diff --git a/website/integrations/services/actual-budget/index.mdx b/website/integrations/services/actual-budget/index.mdx
index 00005346fc..bc562b0936 100644
--- a/website/integrations/services/actual-budget/index.mdx
+++ b/website/integrations/services/actual-budget/index.mdx
@@ -37,7 +37,7 @@ To support the integration of Actual Budget with authentik, you need to create a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>actual.company</em>/openid/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://actual.company/openid/callback`.
     - Select any available signing key. Actual Budget only supports the RS256 algorithm. Be aware of this when choosing a signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -89,7 +89,7 @@ Alternatively, it is possible to configure OpenID Connect via the UI.
       5. Scroll up and click **Start using OpenID** under the **Authentication method** section.
       6. Fill in the following values:
           - **OpenID Provider**: authentik
-          - **OpenID provider URL**: <kbd>https://<em>authentik.company</em>/application/o/<em>your-application-slug</em>/</kbd>
+          - **OpenID provider URL**: `https://authentik.company/application/o/your-application-slug/`
           - **Client ID**: Enter the **Client ID** from authentik
           - **Client Secret**: Enter the **Client Secret** from authentik
 
diff --git a/website/integrations/services/apache-guacamole/index.mdx b/website/integrations/services/apache-guacamole/index.mdx
index 63f3428a5f..a4b0dc512d 100644
--- a/website/integrations/services/apache-guacamole/index.mdx
+++ b/website/integrations/services/apache-guacamole/index.mdx
@@ -37,7 +37,7 @@ To support the integration of Apache Guacamole with authentik, you need to creat
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>guacamole.company</em>/</kbd>. If you have configured [Apache Tomcat](https://tomcat.apache.org/) to run Apache Guacamole on a subpath, you will need to update this value accordingly.
+    - Set a `Strict` redirect URI to `https://guacamole.company/`. If you have configured [Apache Tomcat](https://tomcat.apache.org/) to run Apache Guacamole on a subpath, you will need to update this value accordingly.
     - Select any available signing key.
     - Note that Apache Guacamole does not support session tokens longer than 300 minutes (5 hours).
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/argocd/index.md b/website/integrations/services/argocd/index.md
index 530c540ef9..5b7dd2a796 100644
--- a/website/integrations/services/argocd/index.md
+++ b/website/integrations/services/argocd/index.md
@@ -34,7 +34,7 @@ To support the integration of ArgoCD with authentik, you need to create an appli
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Add two `Strict` redirect URI and set them to <kbd>https://<em>argocd.company</em>/api/dex/callback</kbd> and <kbd>https://<em>localhost:8085</em>/auth/callback</kbd>.
+    - Add two `Strict` redirect URI and set them to `https://argocd.company/api/dex/callback` and `https://localhost:8085/auth/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/aruba-orchestrator/index.md b/website/integrations/services/aruba-orchestrator/index.md
index 3e5ee383f8..13afdcde27 100644
--- a/website/integrations/services/aruba-orchestrator/index.md
+++ b/website/integrations/services/aruba-orchestrator/index.md
@@ -30,9 +30,9 @@ To support the integration of Aruba Orchestrator with authentik, you need to cre
 1. Log in to authentik as an administrator and open the authentik Admin interface.
 2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create a **SAML Provider Property Mapping** with the following settings:
     - **Name**: Set an appropriate name
-    - **SAML Attribute Name**: <kbd>sp-roles</kbd>
+    - **SAML Attribute Name**: `sp-roles`
     - **Friendly Name**: Leave blank
-    - **Expression**: (You can modify the <kbd>authentik Admins</kbd> group as needed)
+    - **Expression**: (You can modify the `authentik Admins` group as needed)
         ```python
         if ak_is_group_member(request.user, name="authentik Admins"):
             result = "superAdmin"
@@ -47,7 +47,7 @@ To support the integration of Aruba Orchestrator with authentik, you need to cre
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** and **Issuer** to <kbd>https://<em>arubaorchestrator.company</em>/gms/rest/authentication/saml2/consume</kbd>.
+    - Set the **ACS URL** and **Issuer** to `https://arubaorchestrator.company/gms/rest/authentication/saml2/consume`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
     - Under **Advanced protocol settings**, add the newly created property mapping under **Property Mappings**.
diff --git a/website/integrations/services/aws/index.mdx b/website/integrations/services/aws/index.mdx
index 66ad1abd4a..3d4d004ba6 100644
--- a/website/integrations/services/aws/index.mdx
+++ b/website/integrations/services/aws/index.mdx
@@ -44,7 +44,7 @@ To support the integration of AWS with authentik using the classic IAM method, y
     - **Role Mapping:**
 
