diff --git a/environments/template/group_vars/template.yml b/environments/template/group_vars/template.yml
index d785150d5..a6d7c22e9 100644
--- a/environments/template/group_vars/template.yml
+++ b/environments/template/group_vars/template.yml
@@ -289,6 +289,8 @@ myconext:
   feature_create_eduid_institution_landing: true
   feature_allowlist: false
   feature_dry_run_email_cron: true
+  feature_enable_account_linking: true
+  feature_use_app: true
   sms_api_url: "https://rest.spryngsms.com/v1/messages"
   sms_api_route: "default"
   sp_entity_id: https://engine.{{ base_domain }}/authentication/sp/metadata
diff --git a/roles/attribute-aggregation/tasks/main.yml b/roles/attribute-aggregation/tasks/main.yml
index a8959123f..2fb6277d0 100644
--- a/roles/attribute-aggregation/tasks/main.yml
+++ b/roles/attribute-aggregation/tasks/main.yml
@@ -53,6 +53,10 @@
     command: "-Xmx128m --spring.config.location=./"
     etc_hosts:
       host.docker.internal: host-gateway
+    labels:
+      traefik.http.routers.aaserver.rule: "Host(`aa.{{ base_domain }}`)"
+      traefik.http.routers.aaserver.tls: "true"
+      traefik.enable: "true"
     healthcheck:
       test:
         [
@@ -61,7 +65,7 @@
           "-no-verbose",
           "--tries=1",
           "--spider",
-          "http://localhost:8080/aa/api/internal/health",
+          "http://localhost:8080/internal/health",
         ]
       interval: 10s
       timeout: 10s
diff --git a/roles/attribute-aggregation/templates/serverapplication.yml.j2 b/roles/attribute-aggregation/templates/serverapplication.yml.j2
index 8e49715b4..28fc29379 100644
--- a/roles/attribute-aggregation/templates/serverapplication.yml.j2
+++ b/roles/attribute-aggregation/templates/serverapplication.yml.j2
@@ -8,7 +8,6 @@ server:
   # The port to where this Spring Boot application listens to. e.g. http://localhost:{{ springapp_tcpport }}
   port: 8080
   servlet:
-    context-path: /aa/api
     session:
       timeout: 28800
       cookie:
diff --git a/roles/invite/templates/serverapplication.yml.j2 b/roles/invite/templates/serverapplication.yml.j2
index ce195b62d..e637ff0cf 100644
--- a/roles/invite/templates/serverapplication.yml.j2
+++ b/roles/invite/templates/serverapplication.yml.j2
@@ -118,6 +118,8 @@ config:
   past-date-allowed: {{ invite.past_date_allowed }}
   performance-seed-allowed: {{ invite.performance_seed_allowed }}
   eduid-idp-schac-home-organization: {{ invite.eduid_idp_schac_home_organization }}
+  # Determines the languages available for switching language, supported are 'nl', 'en' and 'pt'
+  languages: "nl, en"
 
 feature:
   limit-institution-admin-role-visibility: {{ invite.limit_institution_admin_role_visibility }}
diff --git a/roles/myconext/templates/application.yml.j2 b/roles/myconext/templates/application.yml.j2
index 9f5a4d535..b45cc13bc 100644
--- a/roles/myconext/templates/application.yml.j2
+++ b/roles/myconext/templates/application.yml.j2
@@ -37,8 +37,11 @@ springdoc:
     enabled: true
 
 email:
-  from: eduID <noreply@{{ myconext_base_domain }}>
-  error_mail: info@surfconext.nl
+  from_deprovisioning: <noreply+deprovisioning@{{ myconext_base_domain }}>
+  from_code: eduID <noreply@{{ myconext_base_domain }}>
+  from_app_nudge: <noreply+appnudge@{{ myconext_base_domain }}>
+  from_new_device: <noreply+newdevice@{{ myconext_base_domain }}>
+  error: info@surfconext.nl
   magic-link-url: https://login.{{ myconext_base_domain }}/saml/guest-idp/magic
   my-surfconext-url: https://mijn.{{ myconext_base_domain }}
   idp-surfconext-url: https://login.{{ myconext_base_domain }}
@@ -74,6 +77,7 @@ manage:
   base_url: "https://manage.{{ base_domain }}"
   enabled: True
 
+mongodb_db: {{ myconext.mongo_database }}
 base_domain: {{ myconext_base_domain }}
 saml_metadata_base_path: https://login.{{ myconext_base_domain }}
 base_path: https://mijn.{{ myconext_base_domain }}
@@ -114,6 +118,8 @@ feature:
   create_eduid_institution_landing: {{ myconext.feature_create_eduid_institution_landing }}
   # Do we default remember the user for a longer period
   default_remember_me: True
+  # Do we default add affiliate email address
+  default_affiliate_email: True
   # Does the SAMLIdpService expects authn requests to be signed
   requires_signed_authn_request: False
   # Do we support ID verify
@@ -134,6 +140,12 @@ feature:
   captcha_enabled: True
   # Set to true to use the BRIN code to add ui-roles and authentication scoped affiliations
   use_remote_creation_for_affiliation:  {{ myconext.feature_use_remote_creation_for_affiliation }}
+  # Set to true to show the account linking related options on the personal-info page and home page (banner)
+  enable_account_linking: {{ myconext.feature_enable_account_linking }}
+  # Set to true to show the app login option
+  use_app: {{ myconext.feature_use_app }}
+
+default_affiliate_email_domain: eduid.nl
 
 captcha:
   sitekey: {{ myconext.captcha_sitekey }}