diff --git a/perun-oidc-server-webapp/src/main/resources/db/hsql/v9.0.0.sql b/perun-oidc-server-webapp/src/main/resources/db/hsql/v9.0.0.sql
new file mode 100644
index 000000000..37e2217ea
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/resources/db/hsql/v9.0.0.sql
@@ -0,0 +1,2 @@
+ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
+ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;
diff --git a/perun-oidc-server-webapp/src/main/resources/db/mysql/v9.0.0.sql b/perun-oidc-server-webapp/src/main/resources/db/mysql/v9.0.0.sql
new file mode 100644
index 000000000..37e2217ea
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/resources/db/mysql/v9.0.0.sql
@@ -0,0 +1,2 @@
+ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
+ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;
diff --git a/perun-oidc-server-webapp/src/main/resources/db/psql/v9.0.0.sql b/perun-oidc-server-webapp/src/main/resources/db/psql/v9.0.0.sql
new file mode 100644
index 000000000..37e2217ea
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/resources/db/psql/v9.0.0.sql
@@ -0,0 +1,2 @@
+ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
+ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/footer.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/footer.tag
index 87b04434f..2dc537d61 100644
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/footer.tag
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/footer.tag
@@ -1,7 +1,6 @@
 <%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
-<%@ taglib prefix="elixir" tagdir="/WEB-INF/tags/elixir" %>
 <%@ taglib prefix="cesnet" tagdir="/WEB-INF/tags/cesnet" %>
 <%@ taglib prefix="einfra" tagdir="/WEB-INF/tags/einfra" %>
 <%@ taglib prefix="bbmri" tagdir="/WEB-INF/tags/bbmri" %>
@@ -13,9 +12,6 @@
 <%@ attribute name="theme" required="true" %>
 
 <c:choose>
-    <c:when test="${theme eq 'elixir'}">
-        <elixir:footer baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
-    </c:when>
     <c:when test="${theme eq 'cesnet'}">
         <cesnet:footer baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
     </c:when>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/header.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/header.tag
index 10f3869d2..160bc8fbe 100644
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/header.tag
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/header.tag
@@ -1,7 +1,6 @@
 <%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
-<%@ taglib prefix="elixir" tagdir="/WEB-INF/tags/elixir" %>
 <%@ taglib prefix="cesnet" tagdir="/WEB-INF/tags/cesnet" %>
 <%@ taglib prefix="einfra" tagdir="/WEB-INF/tags/einfra" %>
 <%@ taglib prefix="bbmri" tagdir="/WEB-INF/tags/bbmri" %>
@@ -15,9 +14,6 @@
 <%@ attribute name="cssLinks" required="true" type="java.util.ArrayList<java.lang.String>" %>
 
