DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2411.3"
+  version: "8.2405.2"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -45,7 +45,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-2f8a215769d731c34e6278cbfb370e06e976f51f"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf

@@ -3,7 +3,6 @@ RTENV_SECURITY_CHECK=no_shell
 JAVA_OPTS=(
     "-XX:+UseContainerSupport"
     "-Dfile.encoding=UTF-8"
-    "-Dotel.instrumentation.metro.enabled=false"
     "-XX:MaxRAMPercentage=80.0"
     "-Djava.net.preferIPv4Stack=true"
     "-Djava.net.connectionTimeout=10000"
@@ -13,7 +12,7 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-sts-default-tls-trust/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-sts-default-tls-trust/keypass}"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/logging.yml

@@ -12,8 +12,6 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
-    - name: "ProductAnalytics"
-      level: "INFO"
     - name: "EsAuthStart"
       level: "INFO"
     - name: "org.apache.catalina.loader.WebappClassLoader"
@@ -35,7 +33,7 @@ Configuration:
     - name: "OpTrace"
       level: "DEBUG"
     - name: "Recovery"
-      level: "DEBUG"
+      level: "INFO"
     - name: "Script"
       level: "DEBUG"
     - name: "SessCoord"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/nevisauth.yml

@@ -3,7 +3,6 @@ server:
   protocol: "https"
   port: "8991"
   host: "0.0.0.0"
-  max-threads: "200"
   tls:
     keystore: "/var/opt/keys/own/auth-sts-default-identity/keystore.p12"
     keystore-passphrase: "${exec:/var/opt/keys/own/auth-sts-default-identity/keypass}"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-auth-default-default-signer-trust-7022472ae407577ae604bbb8.yaml

@@ -1,7 +1,7 @@
 apiVersion: "operator.nevis-security.ch/v1"
 kind: "NevisTrustStore"
 metadata:
-  name: "auth-internal-idp-auth-signer-trust"
+  name: "auth-default-default-signer-trust"
   namespace: "adn-agov-nevisidm-01-uat"
   labels:
     deploymentTarget: "auth"
@@ -10,7 +10,5 @@ metadata:
     patternId: "7022472ae407577ae604bbb8"
 spec:
   keystores:
-  - name: "auth-sts-sh4r3d-internal-idp-auth-signer"
-    namespace: "adn-agov-nevisidm-01-uat"
   - name: "auth-sh4r3d-internal-idp-auth-signer"
     namespace: "adn-agov-nevisidm-01-uat"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-auth-technical-trust-store-7022472ae407577ae604bbb8.yaml

@@ -12,8 +12,6 @@ spec:
   keystores:
   - name: "proxy-idp-notused-auth-realm-identity"
     namespace: "adn-agov-nevisidm-01-uat"
-  - name: "proxy-idp-auth-realm-main-idp-identity"
-    namespace: "adn-agov-nevisidm-01-uat"
   - name: "proxy-idp-auth-realm-mobile-fido-uaf-identity"
     namespace: "adn-agov-nevisidm-01-uat"
   - name: "proxy-idp-auth-realm-recovery-identity"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2411.3"
+  version: "8.2405.2"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -45,7 +45,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-74652635df557afe285bd6c9b53c946dd0556fdf"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
     credentials: "git-credentials"
   keystores:
@@ -55,7 +55,7 @@ spec:
   truststores:
   - "auth-default-tls-trust"
   - "auth-auth-realm-mobile-fido-uaf-tls-trust-nevisfido"
-  - "auth-internal-idp-auth-signer-trust"
+  - "auth-default-default-signer-trust"
   - "auth-technical-trust-store"
   podSecurity:
     policy: "baseline"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/keys/own/idp-pem-signer/key.pem

@@ -1,54 +1,54 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU95KG57RacAYBmkeQ
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUbPUZn/3VpMbderej
-DIe1bZS0sbkCAggAMB0GCWCGSAFlAwQBKgQQyxdAya9Sd4oHLO1pzVWcYASCCVDT
+CK2+IC16nwwCAggAMB0GCWCGSAFlAwQBKgQQvPO51vuHnkHznERAJ+mJngSCCVDI
-ozdXT3vjyqMzza4QKaMD4ywSAzGhQRM/TnxU5JbRLNMpdtq76Mfet2pv++UUjcof
+JlL/aK5MTWYntg5qFJ2L3w4GNTaKeVXrCE1Q/UrXo4/OnNVQdHnyWiuzOt0FoGow
-16EsdOOpDQdxdzQWmwGUNwjkX5YyWTaAefV8l9n6Bp8LV0XabS9We3g5Jr1KjuzP
+H22nWxbehwlykBPhPNw4719QOiMWQJqggR/61IUh8xOBrchqjQ2irIDjiXnTgD1N
-O/xJgB2o6BcD/WRPeOaANSGoyWce4rCkpDwqxrp+tY9EK19SoCZG9Zy2hnPPH2Hc
+ADmtLHZC6duXncdFOtpeooHKMW61P6+KGBck0n8jM96+DuIKZKF2VO0hEzrUCF3d
-QgtgCAzqaXIp49KIXHn/Uo532lIz3WqkkhzVakwgAKLKIvc/SwgP0eSXLvPjeJYS
+4ODXNX8EEc4l1UdGUU0l7r/SvxoDyprGnFW1Di+PZCRWwUkHbDrqOWEzs5UIzTRM
-L8DngPP0YD7IPgIs7WmMNNE7or69e7mO0miUOl7xStNHzHpLmtLNbYI7Pk6NLT7N
+2Tyt5osJB7v+0XB3f2PeBEHkQQhd9mvPIiSO5EwQF4JNQx7LMcnV1eFYXGF30pVb
-kWfh2+E21R7llsW57boMACXVr7N3CHOlZQhUNViyjPayo1njVnp6gGzuIxluhHJY
+g9nG3UFbI68uH+uuuEU66yug/h/0RzMSBp8Le6eIck5/jaXBPzDstrc3VW5f1f+n
-CL070oqBeEYVfvE07HQ4Qd0BL5c02pdrKjdzBYyLwzSNKn2RzgS2R/XtEqdmOUo+
+I3LsVplUE5znK5okwcGNKr84Ppf6QJ0Hjmbx927j8/n5yMYAn8xa1X5XNeC0dmy8
-iuRngv9D1UPSI2xlFhv84778ktEeSf8l1nLltqhPJAmJUjSAcu/zjN4Q+HXqMRaF
+Fjbsz1YpiTx9uQ33thXWbpQXno3fJzXvTVJ258GciPwcwqUTiudkMz3eD/tk/Ehd
-IocDV4I7CaXDc2E0YdU8uHuzzUHLflJ2OZwU5N7tkoVOtAYHKUwCP4J/zpLSe2V2
+SM2oxCKIFDjEUnTSJ89uj+vz9OlTAdaUr0uEfpM6vwq+610UviVRPrNpI2v/qiqJ
-MIh40IVJK4gzb+iyBiOnsnKKQCKMPbS4lH8zC2S486MgjgbhlZeFg0nOF955c61l
+SCeCsce4cN4eIjdpgPIt89H/ISDaOlpeCNQ8yLkkM4P89zXjir7Mt7jt3Uh58xoO
-Sb4MBrexU4s1TUg/fDpYt6jPZoKivN72jzi60kV43gBFHmP3X4SRAUQ4Y3h5NFF8
+rOHwQW8xUp+92BvES17PS072ywPS2jO/+hVQv6lf1LPHOmIlEWUln8no6KUBupMM
-h2p4wvYRsYEexjJU/+WJG4Yi1wSi3oEqD161a6vPOsKBLBdLRo1vgnQdGFx/k83X
+ukaW+AmBxxYA1nycC+7IyXDUGiX8MU8GhT45xBpj6t5gKr5QwvJpGcH5oJ0qqq+s
-vjPlI2eEUMPCntNBbrTy8eUSJz/0OH2phztZpHuh5cfy4ErUi19d9ywZUlhurGvX
+5B4bmIkaDUgbyAcnishANkHt8/wPvKLbefgRPkpRzaPFQqXu18nRr5GTa+dWfS1y
-dC7ouTEqRZLkkSCfGTQM0q0O4JQJTLb5N4gWdZxQd2UwGv3jCK7m5eWx3bTdhhXi
+GJOVtKcGEyMCHTWfvT9NQZryP3uSsVvl4unEcScWqUL12rDfe31EuTr8JD79I7US
-179DoSpYBCJF3msn0ROO6PxsccH0w/I6KMi3QNmsDlXhDr6XIBya8CU0lx9lp0pl
+ssJoDtOKSsP/fFcUatUDcfsb+hkBGN19CdDb4LvPY23FhUc1ApYbWmU5HlY16uQx
-5q62D26Ylr2fovd3qKKbwP6RaZarCzKLO6dWdyMqtUwVlX2FDCFd/SPGWc2TmuVS
+zjoVVZ3lCckJHojPlXpgv0y/CC6tOyEwKxC2u2voPunbR/D7rJ+5AIWDDc3pzzPZ
-vLb981Zm13AfYtNUSfusroDp3TEuvl7cwozg7p33SQhuCmgKnxMd0iXd5QQZjrR0
+KH1jfJPL8KbM8lBc+hpyLBtSnQpj/osN/jLY7El3ciFcux/NFSffeWKn/QuYYC8p
-t+y22dHrD1agkkoFMLz/+d+930J0sY4odG/HbL2Bv8ZelVUjA8XSFoGBEA+rfQCg
+LtJzWZiURZ6SWFZ4llPKbDeXsKhSOuroMt0aRUfQu2zHw++Ss94X+wJ3Tg64uP/9
-DGmLh5a+/yfzxCEKWVLqmwHWbSkub8bXdl6EKEyaO9qo1KCLAf3tArQx45sqw8bK
+Bw9B5LFdTogChz7ObmGr9OnyJuQaj9/riWP6kowjXSQhku30RMpf6MQnxg8KLhI/
-8AYq2mrNIiMDhHub+XEEC0Aw2lZkJOrwwMEsTcZWfBvj56MdRNXuZMvPdarTbnDx
+99y4rGp+OLcxZcKbmENWIl9QcEVbyPfBq2yGSk/drT3xUJghCcPjObKToutHRs9r
-zzxatqIwfvpOy/S2Poyrc6GuprbZCM6N+cDLdWQqAHVwAlx77NhiJ6s3vUnE3vB7
+cN0IE6kzRiruRdm2bejgni+v5BhioiZRiSwr5om57G1N4e8BseTxY+zQrU2WwdJp
-aHgmXU+a8uPA64tKKaRNQJ31f7viCkWJXEbbEhVTzCvFcoqbKPPMm9w7nO8PMUTu
+ll1zqk5t2J+83uU/EQBmIkXpP+xqrod/uOUm84d5nYRXuO94DLUDwqU0KI7QKoHK
-BmwSFEKhd3BDKZavqTHKi66fF3A5ALFYAkMw/AlvinMitb9s+7WlWQrdvSFkqHsY
+W6XSU5TDzmynPrycl1IGW1l6ddb92h4FPYyYsppb+G78v2WfVFSsze2aBIDbDZUh
-wNQ1ankleYd24/8ZllvsQpleLMepDSxP6zUMpXSHbTKp5MZeoCaaY1RCkg7aOduz
+QEaElJuNIOA+bOSctpTr0i70HXhGzVMXStXJMAIFgR9wKppxW+0IXdjYzhKVE8gx
-brnD7lRAfLp0H72nxVgC7n6VjidOSruF7k9WIN9VVbP0ZVL/QtkKRWd/hEmtMNaH
+uXiJfwJx5pSDBWFDZqLM8uTH3hGOuvRX06iSHIFCsxjds7VWXBh91iGw9Xef9D50
-ELg2ekdm3zvdBuvtr0jNiCxbhTr3j5OWQkT/BjZxHpZfA14XEROJC2Slo3PxUwBH
+DVaIhF12dTRsrdi5AqYYkTb4AEzpUQXg7HPi678F6UnsOzCVYZqMWZaF3Ec1UHxu
-0lE0cICWTeaeYcCX8ofawN+t1Qa6UD0sLl2670Kc7pozkJM4ul19rGA2KsHX89gE
+PZ9A27DvK1MsUm4QZ+7XrzWrRdkmRFXqhtfxCxHRpF+YlRPTyWSVmx0fEkGjLiAd
-CaB1CkhFCqZhPbqX9yonv9XZtLb8Of8rBNVd/2QKN4/tOXcMYshzakSfSSIsyxxt
+uHU0D14lcqNvmusWOWXVYePOS44R3DrQFULgzfsly09bKFqRZdKGQavVjUbokP1S
-QgMPRfz0nJTtP7v8ZbwIO+ayGoUeH7aYKhQ6Ku3qW9XuYiy+oMTIOToCSddnEI5t
++MDQOca4I6KSxo2358rUGDhq3A0xI5U24wjinNWHktTPXkJbvcJubx/sHb8QMxST
-JNuPkT9kzA9stkRbFV5kBvrv5LWprWDXdA/wyAWG7txncWj6UzGlP8C3KhtMHLHv
+qSXr5vYjJfms1sU3v2QYrORU42CBOvUAaZYTwLDq+PSN37IcyQoAhTU2ZgPSzSQe
-CiOXrE8UJdNNeT52dYI9slg+tzcCfz3sqMr9zXratvT6JMzrQZqCSis8vIx18TIK
+8aJvxgZWgWedsoeKpKK54yk7rG7b+Qhk6ZHrvFS6cI0YasYQ4GHZHfieG0dTGlVS
-N5yDWHDFUOeNpo7aRqd5goW3qProwfZDjBXiqE4J+AJ5wc73PuftHt2l00zvLDWs
+FAAF+HF9/TI3vZPx5qzS6jhtpy6bI/MxjCachA1suShqHZNn4dGW13C6Kf6a6Ci8
-SFIRvXbavNBA7GxpVtN8Qxmk6Lm0u0pBiastndowgAI5OIQVuwoA21vXyC5n9pMd
+fOMVK/3t4H5oU+2fqoo41jU/1MmLuNUFt7F08X+3eRw/dmhGuf6Mcd46L9SMPtXp
-bPJsmiPyme62OkCWmAjBNDLNVViwKMH8BxmLKJxX+6ysNsn0YY1+9YfI/zC3j4jM
+quSmX/q8kG1YUfj0vXfxBox9rQWYY8kNjp6OUkvAwBYoy6a1j0h420ZQhyNS0vzy
-OYsK1c0NvFIv5aUxRQZLTJJt9C299jGNvdAJsfdp4LHejzZUjnx3nguz/l6RI1Vb
+w2d3UjTjoEdo3qOKCDKLGA9ILSJvK/jzDEoS0G23eiaQJ5DHDK6m++izm+2oCMwM
-vjQ1qDRPhkgErGXSHsCoCt+z5Y6mq17JWEX/FiXBWQbfSGoG/ZvoOqiBybCQ3HNl
++5fcoRhn0SVzAgE63x80btbGuo52sMp57PcGZq50s8yeVYziyZEVPIb5I/vau8BH
-o9QM1sNQ5fUZDh0TgwkJB91rZXPwi828RklMW8VZszZir5gziTnndhw0ADLCZZ6z
+CxZ++8ENtvKmYWX84hXApR+2rX6hWWi/b34YIG4jtCr+aeaNumv5NT19G+g84BsL
-nA0vZAI7sjoEeIgiJq3egrsSLq2ZQRQsh5QF+Xo2QktleGvPrtMv//ZyGz4l59yc
+akcBUtt3px2icLZtUv+ck/JCG/7pUvIqZ2HMKLZgsSZan1pfdfdl1Q28xG97X/dR
-wX/7DtABurFhVs3KdYohcqXk2v5jJCMs+j9YDn6540QR6yXcbifp9ySqhm/PeH91
+gCzr15ZjlX8bwtRNQs+xhv6lDQtFOv0wgYYW6rolZS3SOaGhWU4/E1a+RT16NUvS
-UuL16YKxoV6QBZIGE0vjdUitGKNsS+H4ibD/0ZHYG+VcyL90eIrBq61CjfIO79O0
+lajoYD1jFCk6Y2WWIB1tHxAlNC06EQB3oT+gPtzZ9upcM3Qv0X0RyXgPcLFcveiC
-L9+G4gKB91stXwtpqZWXTrlzrnjloZOPhqyQN/bs/liWQ6qy0a6Cd6nbWc141An1
+aZZtBY6MElzXiRpRB8y6XNyvJz+1vB05DDlcCnx2ovztHAk74AiUp0VlSk6ylqDQ
-zEiOihbwLJ4ziCut+bq5lwyw6z/wWEhaVNnYspEEBr2URLMHbnBceS6zXoePT0ur
+DKOaXHz5ZzFT+Ptaj3m1xBYc3m4Iyw98RXX7IGs7hOY2roaqO3rI/lmgTVuA3hv7
-9mQQLitmtlANlJ93vBDPhCaEjkK1v5J7MmIHQzyLSQGuLdXwz50piJukWru3aNax
+m3CX8vbk3gqV1+Rt2ObuddnKtkrG07lP72HliZBLNRgEoaX1DSKdWq7A8G5uNWJj
-skloghJYeTMILEcGAszvyVtcvPqkrJnZXx4Qp7Luj5HK9THr78v3T4nWzirfqxPZ
+xvwWUDIu/PESII1x8D52pmZ0QH1VQmas17Ezme/4BGvOR5/0vwKUEXPYWhHvtB31
-x70xRyhsC2lLcIrJ+3jkXj44edIqdh3Wvi30L2x2iUFyZ0ojQJQDo/+5b+p9k36L
+4q/HMWpCCH5wF5DF0JfWmOhDpR3EvtG8HnNMzP8cdHbCLaG4SUz5uNKgJ6pI5cjV
-Dk8ktpeIa/BE3NsfcFaWn9bvRkQ6UAQcNn1zmkavfw5TLI4C1PnD/WUpPHZdhzNV
+E+HS+McIN1wp5mFodR3qwjMdLoH2uJ4YOqP05qri1b40xXM/j6+p9tXXYuV/8d6K
-K87CsUawxjEg0uCCaViShF6bD9mOWQxE3SM9yNizjTmotF6KrgkT16y/qZ17KGQM
++L8sZxNvORwf6z8yys2cAHC5xPYBC8c0qKE9a1GtYJRPpjXona+iHoM5KooGFmYx
-hJ5PraGu9jvg+L/MrQpr91eyJaeh9JFl9dM/SPM0mXo5q813bdMmqD4cc3YWCLee
+qZz2AvqbPYIwTHD5sV/K0wA3Zjlw6HOHBnZ6C7ZINAL/idY5uLOP6c3HCmVLRz3a
-dHtmaKJ08KD1cJqHBz0DRLVV+zH00BMoYt5HZ5DmHFU1zhDekWZLhilbyWt8+z1E
+KIZCBintlvOKVSlzfGh7MjAJpEkzqGBNQIFCkRflrJW13R4/fiRL2fqRm2UjbU7q
-bzsoEAfZvyfvF7fJuxQ/HhYdR6TX5H+aNzZZivVc6g==
+QQo+ffs3emwCxkfxdOpubKUoANiFdXvQlKiC2BP/Yw==
 -----END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/keys/own/idp-pem-signer/keystore.pem

