (status == 'clientAuthenticating') {
+                    // show process icon
+                    document.getElementById("mauth_loading").style.display = 'block';
+                    // hide QR code and info message
+                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_qrcode_info").style.display = 'none';
+                }
+                if (status == 'succeeded') {
+                    clearInterval(statusPolling);
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "fidoUafDone", "true"); // required for custom dispatching in usernameless
+                    document.body.appendChild(form);
+                    form.submit();
+                } else if (status == 'failed' || status == 'unknown') {
+                    clearInterval(statusPolling);
+                    console.error("authentication failed with status: " + status);
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "fidoUafSessionId", sessionId);
+                    document.body.appendChild(form);
+                    form.submit();
+                }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
+            });
+    }
+
+    dispatch();
+})();
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/microsoft.svg
@ -0,0 +1,7 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+    <path fill="#f3f3f3" d="M0 0h18v18H0z"/>
+    <path fill="#f35325" d="M1 1h8v8H1z"/>
+    <path fill="#81bc06" d="M10 1h8v8H10z"/>
+    <path fill="#05a6f0" d="M1 10h8v8H1z"/>
+    <path fill="#ffba08" d="M10 10h8v8H10z"/>
+</svg>
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/oauth_consent.js
@ -0,0 +1,50 @@
+document.addEventListener("DOMContentLoaded", function () {
+    const consentInformationFieldName = "consentInformation"; // Input field name
+    const scopeDescriptionSource = "scope_name"; // JSON key for scope description
+
+    function displayOAuthScopesConsent() {
+        const jsonData = parseJson();
+        if (jsonData !== undefined) {
+            mapJsonToHtml(jsonData);
+        }
+    }
+
+    function mapJsonToHtml(jsonData) {
+        mapJsonToHtmlScopeList("listOfRequestedScopesWithExistingConsent", jsonData.requestedScopesWithExistingConsent, "Already accepted scopes:");
+        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require consent:");
+    }
+
+    function mapJsonToHtmlScopeList(elementId, scopeInformation, title) {
+        if (scopeInformation && Object.keys(scopeInformation).length > 0) {
+            const consentInput = document.querySelector(`input[name="${consentInformationFieldName}"]`);
+            if (consentInput) {
+                const container = document.createElement("div");
+                container.innerHTML = `<p style='margin-top: 0.5em'>${title}</p><div class='scopeinfobox'><ul id='${elementId}'></ul></div>`;
+                consentInput.insertAdjacentElement("afterend", container);
+
+                const ulElement = document.getElementById(elementId);
+                for (const key in scopeInformation) {
+                    if (scopeInformation.hasOwnProperty(key)) {
+                        const scopeDescription = scopeInformation[key][scopeDescriptionSource] || key;
+                        const li = document.createElement("li");
+                        li.textContent = scopeDescription;
+                        ulElement.appendChild(li);
+                    }
+                }
+            }
+        }
+    }
+
+    function parseJson() {
+        const consentInformationField = document.querySelector(`input[name="${consentInformationFieldName}"]`);
+        if (consentInformationField) {
+            try {
+                return JSON.parse(consentInformationField.value);
+            } catch (e) {
+                console.error("Invalid JSON in consent information field:", e);
+            }
+        }
+    }
+
+    displayOAuthScopesConsent();
+});
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/IDENT-AuthenticationRealm/webdata/resources/passkey_autofill.js
@ -0,0 +1,44 @@
+(function() {
+  'use strict'
+
+  async function submit(assertion) {
+    // as this is the last call we have to do a top-level request instead of AJAX
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.style.display = "none";
+    addInput(form, "path", "/nevisfido/fido2/assertion/result")
+    addInput(form, "id", assertion.id);
+    addInput(form, "type", assertion.type);
+    console.log("assertion response:", assertion.response);
+    addInput(form, "response.clientDataJSON", assertion.response.clientDataJSON);
+    addInput(form, "response.authenticatorData", assertion.response.authenticatorData);
+    addInput(form, "response.signature", assertion.response.signature);
+    addInput(form, "response.userHandle", assertion.response.userHandle);
+    document.body.appendChild(form);
+    form.submit();
+  }
+
+  function authenticate() {
+    const hiddenField = document.querySelector("input[name='fido2_attestation_options']");