 <c:choose>
-    <c:when test="${theme eq 'elixir'}">
-        <elixir:header title="${title}" reqURL="${reqURL}" cssLinks="${cssLinks}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
-    </c:when>
     <c:when test="${theme eq 'cesnet'}">
         <cesnet:header title="${title}" reqURL="${reqURL}" cssLinks="${cssLinks}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
     </c:when>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/footer.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/footer.tag
deleted file mode 100644
index d0d11980e..000000000
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/footer.tag
+++ /dev/null
@@ -1,27 +0,0 @@
-<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
-<%@ attribute name="js" required="false"%>
-<%@ attribute name="baseURL" required="true"%>
-<%@ attribute name="samlResourcesURL" required="true"%>
-<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
-<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
-<%@ taglib prefix="t" tagdir="/WEB-INF/tags/common" %>
-<jsp:useBean id="date" class="java.util.Date" />
-
-<div id="footer">
-    <div style="margin: 0 auto; max-width: 1000px;">
-        <div style="float: left;">
-            <img src="${samlResourcesURL}/module.php/elixir/res/img/logo_64.png" alt="ELIXIR Logo">
-        </div>
-        <div style="float: left;">
-            <p>ELIXIR, Welcome Trust Genome Campus, Hinxton, Cambridgeshire, CB10 1SD, UK&nbsp; &nbsp; +44&nbsp;(0)1223&nbsp;492-670&nbsp;&nbsp;
-                <a href="mailto:info@elixir-europe.org">info@elixir-europe.org</a>
-            </p>
-            <p>Copyright &copy; ELIXIR <fmt:formatDate value="${date}" pattern="yyyy" /> |
-                <a href="https://www.elixir-europe.org/legal/privacy">Privacy</a> |
-                <a href="https://www.elixir-europe.org/legal/cookies">Cookies</a> |
-                <a href="https://www.elixir-europe.org/legal/terms-of-use">Terms of use</a>
-            </p>
-        </div>
-    </div>
-</div>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/header.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/header.tag
deleted file mode 100644
index 52814cee5..000000000
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/header.tag
+++ /dev/null
@@ -1,23 +0,0 @@
-<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="o" tagdir="/WEB-INF/tags/common" %>
-<%@ attribute name="title" required="true" %>
-<%@ attribute name="reqURL" required="true" %>
-<%@ attribute name="baseURL" required="true" %>
-<%@ attribute name="samlResourcesURL" required="true" %>
-<%@ attribute name="cssLinks" required="true" type="java.util.ArrayList<java.lang.String>" %>
-
-<c:set var="logoURL" value="${samlResourcesURL}/module.php/elixir/res/img/logo_256.png"/>
-
-<o:headerInit title="${title}" reqURL="${reqURL}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
-
-<link rel="icon" href="resources/images/elixir.ico" />
-<link rel="stylesheet" type="text/css" href="${samlResourcesURL}/module.php/elixir/res/bootstrap/css/bootstrap.min.css" />
-<link rel="stylesheet" type="text/css" href="${samlResourcesURL}/module.php/elixir/res/css/elixir.css" />
-
-<o:headerCssLinks cssLinks="${cssLinks}"/>
-
-</head>
-
-<o:headerBody logoURL="${logoURL}"/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/footer.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/footer.tag
new file mode 100644
index 000000000..df0b676a1
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/footer.tag
@@ -0,0 +1,21 @@
+<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
+
+        </div> <!-- ENDCARD_BODY -->
+    </div> <!-- ENDCARD -->
+</div> <!-- ENDCOL -->
+</div> <!-- ENDROW -->
+<footer>
+    <div class="footer offset-1 col-10 offset-sm-1 col-sm-10 offset-md-2 col-md-8 offset-lg-3 col-lg-6 offset-xl-3 col-xl-6">
+        <div class="footer-contact">
+            <a class="contact-link" href="mailto:support@aai.lifescience-ri.eu">Contact us</a>
+        </div>
+        <div class="footer-policy">
+            <a class="footer-policy-link" href="https://lifescience-ri.eu/ls-login/ls-aai-aup.html">Privacy Policy</a>
+        </div>
+    </div>
+</footer>
+<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/jquery-3.5.1.min.js"></script>
+<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/bootstrap.min.js"></script>
+<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/cmservice.js"></script>
+</body>
+</html>
\ No newline at end of file
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/header.tag b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/header.tag
new file mode 100644
index 000000000..5baa96ff6
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/header.tag
@@ -0,0 +1,19 @@
+<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<html>
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
+    <link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/eduteams.css" rel="stylesheet" type="text/css"/>
+    <link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/cmservice.css" rel="stylesheet" type="text/css"/>
+    <script type="text/javascript" src="/proxy/resources/script.js"></script>
+    <title>SimpleSAMLphp</title>
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap" rel="stylesheet">
+<body>
+<div class="row">
+    <div class="offset-1 col-10 offset-sm-1 col-sm-10 offset-md-2 col-md-8 offset-lg-3 col-lg-6 offset-xl-3 col-xl-6">
+        <div class="card">
+            <img class="card-img-top" src="https://login.elixir-czech.org/proxy/module.php/elixir/res/img/lsaai_logo.png" alt="Life Science Login logo">
+            <div class="card-body">
\ No newline at end of file
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/continue_direct.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/continue_direct.jsp
deleted file mode 100644
index cc0636fac..000000000
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/continue_direct.jsp
+++ /dev/null
@@ -1,35 +0,0 @@
-<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
-<%@ page import="java.util.ArrayList" %>
-<%@ page import="java.util.List" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="t" tagdir="/WEB-INF/tags/common" %>
-<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
-
-<%
-
-List<String> cssLinks = new ArrayList<>();
-
-pageContext.setAttribute("cssLinks", cssLinks);
-
-%>
-<spring:message code="continue_direct_title" var="title"/>
-<t:header title="${title}" reqURL="${reqURL}" baseURL="${baseURL}"
-          cssLinks="${cssLinks}" theme="${theme}"/>
-
-<h1><spring:message code="continue_direct_header"/></h1>
-
-</div> <%-- header --%>
-
-<div id="content">
-    <div id="head">
-        <h1><spring:message code="continue_direct_heading"/></h1>
-    </div>
-    <p><spring:message code="continue_direct_text"/></p>
-    <hr/>
-    <br/>
-    <a href="${fn:escapeXml(target)}" class="btn btn-lg btn-primary btn-block"><spring:message code="continue_direct_btn"/></a>
-</div>
-</div><!-- wrap -->
-
-<t:footer baseURL="${baseURL}" theme="${theme}"/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approve.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approve.jsp
new file mode 100644
index 000000000..9a3eb8a28
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approve.jsp
@@ -0,0 +1,149 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"
+         import="cz.muni.ics.oidc.server.ga4gh.Ga4ghPassportAndVisaClaimSource"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+<!-- block container -->
+<div class="aas-message">
+    <p>
+        The service <strong><c:out value="${client.clientName}" /></strong> requires access to your personal data.
+        <c:if test="${not empty(client.policyUri)}">
+        Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service to learn more about its commitments to protect your data.
+        </c:if>
+    </p>
+</div>
+<c:if test="${empty(client.policyUri)}">
+<div class="alert alert-warning" role="alert">
+    <h6>This service is missing a Privacy Policy document.</h6>
+</div>
+</c:if>
+<c:if test="${getsOfflineAccess}">
+<div class="alert alert-warning" role="alert">
+    <div><h6>This service requests continuous access to your personal data.</h6>
+        <p>
+            Normally when you close your browser the service stops fetching your personal data from Life Science Login.
+            However, in this case, fetching your personal data continues as it is required for the service to work.
+        </p>
+    </div>
+</div>
+</c:if>
+<c:if test="${not client.acceptedTos}">
+    <div class="alert alert-warning" role="alert">
+        <h6>This service has not declared compliance with the <a target="_blank" href="https://lifescience-ri.eu/aai/terms-of-use">Terms of Use for service providers</a> that govern the service's use of Life Science Login.</h6>
+    </div>
+</c:if>
+<form name="confirmationForm" id="allow_consent_form" class="form-group"
+          action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/authorize" method="post">
+    <div id="accordion">
+        <div class="section">
+            <div class="card-header" id="headingOne">
+                <h5 class="mb-0">
+                    <button class="btn btn-link" type="button" data-toggle="collapse" data-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
+                        User Information
+                    </button>
+                </h5>
+            </div>
+            <c:if test="${not empty scopes}">
+                <c:forEach var="scope" items="${scopes}">
+                    <c:set var="singleClaim" value="${fn:length(claims[scope.value]) eq 1}" />
+                    <div class="card-body">
+                        <div class="attribute-row">
+                            <div class="attribute">
+                                <div class="attribute-name form-check">
+                                    <input class="form-check-input" type="checkbox" name="scope_${ fn:escapeXml(scope.value) }" checked="checked"
+                                           id="scope_${fn:escapeXml(scope.value)}" value="${fn:escapeXml(scope.value)}">
+                                    <label class="form-check-label" for="scope_${fn:escapeXml(scope.value)}">
+                                        <spring:message code="${scope.value}"/>
+                                    </label>
+                                </div>
+                            </div>
+                            <div class="attribute-values">
+                                <c:forEach var="claim" items="${claims[scope.value]}">
+                                <div class="attribute-choose">
+                                    <div class="attribute-value">