@@ -1,56 +1,56 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU95KG57RacAYBmkeQ
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUbPUZn/3VpMbderej
-DIe1bZS0sbkCAggAMB0GCWCGSAFlAwQBKgQQyxdAya9Sd4oHLO1pzVWcYASCCVDT
+CK2+IC16nwwCAggAMB0GCWCGSAFlAwQBKgQQvPO51vuHnkHznERAJ+mJngSCCVDI
-ozdXT3vjyqMzza4QKaMD4ywSAzGhQRM/TnxU5JbRLNMpdtq76Mfet2pv++UUjcof
+JlL/aK5MTWYntg5qFJ2L3w4GNTaKeVXrCE1Q/UrXo4/OnNVQdHnyWiuzOt0FoGow
-16EsdOOpDQdxdzQWmwGUNwjkX5YyWTaAefV8l9n6Bp8LV0XabS9We3g5Jr1KjuzP
+H22nWxbehwlykBPhPNw4719QOiMWQJqggR/61IUh8xOBrchqjQ2irIDjiXnTgD1N
-O/xJgB2o6BcD/WRPeOaANSGoyWce4rCkpDwqxrp+tY9EK19SoCZG9Zy2hnPPH2Hc
+ADmtLHZC6duXncdFOtpeooHKMW61P6+KGBck0n8jM96+DuIKZKF2VO0hEzrUCF3d
-QgtgCAzqaXIp49KIXHn/Uo532lIz3WqkkhzVakwgAKLKIvc/SwgP0eSXLvPjeJYS
+4ODXNX8EEc4l1UdGUU0l7r/SvxoDyprGnFW1Di+PZCRWwUkHbDrqOWEzs5UIzTRM
-L8DngPP0YD7IPgIs7WmMNNE7or69e7mO0miUOl7xStNHzHpLmtLNbYI7Pk6NLT7N
+2Tyt5osJB7v+0XB3f2PeBEHkQQhd9mvPIiSO5EwQF4JNQx7LMcnV1eFYXGF30pVb
-kWfh2+E21R7llsW57boMACXVr7N3CHOlZQhUNViyjPayo1njVnp6gGzuIxluhHJY
+g9nG3UFbI68uH+uuuEU66yug/h/0RzMSBp8Le6eIck5/jaXBPzDstrc3VW5f1f+n
-CL070oqBeEYVfvE07HQ4Qd0BL5c02pdrKjdzBYyLwzSNKn2RzgS2R/XtEqdmOUo+
+I3LsVplUE5znK5okwcGNKr84Ppf6QJ0Hjmbx927j8/n5yMYAn8xa1X5XNeC0dmy8
-iuRngv9D1UPSI2xlFhv84778ktEeSf8l1nLltqhPJAmJUjSAcu/zjN4Q+HXqMRaF
+Fjbsz1YpiTx9uQ33thXWbpQXno3fJzXvTVJ258GciPwcwqUTiudkMz3eD/tk/Ehd
-IocDV4I7CaXDc2E0YdU8uHuzzUHLflJ2OZwU5N7tkoVOtAYHKUwCP4J/zpLSe2V2
+SM2oxCKIFDjEUnTSJ89uj+vz9OlTAdaUr0uEfpM6vwq+610UviVRPrNpI2v/qiqJ
-MIh40IVJK4gzb+iyBiOnsnKKQCKMPbS4lH8zC2S486MgjgbhlZeFg0nOF955c61l
+SCeCsce4cN4eIjdpgPIt89H/ISDaOlpeCNQ8yLkkM4P89zXjir7Mt7jt3Uh58xoO
-Sb4MBrexU4s1TUg/fDpYt6jPZoKivN72jzi60kV43gBFHmP3X4SRAUQ4Y3h5NFF8
+rOHwQW8xUp+92BvES17PS072ywPS2jO/+hVQv6lf1LPHOmIlEWUln8no6KUBupMM
-h2p4wvYRsYEexjJU/+WJG4Yi1wSi3oEqD161a6vPOsKBLBdLRo1vgnQdGFx/k83X
+ukaW+AmBxxYA1nycC+7IyXDUGiX8MU8GhT45xBpj6t5gKr5QwvJpGcH5oJ0qqq+s
-vjPlI2eEUMPCntNBbrTy8eUSJz/0OH2phztZpHuh5cfy4ErUi19d9ywZUlhurGvX
+5B4bmIkaDUgbyAcnishANkHt8/wPvKLbefgRPkpRzaPFQqXu18nRr5GTa+dWfS1y
-dC7ouTEqRZLkkSCfGTQM0q0O4JQJTLb5N4gWdZxQd2UwGv3jCK7m5eWx3bTdhhXi
+GJOVtKcGEyMCHTWfvT9NQZryP3uSsVvl4unEcScWqUL12rDfe31EuTr8JD79I7US
-179DoSpYBCJF3msn0ROO6PxsccH0w/I6KMi3QNmsDlXhDr6XIBya8CU0lx9lp0pl
+ssJoDtOKSsP/fFcUatUDcfsb+hkBGN19CdDb4LvPY23FhUc1ApYbWmU5HlY16uQx
-5q62D26Ylr2fovd3qKKbwP6RaZarCzKLO6dWdyMqtUwVlX2FDCFd/SPGWc2TmuVS
+zjoVVZ3lCckJHojPlXpgv0y/CC6tOyEwKxC2u2voPunbR/D7rJ+5AIWDDc3pzzPZ
-vLb981Zm13AfYtNUSfusroDp3TEuvl7cwozg7p33SQhuCmgKnxMd0iXd5QQZjrR0
+KH1jfJPL8KbM8lBc+hpyLBtSnQpj/osN/jLY7El3ciFcux/NFSffeWKn/QuYYC8p
-t+y22dHrD1agkkoFMLz/+d+930J0sY4odG/HbL2Bv8ZelVUjA8XSFoGBEA+rfQCg
+LtJzWZiURZ6SWFZ4llPKbDeXsKhSOuroMt0aRUfQu2zHw++Ss94X+wJ3Tg64uP/9
-DGmLh5a+/yfzxCEKWVLqmwHWbSkub8bXdl6EKEyaO9qo1KCLAf3tArQx45sqw8bK
+Bw9B5LFdTogChz7ObmGr9OnyJuQaj9/riWP6kowjXSQhku30RMpf6MQnxg8KLhI/
-8AYq2mrNIiMDhHub+XEEC0Aw2lZkJOrwwMEsTcZWfBvj56MdRNXuZMvPdarTbnDx
+99y4rGp+OLcxZcKbmENWIl9QcEVbyPfBq2yGSk/drT3xUJghCcPjObKToutHRs9r
-zzxatqIwfvpOy/S2Poyrc6GuprbZCM6N+cDLdWQqAHVwAlx77NhiJ6s3vUnE3vB7
+cN0IE6kzRiruRdm2bejgni+v5BhioiZRiSwr5om57G1N4e8BseTxY+zQrU2WwdJp
-aHgmXU+a8uPA64tKKaRNQJ31f7viCkWJXEbbEhVTzCvFcoqbKPPMm9w7nO8PMUTu
+ll1zqk5t2J+83uU/EQBmIkXpP+xqrod/uOUm84d5nYRXuO94DLUDwqU0KI7QKoHK
-BmwSFEKhd3BDKZavqTHKi66fF3A5ALFYAkMw/AlvinMitb9s+7WlWQrdvSFkqHsY
+W6XSU5TDzmynPrycl1IGW1l6ddb92h4FPYyYsppb+G78v2WfVFSsze2aBIDbDZUh
-wNQ1ankleYd24/8ZllvsQpleLMepDSxP6zUMpXSHbTKp5MZeoCaaY1RCkg7aOduz
+QEaElJuNIOA+bOSctpTr0i70HXhGzVMXStXJMAIFgR9wKppxW+0IXdjYzhKVE8gx
-brnD7lRAfLp0H72nxVgC7n6VjidOSruF7k9WIN9VVbP0ZVL/QtkKRWd/hEmtMNaH
+uXiJfwJx5pSDBWFDZqLM8uTH3hGOuvRX06iSHIFCsxjds7VWXBh91iGw9Xef9D50
-ELg2ekdm3zvdBuvtr0jNiCxbhTr3j5OWQkT/BjZxHpZfA14XEROJC2Slo3PxUwBH
+DVaIhF12dTRsrdi5AqYYkTb4AEzpUQXg7HPi678F6UnsOzCVYZqMWZaF3Ec1UHxu
-0lE0cICWTeaeYcCX8ofawN+t1Qa6UD0sLl2670Kc7pozkJM4ul19rGA2KsHX89gE
+PZ9A27DvK1MsUm4QZ+7XrzWrRdkmRFXqhtfxCxHRpF+YlRPTyWSVmx0fEkGjLiAd
-CaB1CkhFCqZhPbqX9yonv9XZtLb8Of8rBNVd/2QKN4/tOXcMYshzakSfSSIsyxxt
+uHU0D14lcqNvmusWOWXVYePOS44R3DrQFULgzfsly09bKFqRZdKGQavVjUbokP1S
-QgMPRfz0nJTtP7v8ZbwIO+ayGoUeH7aYKhQ6Ku3qW9XuYiy+oMTIOToCSddnEI5t
++MDQOca4I6KSxo2358rUGDhq3A0xI5U24wjinNWHktTPXkJbvcJubx/sHb8QMxST
-JNuPkT9kzA9stkRbFV5kBvrv5LWprWDXdA/wyAWG7txncWj6UzGlP8C3KhtMHLHv
+qSXr5vYjJfms1sU3v2QYrORU42CBOvUAaZYTwLDq+PSN37IcyQoAhTU2ZgPSzSQe
-CiOXrE8UJdNNeT52dYI9slg+tzcCfz3sqMr9zXratvT6JMzrQZqCSis8vIx18TIK
+8aJvxgZWgWedsoeKpKK54yk7rG7b+Qhk6ZHrvFS6cI0YasYQ4GHZHfieG0dTGlVS
-N5yDWHDFUOeNpo7aRqd5goW3qProwfZDjBXiqE4J+AJ5wc73PuftHt2l00zvLDWs
+FAAF+HF9/TI3vZPx5qzS6jhtpy6bI/MxjCachA1suShqHZNn4dGW13C6Kf6a6Ci8
-SFIRvXbavNBA7GxpVtN8Qxmk6Lm0u0pBiastndowgAI5OIQVuwoA21vXyC5n9pMd
+fOMVK/3t4H5oU+2fqoo41jU/1MmLuNUFt7F08X+3eRw/dmhGuf6Mcd46L9SMPtXp
-bPJsmiPyme62OkCWmAjBNDLNVViwKMH8BxmLKJxX+6ysNsn0YY1+9YfI/zC3j4jM
+quSmX/q8kG1YUfj0vXfxBox9rQWYY8kNjp6OUkvAwBYoy6a1j0h420ZQhyNS0vzy
-OYsK1c0NvFIv5aUxRQZLTJJt9C299jGNvdAJsfdp4LHejzZUjnx3nguz/l6RI1Vb
+w2d3UjTjoEdo3qOKCDKLGA9ILSJvK/jzDEoS0G23eiaQJ5DHDK6m++izm+2oCMwM
-vjQ1qDRPhkgErGXSHsCoCt+z5Y6mq17JWEX/FiXBWQbfSGoG/ZvoOqiBybCQ3HNl
++5fcoRhn0SVzAgE63x80btbGuo52sMp57PcGZq50s8yeVYziyZEVPIb5I/vau8BH
-o9QM1sNQ5fUZDh0TgwkJB91rZXPwi828RklMW8VZszZir5gziTnndhw0ADLCZZ6z
+CxZ++8ENtvKmYWX84hXApR+2rX6hWWi/b34YIG4jtCr+aeaNumv5NT19G+g84BsL
-nA0vZAI7sjoEeIgiJq3egrsSLq2ZQRQsh5QF+Xo2QktleGvPrtMv//ZyGz4l59yc
+akcBUtt3px2icLZtUv+ck/JCG/7pUvIqZ2HMKLZgsSZan1pfdfdl1Q28xG97X/dR
-wX/7DtABurFhVs3KdYohcqXk2v5jJCMs+j9YDn6540QR6yXcbifp9ySqhm/PeH91
+gCzr15ZjlX8bwtRNQs+xhv6lDQtFOv0wgYYW6rolZS3SOaGhWU4/E1a+RT16NUvS
-UuL16YKxoV6QBZIGE0vjdUitGKNsS+H4ibD/0ZHYG+VcyL90eIrBq61CjfIO79O0
+lajoYD1jFCk6Y2WWIB1tHxAlNC06EQB3oT+gPtzZ9upcM3Qv0X0RyXgPcLFcveiC
-L9+G4gKB91stXwtpqZWXTrlzrnjloZOPhqyQN/bs/liWQ6qy0a6Cd6nbWc141An1
+aZZtBY6MElzXiRpRB8y6XNyvJz+1vB05DDlcCnx2ovztHAk74AiUp0VlSk6ylqDQ
-zEiOihbwLJ4ziCut+bq5lwyw6z/wWEhaVNnYspEEBr2URLMHbnBceS6zXoePT0ur
+DKOaXHz5ZzFT+Ptaj3m1xBYc3m4Iyw98RXX7IGs7hOY2roaqO3rI/lmgTVuA3hv7
-9mQQLitmtlANlJ93vBDPhCaEjkK1v5J7MmIHQzyLSQGuLdXwz50piJukWru3aNax
+m3CX8vbk3gqV1+Rt2ObuddnKtkrG07lP72HliZBLNRgEoaX1DSKdWq7A8G5uNWJj
-skloghJYeTMILEcGAszvyVtcvPqkrJnZXx4Qp7Luj5HK9THr78v3T4nWzirfqxPZ
+xvwWUDIu/PESII1x8D52pmZ0QH1VQmas17Ezme/4BGvOR5/0vwKUEXPYWhHvtB31
-x70xRyhsC2lLcIrJ+3jkXj44edIqdh3Wvi30L2x2iUFyZ0ojQJQDo/+5b+p9k36L
+4q/HMWpCCH5wF5DF0JfWmOhDpR3EvtG8HnNMzP8cdHbCLaG4SUz5uNKgJ6pI5cjV
-Dk8ktpeIa/BE3NsfcFaWn9bvRkQ6UAQcNn1zmkavfw5TLI4C1PnD/WUpPHZdhzNV
+E+HS+McIN1wp5mFodR3qwjMdLoH2uJ4YOqP05qri1b40xXM/j6+p9tXXYuV/8d6K
-K87CsUawxjEg0uCCaViShF6bD9mOWQxE3SM9yNizjTmotF6KrgkT16y/qZ17KGQM
++L8sZxNvORwf6z8yys2cAHC5xPYBC8c0qKE9a1GtYJRPpjXona+iHoM5KooGFmYx
-hJ5PraGu9jvg+L/MrQpr91eyJaeh9JFl9dM/SPM0mXo5q813bdMmqD4cc3YWCLee
+qZz2AvqbPYIwTHD5sV/K0wA3Zjlw6HOHBnZ6C7ZINAL/idY5uLOP6c3HCmVLRz3a
-dHtmaKJ08KD1cJqHBz0DRLVV+zH00BMoYt5HZ5DmHFU1zhDekWZLhilbyWt8+z1E
+KIZCBintlvOKVSlzfGh7MjAJpEkzqGBNQIFCkRflrJW13R4/fiRL2fqRm2UjbU7q
-bzsoEAfZvyfvF7fJuxQ/HhYdR6TX5H+aNzZZivVc6g==
+QQo+ffs3emwCxkfxdOpubKUoANiFdXvQlKiC2BP/Yw==
 -----END ENCRYPTED PRIVATE KEY-----
 
 -----BEGIN CERTIFICATE-----

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict.properties

@@ -66,7 +66,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -96,7 +95,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -214,7 +213,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -224,8 +222,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -262,7 +258,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_de.properties

@@ -56,7 +56,7 @@ general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
 general.fieldRequired=Erforderliches Feld.
-general.getStarted=Los geht's
+general.getStarted=Get started
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
 general.help=Hilfe
@@ -66,20 +66,16 @@ general.loginSecurityKey=Sicherheitsschlüssel-Login starten
 general.or=ODER
 general.otherOptions=WEITERE OPTIONEN
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
 general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
-general.recoveryCode.reveal=Wiederherstellungscode enthüllen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
 general.register=Registrieren
 general.registerNow=Jetzt registrieren!
 general.registration=Registrierung
 general.securityKey=Sicherheitsschlüssel
 general.skip.content=Direkt zum Hauptteil
-general.wrongPhoneNumber=Bitte geben Sie eine gültige Telefonnummer ein
 generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
 generic.auth.error.next.steps=Versuchen Sie es bitte später noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
 generic.auth.error.subtitle=Etwas ist schiefgegangen
@@ -96,7 +92,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sprache wählen
 loainfo.description.200=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
 loainfo.description.300=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben durch einen von zwei Vorgängen verifizieren. Sie können die bevorzugte Methode im nächsten Schritt auswählen.
-loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.description.400=Für den Zugang zu dieser Anwendung müssen Sie Ihre AHV-Nummer angeben.
 loainfo.helper=Ihre persönlichen Daten müssen überprüft werden!
 loainfo.later=Später
 loainfo.startNow=Möchten Sie den Prozess jetzt starten?
@@ -194,27 +190,13 @@ prompt.newpassword=Neues Passwort
 prompt.newpassword.confirm=Passwort bestätigen
 prompt.password=Passwort
 prompt.userid=Benutzer-ID
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
-providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
-providePhoneNumber.inputLabel=Mobilnummer (optional)
-providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
-providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
-providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
-providePhoneNumber.modal.inputLabel=Mobilnummer
-providePhoneNumber.modal.title=Mobilnummer wiederholen
-providePhoneNumber.saveButtonText=Speichern
-providePhoneNumber.title=Mobilnummer angeben
 pwreset.done.info=Ihr Passwort wurde erfolgreich ge&auml;ndert. Bitte klicken Sie auf Weiter, um sich einzuloggen.
 pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalten, um Ihr Passwort zurückzusetzen..
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr g&uuml;ltig. Bitte generieren Sie ein Neuen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
-recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
 recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
@@ -224,11 +206,9 @@ recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
 recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
 recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
 recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
-recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_noCode.banner.error=Zu viele Fehlversuche.
-recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.instruction1=Sie haben zu oft versucht, einen Wiederherstellungscode einzugeben.
-recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut unter <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
@@ -236,7 +216,7 @@ recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
 recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
 recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
 recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
@@ -262,7 +242,7 @@ recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren r
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
-recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
 recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
 recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
 recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_en.properties

@@ -66,7 +66,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -96,7 +95,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -214,7 +213,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -224,8 +222,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -262,7 +258,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_fr.properties

@@ -66,20 +66,16 @@ general.loginSecurityKey=Démarrer la connexion avec la clé de s&ea
 general.or=OU
 general.otherOptions=AUTRES OPTIONS
 general.recovery=Récupération
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Télécharger en format PDF
 general.recoveryCode.inputLabel=Code de récupération
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistré correctement, puis essayer de le soumettre à nouveau.
 general.recoveryCode.repeatCodeModal.description=Un code de récupération perdu ou mal enregistré peut rendre la récupération de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistré votre code, veuillez le répéter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=Répéter le code de récupération
-general.recoveryCode.reveal=Révéler le code de récupération
 general.recoveryOngoing=Récupération en cours
 general.register=Créer un compte
 general.registerNow=Enregistrez-vous dès maintenant!
 general.registration=Enregistrement
 general.securityKey=Clé de sécurité
 general.skip.content=Passer au contenu principal
-general.wrongPhoneNumber=Veuillez saisir un numéro de téléphone valable
 generic.auth.error.message=Une interruption de service s’est produite. Nous nous employons à résoudre le problème.
 generic.auth.error.next.steps=Veuillez réessayer plus tard. Veuillez vous rendre sur AGOV help si le problème persiste.
 generic.auth.error.subtitle=Un problème s’est produit
@@ -96,7 +92,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sélectionner la langue
 loainfo.description.200=Pour accéder à l'application, nous devons vérifier vos données. Ce processus peut prendre jusqu'à 2 ou 3 jours.
 loainfo.description.300=Pour accéder à l'application, nous devons vérifier vos données par le biais de l'une des deux procédures suivantes. Vous pouvez choisir la procédure que vous préférez à l'étape suivante.
-loainfo.description.400=Veuillez saisir votre numéro AVS pour accéder à l'application.
+loainfo.description.400=Pour accéder à l'application, vous devez ajouter votre numéro AVS.
 loainfo.helper=Vos données doivent être vérifiées!
 loainfo.later=Plus tard
 loainfo.startNow=Voulez-vous commencer le processus maintenant?
@@ -194,19 +190,6 @@ prompt.newpassword=Nouveau mot de passe
 prompt.newpassword.confirm=Confirmez le mot de passe
 prompt.password=Mot de passe
 prompt.userid=ID de l'utilisateur
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
-providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
-providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
-providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
-providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.saveButtonText=Sauvegarder
-providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 pwreset.done.info=Votre mot de passe a &eacute;t&eacute; chang&eacute avec succ&egrave;s. Veuillez cliquer sur continuer pour vous connecter.
 pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courriel pour réinitialiser votre mot de passe.
 pwreset.info.linktext=Mot de passe oublié
@@ -214,7 +197,6 @@ pwreset.noticket=Votre lien n&apos;est plus valide. Veuillez en g&eacute;n&eacut
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
-recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
@@ -224,11 +206,9 @@ recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
 recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
-recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
-recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir trop de fois le code de r&eacute;cup&eacute;ration.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur et relancer la r&eacute;cup&eacute;ration du compte dans dix minutes depuis <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
@@ -262,7 +242,7 @@ recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; p
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
-recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute; ou r&eacute;initialis&eacute; mon application d'acc&egrave;s AGOV
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
 recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
 recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties

@@ -66,20 +66,16 @@ general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.or=O
 general.otherOptions=ALTRE OPZIONI
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non è corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
 general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato può rendere più difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
-general.recoveryCode.reveal=Mostra il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
 general.register=Registrarsi
 general.registerNow=Si registri ora!
 general.registration=Registrazione
 general.securityKey=Chiave di sicurezza
 general.skip.content=Vai al contenuto principale
-general.wrongPhoneNumber=Inserire un numero di cellulare valido
 generic.auth.error.message=Si è verificata un’interruzione. Stiamo lavorando per ripristinare l’esercizio.
 generic.auth.error.next.steps=Riprovare più tardi. Se il problema persiste, consultare AGOV help.
 generic.auth.error.subtitle=Qualcosa non ha funzionato.
@@ -96,7 +92,7 @@ language.it=Italiano
 languageDropdown.aria.label=Selezionare la lingua
 loainfo.description.200=Per accedere all'app è necessaria una verifica dei dati. La procedura può richiedere fino a 2–3 giorni lavorativi.
 loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, può selezionare la procedura di verifica desiderata.
-loainfo.description.400=Per accedere all'applicazione è necessario inserire il numero AVS.
+loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Più tardi
 loainfo.startNow=Iniziare la procedura?
@@ -194,19 +190,6 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
-providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
-providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
-providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
-providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
-providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
-providePhoneNumber.modal.inputLabel=Numero di telefono
-providePhoneNumber.modal.title=Ripetere il numero di telefono
-providePhoneNumber.saveButtonText=Salva
-providePhoneNumber.title=Aggiungi numero di telefono
 pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
@@ -214,7 +197,6 @@ pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave;
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
-recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
 recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
@@ -224,11 +206,9 @@ recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
 recovery_check_code.noAccess=Non ho il mio codice.
 recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
 recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
-recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_noCode.banner.error=Troppi tentativi
-recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.instruction1=&Egrave; stato inserito troppe volte il codice di ripristino.
-recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction2=Si prega di chiudi il browser web e avvia nuovamente il recupero dell'account entro dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Per procedere, inserire il nuovo codice.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
@@ -262,7 +242,7 @@ recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fatt
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
-recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato la mia app AGOV access
+recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
 recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
 recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
 recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/Recovery_getCredentials.groovy

@@ -0,0 +1,62 @@
+import ch.nevis.idm.client.IdmRestClient
+import ch.nevis.idm.client.IdmRestClientFactory
+import groovy.json.JsonSlurper
+import java.time.ZonedDateTime
+import java.time.format.DateTimeFormatter
+import java.time.ZoneId
+import ch.nevis.esauth.auth.engine.AuthResponse
+import groovy.xml.XmlSlurper
+
+IdmRestClient idmRestClient = IdmRestClientFactory.get(parameters)
+
+String baseUrl = parameters.get('baseUrl')
+String clientExtId = session.get('ch.adnovum.nevisidm.user.clientExtId')
+String userExtId = session.get('ch.adnovum.nevisidm.user.extId')
+String endPoint = "$baseUrl/api/core/v1/$clientExtId/users/$userExtId/fido2"
+String endPointFidoUAF = "$baseUrl/api/core/v1/$clientExtId/users/$userExtId/generic-credentials"
+
+def userDto = new XmlSlurper().parseText(session['ch.adnovum.nevisidm.userDto'])
+def hasRecoveryRole = userDto.'**'.find { node -> node.name() == 'roles' && node.applicationName.text() == 'AGOV-AccountStatus' && node.name.text() == 'recovery' }
+if (hasRecoveryRole != null) {
+  String result
+  try {
+     result = idmRestClient.get(endPoint)
+     resultFidoUAF = idmRestClient.get(endPointFidoUAF)
+
+  def json = new JsonSlurper().parseText(result)
+LOG.info('Result fido2: ' + json)
+
+    def login=false
+    json['items'].each {
+     if ("active".equals(it.stateName)) {
+         response.setSessionAttribute('agov.recovery.securityKey', it.userFriendlyName)
+         response.setResult('loginWithFido2')
+         login=true
+         return
+      }
+
+   }
+   if (login) {
+     return
+   }
+   def jsonFidoUAF = new JsonSlurper().parseText(resultFidoUAF)
+   LOG.info('Result fidoUAF: ' + jsonFidoUAF)
+      jsonFidoUAF['items'].each {
+        if ("active".equals(it.stateName)) {
+          response.setSessionAttribute('agov.recovery.accessapp', it.properties.fidouaf_name)
+          response.setResult('loginWithFidoUAF')
+          login=true
+          return
+        }
+     }
+     if (login) {
+       return
+     }
+  } catch(Exception e) {
+    LOG.error(e.toString())
+    response.setResult('failed')
+   return
+  }
+
+}
+response.setResult('ok')

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/SendSamlResponseWithAssertion.groovy

@@ -10,20 +10,6 @@ def tAuth = System.currentTimeMillis() - (request.getSession(true).getCreationTi
 
 LOG.info("Event='AUTHENTICATION', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', tAuth=${tAuth}ms, SourceIp=${sourceIp}, UserAgent='${userAgent}'")
 
-// BUNDBITBK-4824: Address was missing after bmid verification
-def session = request.getAuthSession(true)
-int loa = session.get('agov.actualRoleLevel') as int
-
-// Best Token Available only if account's AQlevel is high enough
-if ((session.getAttribute('agov.appAddressRequired') == 'true') && (loa < 200)) {
-    LOG.debug("Best Token: Address requested but account has to low AQ (${loa})")
-    session.setAttribute('agov.appAddressRequired', 'false')
-}
-if ((session.getAttribute('agov.appSvnrAllowed') == 'true') && (loa < 400)) {
-    LOG.debug("Best Token: SVNr requested but account has to low AQ (${loa})")
-    session.setAttribute('agov.appSvnrAllowed', 'false')
-}
-// BUNDBITBK-4824 END
 
 // delete the login cookie
 def agovLoginCookie = "agovLogin=deleted; Domain=${parameters.get('cookie.domain')}; Path=/; Max-Age=0; SameSite=Strict; Secure; HttpOnly"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/askMobileNumber.groovy

@@ -60,19 +60,16 @@ if (!inargs['submit'] && (!inargs['mobile'] || !inargs['mobile'].isEmpty()) && i
     return
 }
 
-if (inargs['submit'] && (!inargs['mobile'] || inargs['mobile'].isEmpty()) && inargs['skip']) {
+if (inargs['submit'] && (!inargs['mobile'] || inargs['mobile'].isEmpty()) && inargs['skip'] && inargs['skip'] == 'true') {
     // no mobile, and user wants to skip it
 
-    LOG.info("Event='NOMOBILENUMBER', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', Persistent='${ inargs['skip'] == 'persistent' ? true : false }'")
+    LOG.info("Event='NOMOBILENUMBER', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}'")
     
-    if (inargs['skip'] == 'persistent') {
+    // persistent cookie for 30d;
-        // persistent cookie for 30d;
+    def agovSkipAskingMobileCookie = "agovSkipAskingMobile=true; Domain=${parameters.get('cookie.domain')}; Path=/; Max-Age=2592000; SameSite=Strict; Secure; HttpOnly"
-        def agovSkipAskingMobileCookie = "agovSkipAskingMobile=true; Domain=${parameters.get('cookie.domain')}; Path=/; Max-Age=2592000; SameSite=Strict; Secure; HttpOnly"
+    // setHeader doesn't support multiple headers with the same name, so we use
-        // setHeader doesn't support multiple headers with the same name, so we use
+    // a different one, and rewrite it in the proxy with Lua
-        // a different one, and rewrite it in the proxy with Lua
+    response.setHeader('Set-Cookie2', agovSkipAskingMobileCookie)
-        response.setHeader('Set-Cookie2', agovSkipAskingMobileCookie)
-    }
-
     response.setResult('done')
     return
 }

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/checkloa.groovy

@@ -2,8 +2,9 @@ import org.codehaus.groovy.runtime.StackTraceUtils
 import groovy.xml.XmlSlurper
 
 def getUserAGOVLoiRoles() {
-  // we take the roles from actualRoles
+  // set attibutes from DTO: -> AGOVaq
-  return request.getActualRoles().findAll { role -> role.startsWith('AGOV-Loi.') }.collect({ role -> role.substring(9) })
+  def list = new XmlSlurper().parseText(session.get('ch.adnovum.nevisidm.userDto'))
+  return list.'**'.findAll { node -> node.name() == 'roles' && node.applicationName.text() == 'AGOV-Loi' }.collect({ node -> node.name.text() })
 }
 
 def getUserAGOVRecoveryRoles() {
@@ -140,11 +141,6 @@ try {
     LOG.error("Event='DATAERROR', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', errorMessage='Account without Profile', SourceIp=${sourceIp}, UserAgent='${userAgent}'")
 
     session.setAttribute('contextClassRefToSet', 'urn:qa.agov.ch:names:tc:ac:classes:100')
-
-    // if the account has no profile, we must not return address or svnr
-    session.setAttribute('agov.appAddressRequired', 'false')
-    session.setAttribute('agov.appSvnrAllowed', 'false')
-
     response.setResult('ok')
     return
   }
@@ -165,14 +161,16 @@ try {
   if (role.startsWith('level')) {
     def roleLevel = role.substring(5)
     int roleLevelNumber = Integer.parseInt(roleLevel)
-    
+    if (highestRoleLevelNumber == 0) {
+      highestRoleLevelNumber = roleLevelNumber
+    }
     if (highestRoleLevelNumber< roleLevelNumber) { 
       highestRoleLevelNumber=roleLevelNumber 
     } 
   } 
   } 
-  LOG.debug('CheckLoa: Highest role Level ' + highestRoleLevelNumber.toString() +' contextclassref ' + requestedRoleLevelNumber.toString()) 
+  LOG.debug('CheckLoa: Highest role Level' + highestRoleLevelNumber.toString() +' contextclassref' + requestedRoleLevelNumber.toString()) 
-  LOG.debug('CheckLoa: Compare ' + (highestRoleLevelNumber>=requestedRoleLevelNumber))  
+  LOG.debug('CheckLoa: Compare' + (highestRoleLevelNumber>=requestedRoleLevelNumber)) 
 
   //set attribute Actual Role Level
   session.setAttribute('agov.actualRoleLevel', '' + highestRoleLevelNumber)
@@ -187,46 +185,42 @@ try {
   }
 