+    if (hiddenField && hiddenField.value) {
+        try {
+            const options = JSON.parse(hiddenField.value);
+            console.log("parsed attestation options:", JSON.stringify(options));
+
+            SimpleWebAuthnBrowser.startAuthentication({ optionsJSON: options, useBrowserAutofill: true })
+                .then(assertionResponse => {
+                    console.log("Authentication successful:", JSON.stringify(assertionResponse));
+                    submit(assertionResponse);
+                })
+                .catch(error => {
+                    console.log(`Passkey autofill skipped: ${error}`);
+                });
+        } catch (error) {
+            console.error("Error parsing fido2_attestation_options:", error);
+        }
+    } else {
+        console.log("Passkey autofill is disabled.");
+    }
+  }
+  authenticate();
+})();
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
haburger	9669ab54de	new configuration version	2025-12-08 17:22:53 +00:00
haburger	5a80b61c6f	new configuration version	2025-12-08 16:36:44 +00:00
haburger	bcc65c645e	new configuration version	2025-12-05 05:33:24 +00:00
haburger	fab44d31a7	new configuration version	2025-12-01 12:12:13 +00:00
jakob	c1ce2ab2bd	new configuration version	2025-11-21 08:52:47 +00:00
aca	673f6f012f	new configuration version	2025-10-21 10:04:49 +00:00
aca	7c5d0e27df	new configuration version	2025-10-21 09:59:13 +00:00
aca	9075924699	new configuration version	2025-10-21 09:52:47 +00:00
haburger	7a09d8c85c	new configuration version	2025-09-16 06:57:31 +00:00
aca	37594be630	new configuration version	2025-09-15 13:23:38 +00:00
haburger	51c97beaeb	new configuration version	2025-08-20 06:58:20 +00:00
haburger	a7a76b52eb	new configuration version	2025-08-20 06:34:57 +00:00
haburger	6310d03471	new configuration version	2025-08-20 05:27:40 +00:00
haburger	e9f4f0db51	new configuration version	2025-08-19 15:33:45 +00:00
haburger	bdedbf9fe9	new configuration version	2025-08-18 14:16:15 +00:00
haburger	f0cab7244e	new configuration version	2025-07-04 04:47:28 +00:00
haburger	9299c7ae7d	new configuration version	2025-06-30 15:18:30 +00:00
aca	7553eb13fc	new configuration version	2025-06-05 12:15:27 +00:00
aca	c034ffc7fb	new configuration version	2025-06-04 08:56:03 +00:00
aca	1674db4f4f	new configuration version	2025-06-04 08:51:35 +00:00
aca	cbcfa40c29	new configuration version	2025-06-04 07:20:04 +00:00
haburger	c401095f73	new configuration version	2025-05-09 06:52:59 +00:00
haburger	2b4d8cfe03	new configuration version	2025-05-08 14:39:36 +00:00
haburger	9713eb8e12	new configuration version	2025-05-08 14:15:07 +00:00
haburger	0f44e537af	new configuration version	2025-05-08 09:12:07 +00:00
haburger	88f5372ae4	new configuration version	2025-05-08 08:49:27 +00:00
haburger	8ee318f118	new configuration version	2025-05-08 08:07:21 +00:00
haburger	d389b12dea	new configuration version	2025-05-08 07:58:10 +00:00
aca	b2294bcb67	new configuration version	2025-04-30 09:13:23 +00:00
aca	bc793a3380	new configuration version	2025-04-29 08:15:33 +00:00
aca	ba09288d55	new configuration version	2025-04-28 12:26:46 +00:00
aca	fa879bbb45	new configuration version	2025-04-01 10:48:44 +00:00
haburger	72d67ef1ff	new configuration version	2025-03-04 05:41:52 +00:00
aca	4f8b3d6c81	new configuration version	2025-03-03 08:44:30 +00:00
aca	7fdbdfe18c	new configuration version	2025-02-26 10:08:46 +00:00
aca	d79a43990b	new configuration version	2025-02-26 09:54:36 +00:00
aca	2f61bc2cd1	new configuration version	2025-02-26 09:47:08 +00:00
aca	0a05f9098c	new configuration version	2025-02-26 09:40:02 +00:00
aca	6c40f568de	new configuration version	2025-02-25 14:39:40 +00:00
aca	adbcf63cc8	new configuration version	2025-02-25 14:28:55 +00:00
haburger	6a3baccd40	new configuration version	2025-02-14 06:31:54 +00:00
haburger	ef125c6500	new configuration version	2025-02-10 14:53:40 +00:00
haburger	06956d7d75	new configuration version	2025-02-04 09:45:22 +00:00
haburger	617ad89228	new configuration version	2025-01-31 08:17:15 +00:00
haburger	06ebf27469	new configuration version	2025-01-31 07:03:41 +00:00
haburger	da988e971b	new configuration version	2025-01-31 06:57:05 +00:00
haburger	d2e3354968	new configuration version	2025-01-27 16:50:56 +00:00
haburger	af16dc2867	new configuration version	2024-12-18 18:39:47 +00:00
haburger	405d009d0a	new configuration version	2024-12-18 18:27:54 +00:00
haburger	29ada34680	new configuration version	2024-12-02 08:51:14 +00:00
haburger	55ef406a42	new configuration version	2024-11-29 16:17:22 +00:00
haburger	c5c8475151	new configuration version	2024-11-29 09:30:53 +00:00
haburger	b2cf8d7188	new configuration version	2024-11-29 08:02:36 +00:00
haburger	7bd9349ab6	new configuration version	2024-11-29 07:45:25 +00:00
haburger	0200e14bfc	new configuration version	2024-11-29 07:41:37 +00:00
haburger	fbb4776faf	new configuration version	2024-11-29 06:56:43 +00:00