+                                        <c:if test="${claim.value.getClass().name eq 'java.util.ArrayList'}">
+                                            <c:forEach var="subValue" items="${claim.value}">
+                                                <div>
+                                                <c:choose>
+                                                    <c:when test="${claim.key=='ga4gh_passport_v1'}">
+                                                        <code><%= Ga4ghPassportAndVisaClaimSource.parseAndVerifyVisa(
+                                                                (String) pageContext.findAttribute("subValue")).getPrettyString() %></code>
+                                                    </c:when>
+                                                    <c:otherwise>
+                                                        <code>${subValue}</code>
+                                                    </c:otherwise>
+                                                </c:choose>
+                                                </div>
+                                            </c:forEach>
+                                        </c:if>
+                                        <c:if test="${not(claim.value.getClass().name eq 'java.util.ArrayList')}">
+                                            <c:if test="${scope.value eq 'profile'
+                                                          or scope.value eq 'email'
+                                                          or scope.value eq 'phone'}">
+                                                <strong><spring:message code="${claim.key}"/>:${' '}</strong>
+                                            </c:if>
+                                            <code>${claim.value}</code>
+                                        </c:if>
+                                    </div>
+                                </div>
+                                </c:forEach>
+                            </div>
+                        </div>
+                    </div>
+                </c:forEach>
+            </c:if>
+        </div>
+    </div>
+
+    <c:if test="${not empty jurisdiction}">
+    <div class="alert alert-danger" role="alert">
+        <h6>
+            This service is${' '}
+            <c:if test="${jurisdiction eq 'INT'}">provided by an international organization. </c:if>
+            <c:if test="${jurisdiction ne 'INT'}">in ${jurisdiction}</c:if>
+        </h6>
+        <p>
+            In order to access the requested services, the Life Science Login needs to transfer your personal data to a country outside EU/EEA.
+            We cannot guarantee that this country offers an adequately high level of personal data protection as EU/EEA countries.
+
+            <c:if test="${not empty(client.policyUri)}">
+                Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service provider to learn more about its commitments to protect your data.
+            </c:if>
+        </p>
+        <div class="form-check">
+            <input class="form-check-input" type="checkbox" name="transfer" id="transfer" data-np-checked="1">
+            <label class="form-check-label" for="transfer">To continue, consent to the transfer of your personal data.</label>
+        </div>
+    </div>
+    </c:if>
+    <div class="outro">
+        <p>
+            For withdrawing consent, contact <a href="mailto:support@aai.lifescience-ri.eu">support@example.com</a>
+        </p>
+    </div>
+    <div class="footer-buttons">
+        <div class="remember">
+            <label>Remember:</label>
+            <div id="select-amount">
+                <select name="remember" id="month" class="btn btn-sm btn-secondary amount">
+                    <option value="none">Just this time</option>
+                    <option value="until-revoked">Forever</option>
+                </select>
+            </div>
+        </div>
+        <div class="consent-button">
+            <a id="abort" class="btn btn-danger" href="https://lifescience-ri.eu/index.php?id=409">Abort</a>
+            <input type="submit" class="btn btn-primary" value="Consent" id="submit" name="authorize"
+                   <c:if test="${not empty jurisdiction}">disabled=""</c:if>
+                   onclick="$('#user_oauth_approval').attr('value',true)">
+        </div>
+    </div>
+    <input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
+    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+</form>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approveDevice.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approveDevice.jsp
new file mode 100644
index 000000000..623a13a97
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approveDevice.jsp
@@ -0,0 +1,153 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"
+         import="cz.muni.ics.oidc.server.ga4gh.Ga4ghPassportAndVisaClaimSource"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+<!-- block container -->
+<div class="aas-message">
+    <p>
+        The service <strong><c:out value="${client.clientName}" /></strong> requires access to your personal data.
+        <c:if test="${not empty(client.policyUri)}">
+        Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service to learn more about its commitments to protect your data.
+        </c:if>
+    </p>
+</div>
+<c:if test="${empty(client.policyUri)}">
+<div class="alert alert-warning" role="alert">
+    <h6>This service is missing a Privacy Policy document.</h6>
+</div>
+</c:if>
+<c:if test="${getsOfflineAccess}">
+<div class="alert alert-warning" role="alert">
+    <div><h6>This service requests continuous access to your personal data.</h6>
+        <p>
+            Normally when you close your browser the service stops fetching your personal data from Life Science Login.
+            However, in this case, fetching your personal data continues as it is required for the service to work.
+        </p>
+    </div>
+</div>
+</c:if>
+<c:if test="${not client.acceptedTos}">
+    <div class="alert alert-warning" role="alert">
+        <h6>This service has not declared compliance with the <a target="_blank" href="https://lifescience-ri.eu/aai/terms-of-use">Terms of Use for service providers</a> that govern the service's use of Life Science Login.</h6>
+    </div>
+</c:if>
+<form name="confirmationForm" id="allow_consent_form" class="form-group"
+          action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device/approved" method="post">
+    <div id="accordion">
+        <div class="section">
+            <div class="card-header" id="headingOne">
+                <h5 class="mb-0">
+                    <button class="btn btn-link" type="button" data-toggle="collapse" data-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
+                        User Information
+                    </button>
+                </h5>
+            </div>
+            <div id="collapseOne" class="collapse show" aria-labelledby="headingOne" data-parent="#accordion">
+                <c:if test="${not empty scopes}">
+                    <c:forEach var="scope" items="${scopes}">
+                        <c:set var="singleClaim" value="${fn:length(claims[scope.value]) eq 1}" />
+                        <div class="card-body">
+                            <div class="attribute-row">
+                                <div class="attribute">
+                                    <div class="attribute-name form-check">
+                                        <input class="form-check-input" type="checkbox" name="scope_${ fn:escapeXml(scope.value) }" checked="checked"
+                                               id="scope_${fn:escapeXml(scope.value)}" value="${fn:escapeXml(scope.value)}">
+                                        <label class="form-check-label" for="scope_${fn:escapeXml(scope.value)}">
+                                            <spring:message code="${scope.value}"/>
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="attribute-values">
+                                    <c:forEach var="claim" items="${claims[scope.value]}">
+                                    <div class="attribute-choose">
+                                        <div class="attribute-value">
+                                            <c:if test="${claim.value.getClass().name eq 'java.util.ArrayList'}">
+                                                <c:forEach var="subValue" items="${claim.value}">
+                                                    <div>
+                                                    <c:choose>
+                                                        <c:when test="${claim.key=='ga4gh_passport_v1'}">
+                                                            <code><%= Ga4ghPassportAndVisaClaimSource.parseAndVerifyVisa(
+                                                                    (String) pageContext.findAttribute("subValue")).getPrettyString() %></code>
+                                                        </c:when>
+                                                        <c:otherwise>
+                                                            <code>${subValue}</code>
+                                                        </c:otherwise>
+                                                    </c:choose>
+                                                    </div>
+                                                </c:forEach>
+                                            </c:if>
+                                            <c:if test="${not(claim.value.getClass().name eq 'java.util.ArrayList')}">
+                                                <c:if test="${scope.value eq 'profile'
+                                                              or scope.value eq 'email'
+                                                              or scope.value eq 'phone'}">
+                                                    <strong><spring:message code="${claim.key}"/>:${' '}</strong>
+                                                </c:if>
+                                                <code>${claim.value}</code>
+                                            </c:if>
+                                        </div>
+                                    </div>
+                                    </c:forEach>
+                                </div>
+                            </div>
+                        </div>
+                    </c:forEach>
+                </c:if>
+            </div>
+        </div>
+    </div>
+
+    <c:if test="${not empty jurisdiction}">
+    <div class="alert alert-danger" role="alert">
+        <h6>
+            This service is${' '}
+            <c:if test="${jurisdiction eq 'INT'}">provided by an international organization. </c:if>