   // no login for users with a recovery role
-  def recoveryRoleList = getUserAGOVRecoveryRoles()
+  for (String role : getUserAGOVRecoveryRoles()) {
-  
+    if (role == 'mustRecover') {
-  if (recoveryRoleList.contains('mustRecover')) {
+      session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:mustRecover')
-    session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:mustRecover')
+      session.setAttribute('agov.recovery.authenticatedWith', session.getAttribute('authenticatedWith') ?: 'unknown' ) 
-    session.setAttribute('agov.recovery.authenticatedWith', session.getAttribute('authenticatedWith') ?: 'unknown' ) 
 
-    def origIdVerification = getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString()) ?: 'None'
+      def origIdVerification = getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString()) ?: 'None'
-    def idVerification = getUserIdVerificationForRecovery() ?: origIdVerification
-    session.setAttribute('agov.recovery.currentIdVerification', '' + idVerification )
 
-    // align currentAgovAq with the method selected for idVerification
+      def idVerification = getUserIdVerificationForRecovery() ?: origIdVerification
-    def currentAgovAqForRecovery = getAqLevelBasedOnIdVerificationForRecovery(idVerification, highestRoleLevelNumber)
+      session.setAttribute('agov.recovery.currentIdVerification', '' + idVerification )
-    session.setAttribute('agov.recovery.currentAgovAq', '' + currentAgovAqForRecovery)
 
-    def validFrom = getUserMustRecoverValidFrom() ?: ''
+      // align currentAgovAq with the method selected for idVerification
-    session.setAttribute('agov.recovery.currentAgovAqRoleValidFrom', '' + validFrom ) 
+      def currentAgovAqForRecovery = getAqLevelBasedOnIdVerificationForRecovery(idVerification, highestRoleLevelNumber)
+      session.setAttribute('agov.recovery.currentAgovAq', '' + currentAgovAqForRecovery)
 
-    LOG.debug("CheckLoa: mustRecover: origIdVerification=${origIdVerification}, idVerification=${idVerification}, currentAgovAqForRecovery=${currentAgovAqForRecovery}")
+      def validFrom = getUserMustRecoverValidFrom() ?: ''
+      session.setAttribute('agov.recovery.currentAgovAqRoleValidFrom', '' + validFrom ) 
 
-    response.setResult('exit.2')
+      LOG.debug("CheckLoa: mustRecover: origIdVerification=${origIdVerification}, idVerification=${idVerification}, currentAgovAqForRecovery=${currentAgovAqForRecovery}")
-    return
 
-  } else if (recoveryRoleList.contains('recovery')) {
+      response.setResult('exit.2')
-    if (recoveryRoleList.contains('recoveryCascade')) {
+      return
-      session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:recoveryCascade')
+
-    } else {
+    } else if (role == 'recovery') {
       session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:recovery')
-    }
+      session.setAttribute('agov.recovery.authenticatedWith', session.getAttribute('authenticatedWith') ?: 'unknown') 
-    session.setAttribute('agov.recovery.authenticatedWith', session.getAttribute('authenticatedWith') ?: 'unknown') 
+      session.setAttribute('agov.recovery.currentAgovAq', session.getAttribute('contextClassRefToSet') ?: 'urn:qa.agov.ch:names:tc:ac:classes:100' )
-    session.setAttribute('agov.recovery.currentAgovAq', session.getAttribute('contextClassRefToSet') ?: 'urn:qa.agov.ch:names:tc:ac:classes:100' )
+      LOG.debug('CheckLoa: idVerification2= '+ getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString()))
-    LOG.debug('CheckLoa: idVerification2= '+ getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString()))
+      def idVerification = getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString())
-    def idVerification = getUserAGOVLoiIdVerification(highestRoleLevelNumber.toString())
+      session.setAttribute('agov.recovery.currentIdVerification', (idVerification.isEmpty() ? 'None' : idVerification.first()))
-    session.setAttribute('agov.recovery.currentIdVerification', (idVerification.isEmpty() ? 'None' : idVerification.first()))
+      def validFrom = getUserAGOVLoiValidFrom('level'.concat(highestRoleLevelNumber.toString())) ?: ''
-    def validFrom = getUserAGOVLoiValidFrom('level'.concat(highestRoleLevelNumber.toString())) ?: ''
+      session.setAttribute('agov.recovery.currentAgovAqRoleValidFrom', validFrom) 
-    session.setAttribute('agov.recovery.currentAgovAqRoleValidFrom', validFrom) 
-
-    response.setResult('exit.2')
-    return
-  } 
 
+      response.setResult('exit.2')
+      return
+    } 
+  }
 
   if (highestRoleLevelNumber>=requestedRoleLevelNumber) { 
 

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/eid_verification_auth.groovy

@@ -1,326 +0,0 @@
-import ch.nevis.esauth.auth.engine.AuthResponse
-import ch.nevis.esauth.util.httpclient.api.HttpClient
-import groovy.json.JsonSlurper
-import io.opentelemetry.api.trace.Span
-
-def getHeader(String name) {
-	def inctx = request.getLoginContext()
-	// case-insensitive lookup of HTTP headers
-	def map = new TreeMap<>(String.CASE_INSENSITIVE_ORDER)
-	map.putAll(inctx)
-	return map['connection.HttpHeader.' + name]
-}
-
-def verification_request_template = '''
-{ "presentation_definition": {
-    "id": "{{UUID}}",
-    "name": "AGOV Verification",
-    "purpose": "AGOV Login",
-    "format": {
-      "vc+sd-jwt": {
-        "sd-jwt_alg_values": [
-          "ES256"
-        ],
-        "kb-jwt_alg_values": [
-          "ES256"
-        ]
-      }
-    },
-    "input_descriptors": [
-      {
-        "id": "agov-all-attributes",
-        "name": "AGOV Identity Verification",
-        "purpose": "verification and authentication",
-        "format": {
-          "vc+sd-jwt": {
-            "sd-jwt_alg_values": [
-              "ES256"
-            ],
-            "kb-jwt_alg_values": [
-              "ES256"
-            ]
-          }
-        },
-        "constraints": {
-          "fields": [
-            {
-              "path": [
-                "$.family_name"
-              ]
-            },
-            {
-              "path": [
-                "$.given_name"
-              ]
-            },
-            {
-              "path": [
-                "$.birth_date"
-              ]
-            },
-            {
-              "path": [
-                "$.sex"
-              ]
-            },
-            {
-              "path": [
-                "$.place_of_origin"
-              ]
-            },
-            {
-              "path": [
-                "$.birth_place"
-              ]
-            },
-            {
-              "path": [
-                "$.nationality"
-              ]
-            },
-            {
-              "path": [
-                "$.personal_administrative_number"
-              ]
-            },
-            {
-              "path": [
-                "$.document_number"
-              ]
-            },
-            {
-              "path": [
-                "$.issuance_date"
-              ]
-            },
-            {
-              "path": [
-                "$.expiry_date"
-              ]
-            },
-            {
-              "path": [
-                "$.issuing_authority"
-              ]
-            },
-            {
-              "path": [
-                "$.issuing_country"
-              ]
-            }
-          ]
-        }
-      }
-    ]
-  }
-}
-'''
-
-def ERROR_CODE_TO_STATUS_MAPPER = [
-		'CREDENTIAL_INVALID'               : 'FAILED',
-		'JWT_EXPIRED'                      : 'ERROR',
-		'INVALID_FORMAT'                   : 'ERROR',
-		'CREDENTIAL_EXPIRED'               : 'FAILED',
-		'MISSING_NONCE'                    : 'ERROR',
-		'UNSUPPORTED_FORMAT'               : 'ERROR',
-		'CREDENTIAL_REVOKED'               : 'FAILED',
-		'CREDENTIAL_SUSPENDED'             : 'FAILED',
-		'HOLDER_BINDING_MISMATCH'          : 'ERROR',
-		'CREDENTIAL_MISSING_DATA'          : 'FAILED',
-		'UNRESOLVABLE_STATUS_LIST'         : 'ERROR',
-		'PUBLIC_KEY_OF_ISSUER_UNRESOLVABLE': 'ERROR',
-		'CLIENT_REJECTED'                  : 'CANCELED',
-		'ISSUER_NOT_ACCEPTED'              : 'ERROR'
-]
-
-// ---------------
-// check, whether we are still processing the correct AuthnRequest
-if (inargs.containsKey('authRequestId') && (inargs['authRequestId'] != session['ch.nevis.auth.saml.request.id'])) {
-	// wrong request, "force" a timeout
-	LOG.debug('authentication timeout enforced, due to concurrent requests -> return a 408')
-
-	response.setIsDirectResponse(true)
-	response.setContentType('text/html; charset=UTF-8')
-	response.setContent('Timeout')
-	response.setHttpStatusCode(205)
-	response.setHeader('IDP-AUTH', 'Timeout')
-
-	// CONTINUE to keep the other request beeing processed
-	response.setStatus(AuthResponse.AUTH_CONTINUE)
-	return
-}
-
-if (inargs['oid4vp'] == 'ERROR') {
-	response.setResult('error')
-	return
-}
-
-if (inargs['oid4vp'] == 'SUCCEEDED') {
-	response.setResult('ok')
-	return
-}
-
-
-def sess = request.getAuthSession(true)
-
-HttpClient httpClient = HttpClients.create(parameters)
-def spanCtxt = Span.current().getSpanContext()
-def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
-
-if (!session['agov.eid.verification']) {
-	// Initialize the verification session on the verifier
-	def endPoint = "${parameters.get('eidVerifierBaseUrl')}/api/v1/verifications"
-
-	try {
-		def httpResponse = Http.post()
-				.url(endPoint)
-				.header("Accept", "application/json")
-				.header("traceparent", traceparent)
-				.entity(Http.entity()
-						.content(verification_request_template.replaceAll("\\{\\{UUID}}", UUID.randomUUID().toString()))
-						.contentType("application/json")
-						.build())
-				.build()
-				.send(httpClient)
-
-
-		if (httpResponse.code() != 200) {
-			LOG.debug("Result: ${httpResponse}")
-			response.setResult('error')
-			return
-		}
-
-		def json = new JsonSlurper().parseText(httpResponse.bodyAsString())
-		LOG.debug("Result: ${json}")
-
-		sess.setAttribute('agov.eid.verification', 'true')
-		sess.setAttribute('agov.eid.verification.id', json.id)
-		sess.setAttribute('agov.eid.verification.link', json.verification_url)
-
-		if (json.state != 'PENDING') {
-			response.setResult('error')
-			return
-		}
-	}
-	catch (Exception e) {
-		LOG.error("Eid verification failed: $e")
-		response.setResult('error')
-		return
-	}
-}
-
-if (getHeader('Content-Type') == 'application/json' && inargs.containsKey('o.id.v')) {
-	// request for a status update from the verifier
-	def result
-
-	// TODO/haburger/2025-03-24: we should make sure, that we have an actual session on the verifier with id.v
-	// and that authRequestId is correct
-	def idvalue = (!inargs['o.id.v'] || inargs['o.id.v'] == 'NEW') ? session['agov.eid.verification.id'] : inargs['o.id.v']
-
-	try {
-		def endPoint = "${parameters.get('eidVerifierBaseUrl')}/api/v1/verifications/${idvalue}"
-
-		def httpResponse = Http.get()
-				.url(endPoint)
-				.header("Accept", "application/json")
-				.header("traceparent", traceparent)
-				.build()
-				.send(httpClient)
-
-		if (httpResponse.code() != 200) {
-			// TODO/haburger/2025-03-25: 404 we should create a new verification request
-			LOG.debug("Result: ${httpResponse}")
-			result = """{
-				"oid4vp": {
-					"status": "ERROR",
-					"verification_url": "${session['agov.eid.verification.link']}",
-					"id": "${idvalue}",
-					"error_code": "HTTP-ERROR",
-					"error_message": "failed to verify status of verification ${idvalue}, http status: ${httpResponse.code()}"
-				}}"""
-			LOG.warn("<== Response: ${responseCode}")
-		}
-		else {
-
-			def json = new JsonSlurper().parseText(httpResponse.bodyAsString())
-
-			if (json.state == 'SUCCESS') {
-				def claims = json.wallet_response.credential_subject_data
-
-				// TODO/haburger/2025-03-25: format changes to align with IDM read data
-				sess.setAttribute('ch.nevis.idm.User.firstName', claims.given_name)
-				sess.setAttribute('ch.nevis.idm.User.lastName', claims.family_name)
-				sess.setAttribute('ch.nevis.idm.User.birthDate', claims.birth_date)
-				sess.setAttribute('ch.nevis.idm.User.gender', claims.sex)
-				sess.setAttribute('ch.nevis.idm.User.prop.svnr', claims.personal_administrative_number)
-				sess.setAttribute('ch.nevis.idm.User.prop.placeOfBirth', claims.birth_place)
-				sess.setAttribute('ch.nevis.idm.User.prop.eIdNumber', claims.personal_administrative_number)
-				sess.setAttribute('ch.nevis.idm.User.prop.nationality', claims.nationality.toString())
-				sess.setAttribute('ValidFrom', claims.issuance_date)
-				sess.setAttribute('ValidTo', claims.expiry_date)
-				sess.setAttribute('authenticatedWith', "urn:qa.agov.ch:names:tc:authfactor:eid")
-				sess.setAttribute('idVerification', "Eid")
-				sess.setAttribute('contextClassRefToSet', "urn:qa.agov.ch:names:tc:ac:classes:600")
-
-				response.setUserId(claims.personal_administrative_number)
-				response.setLoginId(claims.document_number)
-				response.setAuthLevel("EID")
-
-				result = """{
-				"oid4vp": {
-					"status": "SUCCEEDED",
-					"verification_url": "${session['agov.eid.verification.link']}",
-					"id": "${idvalue}",
-					"error_code": "NONE"
-				}}"""
-			}
-			else if (json.state == 'FAILED') {
-				// TODO/haburger/2025-03-25: ERROR_CODE_TO_STATUS_MAPPER[json.wallet_response.error_code] == 'FAILED' we should
-				//  initiate a new verification and return the new id, url together with the message
-
-				LOG
-						.error("Eid verification failed: ${json.wallet_response.error_code} (${json.wallet_response.error_description})")
-				result = """{
-				"oid4vp": {
-					"status": "${ERROR_CODE_TO_STATUS_MAPPER[json.wallet_response.error_code] ?: 'ERROR'}",
-					"verification_url": "${session['agov.eid.verification.link']}",
-					"id": "${idvalue}",
-					"error_code": "${json.wallet_response.error_code}",
-					"error_message": "${json.wallet_response.error_description}"
-				}}"""
-			}
-			else {
-				result = """{
-				"oid4vp": {
-					"status": "${inargs['o.id.v'] == 'NEW' ? 'INITIATED' : 'PENDING'}",
-					"verification_url": "${session['agov.eid.verification.link']}",
-					"id": "${idvalue}",
-					"error_code": "NONE"
-				}}"""
-			}
-		}
-
-	}
-	catch (Exception e) {
-		LOG.error("Eid verification failed: ${e}")
-		result = """{
-				"oid4vp": {
-					"status": "ERROR",
-					"verification_url": "${session['agov.eid.verification.link']}",
-					"id": "${idvalue}",
-					"error_code": "HTTP-ERROR",
-					"error_message": "failed to verify status of verification ${idvalue}, http exception"
-				}}"""
-	}
-
-	response.setContent(result.toString())
-	response.setContentType('application/json')
-	response.setHttpStatusCode(200)
-	response.setIsDirectResponse(true)
-	response.setStatus(AuthResponse.AUTH_CONTINUE)
-	return
-}
-
-// if we reach this place, display GUI
-response.setStatus(AuthResponse.AUTH_CONTINUE)
-return

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureRecoveryCode.groovy

@@ -1,7 +1,7 @@
 import ch.nevis.esauth.auth.engine.AuthResponse
-import ch.nevis.esauth.util.httpclient.api.HttpClient
+import ch.nevis.idm.client.IdmRestClient
-
+import ch.nevis.idm.client.IdmRestClientFactory
-import io.opentelemetry.api.trace.Span
+import ch.nevis.idm.client.HTTPRequestWrapper
 
 import groovy.json.JsonSlurper
 import groovy.xml.XmlSlurper
@@ -19,9 +19,7 @@ def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?:
 
 
 
-HttpClient httpClient = HttpClients.create(parameters)
+IdmRestClient idmRestClient = IdmRestClientFactory.get(parameters)
-def spanCtxt = Span.current().getSpanContext()
-def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
 
 String clientExtId = session.get('ch.adnovum.nevisidm.user.clientExtId')
 String userExtId = session.get('ch.adnovum.nevisidm.user.extId')
@@ -39,26 +37,21 @@ if (Arrays.stream(response.getActualRoles()).filter( r -> r.matches('^.*AGOV-Loi
 	return
 }
 
-// 1a) check if user has a credential
+
+// 1b) check if user has a credential
 if ( recoveryCredential != null ) {
 	LOG.debug("Account '${user}' has an active recovery code, no need to create new code")
 	response.setResult('done')
 	return
 }
 
-// 1b) check if a recovery is ongoing (nothing to do)
+// 1c) check if a recovery is ongoing (nothing to do)
 if (Arrays.stream(response.getActualRoles()).filter( r -> r.contains('AGOV-AccountStatus.recovery')).findAny().isPresent()) {
 	LOG.debug("Account '${user}' is in recovery, no need to create new code")
 	response.setResult('done')
 	return
 }
 
-// 1c) don't do it for mobile phones (BUNDBITBK-4445)
-if (userAgent =~ /(iPhone|Android)/ ) {
-	LOG.debug("User '${user}' used a mobile phone, recovery code creation skipped")
-	response.setResult('done')
-	return
-}
 
 // 2) set cookie for recoveryCode
 if (outargs.containsKey('out.JWTToken')) {
@@ -72,26 +65,21 @@ if (outargs.containsKey('out.JWTToken')) {
 if (!session['agov.new.recovery.code.generated']) {
 	inargs.remove('submit')
 	try {
-		def httpResponse = Http.post()
+		def postRequest = new HTTPRequestWrapper()
-			.url(endPoint)
+		postRequest.addToHeaders('Content-Type',  ['application/json'])
-			.header("Accept", "application/json")
-			.header("traceparent", traceparent)
-			.entity(Http.entity()
-				.content("{\"userExtId\":\"$userExtId\",\"userSessionId\": \"$sessionId\"}")
-				.contentType("application/json")
-				.build())
-			.build()
-			.send(httpClient)
 
-
+		postRequest.setPayLoad("{\"userExtId\":\"$userExtId\",\"userSessionId\": \"$sessionId\"}".getBytes('UTF-8'))
-		if (httpResponse.code() != 200) {
+		
-            LOG.debug("Result: ${httpResponse}")
+        def result = idmRestClient.postWithResponse(endPoint, postRequest)
-			LOG.warn("Event='RCVRY-CODE', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='Failed to create code (http status code ${httpResponse.code()})")
+		if (result.getStatusCode() != 200) {
+            LOG.debug("Payload: ${new String(postRequest.getPayLoad())}")
+            LOG.debug("Result: ${result}")
+			LOG.warn("Event='RCVRY-CODE', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='Failed to create code (http status code ${result.getStatusCode()})")
 			response.setResult('failed')
 			return
 		}
 
-		def json = new JsonSlurper().parseText(httpResponse.bodyAsString())
+		def json = new JsonSlurper().parseText(new String(result.getPayLoad(), 'UTF-8'))
 
 		notes.setProperty('agov.new.recovery.code', json['recoveryCode']['code'].replaceAll('^(....)(....)(.*)$', '$1-$2-$3'))
 		LOG.debug("agov.new.recovery.code: ${notes['agov.new.recovery.code']}")

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf

@@ -3,7 +3,6 @@ RTENV_SECURITY_CHECK=no_shell
 JAVA_OPTS=(
     "-XX:+UseContainerSupport"
     "-Dfile.encoding=UTF-8"
-    "-Dotel.instrumentation.metro.enabled=false"
     "-XX:MaxRAMPercentage=80.0"
     "-Djava.net.preferIPv4Stack=true"
     "-Djava.net.connectionTimeout=10000"
@@ -13,7 +12,7 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.3,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_auth.groovy

@@ -98,12 +98,9 @@ if (path == '/nevisfido/fido2/attestation/options') {
     }
     post(connection, json)
     def responseCode = connection.responseCode
-    def responseText = responseCode == 200 ? connection.inputStream.text : '{"allowCredentials":[]}'
-    def jsonResponse = new JsonSlurper().parseText(responseText)
-    def numOfKeys = jsonResponse.allowCredentials ? jsonResponse.allowCredentials.size() : 0
 
-    // non existing account, account without FIDO2 key , or account with disabled FIDO2 key case
+    // non existing account, or account without FIDO2 key case
-    if (responseCode == 404 || responseCode == 400 || numOfKeys == 0) {
+    if (responseCode == 404 || responseCode == 400) {
 
       LOG.debug("Fido2Auth: <== Response: ${responseCode}")
 
@@ -116,36 +113,36 @@ if (path == '/nevisfido/fido2/attestation/options') {
       def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
       def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
       def tAuth = System.currentTimeMillis() - (request.getSession(true).getCreationTime().getEpochSecond() * 1000)
-      def details = "no account (404)"
-      if (responseCode == 400 ) {
-        details = "no fido2 keys for account (400)"    
-      } else if (responseCode == 200) {
-        details = "no active fido2 key for account (200, empty allowCredentials array)"    
-      }
       
-      LOG.info("Event='NOACCOUNT', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${session['ch.nevis.idm.User.email']}, CredentialType='${credentialType}', tAuth=${tAuth}ms, SourceIp=${sourceIp}, UserAgent='${userAgent}', Details='${details}'")
+      LOG.info("Event='NOACCOUNT', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${session['ch.nevis.idm.User.email']}, CredentialType='${credentialType}', tAuth=${tAuth}ms, SourceIp=${sourceIp}, UserAgent='${userAgent}'")
-
       // returning a fake options structure, which shouldn't leak whether the user account exists or not
       // keyId is unique per environment and email, fido2SessionId and challenge are renewed each time
       def keyId = UUID.nameUUIDFromBytes("${parameters['rpId']}.${session['ch.nevis.idm.User.email']}".getBytes())
-      responseText = """{"status": "ok",
+      def responseText = """{"status": "ok",
-                         "errorMessage": "",
+                             "errorMessage": "",
-                         "fido2SessionId": "${UUID.randomUUID()}",
+                             "fido2SessionId": "${UUID.randomUUID()}",
-                         "challenge": "${base64url(UUID.randomUUID())}",
+                             "challenge": "${base64url(UUID.randomUUID())}",
-                         "timeout": 300000,
+                             "timeout": 300000,
-                         "rpId": "${parameters['rpId']}",
+                             "rpId": "${parameters['rpId']}",
-                         "allowCredentials": [
+                             "allowCredentials": [
-                           {
+                             {
-                              "type": "public-key",
+                                "type": "public-key",
-                              "id": "${base64url(keyId)}",
+                                "id": "${base64url(keyId)}",
-                              "transports": []
+                                "transports": []
-                           }
+                             }
-                         ],
+                                                 ],
-                         "userVerification": "required"}"""
+                             "userVerification": "required"}"""
+
+      response.setContent(responseText) // return response from nevisFIDO "as-is"
+      response.setContentType('application/json')
+      response.setHttpStatusCode(200)
+      response.setIsDirectResponse(true)
+      return
     }
 
+    def responseText = connection.inputStream.text
     LOG.debug("Fido2Auth: <== Response: ${responseCode} : ${responseText}")
-    response.setContent(responseText)
+    response.setContent(responseText) // return response from nevisFIDO "as-is"
     response.setContentType('application/json')
     response.setHttpStatusCode(200)
     response.setIsDirectResponse(true)

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/handleRedirectRecovery.groovy

@@ -8,8 +8,8 @@ if(outargs.containsKey('saml.SAMLResponse')) {
      def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
      def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
 
-     LOG.info("Event='GOTORECOVERY', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', AccountAq='${session['agov.recovery.currentAgovAq']}', AuthCtxClass='${session['agov.recovery.authnContextClassRef']}', RecoveryCodeStatus='${session['agov.recovery.codeStatus']}', RecoveryCodeDetailStatus='${session['agov.recovery.codeDetailStatus']}'")     
+     LOG.info("Event='GOTORECOVERY', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', RecoveryInfo={ ctxClass: ${session['agov.recovery.authnContextClassRef']}, acctAq: ${session['agov.recovery.currentAgovAq']}}")
-     
+
      // Redirect
      response.addOutArg('nevis.transfer.destination', parameters.get('agovmedirecturl'))
      response.addOutArg('nevis.transfer.field.SAMLResponse', outargs.getProperty('saml.SAMLResponse').bytes.encodeBase64().toString())

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/logRecoveryReason.groovy

@@ -5,6 +5,4 @@ def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: '
 def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
 def reason = session['agov.recovery.reason'] ?: 'unknown'
 
-LOG.info("Event='RECOVERY-REASON', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', Reason='${reason}'")
+LOG.info("Event='RECOVERY-REASON', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', Reason='${reason}'")
-
-response.setResult('ok')

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/logging.yml

@@ -12,8 +12,6 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
-    - name: "ProductAnalytics"
-      level: "INFO"
     - name: "EsAuthStart"
       level: "INFO"
     - name: "org.apache.catalina.loader.WebappClassLoader"
@@ -35,7 +33,7 @@ Configuration:
     - name: "OpTrace"
       level: "DEBUG"
     - name: "Recovery"
-      level: "DEBUG"
+      level: "INFO"
     - name: "Script"
       level: "DEBUG"
     - name: "SessCoord"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/mobile_nless_auth.groovy