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>https://aws.amazon.com/SAML/Attributes/Role</kbd>
+        - **SAML Attribute Name**: `https://aws.amazon.com/SAML/Attributes/Role`
         - **Friendly Name**: Leave blank
         - **Expression**: Choose one of these options:
 
@@ -73,9 +73,9 @@ To support the integration of AWS with authentik using the classic IAM method, y
 
     - **Session Name Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>https://aws.amazon.com/SAML/Attributes/RoleSessionName</kbd>
+        - **SAML Attribute Name**: `https://aws.amazon.com/SAML/Attributes/RoleSessionName`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return user.username</kbd>
+        - **Expression**: `return user.username`
 
 #### Create an application and provider in authentik
 
@@ -85,8 +85,8 @@ To support the integration of AWS with authentik using the classic IAM method, y
 - **Application**: provide a descriptive name (e.g. "AWS"), an optional group for the type of application, the policy engine mode, and optional UI settings. The **slug** will be used in URLs and should match the `aws-slug` placeholder defined earlier.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), and configure the following required settings:
-    - Set the **ACS URL** to <kbd>https://signin.aws.amazon.com/saml</kbd>
-    - Set the **Audience** to <kbd>urn:amazon:webservices</kbd>
+    - Set the **ACS URL** to `https://signin.aws.amazon.com/saml`
+    - Set the **Audience** to `urn:amazon:webservices`
     - Under **Advanced protocol settings**, add both property mappings you created in the previous section
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/awx-tower/index.md b/website/integrations/services/awx-tower/index.md
index 4952e78d80..cb2bcdecd5 100644
--- a/website/integrations/services/awx-tower/index.md
+++ b/website/integrations/services/awx-tower/index.md
@@ -37,9 +37,9 @@ To support the integration of AWX Tower with authentik, you need to create an ap
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>awx.company</em>/sso/complete/saml/</kbd>.
-    - Set the **Audience** to <kbd>awx</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>awx.company</em>/sso/metadata/saml/</kbd>.
+    - Set the **ACS URL** to `https://awx.company/sso/complete/saml/`.
+    - Set the **Audience** to `awx`.
+    - Set the **Issuer** to `https://awx.company/sso/metadata/saml/`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/beszel/index.mdx b/website/integrations/services/beszel/index.mdx
index c107fb4953..b32919b073 100644
--- a/website/integrations/services/beszel/index.mdx
+++ b/website/integrations/services/beszel/index.mdx
@@ -36,7 +36,7 @@ The steps to configure authentik include creating an application and provider pa
 - **Choose a Provider type**: OAuth2/OpenID
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and any required configurations.
     - Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>beszel.company</em>/api/oauth2-redirect</kbd>.
+    - Set a `Strict` redirect URI to `https://beszel.company/api/oauth2-redirect`.
     - Select any available signing key.
 - **Configure Bindings** _(optional):_ you can create a [binding](https://docs.goauthentik.io/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user’s \***\*My applications** \*_page_.\*
 
@@ -48,9 +48,9 @@ Beszel uses PocketBase as its server backend, and when you install Beszel you au
 