+            <c:if test="${jurisdiction ne 'INT'}">in ${jurisdiction}</c:if>
+        </h6>
+        <p>
+            In order to access the requested services, the Life Science Login needs to transfer your personal data to a country outside EU/EEA.
+            We cannot guarantee that this country offers an adequately high level of personal data protection as EU/EEA countries.
+
+            <c:if test="${not empty(client.policyUri)}">
+                Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service provider to learn more about its commitments to protect your data.
+            </c:if>
+        </p>
+        <div class="form-check">
+            <input class="form-check-input" type="checkbox" name="transfer" id="transfer" data-np-checked="1">
+            <label class="form-check-label" for="transfer">To continue, consent to the transfer of your personal data.</label>
+        </div>
+    </div>
+    </c:if>
+    <div class="outro">
+        <p>
+            For withdrawing consent, contact
+            <a href="mailto:support@aai.lifescience-ri.eu">support@example.com</a>
+        </p>
+    </div>
+    <div class="footer-buttons">
+        <div class="remember">
+            <label>Remember:</label>
+            <div id="select-amount">
+                <select name="remember" id="month" class="btn btn-sm btn-secondary amount">
+                    <option value="none">Just this time</option>
+                    <option value="until-revoked">Forever</option>
+                </select>
+            </div>
+        </div>
+        <div class="consent-button">
+            <a id="abort" class="btn btn-danger" href="https://lifescience-ri.eu/index.php?id=409">Abort</a>
+            <input type="submit" class="btn btn-primary" value="Consent" id="submit" name="authorize"
+                   <c:if test="${not empty jurisdiction}">disabled=""</c:if>
+                   onclick="$('#user_oauth_approval').attr('value',true)">
+        </div>
+    </div>
+    <input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
+    <input type="hidden" name="user_code" value="${ dc.userCode }" />
+    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+</form>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/aup.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/aup.jsp
new file mode 100644
index 000000000..460cf1cb4
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/aup.jsp
@@ -0,0 +1,26 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <h3><spring:message code="must_agree_aup"/></h3>
+    <form method="POST" action="">
+        <c:forEach var="aup" items="${newAups}">
+            <div>
+                <p style="font-size: 16px; padding: 0; margin: 0;"><spring:message code="org_vo"/>${" "}<strong>${aup.key}</strong></p>
+                <p><spring:message code="see_aup"/>${" "}${aup.value.version}${" "}
+                    <a href="${aup.value.link}"><spring:message code="here"/></a></p>
+            </div>
+        </c:forEach>
+        <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+        <div class="form-group">
+            <spring:message code="agree_aup" var="submit_value"/>
+            <input type="submit" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
+        </div>
+    </form>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/isTestSpWarning.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/isTestSpWarning.jsp
new file mode 100644
index 000000000..900cf4f6c
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/isTestSpWarning.jsp
@@ -0,0 +1,23 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="is_test_sp_warning_header"/></h1>
+    </div>
+    <p><spring:message code="is_test_sp_warning_text"/></p>
+
+    <form method="GET" action="${action}">
+        <hr/>
+        <br/>
+        <input type="hidden" name="target" value="${fn:escapeXml(target)}">
+        <input type="hidden" name="accepted" value="true">
+        <spring:message code="is_test_sp_warning_continue" var="submit_value"/>
+        <input type="submit" name="continue" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
+    </form>
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_failure.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_failure.jsp
new file mode 100644
index 000000000..db02f2305
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_failure.jsp
@@ -0,0 +1,23 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="login_failure_header"/></h1>
+    </div>
+    <div class="msg"><spring:message code="login_failure_msg"/></div>
+    <c:if test="${not empty('error_msg')}">
+        <div class="mgs">
+            <spring:message code="${error_msg}"/>
+        </div>
+    </c:if>
+    <div class="msg"><spring:message code="login_failure_contact_us"/>${" "}
+        <a href="mailto:${contactMail}">${contactMail}</a>.
+    </div>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_success.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_success.jsp
new file mode 100644
index 000000000..a6c545567
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_success.jsp
@@ -0,0 +1,15 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="login_success_header"/></h1>
+    </div>
+    <div class="msg"><spring:message code="login_success_msg"/></div>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout.jsp
new file mode 100644
index 000000000..dc036c78e
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout.jsp
@@ -0,0 +1,28 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <h1><spring:message code="logout.confirmation.header"/></h1>
+    <form action="${config.issuer}${config.issuer.endsWith('/') ? '' : '/'}endsession" method="POST">
+        <p><spring:message code="logout.confirmation.explanation"/></p>
+        <div class="row">
+            <div class="col-md-6 mb-4">
+                <spring:message code="logout.confirmation.submit" var="submit_value_approve"/>
+                <input name="approve" value="${submit_value_approve}"
+                       type="submit" class="btn btn-lg btn-block btn-primary" />
+            </div>
+            <div class="col-md-6 mb-4">
+                <spring:message code="logout.confirmation.deny" var="submit_value_deny"/>
+                <input name="deny" value="${submit_value_deny}"
+                       type="submit" class="btn btn-lg btn-block" />
+            </div>
+        </div>
+        <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+    </form>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logoutConfirmation.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logoutConfirmation.jsp
new file mode 100644
index 000000000..106635b25
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logoutConfirmation.jsp
@@ -0,0 +1,48 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+	<div class="well" style="text-align: center">
+
+		<h1><spring:message code="logout.confirmation.header"/></h1>
+
+		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }endsession" method="POST">
+
+			<div class="row-fluid">
+				<div class="span12">
+	                <spring:message code="logout.confirmation.submit" var="authorize_label"/>
+	                <spring:message code="logout.confirmation.deny" var="deny_label"/>
+	                <div>
+						<c:if test="${ not empty client }">
+							<!-- display some client information -->
+							<spring:message code="logout.confirmation.requested"/>&nbsp;
+							<c:choose>
+								<c:when test="${empty client.clientName}">
+									<em><c:out value="${client.clientId}" /></em>
+								</c:when>
+								<c:otherwise>
+									<em><c:out value="${client.clientName}" /></em>
+								</c:otherwise>
+							</c:choose>
+						</c:if>
+	                </div>
+	                <div>
+	                	<spring:message code="logout.confirmation.explanation" />
+	                </div>
+					<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" /> 
+					&nbsp; 
+					<input name="deny" value="${deny_label}" type="submit" class="btn btn-large" />
+				</div>
+			</div>
+
+		</form>
+
+	</div>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_denied.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_denied.jsp
new file mode 100644
index 000000000..7d9e6e582
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_denied.jsp
@@ -0,0 +1,15 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="logout_denied_header"/></h1>
+    </div>
+    <div class="msg"><spring:message code="logout_denied_msg"/></div>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_success.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_success.jsp
new file mode 100644
index 000000000..deebb7fd4
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_success.jsp
@@ -0,0 +1,15 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="logout_success_header"/></h1>
+    </div>
+    <div class="msg"><spring:message code="logout_success_msg"/></div>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationForm.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationForm.jsp
new file mode 100644
index 000000000..1ab466da5
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationForm.jsp
@@ -0,0 +1,54 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="registration_header1"/>
+            <c:choose>
+                <c:when test="${not empty client.clientName and not empty client.clientUri}">
+                    &#32;<a href="${fn:escapeXml(client.clientUri)}">${fn:escapeXml(client.clientName)}</a>
+                </c:when>
+                <c:when test="${not empty client.clientName}">
+                    &#32;${fn:escapeXml(client.clientName)}
+                </c:when>
+            </c:choose>
+            ${" "}<spring:message code="registration_header2"/>
+        </h1>
+    </div>
+    <div class="msg"><spring:message code="registration_message"/></div>
+
+    <div class="list-group">
+        <form action="${action}" method="get">
+            <h4><spring:message code="registration_select_vo"/></h4>
+            <select id="selectVo" class="form-control" name="selectedVo" onchange="filter()" required>
+                <c:forEach var="voGroupPair" items="${groupsForRegistration}">
+                    <option value="${fn:escapeXml(voGroupPair.key.shortName)}">
+                            ${fn:escapeXml(voGroupPair.key.name)}
+                    </option>
+                </c:forEach>
+            </select>
+
+            <h4 class="selectGroup" style="display: none"><spring:message code="registration_select_group"/></h4>
+            <select  class="selectGroup form-control" name="selectedGroup" class="form-control" style="display: none" required>
+                <c:forEach var="voGroupPair" items="${groupsForRegistration}">