@@ -82,9 +82,8 @@ if (inargs['fidoUafDone'] == 'true' ||
 if (inargs['fallback'] == 'fallback') {
     response.setResult('fido2')
 }
-
+    // dispatch to recovery
-// dispatch to recovery
+    if (inargs['fallback'] == 'recovery') {
-if (inargs['fallback'] == 'recovery') {
     response.addOutArg('nevis.transfer.destination', parameters.get('recoveryurl'))
     response.setStatus(ch.nevis.esauth.auth.engine.AuthResponse.AUTH_CONTINUE) 
     response.setIsRedirectTransfer(true)

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/nevisauth.yml

@@ -3,7 +3,6 @@ server:
   protocol: "https"
   port: "8991"
   host: "0.0.0.0"
-  max-threads: "200"
   tls:
     keystore: "/var/opt/keys/own/auth-default-identity/keystore.p12"
     keystore-passphrase: "${exec:/var/opt/keys/own/auth-default-identity/keypass}"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/questionnaireLfProcessing.groovy

@@ -1,25 +0,0 @@
-import ch.nevis.esauth.auth.engine.AuthResponse
-
-if (inargs['cancel'] && inargs['cancel'] == 'cancel') {
-  def s = request.getAuthSession(true)
-  s.removeAttribute('agov.recovery.moreThanOneLf')
-
-  response.setResult('doCancel')
-  return
-}
-
-if (inargs['continue'] && inargs['continue'] == 'yes') {
-  response.setSessionAttribute('agov.recovery.moreThanOneLf', 'yes')
-  response.setResult('loginFactorYes')
-  return
-}
-
-if (inargs['continue'] && inargs['continue'] == 'no') {
-  response.setSessionAttribute('agov.recovery.moreThanOneLf', 'no')
-  response.setResult('loginFactorNo')
-  return
-}
-
-// if we reach this, display the GUI again
-response.setStatus(AuthResponse.AUTH_CONTINUE)
-return

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/questionnaireReasonProcessing.groovy

@@ -1,28 +0,0 @@
-import ch.nevis.esauth.auth.engine.AuthResponse
-
-if (inargs['reason']) {
-  response.setSessionAttribute('agov.recovery.reason', '' + inargs['reason'])
-}
-
-if (inargs['cancel'] && inargs['cancel'] == 'cancel') {
-  def s = request.getAuthSession(true)
-  s.removeAttribute('agov.recovery.moreThanOneLf')
-  s.removeAttribute('agov.recovery.reason')
-
-  response.setResult('doCancel')
-  return
-}
-
-if (inargs['continue'] && inargs['continue'] == 'yes') {
-  response.setResult('validReasons')
-  return
-}
-
-if (inargs['continue'] && inargs['continue'] == 'no') {
-  response.setResult('invalidReasons')
-  return
-}
-
-// if we reach this, display the GUI again
-response.setStatus(AuthResponse.AUTH_CONTINUE)
-return

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/recovery-prepareRedirect.groovy

@@ -1,22 +0,0 @@
-if (session['agov.recovery.redirectDone']) {
-  // user navigated back from AGOV.me, go again for the code
-
-  // clean up SAML state first, 
-  // IdentityProviderState sets session attributes as follows
-  //   <IDP-State-Name>-session-participants.<SAML-RP-ISSUER> = <ACS-URL>
-  // State name contains the name of the pattern 'Recovery_redirectAgovMe'
-  def s = request.getAuthSession(true)
-  def sessionKeySet = new HashSet(session.keySet()) 
-  sessionKeySet.each { key -> 
-    if ( key ==~ /.*Recovery_redirectAgovMe-session-participants.*/ ) {
-      LOG.debug("Deleted session attribute '${key}'")
-      s.removeAttribute(key)
-    }
-  }
-  s.removeAttribute('agov.recovery.redirectDone')
-  response.setResult('back')
-} else {
-  // redirect
-  response.setSessionAttribute('agov.recovery.redirectDone', 'true')
-  response.setResult('redirect')
-}

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/recovery-processing.groovy

@@ -1,9 +1,5 @@
-import groovy.json.JsonSlurper
-import groovy.xml.XmlSlurper
 import org.codehaus.groovy.runtime.StackTraceUtils
-
+import groovy.xml.XmlSlurper
-import ch.nevis.idm.client.IdmRestClient
-import ch.nevis.idm.client.IdmRestClientFactory
 
 
 // AGOVaq conversion
@@ -16,7 +12,7 @@ def maxLoiRoleToCtxClssConvertorMap = [
 ]
 
 // https://docs.nevis.net/nevisidm/Developer-Guide/SOAP-Interface/Interface-specification/Value-types#enum-value-types
-def blockingCredentialStates = ['DISABLED', 'EXPIRED', 'LOCKED', 'ARCHIVED', 'RESET_CODE']
+def blockingCredentialStates = ['DISABLED', 'EXPIRED', 'LOCKED_TEMPORARY', 'LOCKED', 'ARCHIVED', 'RESET_CODE']
 
 def getUserIdVerificationForRecovery(currentLoaRole) {
   // application is AGOV-AccountStatus
@@ -81,42 +77,6 @@ def getUserMustRecoverValidFrom() {
   return (authzNode) ? ((authzNode.validFrom && !authzNode.validFrom.text().isEmpty()) ? authzNode.validFrom?.text() : authzNode.ctlCreDat?.text()) : ''
 }
 
-def userHasNewLoginFactor() {
-  IdmRestClient idmRestClient = IdmRestClientFactory.get(parameters)
-
-  String baseUrl = parameters.get('baseUrl')
-  String clientExtId = session.get('ch.adnovum.nevisidm.user.clientExtId')
-  String userExtId = session.get('ch.adnovum.nevisidm.user.extId')
-  String baseEndPoint = "$baseUrl/api/core/v1/$clientExtId/users/$userExtId"
-
-  response.setSessionAttribute('agov.recovery.newLoginFactor', 'NONE')
-
-  try {
-     def credInfoArray = new JsonSlurper().parseText(idmRestClient.get("$baseEndPoint/generic-credentials"))
-
-     def accessApp = credInfoArray['items'].find( it -> it.stateName == "active")
-     if (accessApp) {
-       response.setSessionAttribute('agov.recovery.accessapp', accessApp.properties.fidouaf_name)
-       response.setSessionAttribute('agov.recovery.accessapp.dispatchTargetId', accessApp.identification.replaceAll('dispatch_target_', ''))
-       response.setSessionAttribute('agov.recovery.newLoginFactor', 'ACCESS_APP')
-       return true
-     }
-
-     credInfoArray = new JsonSlurper().parseText(idmRestClient.get("$baseEndPoint/fido2"))
-
-     def fido2Key = credInfoArray['items'].find( it -> it.stateName == "active")
-     if (fido2Key) {
-       response.setSessionAttribute('agov.recovery.securityKey', fido2Key.userFriendlyName)
-       response.setSessionAttribute('agov.recovery.newLoginFactor', 'FIDO2')
-       return true
-     }
-
-  } catch(Exception e) {
-    LOG.error(e.toString())
-  }
-  return false
-}
-
 
 // for autditing
 def user = session['ch.adnovum.nevisidm.user.extId'] ?: 'unknown'
@@ -135,14 +95,12 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
     LOG.debug("Recovery: Dto is '${userDto}")
     LOG.debug("Recovery: state is '${userState}")
     LOG.debug("Recovery: RecoveryCode is '${recoveryCode ? recoveryCode : 'none'}'") 
+    def session = request.getAuthSession(true)
 
     if (userState == 'ACTIVE') {
 
-      response.setSessionAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:recovery')
+      session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:recovery')
-      response.setSessionAttribute('agov.recovery.authenticatedWith', 'urn:qa.agov.ch:names:tc:authfactor:email')
+      session.setAttribute('agov.recovery.authenticatedWith', 'urn:qa.agov.ch:names:tc:authfactor:email')
-      response.setSessionAttribute('agov.recovery.codeStatus', 'notNeeded')
-      response.setSessionAttribute('agov.recovery.codeDetailStatus', 'n/a')
-      response.setSessionAttribute('agov.recovery.newLoginFactor', 'NONE')
 
       def maxLoiList =   userDto.'**'.findAll { node -> node.name() == 'roles' && node.applicationName.text() == 'AGOV-Loi' }.collect({ node -> node.name.text() })
       maxLoi = (maxLoiList == null || maxLoiList.isEmpty()) ? null : maxLoiList.sort().last()
@@ -150,10 +108,6 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
       def idVerification = null
       def agovAqValidFrom = null
       if (maxLoi) {
-        if (maxLoi != 'level100') {
-          response.setSessionAttribute('agov.recovery.codeDetailStatus', '' + maxLoi)
-        }
-
         idVerification = userDto.'**'.find { node -> node.name() == 'properties' && node.name.text() == 'idVerification' && node.scopeName.text() == 'AGOV-Loi,' + maxLoi}?.value?.text()
         idVerification = idVerification ?: 'None'
         agovAqValidFrom = userDto.'**'.find { node -> node.name() == 'authorizations' && node.role.name.text() == maxLoi}?.validFrom?.text()
@@ -164,22 +118,16 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
 
       def hasRecoveryRole = userDto.'**'.find { node -> node.name() == 'roles' && node.applicationName.text() == 'AGOV-AccountStatus' && node.name.text() == 'recovery' }
 
-      def hasRecoveryCascadeRole = userDto.'**'.find { node -> node.name() == 'roles' && node.applicationName.text() == 'AGOV-AccountStatus' && node.name.text() == 'recoveryCascade' }
-
-      def hasNewLoginFactor = hasRecoveryRole && userHasNewLoginFactor()
 
       if (mustRecover) {
         // attributes are defined over the mustRecover authorization
-        response.setSessionAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:mustRecover')
+        session.setAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:mustRecover')
-        response.setSessionAttribute('agov.recovery.codeDetailStatus', 'mustRecover')
 
         idVerification = getUserIdVerificationForRecovery(maxLoi ?: 'level100') ?: idVerification
 
         agovAqValidFrom = getUserMustRecoverValidFrom()
 
         maxLoi = getAqLevelBasedOnIdVerificationForRecovery(idVerification, maxLoi)
-      } else if (hasRecoveryCascadeRole && hasNewLoginFactor) {
-        response.setSessionAttribute('agov.recovery.authnContextClassRef', 'urn:qa.agov.ch:names:tc:ac:classes:recoveryCascade')
       }
 
       LOG.debug("Recovery: MaxLoi is '${maxLoi}'")
@@ -187,7 +135,6 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
       LOG.debug("Recovery: agovAqValidFrom is ${agovAqValidFrom}")
       LOG.debug("Recovery: mustRecover is '${mustRecover}'")
       LOG.debug("Recovery: hasRecoveryRole is '${hasRecoveryRole}'")
-      LOG.debug("Recovery: hasNewLoginFactor is '${hasNewLoginFactor}'")
 
       if (maxLoi != null) {       
         if (maxLoiRoleToCtxClssConvertorMap.containsKey(maxLoi)) {
@@ -196,28 +143,20 @@ if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null
           response.setSessionAttribute('agov.recovery.currentIdVerification', '' + idVerification)
           response.setSessionAttribute('agov.recovery.currentAgovAqRoleValidFrom', '' + agovAqValidFrom)
 
-          if ((maxLoi == 'level100') && (mustRecover == null) && !hasNewLoginFactor) {
+          if ((maxLoi == 'level100') && (mustRecover == null)) {
-            // AQ100 accounts need to use the recovery code, if they can
+            // AQ100 accounts need to used the recovery code, if they can
             // check the status of recoveryCode credential
             if (recoveryCode && !blockingCredentialStates.contains(recoveryCode.state.text())) {
               LOG.debug("Recovery: emailAndCode")
               response.setResult('needCode')
               return
             } else {
-              LOG.warn("AGOVaq100 recovery: skipped Recovery-Code check '${recoveryCode ? recoveryCode.state.text() : 'MISSING'}'")
+             LOG.warn("AGOVaq100 recovery: skipped Recovery-Code check '${recoveryCode ? recoveryCode.state.text() : 'MISSING'}'")
-              response.setSessionAttribute('agov.recovery.codeStatus', 'skipped')
+             response.setResult('ok')
-              response.setSessionAttribute('agov.recovery.codeDetailStatus', "unusable (state: ${recoveryCode ? recoveryCode.state.text() : 'MISSING'})")
-              response.setResult('ok')
               return
             }
 
-          } else if ((maxLoi == 'level100') && hasNewLoginFactor) {
+            // mustRecover role not set, so code needs to be checked
-            LOG.debug("Recovery: new Login Factor")
-            response.setSessionAttribute('agov.recovery.codeStatus', 'skipped')
-            response.setSessionAttribute('agov.recovery.codeDetailStatus', "new login factor already registered (${session['agov.recovery.newLoginFactor']})")
-            response.setResult('ok')
-            return
-
           } else {
             LOG.debug("Recovery: email")
             response.setResult('ok')

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/recovery_fido2_auth.groovy

@@ -8,6 +8,7 @@ if (inargs.containsKey('cancel_fido2')) {
 
 def showGui() {
     response.setGuiName('recovery_fidokey_auth') // name is the trigger for including the JS
+    //response.setGuiName('fido2_auth') // name is the trigger for including the JS
     response.setGuiLabel('title.login.fido2')
     response.addInfoGuiField('info', 'info.login.fido2', null)
     response.addHiddenGuiField('authRequestId', 'not used', session['ch.nevis.auth.saml.request.id'])
@@ -17,6 +18,7 @@ def showGui() {
         response.addErrorGuiField('lasterror', notes['lasterrorinfo'], notes['lasterror'])
     }
     if (parameters.containsKey('cancel')) {
+        // TODO koenig 20221021: replace with specific label
         response.addButtonGuiField('cancel_fido2', 'cancel.login.fido2.button.label', 'true')
     }
 }
@@ -40,14 +42,12 @@ def post(connection, json) {
     connection.getOutputStream().write(body.getBytes())
 }
 
-String userExtId = session['ch.adnovum.nevisidm.user.extId'] ?: session['ch.nevis.idm.User.extId']
+String userExtId = session['ch.adnovum.nevisidm.user.extId'] ?: session['ch.nevis.idm.User.extId'] ?: request.getUserId() ?: notes['userid']
 if (userExtId == null) {
     LOG.error("missing extId of nevisIDM user. check your authentication flow.")
-    notes.setProperty('lasterror', '1')
-    notes.setProperty('lasterrorinfo', 'missing extId of nevisIDM user')
-    response.setResult('error')
-    return
 }
+// without the user extId this script won't work and we can fail with a System Error
+Objects.requireNonNull(userExtId)
 
 def path = getPath()
 if (path == null) {
@@ -65,17 +65,32 @@ if (path == '/nevisfido/fido2/attestation/options') {
     }
     post(connection, json)
     def responseCode = connection.responseCode
-
+// account without FIDO2 case
     if (responseCode == 400) {
-        LOG.error("FIDO2 options call failed for '${userExtId}'")
+      def responseText = '''{"status": "ok",
-        notes.setProperty('lasterror', '1')
+	                         "errorMessage": "",
-        notes.setProperty('lasterrorinfo', 'missing extId of nevisIDM user')
+	                         "fido2SessionId": "270312ae-8d74-4ded-ad89-5310da2d2e6f",
-        response.setResult('error')
+	                         "challenge": "tKCqUM6URnykri1ZFz-3ww",
-        return
+	                         "timeout": 300000,
+	                         "rpId": "agov-d.azure.adnovum.net",
+	                         "allowCredentials": [
+		                     {
+			                    "type": "public-key",
+			                    "id": "WVzzUwxOf-1doTGkrdRHWPDbETTawkULLPsEiwiQwA2AFC4_YgL5OVmJJOT2OulAZSq_tvOfNlMSRKRXyXH2kw",
+			                    "transports": []
+		                     }
+	                                             ],
+	                         "userVerification": "preferred"}'''
+	  LOG.info("<== Response: ${responseCode}")
+      response.setContent(responseText) // return response from nevisFIDO "as-is"
+      response.setContentType('application/json')
+      response.setHttpStatusCode(200)
+      response.setIsDirectResponse(true)
+      return
     }
 
     def responseText = connection.inputStream.text
-    LOG.debug("<== Response: ${responseCode} : ${responseText}")
+    LOG.info("<== Response: ${responseCode} : ${responseText}")
     response.setContent(responseText) // return response from nevisFIDO "as-is"
     response.setContentType('application/json')
     response.setHttpStatusCode(200)
@@ -85,6 +100,21 @@ if (path == '/nevisfido/fido2/attestation/options') {
 
 if (path == '/nevisfido/fido2/assertion/result') {
 
+  if (inargs.containsKey('authRequestId') && (inargs['authRequestId'] != session['ch.nevis.auth.saml.request.id'])) {
+    // wrong request, "force" a timeout
+    LOG.info('authentication timeout enforced, due to concurrent requests')
+
+    response.setIsDirectResponse(true)
+    response.setContentType('text/html; charset=UTF-8')
+    response.setContent('Timeout')
+    response.setHttpStatusCode(205)
+    response.setHeader('IDP-AUTH', 'Timeout')
+
+    // CONTINUE to keep the other request beeing processed
+    response.setStatus(AuthResponse.AUTH_CONTINUE)
+    return
+  }
+
     def userHandleValue = userExtId.getBytes().encodeBase64Url().toString()
     LOG.info("encoded userHandle: ${userHandleValue}")
     json {
@@ -102,13 +132,15 @@ if (path == '/nevisfido/fido2/assertion/result') {
     // test if credentials exist
     if (responseCode != 400) {
         def responseText = connection.inputStream.text
-        LOG.debug("<== Response: ${responseCode} : ${responseText}")
+        LOG.info("<== Response: ${responseCode} : ${responseText}")
         if (responseCode == 200 && new JsonSlurper().parseText(responseText).status == 'ok') {
-            response.setSessionAttribute('agov.recovery.authenticatedWith', 'urn:qa.agov.ch:names:tc:authfactor:fido')
             response.setResult('ok')
             return
         }
     }
+    //response.setHttpStatusCode(400)
+    //response.setIsDirectResponse(true)
+    // DEFINE how to handel error
     notes.setProperty('lasterror', '1')
     notes.setProperty('lasterrorinfo', 'FIDO2 authentication failed')
     response.setResult('error')

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/recovery_ongoing.groovy

@@ -1,22 +1,4 @@
-import ch.nevis.esauth.auth.engine.AuthResponse
-
 if (inargs['recovery'] != null && inargs['recovery'] == 'recovery' ) {
-  // clean up SAML state, to make sure the redirect will really be processed 
+   response.setResult('ok')
-  // IdentityProviderState sets session attributes as follows
+   return
-  //   <IDP-State-Name>-session-participants.<SAML-RP-ISSUER> = <ACS-URL>
+}
-  // State name contains the name of the pattern 'Recovery_redirectAgovMe'
-  def s = request.getAuthSession(true)
-  def sessionKeySet = new HashSet(session.keySet()) 
-  sessionKeySet.each { key -> 
-    if ( key ==~ /.*Recovery_redirectAgovMe-session-participants.*/ ) {
-      LOG.debug("Deleted session attribute '${key}'")
-      s.removeAttribute(key)
-    }
-  }
-  response.setResult('ok')
-  return
-}
-
-// if we reach this, display the GUI again
-response.setStatus(AuthResponse.AUTH_CONTINUE)
-return

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/requestedrolelevel.groovy

@@ -26,7 +26,7 @@ int getRequestedLevel(String authnContextClassRef, def roleList){
 
 def session = request.getAuthSession(true)
 def context = session.get('ch.nevis.auth.saml.request.authnContextClassRef')
-def roleLevels = [100,200,300,400,500,600]
+def roleLevels = [100,200,300,400]
 def requestedRoleLevelNumber = getRequestedLevel(context, roleLevels)
 
 //set attribute Requested Role Level
@@ -44,27 +44,17 @@ def requestedAq = session['agov.requestedRoleLevel'] ?: 'unknown'
 def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
 def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
 
-def bestTokenAddressWhitelist = ',' + (parameters.get('bestTokenAddressWhitelist') ?: '').replaceAll('\\s','') + ','
+LOG.info("Event='AUTHREQUEST', Requester='${requester}', RequestId='${requestId}', ReplacedRequestId='${replacedRequestId}', RequestedAq=${requestedAq}, SourceIp=${sourceIp}, UserAgent='${userAgent}'")
-def appRequiresBestTokenWithAddress = bestTokenAddressWhitelist.contains(','+requester+',')
 
-def bestTokenSvnrWhitelist = ',' + (parameters.get('bestTokenSvnrWhitelist') ?: '').replaceAll('\\s','') + ','
-def appRequiresBestTokenWithSvnr = bestTokenSvnrWhitelist.contains(','+requester+',')
-
-LOG.info("Event='AUTHREQUEST', Requester='${requester}', RequestId='${requestId}', ReplacedRequestId='${replacedRequestId}', RequestedAq=${requestedAq}, BestTokenRequired='svnr: ${appRequiresBestTokenWithSvnr}; address: ${appRequiresBestTokenWithAddress}', SourceIp=${sourceIp}, UserAgent='${userAgent}'")
 
+def appAddressRequiredWhitelist = ',' + (parameters.get('appAddressRequired.whitelist') ?: '').replaceAll('\\s','') + ','
+def appIsOnappAddressRequiredWhitelist = appAddressRequiredWhitelist.contains(','+requester+',')
 
 if (requestedRoleLevelNumber == 0 || session.get('ch.nevis.auth.saml.request.scoping.requesterId') == null) {
   response.setResult('error');
   return
 }
 
-// TODO/haburger/2024-03-21: move this later, now here for a simple start
-if (requestedRoleLevelNumber == 600 || session.get('ch.nevis.auth.saml.request.scoping.requesterId') == 'OidcPlaygroundWork') {
-  session.setAttribute('agov.appSvnrAllowed', 'true')
-  response.setResult('exit.1');
-  return
-}
-
 try {
       def spanCtxt = Span.current().getSpanContext()
       def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
@@ -81,18 +71,16 @@ try {
         def json = jsonSlurper.parseText(httpResponse.bodyAsString())
         LOG.debug('AdressRequired: ' + json.addrRequired)
         LOG.debug('SvnrAllowed: ' + json.svnrAllowed)
-        LOG.debug('appRequiresBestTokenWithAddress: ' + appRequiresBestTokenWithAddress)
+        LOG.debug('appAddressRequiredWhitelist applies: ' + appIsOnappAddressRequiredWhitelist)
-        LOG.debug('appRequiresBestTokenWithSvnr: ' + appRequiresBestTokenWithSvnr)
 
         // address will be returned to the application if allowed by connect (json.addrRequired) 
         // and the authRequest was done with at least AGOVaq 200
-        // BUNDBITBK-4307: or best token for address is enabled
+        // BITBKAGOVSUP-362: or whitelisted to receive the address
-        session.setAttribute('agov.appAddressRequired', '' + (json.addrRequired && ((requestedRoleLevelNumber >= 200) || appRequiresBestTokenWithAddress)))
+        session.setAttribute('agov.appAddressRequired', '' + (json.addrRequired && ((requestedRoleLevelNumber >= 200) || appIsOnappAddressRequiredWhitelist)))
 
         // address will be returned to the application if allowed by connect (json.svnrAllowed) 
         // and the authRequest was done with at least AGOVaq 300
-        // BUNDBITBK-4307: or best token for svnr is enabled
+        session.setAttribute('agov.appSvnrAllowed', '' + (json.svnrAllowed && requestedRoleLevelNumber >= 300))
-        session.setAttribute('agov.appSvnrAllowed', '' + (json.svnrAllowed && ((requestedRoleLevelNumber >= 300) || appRequiresBestTokenWithSvnr)))
 
         session.setAttribute('agov.appDisplayNameDE', '' + json.displayNameDe)
         session.setAttribute('agov.appDisplayNameFR', '' + json.displayNameFr)
@@ -105,7 +93,7 @@ try {
         LOG.warn('Unexcpected HTTP response code: ' + httpResponse.code())
 
         if ( requestedRoleLevelNumber == 100) {
-           session.setAttribute('agov.appAddressRequired', '' + appRequiresBestTokenWithAddress)
+           session.setAttribute('agov.appAddressRequired', '' + appIsOnappAddressRequiredWhitelist)
            session.setAttribute('agov.appSvnrAllowed', 'false')
            response.setResult('ok')
         }
@@ -124,7 +112,7 @@ try {
 } catch (Exception e) {
   LOG.error("Failed to fetch connect meta data for relying party '${session.get('ch.nevis.auth.saml.request.scoping.requesterId')}'", e)
   if ( requestedRoleLevelNumber == 100) {
-     session.setAttribute('agov.appAddressRequired', '' + appRequiresBestTokenWithAddress)
+     session.setAttribute('agov.appAddressRequired', '' + appIsOnappAddressRequiredWhitelist)
      session.setAttribute('agov.appSvnrAllowed', 'false')
      response.setResult('ok')
   }

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/saml_idp_agov_authorization.groovy

@@ -167,8 +167,7 @@ def i2r = [:]
 
 // issuer to ResultCond name
 def i2e = [:]
-i2e.put('https://trustbroker.agov-epr-lab.azure.adnovum.net', 'forbidden_0')
+i2e.put('https://trustbroker.agov-d.azure.adnovum.net', 'forbidden_0')
-i2e.put('https://trustbroker-idp.agov-epr-lab.azure.adnovum.net', 'forbidden_1')
 
 
 if (!i2r.isEmpty() && !hasAnyRequiredRole(i2r, issuer)) {

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/saml_idp_agov_dispatcher.groovy