 ## Beszel configuration
 
-1. Sign in to Beszel and access the superusers dashboard by navigating to <kbd>https://<em>beszel.company</em>/\_/#/settings</kbd>.
+1. Sign in to Beszel and access the superusers dashboard by navigating to `https://beszel.company/\_/#/settings`.
 2. Toggle off **Hide collection create and edit controls**," then click the **Save changes** button.
-3. Open the **users** collection by clicking the **Collections** icon on the sidebar or head to <kbd>https://<em>beszel.company</em>/\_/#/collections?collection=pb_users_auth</kbd>.
+3. Open the **users** collection by clicking the **Collections** icon on the sidebar or head to `https://beszel.company/\_/#/collections?collection=pb_users_auth`.
 4. Click the gear icon next to the collection's name, then select the **Options** tab in the popup on the right.
 5. Enable the **OAuth2** authentication method by clicking the **OAuth2** tab and toggling **Enable**.
 6. Click **+ Add provider**, then select **OpenID Connect**.
@@ -58,15 +58,15 @@ Beszel uses PocketBase as its server backend, and when you install Beszel you au
     - Set **Client ID** to the Client ID copied from authentik.
     - Set **Client secret** to the Client Secret copied from authentik.
     - Set **Display name** to `authentik`.
-    - Set **Auth URL** to <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>.
-    - Set **Token URL** to <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>.
-    - Make sure **Fetch user info from** is set to `User info URL`, then set **User info URL** to <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+    - Set **Auth URL** to `https://authentik.company/application/o/authorize/`.
+    - Set **Token URL** to `https://authentik.company/application/o/token/`.
+    - Make sure **Fetch user info from** is set to `User info URL`, then set **User info URL** to `https://authentik.company/application/o/userinfo/`
 
 ## Test the login
 
-- Open your web browser and go to: <kbd>https://<em>beszel.company</em></kbd>.
+- Open your web browser and go to: `https://beszel.company`.
 - Click **authentik** to log in.
-- You should be redirected to authentik (following the login flow you configured). After logging in, authentik will redirect you back to <kbd>https://<em>beszel.company</em></kbd>.
+- You should be redirected to authentik (following the login flow you configured). After logging in, authentik will redirect you back to `https://beszel.company`.
 - If you successfully return to the Beszel WebGUI, the login is working correctly.
 
 ## User Creation
@@ -75,7 +75,7 @@ Beszel uses PocketBase as its server backend, and when you install Beszel you au
 
     - Users are not created automatically when logging in with authentik. The owner must manually create each user in Beszel.
     - To create users, go to the System Settings where you configured OpenID Connect.
-    - The URL for user creation is: <kbd>https://<em>beszel.company</em>>/\_/#/collections?collection=pb_users_auth</kbd>.
+    - The URL for user creation is: `https://beszel.company>/\_/#/collections?collection=pb_users_auth`.
     - Click **+ New record** and enter the user's **email** (must match the authentik email address).
 
 2. Automatically Creating Users:
diff --git a/website/integrations/services/budibase/index.md b/website/integrations/services/budibase/index.md
index ecd733a74c..dc659ce45c 100644
--- a/website/integrations/services/budibase/index.md
+++ b/website/integrations/services/budibase/index.md
@@ -34,7 +34,7 @@ To support the integration of Budibase with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>budibase.company</em>/api/global/auth/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://budibase.company/api/global/auth/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -44,11 +44,11 @@ To support the integration of Budibase with authentik, you need to create an app
 
 From the main page of your Budibase installation, add the following values under the **Auth** section of the builder:
 
-- **Config URL**: <kbd>https://<em>authentik.company</em>/application/o/<em>your-application-slug</em>/.well-known/openid-configuration</kbd>
-- **Client ID**: <kbd>Client ID from authentik</kbd>
-- **Client Secret**: <kbd>Client Secret from authentik</kbd>
-- **Callback URL**: <kbd>https://<em>budibase.company</em>/api/global/auth/oidc/callback/</kbd>
-- **Name**: <kbd>authentik</kbd>
+- **Config URL**: `https://authentik.company/application/o/your-application-slug/.well-known/openid-configuration`
+- **Client ID**: `Client ID from authentik`
+- **Client Secret**: `Client Secret from authentik`
+- **Callback URL**: `https://budibase.company/api/global/auth/oidc/callback/`
+- **Name**: `authentik`
 