+                    <c:forEach var="group" items="${voGroupPair.value}">
+                        <option class="groupOption" value="${fn:escapeXml(voGroupPair.key.shortName)}:${fn:escapeXml(group.name)}">
+                                ${fn:escapeXml(group.description)}
+                        </option>
+                    </c:forEach>
+                </c:forEach>
+            </select>
+
+            <spring:message code="registration_continue" var="submit_value"/>
+            <input type="submit" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
+        </form>
+    </div>
+
+<script type="text/javascript" src="resources/js/reg_form_select.js"></script>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationFormContinue.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationFormContinue.jsp
new file mode 100644
index 000000000..29b06219b
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationFormContinue.jsp
@@ -0,0 +1,35 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div id="head">
+        <h1><spring:message code="go_to_registration_header1"/>
+            <c:choose>
+                <c:when test="${not empty client.clientName and not empty client.clientUri}">
+                    ${" "}<a href="${fn:escapeXml(client.uri)}">${fn:escapeXml(client.clientName)}</a>
+                </c:when>
+                <c:when test="${not empty client.clientName}">
+                    ${" "}${fn:escapeXml(client.clientName)}
+                </c:when>
+            </c:choose>
+            ${" "}<spring:message code="go_to_registration_header2"/>
+        </h1>
+    </div>
+    <form method="GET" action="${action}">
+        <hr/>
+        <br/>
+        <input type="hidden" name="client_id" value="${fn:escapeXml(client_id)}" />
+        <input type="hidden" name="facility_id" value="${fn:escapeXml(facility_id)}" />
+        <input type="hidden" name="user_id" value="${fn:escapeXml(user_id)}" />
+        <spring:message code="go_to_registration_continue" var="submit_value"/>
+        <input type="submit" name="continueToRegistration" value="${submit_value}"
+               class="btn btn-lg btn-primary btn-block">
+    </form>
+
+
+<ls:footer/>
\ No newline at end of file
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/requestUserCode.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/requestUserCode.jsp
new file mode 100644
index 000000000..1e1e878da
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/requestUserCode.jsp
@@ -0,0 +1,55 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+	<div class="well" style="text-align: center">
+
+		<h1><spring:message code="device.request_code.header"/></h1>
+
+	<c:if test="${ error != null }">
+		<c:choose>
+			<c:when test="${ error == 'noUserCode' }">
+				<div class="alert alert-error"><spring:message code="device.error.noUserCode"/></div>
+			</c:when>
+			<c:when test="${ error == 'expiredUserCode' }">
+				<div class="alert alert-error"><spring:message code="device.error.expiredUserCode"/></div>
+			</c:when>
+			<c:when test="${ error == 'userCodeAlreadyApproved' }">
+				<div class="alert alert-error"><spring:message code="device.error.userCodeAlreadyApproved"/></div>
+			</c:when>
+			<c:when test="${ error == 'userCodeMismatch' }">
+				<div class="alert alert-error"><spring:message code="device.error.userCodeMismatch"/></div>
+			</c:when>
+			<c:otherwise>
+				<div class="alert alert-error"><spring:message code="device.error.error"/></div>	
+			</c:otherwise>
+		</c:choose>				
+	</c:if>
+
+
+		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device" method="POST">
+
+			<div class="row-fluid">
+				<div class="span12">
+	                <spring:message code="device.request_code.submit" var="authorize_label"/>
+	                <div>
+		                <div class="input-block-level input-xlarge">
+			                <input type="text" name="user_code" placeholder="code" autocorrect="off"
+								   autocapitalize="off" autocomplete="off" spellcheck="false" value="${user_code}" />
+		                </div>
+	                </div>
+					<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" /> 
+				</div>
+			</div>
+
+		</form>
+
+	</div>
+
+<ls:footer/>
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedDeviceApproved.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedDeviceApproved.jsp
new file mode 100644
index 000000000..2bbf141c3
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedDeviceApproved.jsp
@@ -0,0 +1,33 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <h1>
+        <c:if test="${ approved }"><p>&#x2714; <spring:message code="device_approved_approved"/></p></c:if>
+        <c:if test="${ not approved }"><p>&#x2717; <spring:message code="device_approved_rejected"/></p></c:if>
+    </h1>
+    <p class="mt-2">
+        <c:if test="${ approved }">
+            <spring:message code="device_approved_text_approved_start"/>${" "}
+            <c:if test="${empty client.clientName}"><em><c:out value="${client.clientId}" /></em></c:if>
+            <c:if test="${not empty client.clientName}"><em><c:out value="${client.clientName}" /></em></c:if>
+            ${" "}<spring:message code="device_approved_text_approved_end"/>
+        </c:if>
+        <c:if test="${not approved}">
+            <spring:message code="device_approved_text_rejected_start"/>
+            <c:if test="${empty client.clientName}">
+                <em>${" "}<c:out value="${client.clientId}"/></em>
+            </c:if>
+            <c:if test="${not empty client.clientName}">
+                <em>${" "}<c:out value="${client.clientName}"/></em>
+            </c:if>
+            ${". "}<spring:message code="device_approved_text_rejected_end"/>
+        </c:if>
+    </p>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedRequestUserCode.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedRequestUserCode.jsp
new file mode 100644
index 000000000..036cc1e2b
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedRequestUserCode.jsp
@@ -0,0 +1,61 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header/>
+
+    <h1><spring:message code="request_code_header"/></h1>
+    <c:choose>
+        <c:when test="${ not empty error }">
+            <p class="alert alert-danger mt-2">
+            <c:choose>
+                <c:when test="${ error == 'noUserCode' }">
+                    <spring:message code="user_code_empty_or_not_found"/>
+                </c:when>
+                <c:when test="${ error == 'expiredUserCode' }">
+                    <spring:message code="user_code_expired"/>
+                </c:when>
+                <c:when test="${ error == 'userCodeAlreadyApproved' }">
+                    <spring:message code="user_code_already_approved"/>
+                </c:when>
+                <c:when test="${ error == 'userCodeMismatch' }">
+                    <spring:message code="user_code_mismatch"/>
+                </c:when>
+                <c:otherwise>
+                    <spring:message code="user_code_error"/>
+                </c:otherwise>
+            </c:choose>
+            </p>
+        </c:when>
+        <c:otherwise>
+            <p class="mt-2"><spring:message code="user_code_info"/></p>
+        </c:otherwise>
+    </c:choose>
+
+    <form name="confirmationForm" class="mt-2"  method="POST"
+          action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device">
+        <div class="row-fluid">
+            <div class="span12">
+                <div>
+                    <div class="input-block-level input-xlarge">
+                        <spring:message code="code" var="code_placeholder"/>
+                        <input type="text" name="user_code" placeholder="${code_placeholder}"
+                               autocapitalize="off" autocomplete="off" spellcheck="false" value="${user_code}" />
+                    </div>
+                </div>
+            </div>
+        </div>
+        <div class="row-fluid mt-2">
+            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+            <input type="hidden" name="acr" value="${acr}">
+            <spring:message code="user_code_submit" var="submit_value"/>
+            <input name="approve" value="${submit_value}" type="submit"
+                   class="btn btn-success btn-block btn-large" />
+        </div>
+
+    </form>
+
+<ls:footer/>
\ No newline at end of file
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved.jsp
new file mode 100644
index 000000000..e2d1d3ecc
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved.jsp
@@ -0,0 +1,36 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div class="error_message" style="word-wrap: break-word;">
+        <c:forEach var="contactIter" items="${client.contacts}" end="0">
+            <c:set var="contact" value="${contactIter}" />
+        </c:forEach>
+        <c:if test="${empty contact}">
+            <c:set var="contact" value="${contactMail}"/>
+        </c:if>
+        <h1><spring:message code="403_header"/></h1>
+        <p><spring:message code="403_text"/>${' '}${fn:escapeXml(client.clientName)}
+            <c:if test="${not empty client.clientUri}">
+                <br/>
+                <spring:message code="403_informationPage"/>${' '}
+                <a href="${fn:escapeXml(client.clientUri)}">
+                    ${fn:escapeXml(client.clientUri)}
+                </a>
+            </c:if>
+        </p>
+
+        <spring:message code="403_subject" var="subject"/>
+        <p><spring:message code="403_contactSupport"/>${' '}
+           <a href="mailto:${contact}?subject=${subject} ${fn:escapeXml(client.clientName)}">
+               ${fn:escapeXml(contact)}
+           </a>
+        </p>
+    </div>
+
+<ls:footer />
diff --git a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved_spec.jsp b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved_spec.jsp
new file mode 100644
index 000000000..6bdd59a7c
--- /dev/null
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved_spec.jsp
@@ -0,0 +1,16 @@
+<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
+<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
+
+<ls:header />
+
+    <div class="error_message" style="word-wrap: break-word;">
+        <h1><spring:message code="${outHeader}"/></h1>
+        <p><spring:message code="${outMessage}"/></p>
+        <p><spring:message code="contact_p"/>${" "}<a href="mailto:${contactMail}">${contactMail}</a></p>
+    </div>
+
+<ls:footer />
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java
index f09672bb8..d796ab886 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java
@@ -314,6 +314,12 @@ public class ClientDetailsEntity implements ClientDetails {
 		}
 	}
 