@@ -75,18 +75,9 @@ def dispatchIssuer(i2s, String issuer) {
     if (result == null) {
         LOG.info("No SP found for issuer '$issuer'. Hint: check SAML SP Connector patterns.")
     }
-    
-    // dispatch different idp if artifact binding is enabled
-    if(parameters.get('epdMode') == 'artifact' && result == 'epd'){
-        LOG.debug("EPD: Artifact mode")
-        result = result + "_artifact"
-    }else{
-        LOG.debug("EPD: POST mode")
-    }
     response.setResult(result)
     session.put("saml.inbound.issuer", issuer)
     session.put('saml.idp.result', result) // remember decision for sub-sequent requests without a SAML message
-    
 }
 
 def dispatchMessage(i2s, String message) {
@@ -117,8 +108,7 @@ if (request.getSession(false) == null) {
 def i2s = new TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
 
 
-i2s.put(parameters.get('atb'), 'main')
+i2s.put('https://trustbroker.agov-d.azure.adnovum.net', 'state0')
-i2s.put(parameters.get('epd_atb'), 'epd')
 
 if (parameters.get('spInitiated') == 'true' && inargs.containsKey('SAMLRequest')) { // SP-initiated authentication
     LOG.debug("found SAMLRequest parameter for SP-initiated authentication")

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisFIDO"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2405.2"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -46,12 +46,12 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-3a33cc8960643d6afc30bade3f2d225bea96681a"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf"
     credentials: "git-credentials"
   database:
     name: "fido-uaf"
-    requiredVersion: "8.2411.1"
+    requiredVersion: "8.2405.0"
   keystores:
   - "fido-uaf-default-server-identity"
   - "fido-uaf-default-client-identity"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-nevisfido-uaf-database-9385d1b33aefe975fb1c5914.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisFIDO"
   databaseType: "MariaDB"
-  version: "8.2411.1"
+  version: "8.2405.2"
   url: "mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat"
   port: 3306
   database: "nevisfido_uaf"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf

@@ -7,5 +7,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/logging.yml

@@ -12,8 +12,6 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
-    - name: "ProductAnalytics"
-      level: "INFO"
     - name: "ch.nevis.auth.fido.application.Application"
       level: "INFO"
     - name: "ch.nevis.auth.fido.api.uaf"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json

@@ -3,16 +3,8 @@
     "aaid" : "F1D0#0001",
     "description" : "Android NEVIS Mobile Authentication PIN Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [
+    "attestationRootCertificates" : [],
-      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
+    "attestationTypes" : [ 15880 ],
-      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
-    ],
-    "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
       "major" : 1,
       "minor" : 1
@@ -21,12 +13,12 @@
       "userVerification" : 4
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2, 9 ],
+    "authenticationAlgorithm" : 9,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 1,
     "matcherProtection" : 1,
-    "publicKeyAlgAndEncodings" : [ 257, 259 ],
+    "publicKeyAlgAndEncoding" : 256,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -34,16 +26,8 @@
     "aaid" : "F1D0#0002",
     "description" : "Android NEVIS Mobile Authentication Fingerprint Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [
+    "attestationRootCertificates" : [],
-      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
+    "attestationTypes" : [ 15880 ],
-      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
-    ],
-    "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
       "major" : 1,
       "minor" : 1
@@ -52,12 +36,12 @@
       "userVerification" : 2
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2, 9 ],
+    "authenticationAlgorithm" : 9,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 4,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257, 259 ],
+    "publicKeyAlgAndEncoding" : 256,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -65,16 +49,8 @@
     "aaid" : "F1D0#0003",
     "description" : "Android NEVIS Mobile Authentication Biometric Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [
+    "attestationRootCertificates" : [],
-      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
+    "attestationTypes" : [ 15880 ],
-      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
-    ],
-    "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
       "major" : 1,
       "minor" : 1
@@ -83,12 +59,12 @@
       "userVerification" : 346
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2, 9 ],
+    "authenticationAlgorithm" : 9,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 4,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257, 259 ],
+    "publicKeyAlgAndEncoding" : 256,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -96,16 +72,8 @@
     "aaid" : "F1D0#0004",
     "description" : "Android NEVIS Mobile Authentication Device Passcode Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [
+    "attestationRootCertificates" : [],
-      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
+    "attestationTypes" : [ 15880 ],
-      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
-    ],
-    "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
       "major" : 1,
       "minor" : 1
@@ -114,12 +82,12 @@
       "userVerification" : 132
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2, 9 ],
+    "authenticationAlgorithm" : 9,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 4,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257, 259 ],
+    "publicKeyAlgAndEncoding" : 259,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -127,16 +95,8 @@
     "aaid" : "F1D0#0005",
     "description" : "Android NEVIS Mobile Authentication Password Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [
+    "attestationRootCertificates" : [],
-      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
+    "attestationTypes" : [ 15880 ],
-      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
-      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
-    ],
-    "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
       "major" : 1,
       "minor" : 1
@@ -145,12 +105,12 @@
       "userVerification" : 4
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2, 9 ],
+    "authenticationAlgorithm" : 9,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 1,
     "matcherProtection" : 1,
-    "publicKeyAlgAndEncodings" : [ 257, 259 ],
+    "publicKeyAlgAndEncoding" : 256,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -168,12 +128,12 @@
       "userVerification" : 4
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2 ],
+    "authenticationAlgorithm" : 2,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 1,
     "matcherProtection" : 1,
-    "publicKeyAlgAndEncodings" : [ 257 ],
+    "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -191,12 +151,12 @@
       "userVerification" : 2
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2 ],
+    "authenticationAlgorithm" : 2,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 6,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257 ],
+    "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -214,12 +174,12 @@
       "userVerification" : 16
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2 ],
+    "authenticationAlgorithm" : 2,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 6,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257 ],
+    "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -237,12 +197,12 @@
       "userVerification" : 4
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2 ],
+    "authenticationAlgorithm" : 2,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 6,
     "matcherProtection" : 2,
-    "publicKeyAlgAndEncodings" : [ 257 ],
+    "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
@@ -260,12 +220,12 @@
       "userVerification" : 4
     } ] ],
     "attachmentHint" : 1,
-    "authenticationAlgorithms" : [ 2 ],
+    "authenticationAlgorithm" : 2,
     "authenticatorVersion" : 1,
     "isSecondFactorOnly" : false,
     "keyProtection" : 1,
     "matcherProtection" : 1,
-    "publicKeyAlgAndEncodings" : [ 257 ],
+    "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   }]

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/nevisfido.yml

@@ -1,116 +1,116 @@
 server:
   port: 9443
-  host: "0.0.0.0"
+  host: 0.0.0.0
-  protocol: "https"
+  protocol: https
   tls:
-    keystore: "/var/opt/keys/own/fido-uaf-default-server-identity/keystore.p12"
+    keystore: /var/opt/keys/own/fido-uaf-default-server-identity/keystore.p12
-    keystore-type: "pkcs12"
+    keystore-passphrase: ${exec:/var/opt/keys/own/fido-uaf-default-server-identity/keypass}
-    keystore-passphrase: "${exec:/var/opt/keys/own/fido-uaf-default-server-identity/keypass}"
+    keystore-type: pkcs12
-    truststore: "/var/opt/keys/trust/fido-uaf-fido-uaf-extended-frontent-truststore/truststore.p12"
+    truststore: /var/opt/keys/trust/fido-uaf-fido-uaf-extended-frontent-truststore/truststore.p12
-    truststore-type: "pkcs12"
+    truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-fido-uaf-extended-frontent-truststore/keypass}
-    truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-fido-uaf-extended-frontent-truststore/keypass}"
+    truststore-type: pkcs12
+
 management:
   server:
     port: 9089
   healthchecks:
     enabled: true
+
+credential-repository:
+  type: nevisidm
+  rest-url: https://idm:8989/nevisidm
+  administration-url: https://idm:8989/nevisidm/services/v1_46/AdminService
+  keystore: /var/opt/keys/own/fido-uaf-default-client-identity/keystore.p12
+  keystore-passphrase: ${exec:/var/opt/keys/own/fido-uaf-default-client-identity/keypass}
+  keystore-type: pkcs12
+  truststore: /var/opt/keys/trust/fido-uaf-default-server-trust/truststore.p12
+  truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-default-server-trust/keypass}
+  truststore-type: pkcs12
+  admin-service-version: v1_46
+  client-id: cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720
+  user-attribute: extId
+
+session-repository:
+  type: sql
+  jdbc-url: jdbc:mariadb://mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat:3306/nevisfido_uaf?sslMode=disable&autocommit=true
+  max-connection-lifetime: 10m
+  user: ${exec:/var/opt/nevisfido/default/conf/credentials/dbUser}
+  password: ${exec:/var/opt/nevisfido/default/conf/credentials/dbPassword}
+  schema-user: 
+  schema-user-password: 
+  automatic-db-schema-setup: false
+
 fido-uaf:
   enabled: true
-  app-id: "https://auth.agov-w.azure.adnovum.net/nevisfido/uaf/1.1/facets"
+  app-id: https://auth.agov-w.azure.adnovum.net/nevisfido/uaf/1.1/facets
   facets:
-  - "android:apk-key-hash:kb0yJ345nFUmt4nOYK5Li7KvwDDobMKPosY48Uwb0QI"
+    - android:apk-key-hash:kb0yJ345nFUmt4nOYK5Li7KvwDDobMKPosY48Uwb0QI
-  - "ios:bundle-id:ch.agov.accessapp.t"
+    - ios:bundle-id:ch.agov.accessapp.t
-  - "android:apk-key-hash:msmxrDDoIcxmazyIf9aj8uIvRXdH/wX668OQYaYdXpE"
+    - android:apk-key-hash:msmxrDDoIcxmazyIf9aj8uIvRXdH/wX668OQYaYdXpE
-  - "ios:bundle-id:ch.agov.accessapp"
+    - ios:bundle-id:ch.agov.accessapp
-  - "android:apk-key-hash:BFZz7gpBpUUk8rLis19LKpR6ZcIZkdxxFPYOwBSKKQk"
+    - android:apk-key-hash:BFZz7gpBpUUk8rLis19LKpR6ZcIZkdxxFPYOwBSKKQk
-  - "android:apk-key-hash:xoRd0kamp4TSJcvzfWzNoivuNldp+GKI7fjnwX+VEFg"
+    - android:apk-key-hash:xoRd0kamp4TSJcvzfWzNoivuNldp+GKI7fjnwX+VEFg
+  metadata:
+    path: conf/metadata/metadata.json
   policy:
-    path: "conf/policy/"
+    path: conf/policy/
   timeout:
-    registration: "300s"
+    registration: 600s
-    authentication: "300s"
+    authentication: 600s
-    token-registration: "180s"
+    token-registration: 180s
-    token-deregistration: "180s"
+    token-authentication: 180s
-    token-authentication: "180s"
+    token-deregistration: 600s
-    device-request: "600s"
   transaction-confirmation:
     max-text-length: 2000
-  metadata:
-    path: "conf/metadata/metadata.json"
-  idm-connection-type: "soap"
-  dispatchers:
-  - type: "firebase-cloud-messaging"
-    dry-run: false
-    service-account-json: "inv-res-secret://a78926e06a159811ee15c224-bdd107d2"
-    registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-    authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-    deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-  - type: "png-qr-code"
-    registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-    authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-    deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-  - type: "link"
-    registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-    authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-    deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-    base-url: "ch.agov.access-t://x-callback-url/authenticate"
-  basic-full-attestation:
-    android-verification-level: "default"
   authorization:
     registration:
-      type: "sectoken"
+      type: sectoken
-      truststore: "/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12"
+      truststore: /var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12
-      truststore-type: "pkcs12"
+      truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}
-      truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}"
+      truststore-type: pkcs12
       username-attribute-names:
-      - "loginId"
+        - loginId
-      - "userid"
+        - userid
     authentication:
-      type: "none"
+      type: none
     deregistration:
-      type: "sectoken"
+      type: sectoken
-      truststore: "/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12"
+      truststore: /var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12
-      truststore-type: "pkcs12"
+      truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}
-      truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}"
+      truststore-type: pkcs12
       username-attribute-names:
-      - "loginId"
+        - loginId
-      - "userid"
+        - userid
     create-dispatch-target:
-      type: "sectoken"
+      type: sectoken
-      truststore: "/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12"
+      truststore: /var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12
-      truststore-type: "pkcs12"
+      truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}
-      truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}"
+      truststore-type: pkcs12
       username-attribute-names:
-      - "loginId"
+        - loginId
-      - "userid"
+        - userid
     query-dispatch-target:
-      type: "none"
+      type: none
     delete-dispatch-target:
-      type: "sectoken"
+      type: sectoken
-      truststore: "/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12"
+      truststore: /var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/truststore.p12
-      truststore-type: "pkcs12"
+      truststore-passphrase: ${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}
-      truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-internal-idp-auth-signer-trust/keypass}"
+      truststore-type: pkcs12
       username-attribute-names:
-      - "userid"
+        - userid
-session-repository:
+  dispatchers:
-  type: "sql"
+    - type: "firebase-cloud-messaging"
-  jdbc-url: "jdbc:mariadb://mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat:3306/nevisfido_uaf?sslMode=disable&autocommit=true"
+      dry-run: false
-  max-connection-lifetime: "10m"
+      service-account-json: "inv-res-secret://a78926e06a159811ee15c224-bdd107d2"
-  user: "${exec:/var/opt/nevisfido/default/conf/credentials/dbUser}"
+      registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-  password: "${exec:/var/opt/nevisfido/default/conf/credentials/dbPassword}"
+      authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-  schema-user: ""
+      deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-  schema-user-password: ""
+    - type: "png-qr-code"
-  automatic-db-schema-setup: false
+      registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-credential-repository:
+      authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-  type: "nevisidm"
+      deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-  client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"
+    - type: "link"
-  user-attribute: "extId"
+      registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
-  administration-url: "https://idm:8989/nevisidm/services/v1_46/AdminService"
+      authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
-  admin-service-version: "v1_46"
+      deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
-  rest-url: "https://idm:8989/nevisidm"
+      base-url: "ch.agov.access-t://x-callback-url/authenticate"
-  keystore: "/var/opt/keys/own/fido-uaf-default-client-identity/keystore.p12"
-  keystore-type: "pkcs12"
-  keystore-passphrase: "${exec:/var/opt/keys/own/fido-uaf-default-client-identity/keypass}"
-  truststore: "/var/opt/keys/trust/fido-uaf-default-server-trust/truststore.p12"
-  truststore-type: "pkcs12"
-  truststore-passphrase: "${exec:/var/opt/keys/trust/fido-uaf-default-server-trust/keypass}"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-fido2-default-signer-trust-087f275433f3973a1421318f.yaml

@@ -0,0 +1,12 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisTrustStore"
+metadata:
+  name: "fido2-default-signer-trust"
+  namespace: "adn-agov-nevisidm-01-uat"
+  labels:
+    deploymentTarget: "fido2"
+  annotations:
+    projectKey: "DEFAULT-ADN-AGOV-PROJECT"
+    patternId: "087f275433f3973a1421318f"
+spec:
+  keystores: []

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisFIDO"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2405.2"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -46,7 +46,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-2f8a215769d731c34e6278cbfb370e06e976f51f"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2"
     credentials: "git-credentials"
   keystores:
@@ -54,6 +54,7 @@ spec:
   - "fido2-default-client-identity"
   truststores:
   - "fido2-default-tls-client-trust"
+  - "fido2-default-signer-trust"
   - "fido2-default-server-trust"
   podSecurity:
     policy: "baseline"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/env.conf

@@ -6,5 +6,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/logging.yml

@@ -12,8 +12,6 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
-    - name: "ProductAnalytics"
-      level: "INFO"
     - name: "ch.nevis.auth.fido.application.Application"
       level: "INFO"
     Root:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/nevisfido.yml

@@ -1,50 +1,51 @@
 server:
   port: 9443
-  protocol: "https"
+  protocol: https
   tls:
-    keystore: "/var/opt/keys/own/fido2-default-identity/keystore.p12"
+    keystore: /var/opt/keys/own/fido2-default-identity/keystore.p12
-    keystore-passphrase: "${exec:/var/opt/keys/own/fido2-default-identity/keypass}"
+    keystore-passphrase: ${exec:/var/opt/keys/own/fido2-default-identity/keypass}
-    keystore-type: "pkcs12"
+    keystore-type: pkcs12
-    truststore: "/var/opt/keys/trust/fido2-default-tls-client-trust/truststore.p12"
+
-    truststore-passphrase: "${exec:/var/opt/keys/trust/fido2-default-tls-client-trust/keypass}"
-    truststore-type: "pkcs12"
 management:
   server:
     port: 9089
   healthchecks:
     enabled: true
+
 credential-repository:
-  type: "nevisidm"
+  type: nevisidm
-  client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"
+  client-id: cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720
-  rest-url: "https://idm:8989/nevisidm"
+  rest-url: https://idm:8989/nevisidm
-  keystore: "/var/opt/keys/own/fido2-default-client-identity/keystore.p12"
+  keystore: /var/opt/keys/own/fido2-default-client-identity/keystore.p12
-  keystore-passphrase: "${exec:/var/opt/keys/own/fido2-default-client-identity/keypass}"
+  keystore-passphrase: ${exec:/var/opt/keys/own/fido2-default-client-identity/keypass}
-  keystore-type: "pkcs12"
+  truststore: /var/opt/keys/trust/fido2-default-server-trust/truststore.p12
-  truststore: "/var/opt/keys/trust/fido2-default-server-trust/truststore.p12"
+  truststore-passphrase: ${exec:/var/opt/keys/trust/fido2-default-server-trust/keypass}
-  truststore-passphrase: "${exec:/var/opt/keys/trust/fido2-default-server-trust/keypass}"
+  user-attribute: extId
-  truststore-type: "pkcs12"
+
-  user-attribute: "extId"
+session-repository:
+  type: in-memory
+  jdbc-url: 
+  max-connection-lifetime: 
+  user: 
+  password: 
+  schema-user: 
+  schema-user-password: 
+  automatic-db-schema-setup: true
+
 fido2:
   enabled: true
-  rp-name: "AGOV-RelPartName"
+  rp-name: AGOV-RelPartName
-  rp-id: "adnovum.net"
+  rp-id: adnovum.net
   origins:
-  - "https://ob.agov-w.azure.adnovum.net"
+    - https://me.agov-w.azure.adnovum.net
-  - "https://nevisidm.agov-w.azure.adnovum.net"
+    - https://nevisidm.agov-w.azure.adnovum.net
-  - "https://auth.agov-w.azure.adnovum.net"
+    - https://auth.agov-w.azure.adnovum.net
   signature-algorithms:
-  - "RS1"
+    - RS1
-  - "RS256"
+    - RS256
-  - "RS384"
+    - RS384
-  - "RS512"
+    - RS512
-  - "ES256"
+    - ES256
-  - "ES384"
+    - ES384
-  - "ES512"
+    - ES512
-  display-name-source: "email"
+  display-name-source: email
-  metadata:
-    allow-listing-enabled: false
-  timeout:
-    user-verification: "300s"
-    no-user-verification: "120s"
-session-repository:
-  type: "in-memory"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-idm-db-2951ead44a7a9362a4545094.yaml

@@ -1,28 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisDatabase"
-metadata:
-  name: "idm"
-  namespace: "adn-agov-nevisidm-01-uat"
-  labels:
-    deploymentTarget: "idm"
-    trustImport: "idm-technical-trust-store-1058498828"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-PROJECT"
-    patternId: "2951ead44a7a9362a4545094"
-spec:
-  type: "NevisIDM"
-  databaseType: "MariaDB"
-  version: "8.2411.1"
-  url: "mariadb-agov-uat.mariadb.database.azure.com"
-  port: 3306
-  ssl: true
-  database: "nevisidm_uat"
-  bootstrap: true
-  migrate: true
-  rootCredentials:
-    name: "root-adn-agov-nevisidm-admin-01-uat-idm"
-    namespace: "adn-agov-nevisidm-admin-01-uat"
-  podSecurity:
-    policy: "baseline"
-    automountServiceAccountToken: false
-  timeZone: "Europe/Zurich"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisIDM"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2405.2"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -28,30 +28,27 @@ spec:
     management:
       httpGet:
         path: "/liveness"
-      periodSeconds: 5
+      periodSeconds: 30
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 5
+      periodSeconds: 30
       timeoutSeconds: 6
   startupProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 5
+      periodSeconds: 30
       timeoutSeconds: 6
-      failureThreshold: 50
+      failureThreshold: 10
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-3a33cc8960643d6afc30bade3f2d225bea96681a"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm"
     credentials: "git-credentials"
-  database:
-    name: "idm"
-    requiredVersion: "8.2411.1"
   keystores:
   - "idm-default-identity"
   truststores:
@@ -64,3 +61,4 @@ spec:
   secrets:
     secret:
     - "0eb37a5f44023ef0ad1013b6-89ec31e5"
+    - "a2068eb83a60702322c13949-27ed70d3"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf

@@ -4,5 +4,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/logging.yml

@@ -20,8 +20,6 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
-    - name: "ProductAnalytics"
-      level: "INFO"
     - name: "ch.nevis.idm.batch.jobs"
       level: "INFO"
       additivity: "false"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties

@@ -3,9 +3,9 @@ web.gui.languages.default=de
 # source: pattern://2951ead44a7a9362a4545094
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
 # source: pattern://2951ead44a7a9362a4545094
-database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser}
+database.connection.username=adndbadmin
 # source: pattern://2951ead44a7a9362a4545094
-database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword}
+database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
 # source: pattern://b8a36646f81c3247cdb5d90b
 application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://b8a36646f81c3247cdb5d90b
@@ -13,8 +13,6 @@ application.mail.smtp.port=3025
 # source: pattern://b8a36646f81c3247cdb5d90b
 application.mail.sender=noreply-agov-uat@adnovum.ch
 # source: pattern://71411a755a625f9b850c6cf5
-application.config.credentialTypesToBeLockedInDatabase=URLTICKET,SAMLFEDERATION,CONTEXTPASSWORD
-# source: pattern://71411a755a625f9b850c6cf5
 application.feature.email.validation.enabled=false
 # source: pattern://71411a755a625f9b850c6cf5, pattern://b8a36646f81c3247cdb5d90b
 application.feature.multiclientmode.enabled=true

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisLogrend"
   replicas: 1
-  version: "8.2411.2"
+  version: "8.2405.0"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -44,7 +44,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-ba39848d1c443859cdedb92e5cb503a09a1feaca"
+    tag: "r-d259c68e8b384461ffab7e2d355838f748378bdc"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend"
     credentials: "git-credentials"
   podSecurity:

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf

@@ -10,5 +10,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2411.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/logging.yml

@@ -11,9 +11,7 @@ Configuration:
         onMatch: "DENY"
         onMismatch: "ACCEPT"
   Loggers:
-    Logger:
+    Logger: []
-    - name: "ProductAnalytics"
-      level: "INFO"
     Root:
       level: "WARN"
       additivity: "false"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_de.properties