 ## Configuration verification
 
diff --git a/website/integrations/services/calibre-web/index.md b/website/integrations/services/calibre-web/index.md
index ac2224c0be..5c0b17dee5 100644
--- a/website/integrations/services/calibre-web/index.md
+++ b/website/integrations/services/calibre-web/index.md
@@ -69,17 +69,17 @@ Add the user that require access to the newly created group.
 1. Navigate to **Admin** > **Edit Basic Configuration** and click on **Feature Configuration** and set the following options:
 
 - Login Type: `Use LDAP Authentication`
-- LDAP Server: `<em>authentik.company</em>`
+- LDAP Server: `authentik.company`
 - LDAP Server Port: `389`
 - LDAP Encryption: `None`
 - LDAP Authentication: `Simple`
-- LDAP Administrator Username: `cn=<em><authentik_administrator_username></em>,ou=users,dc=goauthentik,dc=io` (e.g. `cn=akadmin,ou=users,dc=goauthentik,dc=io`)
-- LDAP Administrator Password: `<em><authentik_administrator_password></em>`
+- LDAP Administrator Username: `cn=<authentik_administrator_username>,ou=users,dc=goauthentik,dc=io` (e.g. `cn=akadmin,ou=users,dc=goauthentik,dc=io`)
+- LDAP Administrator Password: `<authentik_administrator_password>`
 - LDAP Distinguished Name (DN): `dc=ldap,dc=goauthentik,dc=io`
 - LDAP User Object Filter: `(&(objectclass=user)(cn=%s))`
 - LDAP Server is OpenLDAP?: `true`
 - LDAP Group Object Filter: `(&(objectclass=group)(cn=%s))`
-- LDAP Group Name: `<em><group_name></em>` (e.g. `Calibre-Web`)
+- LDAP Group Name: `<group_name>` (e.g. `Calibre-Web`)
 - LDAP Group Members Field: `member`
 - LDAP Member User Filter Detection: `Autodetect`
 
diff --git a/website/integrations/services/chronograf/index.mdx b/website/integrations/services/chronograf/index.mdx
index 7ca172ee6d..23ba31eb64 100644
--- a/website/integrations/services/chronograf/index.mdx
+++ b/website/integrations/services/chronograf/index.mdx
@@ -35,7 +35,7 @@ To support the integration of Chronograf with authentik, you need to create an a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>chronograf.company</em>/oauth/authentik/callback/</kbd>.
+    - Set a `Strict` redirect URI to `https://chronograf.company/oauth/authentik/callback/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/cloudflare-access/index.md b/website/integrations/services/cloudflare-access/index.md
index 57a9f2e6c0..222dcdb6ae 100644
--- a/website/integrations/services/cloudflare-access/index.md
+++ b/website/integrations/services/cloudflare-access/index.md
@@ -36,7 +36,7 @@ To support the integration of Cloudflare Access with authentik, you need to crea
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>company</em>.cloudflareaccess.com/cdn-cgi/access/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://company.cloudflareaccess.com/cdn-cgi/access/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/dokuwiki/index.md b/website/integrations/services/dokuwiki/index.md
index 85ded1fc56..bb5204eff7 100644
--- a/website/integrations/services/dokuwiki/index.md
+++ b/website/integrations/services/dokuwiki/index.md
@@ -34,7 +34,7 @@ To support the integration of DocuWiki with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID** and **Client Secret** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>docuwiki.company</em>/doku.php</kbd>.
+    - Set a `Strict` redirect URI to `https://docuwiki.company/doku.php`.
     - Select any available signing key.
     - Under **Advanced Protocol Settings**, add the following OAuth mapping under **Scopes**: `authentik default OAuth Mapping: OpenID 'offline_access'`
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
@@ -60,9 +60,9 @@ For **oauthgeneric**:
 