+	@Column(name = "accepted_tos")
+	private boolean acceptedTos;
+
+	@Column(name = "jurisdiction")
+	private String jurisdiction;
+
 	@Override
 	public String getClientId() {
 		return clientId;
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/controller/OAuthConfirmationController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/controller/OAuthConfirmationController.java
index 68243c78b..3de64b5df 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/controller/OAuthConfirmationController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/controller/OAuthConfirmationController.java
@@ -38,8 +38,11 @@ import cz.muni.ics.openid.connect.service.ScopeClaimTranslationService;
 import cz.muni.ics.openid.connect.service.UserInfoService;
 import cz.muni.ics.openid.connect.view.HttpCodeView;
 import java.net.URISyntaxException;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
@@ -55,6 +58,7 @@ import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
 import org.springframework.stereotype.Controller;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.SessionAttributes;
 
@@ -88,6 +92,11 @@ public class OAuthConfirmationController {
 	public static final String APPROVE = "approve";
 	public static final String REMEMBER_ENABLED = "rememberEnabled";
 
+	public static final String LSAAI = "lsaai";
+
+	public static final Set<String> euEaa = Set.of("AT", "BE", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "DE",
+			"EL", "HU", "IE", "IT", "LV", "LT", "LU", "MT", "NL", "PT", "RO", "SK", "SI", "ES", "SE", "NO", "IS", "LI", "GB");
+
 	@Getter
 	@Setter
 	private ClientDetailsEntityService clientService;
@@ -188,9 +197,25 @@ public class OAuthConfirmationController {
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
 
