diff --git a/backend/src/main/java/de/szut/casino/user/UserEntity.java b/backend/src/main/java/de/szut/casino/user/UserEntity.java
index dfcfec3..67fc1ae 100644
--- a/backend/src/main/java/de/szut/casino/user/UserEntity.java
+++ b/backend/src/main/java/de/szut/casino/user/UserEntity.java
@@ -19,7 +19,7 @@ public class UserEntity {
     @GeneratedValue
     private Long id;
     @Column(unique = true)
-    private String authentikId;  // Changed from keycloakId to authentikId
+    private String authentikId;
     private String username;
 
     @Column(precision = 19, scale = 2)
diff --git a/backend/src/main/java/de/szut/casino/user/dto/KeycloakUserDto.java b/backend/src/main/java/de/szut/casino/user/dto/KeycloakUserDto.java
index 3efe472..4238e13 100644
--- a/backend/src/main/java/de/szut/casino/user/dto/KeycloakUserDto.java
+++ b/backend/src/main/java/de/szut/casino/user/dto/KeycloakUserDto.java
@@ -10,8 +10,6 @@ import lombok.Setter;
 @AllArgsConstructor
 @NoArgsConstructor
 public class KeycloakUserDto {
-    // Renamed class but kept for backward compatibility
-    // This now contains Authentik user info
     private String sub;
     private String preferred_username;
 }
diff --git a/frontend/src/app/feature/login-success/login-success.component.ts b/frontend/src/app/feature/login-success/login-success.component.ts
index b44aeb5..d10a322 100644
--- a/frontend/src/app/feature/login-success/login-success.component.ts
+++ b/frontend/src/app/feature/login-success/login-success.component.ts
@@ -18,11 +18,9 @@ export default class LoginSuccessComponent implements OnInit {
 
   async ngOnInit() {
     try {
-      // Check if we're authenticated
       if (this.oauthService.hasValidAccessToken()) {
         this.router.navigate(['/home']);
       } else {
-        // Wait a bit and check if we've been authenticated in the meantime
         setTimeout(() => {
           if (this.oauthService.hasValidAccessToken() || this.authService.getUser()) {
             this.router.navigate(['/home']);
@@ -33,7 +31,6 @@ export default class LoginSuccessComponent implements OnInit {
       }
     } catch (err) {
       console.error('Error during login callback:', err);
-      // Wait a bit in case token processing is happening elsewhere
       setTimeout(() => {
         if (this.authService.isLoggedIn()) {
           this.router.navigate(['/home']);
diff --git a/frontend/src/app/service/auth.service.ts b/frontend/src/app/service/auth.service.ts
index bf0668a..7300a25 100644
--- a/frontend/src/app/service/auth.service.ts
+++ b/frontend/src/app/service/auth.service.ts
@@ -17,16 +17,12 @@ export class AuthService {
     scope: `openid email profile ${environment.OAUTH_CLIENT_ID}`,
     responseType: 'code',
     redirectUri: window.location.origin + '/auth/callback',
-    // Important - use empty post logout redirect URI to prevent auto-redirect
     postLogoutRedirectUri: '',
-    // Don't use redirect URI as fallback for post logout
     redirectUriAsPostLogoutRedirectUriFallback: false,
     oidc: true,
     requestAccessToken: true,
-    // Explicitly set token endpoint since discovery is failing
     tokenEndpoint: 'https://oauth.simonis.lol/application/o/token/',
     userinfoEndpoint: 'https://oauth.simonis.lol/application/o/userinfo/',
-    // Loosen validation since Authentik might not fully conform to the spec
     strictDiscoveryDocumentValidation: false,
     skipIssuerCheck: true,
     disableAtHashCheck: true,
@@ -45,27 +41,22 @@ export class AuthService {
     this.oauthService.configure(this.authConfig);
     this.setupEventHandling();
 
-    // Check if we're on the callback page
     const hasAuthParams =
       window.location.search.includes('code=') ||
       window.location.search.includes('token=') ||
       window.location.search.includes('id_token=');
 
     if (hasAuthParams) {
-      // We're in the OAuth callback
       this.processCodeFlow();
     } else {
-      // Normal app startup
       this.checkExistingSession();
     }
   }
 
   private processCodeFlow() {
-    // Try to exchange the authorization code for tokens
     this.oauthService
       .tryLogin({
         onTokenReceived: () => {
-          // Manually create a token_received event
           this.handleSuccessfulLogin();
         },
       })
@@ -75,7 +66,6 @@ export class AuthService {
   }
 
   private checkExistingSession() {
-    // Try login on startup
     this.oauthService
       .loadDiscoveryDocumentAndTryLogin()
       .then((isLoggedIn) => {
@@ -97,25 +87,20 @@ export class AuthService {
   }
 
   private handleSuccessfulLogin() {
-    // Extract claims from id token if available
     const claims = this.oauthService.getIdentityClaims();
 