 - Set `plugin»oauthgeneric»key` to the Client ID from authentik
 - Set `plugin»oauthgeneric»secret` to the Client Secret from authentik
-- Set `plugin»oauthgeneric»authurl` to <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-- Set `plugin»oauthgeneric»tokenurl` to <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-- Set `plugin»oauthgeneric»userurl` to <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+- Set `plugin»oauthgeneric»authurl` to `https://authentik.company/application/o/authorize/`
+- Set `plugin»oauthgeneric»tokenurl` to `https://authentik.company/application/o/token/`
+- Set `plugin»oauthgeneric»userurl` to `https://authentik.company/application/o/userinfo/`
 - Set `plugin»oauthgeneric»authmethod` to `Bearer Header`
 - Set `plugin»oauthgeneric»scopes` to `email, openid, profile, offline_access`
 - Select `plugin»oauthgeneric»needs-state`
diff --git a/website/integrations/services/drupal/index.md b/website/integrations/services/drupal/index.md
index 48cd57c3b5..d2ba8ac6b0 100644
--- a/website/integrations/services/drupal/index.md
+++ b/website/integrations/services/drupal/index.md
@@ -38,7 +38,7 @@ To support the integration of Drupal with authentik, you need to create an appli
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. The **slug** will be used in URLs and should match the `drupal-slug` placeholder defined earlier.
 - **Choose a Provider type**: select **OAuth2/OpenID Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), and configure the following required settings:
-    - Add the following **Redirect URI**: <kbd>https://<em>drupal.company</em>/openid-connect/generic</kbd>
+    - Add the following **Redirect URI**: `https://drupal.company/openid-connect/generic`
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
 3. Click **Submit** to save the new application and provider.
@@ -46,14 +46,14 @@ To support the integration of Drupal with authentik, you need to create an appli
 
 ## Drupal configuration
 
-1. From the Admin Toolbar or admin page at <kbd>https://<em>drupal.company</em>/admin</kbd>, navigate to **Configuration** > **Web Services** > **OpenID Connect** (or directly at <kbd>https://<em>drupal.company</em>/admin/config/services/openid-connect</kbd>)
+1. From the Admin Toolbar or admin page at `https://drupal.company/admin`, navigate to **Configuration** > **Web Services** > **OpenID Connect** (or directly at `https://drupal.company/admin/config/services/openid-connect`)
 2. Configure the following settings:
     - Set the **Client ID** and **Client Secret** to the values noted from authentik
     - Configure the endpoints:
-        - **Authorization endpoint**: <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-        - **Token endpoint**: <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-        - **UserInfo endpoint**: <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
-3. Under **Admin** > **Configuration** > **People** > **Account Settings** (or <kbd>https://<em>drupal.company</em>/admin/config/people/accounts</kbd>):
+        - **Authorization endpoint**: `https://authentik.company/application/o/authorize/`
+        - **Token endpoint**: `https://authentik.company/application/o/token/`
+        - **UserInfo endpoint**: `https://authentik.company/application/o/userinfo/`
+3. Under **Admin** > **Configuration** > **People** > **Account Settings** (or `https://drupal.company/admin/config/people/accounts`):
     - If new user registration is disabled, check **Override registration settings** to enable new account creation
     - Note: Without this setting, new users will receive a message that their account is blocked pending administrator approval
 4. Enable the OpenID button on the user login form
diff --git a/website/integrations/services/engomo/index.mdx b/website/integrations/services/engomo/index.mdx
index 82524895ae..6d5ac05888 100644
--- a/website/integrations/services/engomo/index.mdx
+++ b/website/integrations/services/engomo/index.mdx
@@ -46,7 +46,7 @@ To support the integration of Engomo with authentik, you need to create an appli
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID** and **slug** values because they will be required later.
     - Set the **Client type** to `Public`.
-    - Add two `Strict` redirect URIs and set them to <kbd>https://<em>engomo.company</em>/auth</kbd> and <kbd>com.engomo.engomo://callback/</kbd>.
+    - Add two `Strict` redirect URIs and set them to `https://engomo.company/auth` and `com.engomo.engomo://callback/`.
     - Select any available signing key.
     - Under **Advanced Protocol Settings**, add the scope you just created to the list of available scopes.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
@@ -55,7 +55,7 @@ To support the integration of Engomo with authentik, you need to create an appli
 