@@ -51,7 +51,7 @@ general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
 general.fieldRequired=Erforderliches Feld.
-general.getStarted=Los geht's
+general.getStarted=Get started
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
 general.help=Hilfe
@@ -61,20 +61,16 @@ general.loginSecurityKey=Sicherheitsschlüssel-Login starten
 general.or=ODER
 general.otherOptions=WEITERE OPTIONEN
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
 general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
-general.recoveryCode.reveal=Wiederherstellungscode enthüllen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
 general.register=Registrieren
 general.registerNow=Jetzt registrieren!
 general.registration=Registrierung
 general.securityKey=Sicherheitsschlüssel
 general.skip.content=Direkt zum Hauptteil
-general.wrongPhoneNumber=Bitte geben Sie eine gültige Telefonnummer ein
 generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
 generic.auth.error.next.steps=Versuchen Sie es bitte später noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
 generic.auth.error.subtitle=Etwas ist schiefgegangen
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sprache wählen
 loainfo.description.200=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
 loainfo.description.300=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben durch einen von zwei Vorgängen verifizieren. Sie können die bevorzugte Methode im nächsten Schritt auswählen.
-loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.description.400=Für den Zugang zu dieser Anwendung müssen Sie Ihre AHV-Nummer angeben.
 loainfo.helper=Ihre persönlichen Daten müssen überprüft werden!
 loainfo.later=Später
 loainfo.startNow=Möchten Sie den Prozess jetzt starten?
@@ -144,27 +140,13 @@ prompt.newpassword=Neues Passwort
 prompt.newpassword.confirm=Passwort bestätigen
 prompt.password=Passwort
 prompt.userid=Benutzer-ID
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
-providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
-providePhoneNumber.inputLabel=Mobilnummer (optional)
-providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
-providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
-providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
-providePhoneNumber.modal.inputLabel=Mobilnummer
-providePhoneNumber.modal.title=Mobilnummer wiederholen
-providePhoneNumber.saveButtonText=Speichern
-providePhoneNumber.title=Mobilnummer angeben
 pwreset.done.info=Ihr Passwort wurde erfolgreich ge&auml;ndert. Bitte klicken Sie auf Weiter, um sich einzuloggen.
 pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalten, um Ihr Passwort zurückzusetzen..
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr g&uuml;ltig. Bitte generieren Sie ein Neuen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
-recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
 recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
 recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
 recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
 recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
-recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_noCode.banner.error=Zu viele Fehlversuche.
-recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.instruction1=Sie haben zu oft versucht, einen Wiederherstellungscode einzugeben.
-recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut unter <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
@@ -186,7 +166,7 @@ recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
 recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
 recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
 recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren r
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
-recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
 recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
 recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
 recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_en.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_fr.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Démarrer la connexion avec la clé de s&ea
 general.or=OU
 general.otherOptions=AUTRES OPTIONS
 general.recovery=Récupération
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Télécharger en format PDF
 general.recoveryCode.inputLabel=Code de récupération
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistré correctement, puis essayer de le soumettre à nouveau.
 general.recoveryCode.repeatCodeModal.description=Un code de récupération perdu ou mal enregistré peut rendre la récupération de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistré votre code, veuillez le répéter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=Répéter le code de récupération
-general.recoveryCode.reveal=Révéler le code de récupération
 general.recoveryOngoing=Récupération en cours
 general.register=Créer un compte
 general.registerNow=Enregistrez-vous dès maintenant!
 general.registration=Enregistrement
 general.securityKey=Clé de sécurité
 general.skip.content=Passer au contenu principal
-general.wrongPhoneNumber=Veuillez saisir un numéro de téléphone valable
 generic.auth.error.message=Une interruption de service s’est produite. Nous nous employons à résoudre le problème.
 generic.auth.error.next.steps=Veuillez réessayer plus tard. Veuillez vous rendre sur AGOV help si le problème persiste.
 generic.auth.error.subtitle=Un problème s’est produit
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sélectionner la langue
 loainfo.description.200=Pour accéder à l'application, nous devons vérifier vos données. Ce processus peut prendre jusqu'à 2 ou 3 jours.
 loainfo.description.300=Pour accéder à l'application, nous devons vérifier vos données par le biais de l'une des deux procédures suivantes. Vous pouvez choisir la procédure que vous préférez à l'étape suivante.
-loainfo.description.400=Veuillez saisir votre numéro AVS pour accéder à l'application.
+loainfo.description.400=Pour accéder à l'application, vous devez ajouter votre numéro AVS.
 loainfo.helper=Vos données doivent être vérifiées!
 loainfo.later=Plus tard
 loainfo.startNow=Voulez-vous commencer le processus maintenant?
@@ -144,19 +140,6 @@ prompt.newpassword=Nouveau mot de passe
 prompt.newpassword.confirm=Confirmez le mot de passe
 prompt.password=Mot de passe
 prompt.userid=ID de l'utilisateur
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
-providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
-providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
-providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
-providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.saveButtonText=Sauvegarder
-providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 pwreset.done.info=Votre mot de passe a &eacute;t&eacute; chang&eacute avec succ&egrave;s. Veuillez cliquer sur continuer pour vous connecter.
 pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courriel pour réinitialiser votre mot de passe.
 pwreset.info.linktext=Mot de passe oublié
@@ -164,7 +147,6 @@ pwreset.noticket=Votre lien n&apos;est plus valide. Veuillez en g&eacute;n&eacut
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
-recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
 recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
-recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
-recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir trop de fois le code de r&eacute;cup&eacute;ration.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur et relancer la r&eacute;cup&eacute;ration du compte dans dix minutes depuis <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; p
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
-recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute; ou r&eacute;initialis&eacute; mon application d'acc&egrave;s AGOV
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
 recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
 recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.or=O
 general.otherOptions=ALTRE OPZIONI
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non è corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
 general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato può rendere più difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
-general.recoveryCode.reveal=Mostra il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
 general.register=Registrarsi
 general.registerNow=Si registri ora!
 general.registration=Registrazione
 general.securityKey=Chiave di sicurezza
 general.skip.content=Vai al contenuto principale
-general.wrongPhoneNumber=Inserire un numero di cellulare valido
 generic.auth.error.message=Si è verificata un’interruzione. Stiamo lavorando per ripristinare l’esercizio.
 generic.auth.error.next.steps=Riprovare più tardi. Se il problema persiste, consultare AGOV help.
 generic.auth.error.subtitle=Qualcosa non ha funzionato.
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Selezionare la lingua
 loainfo.description.200=Per accedere all'app è necessaria una verifica dei dati. La procedura può richiedere fino a 2–3 giorni lavorativi.
 loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, può selezionare la procedura di verifica desiderata.
-loainfo.description.400=Per accedere all'applicazione è necessario inserire il numero AVS.
+loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Più tardi
 loainfo.startNow=Iniziare la procedura?
@@ -144,19 +140,6 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
-providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
-providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
-providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
-providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
-providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
-providePhoneNumber.modal.inputLabel=Numero di telefono
-providePhoneNumber.modal.title=Ripetere il numero di telefono
-providePhoneNumber.saveButtonText=Salva
-providePhoneNumber.title=Aggiungi numero di telefono
 pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
@@ -164,7 +147,6 @@ pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave;
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
-recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
 recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
 recovery_check_code.noAccess=Non ho il mio codice.
 recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
 recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
-recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_noCode.banner.error=Troppi tentativi
-recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.instruction1=&Egrave; stato inserito troppe volte il codice di ripristino.
-recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction2=Si prega di chiudi il browser web e avvia nuovamente il recupero dell'account entro dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Per procedere, inserire il nuovo codice.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fatt
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
-recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato la mia app AGOV access
+recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
 recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
 recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
 recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/resources/mauth_link_qr.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -61,7 +55,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -74,36 +70,21 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
 
-        isPolling = true;
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const request = { fidoUafSessionId: sessionId };
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
-
+        fetch("", {
-        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -118,24 +99,20 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
+
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/resources/mauth_onboard.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -58,53 +52,44 @@
     }
 
     function poll() {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
-
-        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        const fetchRequest = fetch("", {
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
+            res.json().then(o => {
 
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
+
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                } else if (status == 'succeeded') {
+                }
+                else if (status == 'succeeded') {
+
                     clearInterval(statusPolling);
-                    console.log("onboarding successful");
+                    console.error("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -113,15 +98,8 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/resources/mauth_push_qr.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatch(id) {
 
         document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
@@ -76,7 +70,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -129,64 +125,47 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
-        isPolling = true;
 
-        const request = { fidoUafSessionId: sessionId };
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const fetchRequest = fetch("", {
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
                     document.getElementById("mauth_match_numbers").style.display = 'block';
                     document.getElementById("mauth_loading").style.display = 'block';
                 }
-
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
+                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     renderDeviceList();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/resources/mauth_usernameless.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatch() {
 
         console.log("initiating usernameless mobile authentication...");
@@ -64,7 +58,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -77,66 +73,46 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
 
-        isPolling = true;
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const request = { fidoUafSessionId: sessionId };
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
-
+        fetch("", {
-        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
-                    // show process icon
-                    document.getElementById("mauth_loading").style.display = 'block';
                     document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_loading").style.display = 'block';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "fidoUafDone", "true"); // checked by Groovy script
-                    document.body.appendChild(form);
+                    document.body.appendChild(form);
-                    form.submit();
+                    form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
-                    clearInterval(statusPolling);
+                else if (status == 'failed' || status == 'unknown') {
-                    console.error("authentication failed with status: " + status);
+
-                    // as this is the last call we have to do a top-level request instead of AJAX
+                    clearInterval(statusPolling);
-                    const form = createForm();
+                    console.error("authentication failed with status: " + status);
-                    addInput(form, "fidoUafSessionId", sessionId);
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     dispatch();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/static/js-code/ask_mobile.js

@@ -1,6 +1,6 @@
 class ProvidePhoneNumber {
 	modal;
-	declineModal;
+	laterModal;
 	providePhoneNumberLaterButton;
 	phoneNumberInput;
 	agovInputPhoneNumberInput;
@@ -9,44 +9,45 @@ class ProvidePhoneNumber {
 
 	constructor() {
 		this.modal = document.querySelector('#modal');
-		this.declineModal = document.querySelector('#declineModal');
+		this.laterModal = document.querySelector('#laterModal');
 		this.providePhoneNumberLaterButton = document.querySelector('#providePhoneNumberLaterButton');
 		this.phoneNumberInput = document.querySelector('#phoneNumberInput');
 		this.agovInputPhoneNumberInput = document.querySelector('#agovInputPhoneNumberInput');
 		this.agovInputRepeatPhoneNumberInput = document.querySelector('#agovInputRepeatPhoneNumberInput');
 		this.repeatPhoneNumberInput = document.querySelector('#repeatPhoneNumberInput');
 
+		document.querySelector('#laterCheckbox').checked = true;
 		this.initializePhoneInput(this.phoneNumberInput);
 		this.addPhoneInputEventHandlers(this.phoneNumberInput);
-		this.addPhoneInputEventHandlers(this.repeatPhoneNumberInput);
 
-		document.querySelector('#declineModalBack').addEventListener('click', () => {
+		this.providePhoneNumberLaterButton.addEventListener('click', () => {
+			this.setVisible(this.laterModal);
+		});
+		document.querySelector('#laterModalBack').addEventListener('click', () => {
 			this.resetValidation(this.agovInputPhoneNumberInput);
-			this.setInvisible(this.declineModal);
+			this.setInvisible(this.laterModal);
 		});
 		document.querySelector('#repeatPhoneNumberModalBack').addEventListener('click', () => {
 			this.initializePhoneInput(this.phoneNumberInput);
+			this.addPhoneInputEventHandlers(this.phoneNumberInput);
 			this.setInvisible(this.modal);
 		});
 		document.querySelector('#repeatPhoneNumberModalContinue').addEventListener('click', () => {
 			if (this.validateInput(this.agovInputRepeatPhoneNumberInput)) {
 				this.evaluatePhoneNumbersAndSubmit();
 				this.initializePhoneInput(this.phoneNumberInput);
+				this.addPhoneInputEventHandlers(this.phoneNumberInput);
 			}
 		});
 		document.querySelector('#providePhoneNumberContinueButton').addEventListener('click', () => {
-			const dialCode = `+${window.phoneNumberUtils.getDialCode()}`;
 			if (this.validateInput(this.agovInputPhoneNumberInput)) {
 				this.repeatPhoneNumberInput.value = '';
 				this.initializePhoneInput(this.repeatPhoneNumberInput);
+				this.addPhoneInputEventHandlers(this.repeatPhoneNumberInput);
 				this.resetValidation(this.agovInputRepeatPhoneNumberInput);
 				this.showErrorBanner(false);
 				this.setVisible(this.modal);
 			}
-			else if (this.phoneNumberInput.value.trim() === '' ||
-				this.phoneNumberInput.value.trim() === dialCode) {
-				this.setVisible(this.declineModal);
-			}
 		});
 	}
 
@@ -59,12 +60,15 @@ class ProvidePhoneNumber {
 		});
 	}
 
-	async initializePhoneInput(inputElement) {
+	initializePhoneInput(inputElement) {
+		window.phoneNumberUtils.initializePhoneNumberField(inputElement);
 		if (inputElement.value) {
-			await window.phoneNumberUtils.initializePhoneNumberField(inputElement, inputElement.value);
+			window.phoneNumberUtils.setNumber(inputElement.value);
+			this.formatAndEmitPhoneNumberValue(inputElement);
 		}
 		else {
-			await window.phoneNumberUtils.initializePhoneNumberField(inputElement);
+			window.phoneNumberUtils.formatAfterCountryChange();
+			inputElement.value = window.phoneNumberUtils.getInputValue();
 		}
 	}
 
@@ -119,12 +123,7 @@ class ProvidePhoneNumber {
 	evaluatePhoneNumbersAndSubmit() {
 		if (this.arePhoneNumbersEqual()) {
 			document.querySelector('#mobile').value = this.repeatPhoneNumberInput.value.trim().replaceAll(' ', '');
-			// Some other 'click' listeners from gsap (used in drawer.js) seem to interfere with the trigger click on
+			document.querySelector('#submit').click();
-			// submitPhoneNumber button. It happens only on mobile devices, where the drawer is used. setTimeout seems to help
-			// to avoid the issue (although it is just a workaround).
-			setTimeout(() => {
-				document.querySelector('#submitPhoneNumber').click();
-			}, 100);
 		}
 		else {
 			this.setInvisible(this.modal);

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/static/js-code/eid_verification.js

@@ -1,4 +0,0 @@
-document.addEventListener('DOMContentLoaded', function() {
-	document.dispatchEvent(new Event('initEidVerification'));
-	document.dispatchEvent(new Event('initCantonalBranding'));
-});

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/ask_mobile_number.vm

@@ -47,20 +47,14 @@
                 </div>
                 <div class="w-full sm:static mt-auto">
                     <div class="flex flex-col-reverse sm:flex-row gap-4">
-                        <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+                        <agov-button
-                              class="w-full"
+                                id="providePhoneNumberLaterButton"
-                              accept-charset="UTF-8">
+                                class="w-full"
-                            <agov-button
+                                data-style="secondary"
-                                    data-name="submit"
+                                data-label="$text.get("loainfo.later")"
-                                    data-value="submit"
+                                data-type="button"
-                                    data-style="secondary"
+                                data-fullwidth="true">
-                                    data-label="$text.get("loainfo.later")"
+                        </agov-button>
-                                    data-type="submit"
-                                    data-fullwidth="true">
-                            </agov-button>
-                            <input class="hidden" name="skip" value="later">
-                            <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-                        </form>
                         <agov-button
                                 id="providePhoneNumberContinueButton"
                                 class="w-full"
@@ -83,15 +77,18 @@
 <div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
     <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
     <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+
     <div id="drawer"
          class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
 
         <div id="modalTab" class="mb-6 cursor-pointer hidden">
             <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
         </div>
+
         <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
 			$text.get("providePhoneNumber.modal.title")
         </h4>
+
         <div class="flex flex-col gap-[72px]">
             <div class="flex flex-col gap-8">
                 <div id="modalDescription">
@@ -128,7 +125,7 @@
                     <agov-button
                             class="basis-full"
                             data-name="submit"
-                            data-id="submitPhoneNumber"
+                            data-id="submit"
                             data-value="submit"
                             data-type="submit"
                             data-label="$text.get("general.continue")"
@@ -161,14 +158,17 @@
     </div>
 </div>
 
-<div id="declineModal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
+<div id="laterModal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
     <div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
     <div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
+
     <div id="drawer"
          class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
+
         <div id="modalTab" class="mb-6 cursor-pointer hidden">
             <div class="w-10 h-1 rounded-full bg-light-grey dark:bg-ash mx-auto"></div>
         </div>
+
         <h4 id="modalTitle" class="font-header text-h4 text-space-blue dark:text-white mb-8">
 			$text.get("providePhoneNumber.laterModal.title")
         </h4>
@@ -187,7 +187,7 @@
             <div class="w-full sm:static mt-auto sm:justify-items-end">
                 <div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
                     <agov-button
-                            id="declineModalBack"
+                            id="laterModalBack"
                             data-style="secondary"
                             data-label="$text.get("general.back")"
                             data-type="button"
@@ -195,15 +195,17 @@
                     </agov-button>
                     <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
                           accept-charset="UTF-8"
-                          class="flex flex-col flex-auto block">
+                          class="flex flex-col flex-auto block ">
                         <agov-button
+                                id="ask_mobile_continue"
                                 data-name="submit"
                                 data-value="submit"
+                                data-id="submit"
                                 data-label="$text.get("general.continue")"
                                 data-type="submit"
                                 data-fullwidth="true">
                         </agov-button>
-                        <input class="hidden" name="skip" value="persistent">
+                        <input id="laterCheckbox" class="hidden" type="checkbox" name="skip" value="true">
                         <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
                     </form>
                 </div>
@@ -215,4 +217,5 @@
 <script src="${login.appDataPath}/static/js-code/ask_mobile.js">
 </script>
 
+
 #parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/eid_verification.mock.js

@@ -1,3 +0,0 @@
-module.exports = {
-	...require('./mock-defaults')
-};

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/eid_verification.vm

@@ -1,224 +0,0 @@
-#parse("${templatePath}/header.vm")
-#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
-
-<agov-backdrop></agov-backdrop>
-<div id="mainContent" class="container mx-auto sm:mt-2 sm:max-w-full flex h-full sm:h-auto">
-	<div class="flex flex-col items-start gap-4 w-full rounded-[36px] sm:p-6 mx-auto
-	 max-w-[600px] md:max-w-[1200px] sm:bg-lily-blue dark:sm:bg-purple-black">
-
-		<div id="cantonalBranding"
-			 class="flex items-center rounded-xl gap-5 p-2 sm:p-0 sm:w-auto w-full hidden bg-pale-blue dark:bg-purple-black sm:bg-transparent">
-			<div class="flex items-center p-2 bg-white rounded sm:rounded-xl w-16 h-16" id="logo"></div>
-			<h1 class="font-header text-h6 sm:text-h4 text-space-blue dark:text-white">
-                #if ($login.language =="en")
-						$utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameEN').value)
-				#elseif ($login.language =="de")
-                    $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameDE').value)
-                #elseif ($login.language =="fr")
-                    $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameFR').value)
-                #else
-                    $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameIT').value)
-                #end
-			</h1>
-		</div>
-
-		<div class="flex flex-col md:flex-row w-full gap-6">
-			<div id="registerCard" class="w-full md:min-h-[689px] flex flex-col justify-between">
-				<div id="swiyuLoginImage"
-					 class="relative md:max-w-[520px] max-w-[350px] sm:max-w-[300px] mb-10 w-full mx-auto hidden md:block">
-					<img alt="" src="${login.appDataPath}/static/images/login.svg"
-						 class="hidden md:block dark:hidden w-full">
-					<img alt="" src="${login.appDataPath}/static/images/login-dark.svg"
-						 class="hidden md:hidden dark:md:block w-full">
-				</div>
-			</div>
-
-			<div id="loginModal"
-				 class="flex flex-col bg-white dark:bg-surface-black rounded-[20px] sm:min-h-[700px] p-6 sm:pb-8 sm:pt-10 sm:px-10
-				 max-w-[550px] w-full">
-
-				<div class="flex mb-4 sm:mb-6 items-baseline">
-					<h1 class="font-header text-h4 text-space-blue dark:text-white mr-3">$text.get("eid_verification.login")</h1>
-				</div>
-
-				<div id="cantonalBrandingMobile"
-					 class="flex items-center rounded-xl gap-5 mb-4 p-2 sm:p-0 sm:w-auto w-full hidden bg-pale-blue dark:bg-purple-black sm:bg-transparent">
-					<div class="flex items-center p-2 bg-white dark:bg-black rounded sm:rounded-xl w-16 h-16"
-						 id="logoMobile"></div>
-					<h1 class="font-header text-h6 sm:text-h4 text-space-blue dark:text-white">
-                        #if ($login.language =="en")
-							$utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameEN').value)
-						#elseif ($login.language =="de")
-                            $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameDE').value)
-                        #elseif ($login.language =="fr")
-                            $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameFR').value)
-                        #else
-                            $utils.escapeHtmlAttribute($gui.getGuiElem('agov.appDisplayNameIT').value)
-                        #end
-					</h1>
-				</div>
-
-				<div id="swiyuWalletAppModal" class="h-full">
-
-					<div class="desktopBanner" aria-live="assertive">
-						<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center p-4
-						mb-4">
-							<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
-							<p class="font-body text-body-l text-space-blue dark:text-white">
-                                $text.get("eid_verification.banner.info")
-							</p>
-						</div>
-
-						<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background
-						items-center p-4 mb-4">
-							<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
-							<div>
-								<p class="font-body text-body-l text-space-blue dark:text-white">
-                                    $text.get("eid_verification.banner.success")
-								</p>
-							</div>
-						</div>
-
-						<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center
-						p-4 mb-4">
-							<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
-							<p class="font-body text-body-l text-space-blue dark:text-white">
-                                $text.get("eid_verification.banner.error")
-							</p>
-						</div>
-					</div>
-
-					<div class="relative flex flex-col h-full">
-						<div id="blurBackdrop" class="hidden absolute backdrop-blur-sm -top-1 -bottom-8 -left-4 -right-4
-						z-10"></div>
-						<div class="mobileBanner relative z-20" aria-live="assertive">
-							<div class="hidden info flex rounded-xl bg-info-background dark:bg-dark-info-background items-center
-							p-4 mb-4">
-								<i class="fa-regular fa-info-circle rounded-full p-3 text-info dark:text-dark-info bg-info/10 dark:bg-dark-info-icon mr-4 text-xl leading-none"></i>
-								<p class="font-body text-body-l text-space-blue dark:text-white">
-                                    $text.get("eid_verification.banner.info")
-								</p>
-							</div>
-
-							<div class="hidden success flex rounded-xl bg-success-background dark:bg-dark-success-background
-								 items-center p-4 mb-4">
-								<i class="fa-regular fa-check-circle rounded-full p-3 text-success dark:text-dark-success bg-success/10 dark:bg-dark-success-icon mr-4 text-xl leading-none"></i>
-								<div>
-									<p class="font-body text-body-l text-space-blue dark:text-white">
-                                        $text.get("eid_verification.banner.success")
-									</p>
-								</div>
-							</div>
-
-							<div class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background
-							items-center p-4 mb-4">
-								<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
-								<p class="font-body text-body-l text-space-blue dark:text-white">
-                                    $text.get("eid_verification.banner.error")
-								</p>
-							</div>
-						</div>
-						<div id="swiyuLoginImageMobile"
-							 class="hidden max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
-							<img alt=""
-								 src="${login.appDataPath}/static/images/login.svg"
-								 class="block dark:hidden w-full">
-
-							<img alt=""
-								 src="${login.appDataPath}/static/images/login-dark.svg"
-								 class="hidden dark:block w-full">
-						</div>
-						<div id="QRCodeHolder">
-							<div class="relative">
-								<canvas role="img" aria-labelledby="labelQRCodeInstructions" id="swiyu_qrcode"
-										class="mb-6 mx-auto"></canvas>
-								<div class="hidden" id="QRcodeHiddenLink"></div>
-								<span id="spinner" class="hidden absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2
-								z-20">
-								<img src="${login.appDataPath}/static/images/spinner.svg" class="animate-spin block dark:hidden">
-								<img src="${login.appDataPath}/static/images/spinner-dark.svg"
-									 class="animate-spin hidden dark:block">
-								</span>
-							</div>
-
-							<a id="swiyuWalletAppLinkIpad" href="" class="hidden">
-								<agov-button
-										class="block basis-full mb-6"
-										data-name="swiyuWalletApp"
-										data-value="swiyuWalletApp"
-										data-id="swiyuWalletAppIpad"
-										data-label="$text.get("general.goSwiyuWalletApp")"
-										data-type="button"
-										data-fullwidth="true">
-								</agov-button>
-							</a>
-
-							<div class="swiyuWalletAppInstructions flex bg-indigo-light rounded-xl p-4 mb-2 items-center
-							dark:bg-purple-black">
-								<img alt="" src="${login.appDataPath}/static/images/access-app.svg" class="h-12 mr-4">
-								<p id="labelQRCodeInstructions" class="font-header text-h5 text-space-blue dark:text-white">
-                                    $text.get("eid_verification.instructions")
-								</p>
-							</div>
-						</div>
-
-						<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
-							  accept-charset="UTF-8" class="w-full sm:static mt-auto mb-20 sm:mb-0">
-
-							<div id="mobileButtons" class="hidden w-full">
-								<div class="flex flex-col">
-									<a id="swiyuWalletAppLink" href="">
-										<agov-button
-												class="block basis-full mb-4"
-												data-name="swiyuWalletApp"
-												data-value="swiyuWalletApp"
-												data-id="swiyuWalletApp"
-												data-label="$text.get("general.goSwiyuWalletApp")"
-												data-type="button"
-												data-fullwidth="true">
-										</agov-button>
-									</a>
-									<agov-button
-											id="showQR"
-											class="block basis-full"
-											data-style="frameless"
-											data-name="EID"
-											data-value="EID"
-											data-id="EID"
-											data-label="<i class='fa-regular fa-eye align-middle text-xl text-indigo dark:text-lilac mr-2'></i>$text.get(
-                                                "eid_verification.showQR")"
-											data-type="button"
-											data-fullwidth="true">
-									</agov-button>
-
-									<agov-button
-											id="hideQR"
-											class="hidden basis-full"
-											data-style="frameless"
-											data-name="EID"
-											data-value="EID"
-											data-id="EID"
-											data-label="<i class='fa-regular fa-eye-slash align-middle text-xl text-indigo dark:text-lilac mr-2'></i>$text.get(
-                                                "eid_verification.hideQR")"
-											data-type="button"
-											data-fullwidth="true">
-									</agov-button>
-								</div>
-							</div>
-							<input class="hidden" name="authRequestId" type="hidden"
-								   value="$gui.getGuiElem('authRequestId').value"/>
-						</form>
-					</div>
-				</div>
-			</div>
-		</div>
-	</div>
-</div>
-
-<script src="${login.appDataPath}/static/js-code/eid_verification.js" defer>
-</script>
-<div id="appSamlRpEntityId" class="hidden" data-value="$gui.getGuiElem('agov.appSamlRpEntityId').value"
-	data-language="$login.language">
-</div>
-
-#parse("${templatePath}/footer.vm")

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/footer.vm

@@ -3,7 +3,7 @@
 			$text.get("footer.text")
 			<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
 		</div>
-		<p>1.10.0.local-20250321T164316Z-haburger: Tue Mar 25 11:16:24 CET 2025</p>
+		<p>1.8.0.local-20241218T173806Z-haburger: Wed Dec 18 19:16:25 CET 2024</p>
 	</footer>
 	<script src="${login.appDataPath}/static/bundle.js"></script>
 </body>

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/mauth_usernameless.vm

@@ -150,15 +150,15 @@
 								</p>
 							</div>
 						</div>
-						<div id="agovLoginImageMobile"
+						<div id="agovLoginImageMobile" class="hidden md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full
-							 class="hidden max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-6">
+						mx-auto mb-6">
 							<img alt=""
 								 src="${login.appDataPath}/static/images/login.svg"
-								 class="block dark:hidden w-full">
+								 class="block sm:hidden md:block dark:hidden w-full">
 