 		model.put(PAGE, CONSENT);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase(LSAAI)) {
+			model.put("getsOfflineAccess", authRequest.getScope().contains("offline_access"));
+			model.put("jurisdiction", getJurisdiction(client));
+			return "lsaai/approve";
+		}
 		return THEMED_APPROVE;
 	}
 
+	private String getJurisdiction(ClientDetailsEntity client) {
+		if (!StringUtils.hasText(client.getJurisdiction()) || euEaa.contains(client.getJurisdiction())) {
+			return "";
+		} else if (client.getJurisdiction().length() > 2) {
+			return "INT";
+		}
+
+		Locale l = new Locale("", client.getJurisdiction());
+		return l.getDisplayCountry() + " (" + l.getISO3Country() + ")";
+	}
+
 	private String sendRedirect(AuthorizationRequest authRequest, Map<String, Object> model, ClientDetailsEntity client) {
 		String url = redirectResolver.resolveRedirect(authRequest.getRedirectUri(), client);
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java
index 967163287..3555bcca6 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java
@@ -38,6 +38,7 @@ import java.net.URISyntaxException;
 import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
@@ -125,6 +126,8 @@ public class DeviceEndpoint {
 	public static final String CHECK_USER_CODE_URL = "/auth/device/authorize";
 	public static final String DEVICE_APPROVED_URL = "/auth/device/approved";
 
+	public static final Set<String> euEaa = Set.of("AT", "BE", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "DE", "EL", "HU", "IE", "IT", "LV", "LT", "LU", "MT", "NL", "PT", "RO", "SK", "SI", "ES", "SE", "NO", "IS", "LI", "GB");
+
 	private final ClientDetailsEntityService clientService;
 	private final SystemScopeService scopeService;
 	private final DeviceCodeService deviceCodeService;
@@ -403,6 +406,9 @@ public class DeviceEndpoint {
 