 ## engomo configuration
 
-Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
+Navigate to `https://engomo.company/composer` and log in with your admin credentials.
 
 1. Select **Server**.
 2. Select **Authentication**.
@@ -64,14 +64,14 @@ Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with
 5. Type: **OpenID Connect**
 6. Click **Create**.
 7. Configure the following values using information from the authentik provider:
-    - Set **Issuer** to <kbd>https://<em>authentik.company</em>/application/o/<em>engomo</em></kbd>.
+    - Set **Issuer** to `https://authentik.company/application/o/engomo`.
     - Set **Client ID** to the Client ID copied from authentik.
     - Set **Client secret** to the Client Secret copied from authentik.
 
 ## engomo user creation
 
 engomo doesn't create users automatically when signing in. So you have to do it manually right now.
-Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with your admin credentials.
+Navigate to `https://engomo.company/composer` and log in with your admin credentials.
 
 - Select **Users & Devices**.
 - Click the plus button in the Users section.
@@ -80,10 +80,10 @@ Navigate to <kbd>https://<em>engomo.company</em>/composer</kbd> and log in with
 
 ## Test the login
 
-- Open a browser of your choice and open the URL <kbd>https://<em>engomo.company</em></kbd>.
+- Open a browser of your choice and open the URL `https://engomo.company`.
 - Enter the created user's email address and click the small arrow icon to log in.
-- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to <kbd>https://<em>engomo.company</em>/composer</kbd> URL.
-- If you are redirected back to the <kbd>https://<em>engomo.company</em>/composer</kbd> URL you did everything correct.
+- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to `https://engomo.company/composer` URL.
+- If you are redirected back to the `https://engomo.company/composer` URL you did everything correct.
 
 :::note
 The created user will only have access to the app or composer page if they have been granted the necessary permissions.
diff --git a/website/integrations/services/fortigate-admin/index.md b/website/integrations/services/fortigate-admin/index.md
index 3733ac32a7..28491fabda 100644
--- a/website/integrations/services/fortigate-admin/index.md
+++ b/website/integrations/services/fortigate-admin/index.md
@@ -31,9 +31,9 @@ To support the integration of FortiGate with authentik, you need to create an ap
 2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create a **SAML Provider Property Mapping** with the following settings:
 
 - **Name**: Choose a descriptive name
-- **SAML Attribute Name**: <kbd>username</kbd>
+- **SAML Attribute Name**: `username`
 - **Friendly Name**: Leave blank
-- **Expression**: <kbd>return request.user.email</kbd>
+- **Expression**: `return request.user.email`
 
 ### Create an application and provider in authentik
 
@@ -43,9 +43,9 @@ To support the integration of FortiGate with authentik, you need to create an ap
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>fgt.company</em>/saml/?acs</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>authentik.company</em></kbd>.
-    - Set the **Audience** to <kbd>https://<em>fgt.company</em>/metadata</kbd>.
+    - Set the **ACS URL** to `https://fgt.company/saml/?acs`.
+    - Set the **Issuer** to `https://authentik.company`.
+    - Set the **Audience** to `https://fgt.company/metadata`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, add the **Property Mapping** you created in the previous section, then select an available **Signing Certificate**.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
@@ -54,13 +54,13 @@ To support the integration of FortiGate with authentik, you need to create an ap
 
 ## FortiGate Configuration
 
-To integrate Fortigate with authentik, nagiate to <kbd>https://<em>fortigate.company</em>/ng/system/certificate</kbd> and import the certificate you configured in the previous section.
+To integrate Fortigate with authentik, nagiate to `https://fortigate.company/ng/system/certificate` and import the certificate you configured in the previous section.
 