 							<img alt=""
 								 src="${login.appDataPath}/static/images/login-dark.svg"
-								 class="hidden dark:block w-full">
+								 class="dark:sm:hidden dark:md:block hidden dark:block w-full">
 						</div>
 						<div id="QRCodeHolder">
 							<div class="relative">
@@ -242,7 +242,7 @@
 						</form>
 					</div>
 				</div>
-				<div id="securityKeyModal" class="hidden sm:mt-16">
+				<div id="securityKeyModal" class="hidden mt-16">
 
 					<h2 class="font-header text-h5 text-space-blue dark:text-white mt-4 text-center">
                         $text.get("mauth_usernameless.useSecurityKey")
@@ -253,7 +253,7 @@
 					</p>
 
 					<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
-						  accept-charset="UTF-8" class="mb-20 sm:mb-0">
+						  accept-charset="UTF-8">
 						<agov-button
 								class="mb-4 block"
 								data-name="fallback"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_accessapp_auth.vm

@@ -82,14 +82,14 @@
 						</div>
 					</div>
 					<div id="agovLoginImageMobile"
-						 class="hidden max-w-[200px] sm:max-w-full sm:w-full basis-1/2 mx-auto mb-4">
+						 class="hidden md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full basis-1/2 mx-auto mb-4">
 						<img alt=""
 							 src="${login.appDataPath}/static/images/recovery.svg"
-							 class="block w-full">
+							 class="block sm:hidden md:block dark:hidden w-full">
 
 						<img alt=""
 							 src="${login.appDataPath}/static/images/recovery_dark.svg"
-							 class="hidden dark:block w-full">
+							 class="dark:sm:hidden dark:md:block hidden dark:block w-full">
 					</div>
 					<div id="QRCodeHolder">
 						<div class="relative">

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_check_code.vm

@@ -2,151 +2,124 @@
 
 <agov-backdrop></agov-backdrop>
 <div id="mainContent" class="container mx-auto sm:mt-32 sm:max-w-full flex flex-auto sm:block">
-	<div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
+    <div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
-		<div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
+        <div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
-		basis-full md:basis-1/2 min-h-[535px]">
+		basis-full md:basis-1/2">
-	<span id="spinner" class="hidden absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2 z-30">
+			<span id="spinner" class="hidden absolute left-1/2 top-1/2 -translate-x-1/2 -translate-y-1/2 z-30">
 				<img src="${login.appDataPath}/static/images/spinner.svg" class="animate-spin block dark:hidden">
 				<img src="${login.appDataPath}/static/images/spinner-dark.svg" class="animate-spin hidden dark:block">
 			</span>
-			<div id="blurBackdrop" class="hidden absolute backdrop-blur-sm -top-1 -bottom-96 -left-4 -right-4 z-20"></div>
+            <div id="blurBackdrop" class="hidden absolute backdrop-blur-sm -top-1 -bottom-96 -left-4 -right-4 z-20"></div>
-			<div class="flex flex-col gap-8">
+            <div class="flex flex-col gap-8">
-				<div class="flex items-baseline">
+                <div class="flex items-baseline">
-					#set($error = $gui.getGuiElem("lasterror"))
+                    <h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">$text.get("general.recovery")</h3>
-					<h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">
+                    <h4 class="font-header text-h4 text-disabled-grey dark:text-silver">$text.get("general.entryCode")</h4>
-						$text.get("general.recovery")
+                </div>
-					</h3>
+				#set($error = $gui.getGuiElem("lasterror"))
-					<h4 class="font-header text-h4 text-disabled-grey dark:text-silver">
-						$text.get("general.entryCode")
-					</h4>
-				</div>
 				#if (($error.value && $error.value != ""))
 					#if (($error.value == "locked"))
-						<div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
+                        <div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
-							<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+                            <i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
-							<p class="font-body text-body-l text-space-blue dark:text-white">
+                            <p class="font-body text-body-l text-space-blue dark:text-white">
-								$text.get("recovery_check_code.banner.lockedError")
+								$text.get("recovery_check_noCode.banner.error")
-							</p>
+                            </p>
-						</div>
+                        </div>
-						<p class="font-body text-body-l text-space-blue dark:text-white">
+                        <div>
-							$text.get("recovery_check_code.too_many_tries.instruction1")
+                            <p class="font-body text-body-l text-space-blue dark:text-white">
-						</p>
+								$text.get("recovery_check_noCode.instruction1")
-						<p class="font-body text-body-l text-space-blue dark:text-white">
+                            </p>
-							$text.get("recovery_check_code.too_many_tries.instruction2")
+                            <p class="font-body text-body-l text-space-blue dark:text-white">
-						</p>
+								$text.get("recovery_check_noCode.instruction2")
+                            </p>
+                        </div>
 					#else
-						<div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
+                        <div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4">
-							<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+                            <i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
-							<p class="font-body text-body-l text-space-blue dark:text-white">
+                            <p class="font-body text-body-l text-space-blue dark:text-white">
 								$text.get("recovery_check_code.codeIncorrect")
-							</p>
+                            </p>
-						</div>
+                        </div>
-						<p class="font-body text-body-l text-space-blue dark:text-white">
+                        <p class="font-body text-body-l text-space-blue dark:text-white">
 							$text.get("recovery_check_code.instruction")
-						</p>
+                        </p>
 					#end
 				#else
-					<p class="font-body text-body-l text-space-blue dark:text-white">
+                    <p class="font-body text-body-l text-space-blue dark:text-white">
 						$text.get("recovery_check_code.instruction")
-					</p>
+                    </p>
 				#end
-			</div>
+            </div>
 			#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
-			#if (($error.value && $error.value != "locked") || !($error.value))
+            <form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
-				<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+                  accept-charset="UTF-8"
-					  accept-charset="UTF-8"
+                  class="flex flex-col flex-auto block">
-					  class="flex flex-col flex-auto block">
+                <agov-input
-					<agov-input
+                        id="recovery_code_input"
-							id="recovery_code_input"
+                        class="mb-4 py-16"
-							class="py-16"
+                        data-label="$text.get("recovery_check_code.enterRecoveryCode")"
-							data-label="$text.get("recovery_check_code.enterRecoveryCode")"
+                        data-isLabelHidden="true"
-							data-isLabelHidden="true"
+                        data-placeholder=""
-							data-placeholder=""
+                        data-id="code"
-							data-id="code"
+                        data-name="code"
-							data-name="code"
+                        data-value=""
-							data-value=""
+                        data-type="text"
-							data-type="text"
+                        data-autofocus="true"
-							data-autofocus="true"
+                        data-email_invalid="$text.get("recovery_check_code.invalid.code")"
-							data-email_invalid="$text.get("recovery_check_code.invalid.code")"
+                        data-email_too_long="$text.get("recovery_check_code.invalid.code.tooLong")"
-							data-email_too_long="$text.get("recovery_check_code.invalid.code.tooLong")"
+                        data-email_required="$text.get("recovery_check_code.invalid.code.required")">
-							data-email_required="$text.get("recovery_check_code.invalid.code.required")">
+                </agov-input>
-					</agov-input>
+                <div class="w-full sm:static mt-auto mb-6 sm:mb-0">
-					<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
+                    <div class="flex flex-col flex-row-reverse gap-4">
-						<div class="flex flex-col flex-row-reverse gap-4">
+                        <agov-button
-							<agov-button
+                                id="recovery_code_btn"
-									id="recovery_code_btn"
+                                class="block basis-full"
-									class="block basis-full"
+                                data-name="confirm"
-									data-name="confirm"
+                                data-value="confirm"
-									data-value="confirm"
+                                data-id="confirm"
-									data-id="confirm"
+                                data-label="$text.get("general.confirm")"
-									data-label="$text.get("general.confirm")"
+                                data-type="submit"
-									data-type="submit"
+                                data-fullwidth="true">
-									data-fullwidth="true">
+                        </agov-button>
-							</agov-button>
+                        <agov-button
-							<agov-button
+                                id="recovery_code_btn_cancel"
-									id="recovery_code_btn_cancel"
+                                class="block basis-full"
-									class="block basis-full"
+                                data-style="frameless"
-									data-style="frameless"
+                                data-name="cancelFido2"
-									data-name="cancelFido2"
+                                data-value="cancelFido2"
-									data-value="cancelFido2"
+                                data-id="cancelFido2"
-									data-id="cancelFido2"
+                                data-label="$text.get("recovery_check_code.noAccess")"
-									data-label="$text.get("recovery_check_code.noAccess")"
+                                data-type="button"
-									data-type="button"
+                                data-fullwidth="true"
-									data-fullwidth="true"
+                                data-validate="false">
-									data-validate="false">
+                        </agov-button>
-							</agov-button>
+                    </div>
-							<input class="hidden" name="authRequestId" type="hidden"
+                </div>
-								   value="$gui.getGuiElem('authRequestId').value"/>
+                <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-						</div>
+            </form>
-					</div>
+        </div>
-				</form>
+        <form class="hidden"
-			#else
+              id="$gui.name"
-				<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+              name="$gui.name"
-					  accept-charset="UTF-8"
+              method="POST"
-					  class="flex flex-col flex-auto block">
+              target="_self"
-					<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
+              action="$formTarget"
-						<div class="flex flex-col flex-row-reverse gap-4">
+              autocomplete="off"
-							<agov-button
+              accept-charset="UTF-8">
-									id="recovery_code_btn_cancel"
+            <agov-button
-									class="block basis-full"
+                    data-name="submit"
-									data-name="cancelFido2"
+                    data-id="submitFormButton"
-									data-value="cancelFido2"
+                    data-value="submit"
-									data-id="cancelFido2"
+                    data-type="submit"
-									data-label="$text.get("recovery_check_code.noAccess")"
+                    data-fullwidth="true">
-									data-type="button"
+            </agov-button>
-									data-fullwidth="true"
+            <input class="hidden" name="no_code" id="noCodeCheckbox" type="checkbox" value="true">
-									data-validate="false">
+            <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-							</agov-button>
+        </form>
-							<input class="hidden" name="authRequestId" type="hidden"
+        <img alt="" src="${login.appDataPath}/static/images/recovery.svg"
-								   value="$gui.getGuiElem('authRequestId').value"/>
+             class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 dark:hidden hidden md:block">
-						</div>
+        <img alt="" src="${login.appDataPath}/static/images/recovery_dark.svg"
-					</div>
+             class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 hidden dark:md:block">
-				</form>
+    </div>
-			#end
-		</div>
-		<form class="hidden"
-			  id="$gui.name"
-			  name="$gui.name"
-			  method="POST"
-			  target="_self"
-			  action="$formTarget"
-			  autocomplete="off"
-			  accept-charset="UTF-8">
-			<agov-button
-					data-name="submit"
-					data-id="submitFormButton"
-					data-value="submit"
-					data-type="submit"
-					data-fullwidth="true">
-			</agov-button>
-			<input class="hidden" name="no_code" id="noCodeCheckbox" type="checkbox" value="true">
-			<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-		</form>
-		<img alt="" src="${login.appDataPath}/static/images/recovery.svg"
-			 class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 dark:hidden hidden md:block">
-		<img alt="" src="${login.appDataPath}/static/images/recovery_dark.svg"
-			 class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 hidden dark:md:block">
-	</div>
 </div>
 
 <script src="${login.appDataPath}/static/js-code/recovery_check_code.js">

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_check_noCode.vm

@@ -28,7 +28,7 @@
 
 			<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
 				<div class="flex flex-col sm:flex-row-reverse gap-4">
-					<a class="basis-full" href="$text.get("general.recovery.help.link")" target="_blank" rel="noopener noreferrer">
+					<a class="basis-full" href="$text.get("general.help.link")" target="_blank" rel="noopener noreferrer">
 						<agov-button
 								class="block"
 								data-label="$text.get("general.goAGOVHelp")"

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_questionnaire_loginfactor.vm

@@ -26,18 +26,18 @@
 			<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
 				  accept-charset="UTF-8"
 				  class="flex flex-col flex-auto block ">
-				<agov-questionnaire-radio-button data-text="$text.get("recovery_questionnaire_loginfactor.yes")"
+				<agov-radio-button data-text="$text.get("recovery_questionnaire_loginfactor.yes")"
 								   data-groupName="radio-buttons"
 								   data-value="yes"
 								   data-id="yes"
 								   data-name="continue">
-				</agov-questionnaire-radio-button>
+				</agov-radio-button>
-				<agov-questionnaire-radio-button data-text="$text.get("recovery_questionnaire_loginfactor.no")"
+				<agov-radio-button data-text="$text.get("recovery_questionnaire_loginfactor.no")"
 								   data-groupName="radio-buttons"
 								   data-value="no"
 								   data-id="no"
 								   data-name="continue">
-				</agov-questionnaire-radio-button>
+				</agov-radio-button>
 
 				<div id="buttons" class="w-full sm:static mt-auto mb-6 sm:mb-0 mt-24 sm:mt-24">
 					<div class="flex sm:flex-row-reverse flex-col gap-2">

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/webdata/template/recovery_questionnaire_reason_selection.vm

@@ -1,91 +1,91 @@
 #parse("${templatePath}/header.vm")
+
 <agov-backdrop></agov-backdrop>
 <div id="mainContent" class="container mx-auto sm:mt-32 sm:max-w-full flex flex-auto sm:block">
-    <div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
+	<div class="flex flex-col-reverse sm:flex-row justify-evenly items-center gap-5 w-full">
-        <div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
+		<div class="flex flex-col sm:bg-white sm:dark:bg-surface-black rounded-[20px] sm:px-10 sm:py-10 max-w-[550px] w-full
 		basis-full md:basis-1/2">
 
-            <div class="flex mb-8 items-baseline">
+			<div class="flex mb-8 items-baseline">
-                <h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">$text.get("general.recovery")</h3>
+				<h3 class="font-header text-h3 text-space-blue dark:text-white mr-3">$text.get("general.recovery")</h3>
-            </div>
+			</div>
 
-            <p class="font-body text-body-l text-space-blue dark:text-white mb-8">
+			<p class="font-body text-body-l text-space-blue dark:text-white mb-8">
-				$text.get("recovery_questionnaire_reason_selection.instruction")
+                $text.get("recovery_questionnaire_reason_selection.instruction")
-            </p>
+			</p>
 
-            <div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4 hidden"
+			<div class="error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4 hidden"
-                 id="errorBanner">
+				 id="errorBanner">
-                <i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
+				<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
-                <p class="font-body text-body-l text-space-blue dark:text-white">
+				<p class="font-body text-body-l text-space-blue dark:text-white">
-					$text.get("recovery_questionnaire_reason_selection.banner.error")
+                    $text.get("recovery_questionnaire_reason_selection.banner.error")
-                </p>
+				</p>
-            </div>
+			</div>
 
-			#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
+            #set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
-            <form id="answersForm" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
+			<form id="answersForm" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
-                  accept-charset="UTF-8"
+				  accept-charset="UTF-8"
-                  class="flex flex-col flex-auto block ">
+				  class="flex flex-col flex-auto block ">
 
-				#set ($previousAnswer = $gui.getGuiElem("question"))
+                #set ($previousAnswer = $gui.getGuiElem("question"))
-				#if ($previousAnswer.value == "yes")
+                #if ($previousAnswer.value == "yes")
-					#set ($answers = ["answer7", "answer8", "answer9", "answer10"])
+                    #set ($answers = ["answer7", "answer8", "answer9", "answer10"])
-				#elseif ($previousAnswer.value == "no")
+                #elseif ($previousAnswer.value == "no")
-					#set ($answers = ["answer1", "answer2", "answer3", "answer4", "answer5", "answer6"])
+                    #set ($answers = ["answer1", "answer2", "answer3", "answer4", "answer5", "answer6"])
-				#else
+                #else
-					#set ($answers = [])
+                    #set ($answers = [])
-				#end
+                #end
 
-				#if ($answers.size() > 0)
+                #if ($answers.size() > 0)
-					#foreach ($answer in $answers)
+                    #foreach ($answer in $answers)
-						#set ($isYes = "yes")
+                        #set ($isYes = "yes")
-						#set ($isNo = "no")
+                        #set ($isNo = "no")
-						#set ($dataValue = "")
+                        #set ($dataValue = "")
 
-						#if ($answer == "answer2" || $answer == "answer3" || $answer ==
+                        #if ($answer == "answer2" || $answer == "answer3" || $answer ==
-							"answer4" || $answer == "answer5" || $answer == "answer6" || $answer == "answer8")
+                            "answer4" || $answer == "answer5" || $answer == "answer6" || $answer == "answer8")
-							#set ($dataValue = $isYes)
+                            #set ($dataValue = $isYes)
-						#elseif ($answer == "answer1" || $answer == "answer7" || $answer == "answer9" || $answer == "answer10")
+                        #elseif ($answer == "answer1" || $answer == "answer7" || $answer == "answer9" || $answer == "answer10")
-							#set ($dataValue = $isNo)
+                            #set ($dataValue = $isNo)
-						#end
+                        #end
-                        <agov-questionnaire-radio-button data-text="$text.get("recovery_questionnaire_reason_selection.$answer")"
+						<agov-radio-button data-text="$text.get("recovery_questionnaire_reason_selection.$answer")"
-                                           data-value="$dataValue"
+										   data-value="$dataValue"
-                                           data-reason="$answer"
+										   data-id="$answer"
-                                           data-id="$answer"
+										   data-name="continue"
-                                           data-name="continue"
+										   data-groupName="button-answers">
-                                           data-groupName="button-answers">
+						</agov-radio-button>
-                        </agov-questionnaire-radio-button>
+                    #end
-					#end
+                #end
-				#end
 
-                <div class="w-full sm:static mt-8 mb-6 sm:mb-0 ">
+				<div class="w-full sm:static mt-8 mb-6 sm:mb-0 ">
-                    <div class="flex sm:flex-row-reverse flex-col gap-2">
+					<div class="flex sm:flex-row-reverse flex-col gap-2">
-                        <agov-button
+						<agov-button
-                                id="questionnaire_continue_btn_reason"
+								id="questionnaire_continue_btn_reason"
-                                class="block basis-full"
+								class="block basis-full"
-                                data-label="$text.get("general.continue")"
+								data-label="$text.get("general.continue")"
-                                data-type="submit"
+								data-type="submit"
-                                data-fullwidth="true">
+								data-fullwidth="true">
-                        </agov-button>
+						</agov-button>
-                        <agov-button
+
-                                class="block basis-full"
+						<agov-button
-                                data-style="secondary"
+								class="block basis-full"
-                                data-name="cancel"
+								data-style="secondary"
-                                data-value="cancel"
+								data-name="cancel"
-                                data-label="$text.get("general.back")"
+								data-value="cancel"
-                                data-type="submit"
+								data-label="$text.get("general.back")"
-                                data-fullwidth="true">
+								data-type="submit"
-                        </agov-button>
+								data-fullwidth="true">
-                    </div>
+						</agov-button>
-                </div>
+					</div>
-                <input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
+				</div>
-                <input id="reasonInput" class="hidden" name="reason" type="hidden" value=""/>
+				<input class="hidden" name="authRequestId" type="hidden" value="$gui.getGuiElem('authRequestId').value"/>
-            </form>
+			</form>
-        </div>
+		</div>
-        <img alt="" src="${login.appDataPath}/static/images/recovery.svg"
+		<img alt="" src="${login.appDataPath}/static/images/recovery.svg"
-             class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 dark:hidden hidden md:block">
+			 class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 dark:hidden hidden md:block">
-        <img alt="" src="${login.appDataPath}/static/images/recovery_dark.svg"
+		<img alt="" src="${login.appDataPath}/static/images/recovery_dark.svg"
-             class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 hidden dark:md:block">
+			 class="md:max-w-[520px] max-w-[350px] sm:max-w-[300px] w-full md:basis-1/2 hidden dark:md:block">
-    </div>
+	</div>
 </div>
 
 <script src="${login.appDataPath}/static/js-code/recovery_questionnaire_reason_selection.js">

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_de.properties

@@ -51,7 +51,7 @@ general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
 general.fieldRequired=Erforderliches Feld.
-general.getStarted=Los geht's
+general.getStarted=Get started
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
 general.help=Hilfe
@@ -61,20 +61,16 @@ general.loginSecurityKey=Sicherheitsschlüssel-Login starten
 general.or=ODER
 general.otherOptions=WEITERE OPTIONEN
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
 general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
-general.recoveryCode.reveal=Wiederherstellungscode enthüllen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
 general.register=Registrieren
 general.registerNow=Jetzt registrieren!
 general.registration=Registrierung
 general.securityKey=Sicherheitsschlüssel
 general.skip.content=Direkt zum Hauptteil
-general.wrongPhoneNumber=Bitte geben Sie eine gültige Telefonnummer ein
 generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
 generic.auth.error.next.steps=Versuchen Sie es bitte später noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
 generic.auth.error.subtitle=Etwas ist schiefgegangen
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sprache wählen
 loainfo.description.200=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
 loainfo.description.300=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben durch einen von zwei Vorgängen verifizieren. Sie können die bevorzugte Methode im nächsten Schritt auswählen.
-loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.description.400=Für den Zugang zu dieser Anwendung müssen Sie Ihre AHV-Nummer angeben.
 loainfo.helper=Ihre persönlichen Daten müssen überprüft werden!
 loainfo.later=Später
 loainfo.startNow=Möchten Sie den Prozess jetzt starten?
@@ -144,27 +140,13 @@ prompt.newpassword=Neues Passwort
 prompt.newpassword.confirm=Passwort bestätigen
 prompt.password=Passwort
 prompt.userid=Benutzer-ID
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
-providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
-providePhoneNumber.inputLabel=Mobilnummer (optional)
-providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
-providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
-providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
-providePhoneNumber.modal.inputLabel=Mobilnummer
-providePhoneNumber.modal.title=Mobilnummer wiederholen
-providePhoneNumber.saveButtonText=Speichern
-providePhoneNumber.title=Mobilnummer angeben
 pwreset.done.info=Ihr Passwort wurde erfolgreich ge&auml;ndert. Bitte klicken Sie auf Weiter, um sich einzuloggen.
 pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalten, um Ihr Passwort zurückzusetzen..
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr g&uuml;ltig. Bitte generieren Sie ein Neuen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
-recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
 recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
 recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
 recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
 recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
-recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_noCode.banner.error=Zu viele Fehlversuche.
-recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.instruction1=Sie haben zu oft versucht, einen Wiederherstellungscode einzugeben.
-recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut unter <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
@@ -186,7 +166,7 @@ recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
 recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
 recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
 recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren r
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
-recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
 recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
 recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
 recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_en.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_fr.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Démarrer la connexion avec la clé de s&ea
 general.or=OU
 general.otherOptions=AUTRES OPTIONS
 general.recovery=Récupération
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Télécharger en format PDF
 general.recoveryCode.inputLabel=Code de récupération
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistré correctement, puis essayer de le soumettre à nouveau.
 general.recoveryCode.repeatCodeModal.description=Un code de récupération perdu ou mal enregistré peut rendre la récupération de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistré votre code, veuillez le répéter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=Répéter le code de récupération
-general.recoveryCode.reveal=Révéler le code de récupération
 general.recoveryOngoing=Récupération en cours
 general.register=Créer un compte
 general.registerNow=Enregistrez-vous dès maintenant!
 general.registration=Enregistrement
 general.securityKey=Clé de sécurité
 general.skip.content=Passer au contenu principal
-general.wrongPhoneNumber=Veuillez saisir un numéro de téléphone valable
 generic.auth.error.message=Une interruption de service s’est produite. Nous nous employons à résoudre le problème.
 generic.auth.error.next.steps=Veuillez réessayer plus tard. Veuillez vous rendre sur AGOV help si le problème persiste.
 generic.auth.error.subtitle=Un problème s’est produit
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sélectionner la langue
 loainfo.description.200=Pour accéder à l'application, nous devons vérifier vos données. Ce processus peut prendre jusqu'à 2 ou 3 jours.
 loainfo.description.300=Pour accéder à l'application, nous devons vérifier vos données par le biais de l'une des deux procédures suivantes. Vous pouvez choisir la procédure que vous préférez à l'étape suivante.
-loainfo.description.400=Veuillez saisir votre numéro AVS pour accéder à l'application.
+loainfo.description.400=Pour accéder à l'application, vous devez ajouter votre numéro AVS.
 loainfo.helper=Vos données doivent être vérifiées!
 loainfo.later=Plus tard
 loainfo.startNow=Voulez-vous commencer le processus maintenant?
@@ -144,19 +140,6 @@ prompt.newpassword=Nouveau mot de passe
 prompt.newpassword.confirm=Confirmez le mot de passe
 prompt.password=Mot de passe
 prompt.userid=ID de l'utilisateur
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
-providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
-providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
-providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
-providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.saveButtonText=Sauvegarder
-providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 pwreset.done.info=Votre mot de passe a &eacute;t&eacute; chang&eacute avec succ&egrave;s. Veuillez cliquer sur continuer pour vous connecter.
 pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courriel pour réinitialiser votre mot de passe.
 pwreset.info.linktext=Mot de passe oublié
@@ -164,7 +147,6 @@ pwreset.noticket=Votre lien n&apos;est plus valide. Veuillez en g&eacute;n&eacut
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
-recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
 recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
-recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
-recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir trop de fois le code de r&eacute;cup&eacute;ration.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur et relancer la r&eacute;cup&eacute;ration du compte dans dix minutes depuis <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; p
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
-recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute; ou r&eacute;initialis&eacute; mon application d'acc&egrave;s AGOV
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
 recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
 recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.or=O
 general.otherOptions=ALTRE OPZIONI
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non è corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
 general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato può rendere più difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
-general.recoveryCode.reveal=Mostra il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
 general.register=Registrarsi
 general.registerNow=Si registri ora!
 general.registration=Registrazione
 general.securityKey=Chiave di sicurezza
 general.skip.content=Vai al contenuto principale
-general.wrongPhoneNumber=Inserire un numero di cellulare valido
 generic.auth.error.message=Si è verificata un’interruzione. Stiamo lavorando per ripristinare l’esercizio.
 generic.auth.error.next.steps=Riprovare più tardi. Se il problema persiste, consultare AGOV help.
 generic.auth.error.subtitle=Qualcosa non ha funzionato.
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Selezionare la lingua
 loainfo.description.200=Per accedere all'app è necessaria una verifica dei dati. La procedura può richiedere fino a 2–3 giorni lavorativi.
 loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, può selezionare la procedura di verifica desiderata.
-loainfo.description.400=Per accedere all'applicazione è necessario inserire il numero AVS.
+loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Più tardi
 loainfo.startNow=Iniziare la procedura?
@@ -144,19 +140,6 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
-providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
-providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
-providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
-providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
-providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
-providePhoneNumber.modal.inputLabel=Numero di telefono
-providePhoneNumber.modal.title=Ripetere il numero di telefono
-providePhoneNumber.saveButtonText=Salva
-providePhoneNumber.title=Aggiungi numero di telefono
 pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
@@ -164,7 +147,6 @@ pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave;
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
-recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
 recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
 recovery_check_code.noAccess=Non ho il mio codice.
 recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
 recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
-recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_noCode.banner.error=Troppi tentativi
-recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.instruction1=&Egrave; stato inserito troppe volte il codice di ripristino.
-recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction2=Si prega di chiudi il browser web e avvia nuovamente il recupero dell'account entro dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Per procedere, inserire il nuovo codice.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fatt
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
-recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato la mia app AGOV access
+recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
 recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
 recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
 recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/webdata/resources/mauth_link_qr.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -61,7 +55,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -74,36 +70,21 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
 