-    // If we have claims, use that as profile
     if (claims && (claims['sub'] || claims['email'])) {
       this.processUserProfile(claims);
       return;
     }
 
-    // Otherwise try to load user profile
     try {
       from(this.oauthService.loadUserProfile())
         .pipe(
           catchError((error) => {
             console.error('Error loading user profile:', error);
-            // If we can't load the profile but have a token, create a minimal profile
             if (this.oauthService.hasValidAccessToken()) {
-              this.oauthService.getAccessToken(); // Get token but don't use it directly
-              // Create a basic profile from the token
+              this.oauthService.getAccessToken();
               const minimalProfile = {
                 sub: 'user-' + Math.random().toString(36).substring(2, 10),
                 preferred_username: 'user' + Date.now(),
@@ -134,7 +119,6 @@ export class AuthService {
         });
     } catch (err) {
       console.error('Exception in handleSuccessfulLogin:', err);
-      // Try to navigate to home if we have a token anyway
       if (this.oauthService.hasValidAccessToken()) {
         this.router.navigate(['/home']);
       } else {
@@ -151,7 +135,6 @@ export class AuthService {
       },
       error: (err) => {
         console.error('Error creating/retrieving user:', err);
-        // Navigate to home if we have a token anyway - the backend will need to handle auth
         if (this.oauthService.hasValidAccessToken()) {
           this.router.navigate(['/home']);
         } else {
@@ -163,7 +146,6 @@ export class AuthService {
 
   login() {
     try {
-      // First ensure discovery document is loaded
       this.oauthService
         .loadDiscoveryDocument()
         .then(() => {
@@ -171,12 +153,10 @@ export class AuthService {
         })
         .catch((err) => {
           console.error('Error loading discovery document:', err);
-          // Try login anyway with configured endpoints
           this.oauthService.initLoginFlow();
         });
     } catch (err) {
       console.error('Exception in login:', err);
-      // Try direct login as a fallback
       const redirectUri = this.authConfig.redirectUri || window.location.origin + '/auth/callback';
       const scope = this.authConfig.scope || 'openid email profile';
       const authUrl = `${this.authConfig.issuer}authorize?client_id=${this.authConfig.clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&response_type=code&scope=${encodeURIComponent(scope)}`;
@@ -188,20 +168,12 @@ export class AuthService {
     try {
       this.user = null;
 
-      // Prevent redirect to Authentik by doing a local logout only
-      // Instead of using oauthService.logOut() which redirects to the provider
+      this.oauthService.logOut(true);
 
-      // Clear tokens from storage without redirecting
-      // The parameter noRedirectToLogoutUrl=true prevents redirect to the identity provider
-      this.oauthService.logOut(true); // true means: don't redirect to Authentik logout page
-
-      // Override any post-logout redirect URI that might be configured
       if (window.location.href.includes('id_token') || window.location.href.includes('logout')) {
-        // If we somehow ended up at a logout URL, redirect back to the app
         window.location.href = window.location.origin;
       }
 
-      // Clear any lingering tokens manually
       localStorage.removeItem('access_token');
       localStorage.removeItem('id_token');
       localStorage.removeItem('refresh_token');
@@ -209,12 +181,10 @@ export class AuthService {
       sessionStorage.removeItem('id_token');
       sessionStorage.removeItem('refresh_token');
 
-      // Navigate to landing page
       this.router.navigate(['/']);
     } catch (err) {
       console.error('Exception in logout:', err);
-      // Force clear tokens locally
-      localStorage.clear(); // Clear all local storage as a last resort
+      localStorage.clear();
       sessionStorage.clear();
       this.router.navigate(['/']);
     }
diff --git a/frontend/src/app/service/user.service.ts b/frontend/src/app/service/user.service.ts
index 2455c44..5f668c2 100644
--- a/frontend/src/app/service/user.service.ts
+++ b/frontend/src/app/service/user.service.ts
@@ -43,8 +43,6 @@ export class UserService {
   }
 
   public getOrCreateUser(profile: Record<string, unknown>): Observable<User> {
-    // Authentik format might differ from Keycloak
-    // Check different possible locations for the ID and username
     const info = profile['info'] as Record<string, unknown> | undefined;
     const id = (info?.['sub'] as string) || (profile['sub'] as string);
     const username =