-Once that is done, navigate to <kbd>https://<em>fortigate.company</em>/fabric-connector/edit/security-fabric-connection</kbd> and select **Single Sign-On** to configure SAML authentication. You should see, under **Mode**, a toggle named **Service Provider (SP)**, toggle it to enable this authentication method.
+Once that is done, navigate to `https://fortigate.company/fabric-connector/edit/security-fabric-connection` and select **Single Sign-On** to configure SAML authentication. You should see, under **Mode**, a toggle named **Service Provider (SP)**, toggle it to enable this authentication method.
 
 Then, set the following values in the Fortigate administrative UI:
 
-- **SP Address**: <kbd><em>fortigate.company</em></kbd>
+- **SP Address**: `fortigate.company`
 - **Default login page**: `Normal` or `Single Sign-On`, depending on your needs. `Normal` allows local and SAML authentication while the latter only allows SAML authentication.
 - **Default admin profile**: Set this to an available profile.
 
@@ -68,9 +68,9 @@ Under **IdP Details**, set the following values:
 
 - **SP entity ID**: `https`
 - **IdP Type**: `Custom`
-- **IdP entity ID**: <kbd>https://<em>authentik.company</em></kbd>
-- **IdP Login URL**: <kbd>https://<em>authentik.company</em>/application/saml/<em>slug-from-authentik</em>/sso/binding/redirect/</kbd>
-- **IdP Logout URL**: <kbd>https://<em>authentik.company</em>/application/saml/<em>slug-from-authentik</em>/slo/binding/redirect/</kbd>
+- **IdP entity ID**: `https://authentik.company`
+- **IdP Login URL**: `https://authentik.company/application/saml/slug-from-authentik/sso/binding/redirect/`
+- **IdP Logout URL**: `https://authentik.company/application/saml/slug-from-authentik/slo/binding/redirect/`
 
 FortiGate creates a new user by default if one does not exist, so you will need to set the Default Admin Profile to the permissions you want any new users to have. (I have created a `no_permissions` profile to assign by default.)
 
diff --git a/website/integrations/services/fortigate-ssl/index.md b/website/integrations/services/fortigate-ssl/index.md
index 75e75e4c6d..818829103a 100644
--- a/website/integrations/services/fortigate-ssl/index.md
+++ b/website/integrations/services/fortigate-ssl/index.md
@@ -49,14 +49,14 @@ To support the integration of FortiGate SSLVPN with authentik, you need to creat
 - **Choose a Provider type**: select **SAML Provider from metadata** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), and configure the following required settings:
     - Upload the metadata file from FortiGate (you will get this in the FortiGate configuration steps)
-    - Set the **ACS URL** to <kbd>https://<em>fortigate.company</em>/remote/saml/login</kbd>
-    - Set the **Audience** to <kbd>http://<em>fortigate.company</em>/remote/saml/metadata/</kbd>
+    - Set the **ACS URL** to `https://fortigate.company/remote/saml/login`
+    - Set the **Audience** to `http://fortigate.company/remote/saml/metadata/`
     - Select your signing certificate
     - Under **Advanced Protocol Settings**:
-        - Set **Assertion valid not before** to <kbd>minutes=5</kbd>
-        - Set **Assertion valid not on or after** to <kbd>minutes=5</kbd>
-        - Set **Digest algorithm** to <kbd>sha256</kbd>
-        - Set **Signature algorithm** to <kbd>sha256</kbd>
+        - Set **Assertion valid not before** to `minutes=5`
+        - Set **Assertion valid not on or after** to `minutes=5`
+        - Set **Digest algorithm** to `sha256`
+        - Set **Signature algorithm** to `sha256`
 - **Configure Bindings**: create a binding to the user group you created earlier to manage access to the SSLVPN.
 