-        isPolling = true;
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const request = { fidoUafSessionId: sessionId };
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
-
+        fetch("", {
-        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -118,24 +99,20 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
+
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/webdata/resources/mauth_onboard.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -58,53 +52,44 @@
     }
 
     function poll() {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
-
-        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        const fetchRequest = fetch("", {
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
+            res.json().then(o => {
 
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
+
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                } else if (status == 'succeeded') {
+                }
+                else if (status == 'succeeded') {
+
                     clearInterval(statusPolling);
-                    console.log("onboarding successful");
+                    console.error("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -113,15 +98,8 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/webdata/resources/mauth_push_qr.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatch(id) {
 
         document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
@@ -76,7 +70,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -129,64 +125,47 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
-        isPolling = true;
 
-        const request = { fidoUafSessionId: sessionId };
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const fetchRequest = fetch("", {
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
                     document.getElementById("mauth_match_numbers").style.display = 'block';
                     document.getElementById("mauth_loading").style.display = 'block';
                 }
-
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
+                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     renderDeviceList();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/webdata/resources/mauth_usernameless.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatch() {
 
         console.log("initiating usernameless mobile authentication...");
@@ -64,7 +58,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -77,66 +73,46 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
 
-        isPolling = true;
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const request = { fidoUafSessionId: sessionId };
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
-
+        fetch("", {
-        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
-                    // show process icon
-                    document.getElementById("mauth_loading").style.display = 'block';
                     document.getElementById("mauth_qrcode").style.display = 'none';
+                    document.getElementById("mauth_loading").style.display = 'block';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "fidoUafDone", "true"); // checked by Groovy script
-                    document.body.appendChild(form);
+                    document.body.appendChild(form);
-                    form.submit();
+                    form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
-                    clearInterval(statusPolling);
+                else if (status == 'failed' || status == 'unknown') {
-                    console.error("authentication failed with status: " + status);
+
-                    // as this is the last call we have to do a top-level request instead of AJAX
+                    clearInterval(statusPolling);
-                    const form = createForm();
+                    console.error("authentication failed with status: " + status);
-                    addInput(form, "fidoUafSessionId", sessionId);
+
+                    // as this is the last call we have to do a top-level request instead of AJAX
+                    const form = createForm();
+                    addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     dispatch();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_de.properties

@@ -51,7 +51,7 @@ general.email=E-Mail
 general.email.address=E-Mail-Adresse
 general.entryCode=Code-Eingabe
 general.fieldRequired=Erforderliches Feld.
-general.getStarted=Los geht's
+general.getStarted=Get started
 general.goAGOVHelp=Weiter zur AGOV help
 general.goAccessApp=Login mit AGOV access
 general.help=Hilfe
@@ -61,20 +61,16 @@ general.loginSecurityKey=Sicherheitsschlüssel-Login starten
 general.or=ODER
 general.otherOptions=WEITERE OPTIONEN
 general.recovery=Wiederherstellung
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Als PDF herunterladen
 general.recoveryCode.inputLabel=Wiederherstellungscode
 general.recoveryCode.repeatCodeError=Der von Ihnen eingegebene Code war nicht korrekt. Bitte vergewissern Sie sich, dass Sie ihn richtig abgespeichert haben, und fahren Sie dann mit der erneuten Eingabe fort.
 general.recoveryCode.repeatCodeModal.description=Ein verlorener oder falsch gespeicherter Wiederherstellungscode kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihren Code richtig gespeichert haben, wiederholen Sie ihn bitte unten.
 general.recoveryCode.repeatCodeModal.title=Wiederherstellungscode wiederholen
-general.recoveryCode.reveal=Wiederherstellungscode enthüllen
 general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
 general.register=Registrieren
 general.registerNow=Jetzt registrieren!
 general.registration=Registrierung
 general.securityKey=Sicherheitsschlüssel
 general.skip.content=Direkt zum Hauptteil
-general.wrongPhoneNumber=Bitte geben Sie eine gültige Telefonnummer ein
 generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
 generic.auth.error.next.steps=Versuchen Sie es bitte später noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
 generic.auth.error.subtitle=Etwas ist schiefgegangen
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sprache wählen
 loainfo.description.200=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
 loainfo.description.300=Um auf diese Applikation zuzugreifen, müssen wir Ihre Angaben durch einen von zwei Vorgängen verifizieren. Sie können die bevorzugte Methode im nächsten Schritt auswählen.
-loainfo.description.400=Bitte AHV-Nummer angeben, um auf die Applikation zuzugreifen.
+loainfo.description.400=Für den Zugang zu dieser Anwendung müssen Sie Ihre AHV-Nummer angeben.
 loainfo.helper=Ihre persönlichen Daten müssen überprüft werden!
 loainfo.later=Später
 loainfo.startNow=Möchten Sie den Prozess jetzt starten?
@@ -144,27 +140,13 @@ prompt.newpassword=Neues Passwort
 prompt.newpassword.confirm=Passwort bestätigen
 prompt.password=Passwort
 prompt.userid=Benutzer-ID
-providePhoneNumber.banner=Die Mobilnummer muss f&uuml;r den Empfang von SMS geeignet sein.<br>Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.description=AGOV erlaubt nun die Wiederherstellung mittels Mobilnummer. So k&ouml;nnen Sie w&auml;hrend der Wiederherstellung mit einer SMS fortfahren, wenn Sie Ihren Wiederherstellungscode verloren haben.
-providePhoneNumber.errorBanner=Die Mobilnummern stimmen nicht &uuml;berein. Bitte versuchen Sie es erneut.
-providePhoneNumber.inputLabel=Mobilnummer (optional)
-providePhoneNumber.laterModal.description1=Ohne Mobilnummer kann die Wiederherstellung Ihres Kontos bis zu 4 Tage dauern, wenn Sie Ihren Wiederherstellungscode verlieren.
-providePhoneNumber.laterModal.description2=Durch Hinzuf&uuml;gen einer Mobilnummer k&ouml;nnen Sie Ihr Konto in wenigen Minuten wiederherstellen.
-providePhoneNumber.laterModal.description3=Diese Mobilnummer wird nicht verwendet, um Sie zu kontaktieren.
-providePhoneNumber.laterModal.title=Ohne Mobilnummer weiterfahren?
-providePhoneNumber.modal.description=Eine falsch gespeicherte Mobilnummer kann die Wiederherstellung Ihres Kontos erschweren. Um sicherzustellen, dass Sie Ihre Mobilnummer richtig gespeichert haben, wiederholen Sie sie bitte unten.
-providePhoneNumber.modal.inputLabel=Mobilnummer
-providePhoneNumber.modal.title=Mobilnummer wiederholen
-providePhoneNumber.saveButtonText=Speichern
-providePhoneNumber.title=Mobilnummer angeben
 pwreset.done.info=Ihr Passwort wurde erfolgreich ge&auml;ndert. Bitte klicken Sie auf Weiter, um sich einzuloggen.
 pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalten, um Ihr Passwort zurückzusetzen..
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr g&uuml;ltig. Bitte generieren Sie ein Neuen.
 recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
 recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um sich zu identifizieren.
+recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
-recovery_check_code.banner.lockedError=Zu viele Fehlversuche. Bitte versuchen Sie es in ein paar Minuten noch einmal.
 recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
 recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
 recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
 recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
 recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
 recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
-recovery_check_code.too_many_tries.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
+recovery_check_noCode.banner.error=Zu viele Fehlversuche.
-recovery_check_code.too_many_tries.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
+recovery_check_noCode.instruction1=Sie haben zu oft versucht, einen Wiederherstellungscode einzugeben.
-recovery_check_noCode.banner.error=Zu viele Versuche.
+recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut unter <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=M&ouml;glicherweise haben Sie zu oft versucht, den Wiederherstellungscode einzugeben.
-recovery_check_noCode.instruction2=Bitte schliessen Sie den Webbrowser und starten Sie die Kontowiederherstellung in zehn Minuten erneut auf <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
 recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
 recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
@@ -186,7 +166,7 @@ recovery_code.validUntil=G&uuml;ltig bis:
 recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
 recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
 recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
-recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um sich zu identifizieren.
+recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
 recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
 recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
 recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren r
 recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
 recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
 recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
-recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht, neu installiert oder zur&uuml;ckgesetzt
+recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
 recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
 recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
 recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_en.properties

@@ -61,7 +61,6 @@ general.loginSecurityKey=Start Security key login
 general.or=OR
 general.otherOptions=OTHER OPTIONS
 general.recovery=Recovery
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
 general.recoveryCode.downloadPdf=Download as PDF
 general.recoveryCode.inputLabel=Recovery code
 general.recoveryCode.repeatCodeError=The code you entered was incorrect. Please ensure you have stored it correctly, then continue to resubmit.
@@ -87,7 +86,7 @@ language.it=Italiano
 languageDropdown.aria.label=Select language
 loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
 loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
-loainfo.description.400=To access the application we need you to add your SSN (AHV) number.
+loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
 loainfo.helper=Your data needs to be verified!
 loainfo.later=Later
 loainfo.startNow=Do you want to start the process now?
@@ -164,7 +163,6 @@ pwreset.noticket=Your password reset link is no longer valid. Please generate a
 recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
 recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
 recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
-recovery_check_code.banner.lockedError=Too many invalid input attempts. Please try again in a few minutes.
 recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
 recovery_check_code.enterRecoveryCode=Enter recovery code
 recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
@@ -174,8 +172,6 @@ recovery_check_code.invalid.code.tooLong=The code is too long
 recovery_check_code.noAccess=I do not have access to my code
 recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
 recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
-recovery_check_code.too_many_tries.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
-recovery_check_code.too_many_tries.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
 recovery_check_noCode.banner.error=Too many attempts.
 recovery_check_noCode.instruction1=You might have tried to enter the recovery code too many times.
 recovery_check_noCode.instruction2=Please close the web browser and start the account recovery again in ten minutes from <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
@@ -212,7 +208,7 @@ recovery_questionnaire_no_recovery.instruction2=If you have several login factor
 recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
 recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
 recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
-recovery_questionnaire_reason_selection.answer3=I have deleted, reinstalled, or reset my AGOV access app
+recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
 recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
 recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
 recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_fr.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Démarrer la connexion avec la clé de s&ea
 general.or=OU
 general.otherOptions=AUTRES OPTIONS
 general.recovery=Récupération
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Télécharger en format PDF
 general.recoveryCode.inputLabel=Code de récupération
 general.recoveryCode.repeatCodeError=Le code que vous avez saisi est incorrect. Veuillez vous assurer que vous l'avez enregistré correctement, puis essayer de le soumettre à nouveau.
 general.recoveryCode.repeatCodeModal.description=Un code de récupération perdu ou mal enregistré peut rendre la récupération de votre compte plus difficile. Pour vous assurer que vous avez correctement enregistré votre code, veuillez le répéter ci-dessous.
 general.recoveryCode.repeatCodeModal.title=Répéter le code de récupération
-general.recoveryCode.reveal=Révéler le code de récupération
 general.recoveryOngoing=Récupération en cours
 general.register=Créer un compte
 general.registerNow=Enregistrez-vous dès maintenant!
 general.registration=Enregistrement
 general.securityKey=Clé de sécurité
 general.skip.content=Passer au contenu principal
-general.wrongPhoneNumber=Veuillez saisir un numéro de téléphone valable
 generic.auth.error.message=Une interruption de service s’est produite. Nous nous employons à résoudre le problème.
 generic.auth.error.next.steps=Veuillez réessayer plus tard. Veuillez vous rendre sur AGOV help si le problème persiste.
 generic.auth.error.subtitle=Un problème s’est produit
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Sélectionner la langue
 loainfo.description.200=Pour accéder à l'application, nous devons vérifier vos données. Ce processus peut prendre jusqu'à 2 ou 3 jours.
 loainfo.description.300=Pour accéder à l'application, nous devons vérifier vos données par le biais de l'une des deux procédures suivantes. Vous pouvez choisir la procédure que vous préférez à l'étape suivante.
-loainfo.description.400=Veuillez saisir votre numéro AVS pour accéder à l'application.
+loainfo.description.400=Pour accéder à l'application, vous devez ajouter votre numéro AVS.
 loainfo.helper=Vos données doivent être vérifiées!
 loainfo.later=Plus tard
 loainfo.startNow=Voulez-vous commencer le processus maintenant?
@@ -144,19 +140,6 @@ prompt.newpassword=Nouveau mot de passe
 prompt.newpassword.confirm=Confirmez le mot de passe
 prompt.password=Mot de passe
 prompt.userid=ID de l'utilisateur
-providePhoneNumber.banner=Ce num&eacute;ro de t&eacute;l&eacute;phone doit pouvoir recevoir des SMS.<br>Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.description=AGOV prend d&eacute;sormais en charge la r&eacute;cup&eacute;ration avec votre num&eacute;ro de t&eacute;l&eacute;phone. Cela vous permettra de vous envoyer un SMS pendant la r&eacute;cup&eacute;ration si vous avez perdu l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.errorBanner=Les num&eacute;ros de t&eacute;l&eacute;phone fournies ne correspondent pas. Veuillez r&eacute;essayer.
-providePhoneNumber.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone (facultatif)
-providePhoneNumber.laterModal.description1=Sans num&eacute;ro de t&eacute;l&eacute;phone, la r&eacute;cup&eacute;ration de votre compte peut prendre jusqu'&agrave; 4 jours si vous perdez l'acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration.
-providePhoneNumber.laterModal.description2=Ajouter un num&eacute;ro de t&eacute;l&eacute;phone vous permet de r&eacute;cup&eacute;rer votre compte en quelques minutes.
-providePhoneNumber.laterModal.description3=Ce num&eacute;ro de t&eacute;l&eacute;phone ne sera pas utilis&eacute; pour vous contacter.
-providePhoneNumber.laterModal.title=Continuer sans num&eacute;ro de t&eacute;l&eacute;phone ?
-providePhoneNumber.modal.description=Un num&eacute;ro de t&eacute;l&eacute;phone mal enregistr&eacute; peut rendre plus difficile la r&eacute;cup&eacute;ration de votre compte. Pour vous assurer que vous avez correctement enregistr&eacute; votre num&eacute;ro de t&eacute;l&eacute;phone, veuillez le r&eacute;p&eacute;ter ci-dessous.
-providePhoneNumber.modal.inputLabel=Num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.modal.title=R&eacute;p&eacute;ter votre num&eacute;ro de t&eacute;l&eacute;phone
-providePhoneNumber.saveButtonText=Sauvegarder
-providePhoneNumber.title=Ajouter le num&eacute;ro de t&eacute;l&eacute;phone
 pwreset.done.info=Votre mot de passe a &eacute;t&eacute; chang&eacute avec succ&egrave;s. Veuillez cliquer sur continuer pour vous connecter.
 pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courriel pour réinitialiser votre mot de passe.
 pwreset.info.linktext=Mot de passe oublié
@@ -164,7 +147,6 @@ pwreset.noticket=Votre lien n&apos;est plus valide. Veuillez en g&eacute;n&eacut
 recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
 recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
 recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
-recovery_check_code.banner.lockedError=Trop de saisies erron&eacute;es. Veuillez r&eacute;essayer dans quelques minutes.
 recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
 recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
 recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Le code est trop long
 recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
 recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
 recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
-recovery_check_code.too_many_tries.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
-recovery_check_code.too_many_tries.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
 recovery_check_noCode.banner.error=Trop de tentatives.
-recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir le code de r&eacute;cup&eacute;ration trop de fois.
+recovery_check_noCode.instruction1=Vous avez peut-&ecirc;tre essay&eacute; de saisir trop de fois le code de r&eacute;cup&eacute;ration.
-recovery_check_noCode.instruction2=Veuillez fermer le navigateur web et recommencer la r&eacute;cup&eacute;ration du compte dans dix minutes &agrave; partir de <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
+recovery_check_noCode.instruction2=Veuillez fermer le navigateur et relancer la r&eacute;cup&eacute;ration du compte dans dix minutes depuis <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
 recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
 recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; p
 recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
 recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
-recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute;, r&eacute;install&eacute; ou r&eacute;initialis&eacute; mon application d'acc&egrave;s AGOV
+recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
 recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
 recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
 recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties

@@ -61,20 +61,16 @@ general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
 general.or=O
 general.otherOptions=ALTRE OPZIONI
 general.recovery=Ripristino
-general.recovery.help.link=https://help.agov.ch/?c=100recovery
-general.recoveryCode.downloadPdf=Salva come PDF
 general.recoveryCode.inputLabel=Codice di ripristino
 general.recoveryCode.repeatCodeError=Il codice inserito non è corretto. Assicurati di averlo memorizzato correttamente, quindi riprova a inviarlo.
 general.recoveryCode.repeatCodeModal.description=Un codice di ripristino perso o memorizzato in modo errato può rendere più difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il codice, inseriscilo di nuovo qui sotto.
 general.recoveryCode.repeatCodeModal.title=Ripeti il codice di ripristino
-general.recoveryCode.reveal=Mostra il codice di ripristino
 general.recoveryOngoing=Ripristino in corso
 general.register=Registrarsi
 general.registerNow=Si registri ora!
 general.registration=Registrazione
 general.securityKey=Chiave di sicurezza
 general.skip.content=Vai al contenuto principale
-general.wrongPhoneNumber=Inserire un numero di cellulare valido
 generic.auth.error.message=Si è verificata un’interruzione. Stiamo lavorando per ripristinare l’esercizio.
 generic.auth.error.next.steps=Riprovare più tardi. Se il problema persiste, consultare AGOV help.
 generic.auth.error.subtitle=Qualcosa non ha funzionato.
@@ -87,7 +83,7 @@ language.it=Italiano
 languageDropdown.aria.label=Selezionare la lingua
 loainfo.description.200=Per accedere all'app è necessaria una verifica dei dati. La procedura può richiedere fino a 2–3 giorni lavorativi.
 loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, può selezionare la procedura di verifica desiderata.
-loainfo.description.400=Per accedere all'applicazione è necessario inserire il numero AVS.
+loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
 loainfo.helper=I dati devono essere verificati!
 loainfo.later=Più tardi
 loainfo.startNow=Iniziare la procedura?
@@ -144,19 +140,6 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-providePhoneNumber.banner=Il numero di telefono deve essere in grado di ricevere SMS.<br>Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.description=AGOV ora supporta il ripristino tramite il tuo numero di telefono. Questo ti permetter&agrave; di continuare con un SMS durante il ripristino se hai perso l'accesso al tuo codice di ripristino.
-providePhoneNumber.errorBanner=Il numero di telefono non corrispondono. Si prega di riprovare.
-providePhoneNumber.inputLabel=Numero di telefono (facoltativo)
-providePhoneNumber.laterModal.description1=Senza un numero di telefono, il recupero del tuo account potrebbe richiedere fino a 4 giorni se perdi l'accesso al codice di ripristino.
-providePhoneNumber.laterModal.description2=Aggiungere un numero di telefono ti aiuta a recuperare il tuo account in pochi minuti.
-providePhoneNumber.laterModal.description3=Questo numero di telefono non sar&agrave; utilizzato per contattarti.
-providePhoneNumber.laterModal.title=Continuare senza un numero di telefono?
-providePhoneNumber.modal.description=Un numero di telefono memorizzato in modo errato pu&ograve; rendere pi&ugrave; difficile il recupero del tuo account. Per assicurarti di aver registrato correttamente il tuo numero di telefono, inseriscilo di nuovo qui sotto.
-providePhoneNumber.modal.inputLabel=Numero di telefono
-providePhoneNumber.modal.title=Ripetere il numero di telefono
-providePhoneNumber.saveButtonText=Salva
-providePhoneNumber.title=Aggiungi numero di telefono
 pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
@@ -164,7 +147,6 @@ pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave;
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
-recovery_check_code.banner.lockedError=Troppi tentativi di inserimento non validi. Riprovare tra qualche minuto.
 recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
 recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
 recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
@@ -174,11 +156,9 @@ recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
 recovery_check_code.noAccess=Non ho il mio codice.
 recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
 recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
-recovery_check_code.too_many_tries.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
+recovery_check_noCode.banner.error=Troppi tentativi
-recovery_check_code.too_many_tries.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
+recovery_check_noCode.instruction1=&Egrave; stato inserito troppe volte il codice di ripristino.
-recovery_check_noCode.banner.error=Troppi tentativi.
+recovery_check_noCode.instruction2=Si prega di chiudi il browser web e avvia nuovamente il recupero dell'account entro dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
-recovery_check_noCode.instruction1=Potresti aver tentato di inserire il codice di ripristino troppe volte.
-recovery_check_noCode.instruction2=Chiudi il browser web e inizia nuovamente il processo di ripristino dell'account tra dieci minuti da <a class='link' href='https://agov.ch/me'>https://agov.ch/me</a>.
 recovery_code.banner.error=Per procedere, inserire il nuovo codice.
 recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
 recovery_code.newRecoveryCode=Introduzione del codice di ripristino
@@ -212,7 +192,7 @@ recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fatt
 recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
 recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
 recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
-recovery_questionnaire_reason_selection.answer3=Ho eliminato, reinstallato o reimpostato la mia app AGOV access
+recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
 recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
 recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
 recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/webdata/resources/mauth_link_qr.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -61,7 +55,9 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    poll(sessionId);
+                    statusPolling = window.setInterval(function () {
+                        poll(sessionId);
+                    }, 2000);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -74,36 +70,21 @@
     }
 
     function poll(sessionId) {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
 
-        isPolling = true;
+        const request = {};
+        request.fidoUafSessionId = sessionId;
 
-        const request = { fidoUafSessionId: sessionId };
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
-
+        fetch("", {
-        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
-
+            res.json().then(o => {
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
-
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -118,24 +99,20 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
+
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/webdata/resources/mauth_onboard.js

@@ -16,12 +16,6 @@
 
     let statusPolling;
 
-    let isPolling = false;
-    let pollingTimeout = null;
-
-    const POLLING_INTERVAL = 2000;
-    const REQUEST_TIMEOUT = 3000;
-
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -58,53 +52,44 @@
     }
 
     function poll() {
-        if (isPolling) {
-            return; // Exit if a polling request is already ongoing
-        }
-
-        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        const fetchRequest = fetch("", {
+        // calling nevisFIDO through nevisAuth on current URL using AJAX
+        fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        });
+        }).then(res => {
+            res.json().then(o => {
 
-        // Set up the timeout for the fetch request
-        const timeoutPromise = new Promise((_, reject) => {
-            pollingTimeout = setTimeout(() => {
-                reject(new Error('Request timed out'));
-            }, REQUEST_TIMEOUT);
-        });
-
-        Promise.race([fetchRequest, timeoutPromise])
-            .then(res => res.json())
-            .then(o => {
-                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
+
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                } else if (status == 'succeeded') {
+                }
+                else if (status == 'succeeded') {
+
                     clearInterval(statusPolling);
-                    console.log("onboarding successful");
+                    console.error("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                } else if (status == 'failed' || status == 'unknown') {
+                }
+                else if (status == 'failed' || status == 'unknown') {
+
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -113,15 +98,8 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
-            })
-            .catch((err) => {
-                console.error("error:", err);
-            })
-            .finally(() => {
-                isPolling = false;
-                // Schedule the next poll if needed
-                setTimeout(() => poll(), POLLING_INTERVAL);
             });
+        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();