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
 		model.put(PAGE, REQUEST_USER_CODE);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			return "lsaai/" + THEMED_REQUEST_USER_CODE;
+		}
 		return THEMED_REQUEST_USER_CODE;
 	}
 
@@ -413,6 +419,9 @@ public class DeviceEndpoint {
 
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
 		model.put(PAGE, DEVICE_APPROVED);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			return "lsaai/" + THEMED_DEVICE_APPROVED;
+		}
 		return THEMED_DEVICE_APPROVED;
 	}
 
@@ -435,9 +444,25 @@ public class DeviceEndpoint {
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
 
 		model.put(PAGE, APPROVE_DEVICE);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			model.put("getsOfflineAccess", dc.getScope().contains("offline_access"));
+			model.put("jurisdiction", getJurisdiction(client));
+			return "lsaai/" + APPROVE_DEVICE;
+		}
 		return THEMED_APPROVE_DEVICE;
 	}
 
+	private String getJurisdiction(ClientDetailsEntity client) {
+		if (!StringUtils.hasText(client.getJurisdiction()) || euEaa.contains(client.getJurisdiction())) {
+			return "";
+		} else if (client.getJurisdiction().length() > 2) {
+			return "INT";
+		}
+
+		Locale l = new Locale("", client.getJurisdiction());
+		return l.getDisplayCountry() + " (" + l.getISO3Country() + ")";
+	}
+
 	private String constructVerificationURI(String uri, Map<String, String> params) throws URISyntaxException {
 		if (params == null || params.isEmpty()) {
 			return uri;
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/AupController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/AupController.java
index 83989164a..673801627 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/AupController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/AupController.java
@@ -71,6 +71,9 @@ public class AupController {
         model.put(NEW_AUPS, newAups);
         ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/aup";
+        }
         return "aup";
     }
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/IsTestSpController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/IsTestSpController.java
index 294995f65..8445758bc 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/IsTestSpController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/IsTestSpController.java
@@ -46,6 +46,9 @@ public class IsTestSpController {
         model.put(TARGET, returnUrl);
         model.put(ACTION, req.getRequestURL().toString());
         ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/isTestSpWarning";
+        }
         return "isTestSpWarning";
     }
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LoginController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LoginController.java
index ce9e04041..5437b375e 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LoginController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LoginController.java
@@ -40,6 +40,9 @@ public class LoginController {
 	@RequestMapping(value = MAPPING_SUCCESS)
 	public String loginSuccess(HttpServletRequest req, Map<String, Object> model) {
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			return "lsaai/login_success";
+		}
 		return "login_success";
 	}
 
@@ -65,6 +68,9 @@ public class LoginController {
 		}
 
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			return "lsaai/login_failure";
+		}
 		return "login_failure";
 	}
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LogoutController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LogoutController.java
index 2da02addd..2c5b42750 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LogoutController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LogoutController.java
@@ -27,6 +27,9 @@ public class LogoutController {
 	@RequestMapping(value = MAPPING_SUCCESS)
 	public String logoutSuccess(HttpServletRequest req, Map<String, Object> model) {
 		ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
+		if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+			return "lsaai/logout_success";
+		}
 		return "logout_success";
 	}
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedController.java
index 22108b65b..f56ba35bb 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedController.java
@@ -112,6 +112,9 @@ public class PerunUnapprovedController {
         ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
         model.put("client", client);
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved";
+        }
         return "unapproved";
     }
 
@@ -127,6 +130,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -156,6 +162,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -180,6 +189,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -192,6 +204,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -204,6 +219,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -216,6 +234,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
@@ -228,6 +249,9 @@ public class PerunUnapprovedController {
         model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
         model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/unapproved_spec";
+        }
         return "unapproved_spec";
     }
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedRegistrationController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedRegistrationController.java
index e1ec8d437..9f4044f7f 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedRegistrationController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedRegistrationController.java
@@ -119,6 +119,9 @@ public class PerunUnapprovedRegistrationController {
         model.put("groupsForRegistration", groupsForRegistration);
         model.put("page", "regForm");
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/registrationForm";
+        }
         return "registrationForm";
     }
 
@@ -150,6 +153,9 @@ public class PerunUnapprovedRegistrationController {
                 .replace(REGISTRATION_CONTINUE_MAPPING, REGISTRATION_FORM_MAPPING));
         ControllerUtils.setPageOptions(model, request, htmlClasses, perunOidcConfig);
 
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/registrationFormContinue";
+        }
         return "registrationFormContinue";
     }
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/RegistrationController.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/RegistrationController.java
index 58ffa56fd..980ff9426 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/RegistrationController.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/RegistrationController.java
@@ -35,6 +35,9 @@ public class RegistrationController {
     {
         model.put(PARAM_TARGET, target);
         ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
+        if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+            return "lsaai/continue_direct";
+        }
         return "continue_direct";
     }
 
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/EndSessionEndpoint.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/EndSessionEndpoint.java
index 7432e11b0..2d36b5e11 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/EndSessionEndpoint.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/EndSessionEndpoint.java
@@ -146,6 +146,9 @@ public class EndSessionEndpoint {
 			ControllerUtils.setPageOptions(model, request, htmlClasses, perunOidcConfig);
 
 			// display the log out confirmation page
+			if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+				return "lsaai/logout";
+			}
 			return "logout";
 		}
 	}
@@ -187,6 +190,9 @@ public class EndSessionEndpoint {
 				log.trace("redirecting to logout SAML only");
 				return "redirect:" + getLogoutUrl(null);
 			} else {
+				if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
+					return "lsaai/logout_denied";
+				}
 				return "logout_denied";
 			}
 		}