 3. Click **Submit** to save the new application and provider.
@@ -110,7 +110,7 @@ Remember to map the user group to a portal in the 'SSL-VPN Settings' page and ad
 
 ### Download SAML metadata
 
-1. Navigate to your FortiGate web interface at <kbd>https://<em>fortigate.company</em></kbd>
+1. Navigate to your FortiGate web interface at `https://fortigate.company`
 2. Go to **User & Authentication** > **SAML** > **Single Sign-On Server**
 3. Click on the "authentik-sso" server you created
 4. Click **Download** to get the SAML metadata file
@@ -120,7 +120,7 @@ Remember to map the user group to a portal in the 'SSL-VPN Settings' page and ad
 
 To verify the integration:
 
-1. Navigate to your FortiGate SSLVPN portal at <kbd>https://<em>fortigate.company</em></kbd>
+1. Navigate to your FortiGate SSLVPN portal at `https://fortigate.company`
 2. You should be redirected to authentik to authenticate
 3. After successful authentication, you should be redirected back to the FortiGate SSLVPN portal
 4. Verify that you can establish a VPN connection
diff --git a/website/integrations/services/fortimanager/index.md b/website/integrations/services/fortimanager/index.md
index 5985df33d8..b8e1d50ad0 100644
--- a/website/integrations/services/fortimanager/index.md
+++ b/website/integrations/services/fortimanager/index.md
@@ -33,8 +33,8 @@ To support the integration of FortiManager with authentik, you need to create an
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>fortimanager.company</em>/saml/?acs</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>authentik.company</em>/application/saml/<em>application-slug</em>/sso/binding/redirect/</kbd>.
+    - Set the **ACS URL** to `https://fortimanager.company/saml/?acs`.
+    - Set the **Issuer** to `https://authentik.company/application/saml/application-slug/sso/binding/redirect/`.
     - Set the **Service Provider Binding** to `Post`.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -42,15 +42,15 @@ To support the integration of FortiManager with authentik, you need to create an
 
 ## FortiManager Configuration
 
-1. Navigate to <kbd>https://<em>fortimanager.company</em>/p/app/#!/sys/sso_settings</kbd> and select **SAML SSO Settings** to configure SAML.
+1. Navigate to `https://fortimanager.company/p/app/#!/sys/sso_settings` and select **SAML SSO Settings** to configure SAML.
 2. Under **Single Sign-On Mode**, choose **Service Provider (SP)** to enable SAML authentication.
-3. Set the **SP Address** field to the FortiManager FQDN, <kbd>fortimanager.company</kbd>. This provides the URLs needed for configuration in authentik.
+3. Set the **SP Address** field to the FortiManager FQDN, `fortimanager.company`. This provides the URLs needed for configuration in authentik.
 4. Choose the **Default Login Page** as either **Normal** or **Single Sign-On**. Selecting **Normal** allows both local and SAML authentication, while **Single Sign-On** restricts login to SAML only.
 5. By default, FortiManager creates a new user if one does not exist. Set the **Default Admin Profile** to assign the desired permissions to new users. A `no_permissions` profile is created by default for this purpose.
 6. Set the **IdP Type** field to **Custom**.
-7. For the **IdP Entity ID** field, enter: <kbd>https://<em>authentik.company</em>/application/saml/<em>application-slug</em>/sso/binding/redirect/</kbd>
-8. Set the **IdP Login URL** to: <kbd>https://<em>authentik.company</em>/application/saml/<em>application-slug</em>/sso/binding/redirect/</kbd>
-9. Set the **IdP Logout URL** to: <kbd>https://<em>authentik.company</em>/</kbd>
+7. For the **IdP Entity ID** field, enter: `https://authentik.company/application/saml/application-slug/sso/binding/redirect/`
+8. Set the **IdP Login URL** to: `https://authentik.company/application/saml/application-slug/sso/binding/redirect/`
+9. Set the **IdP Logout URL** to: `https://authentik.company/`
 10. In the **IdP Certificate** field, import your authentik certificate (either self-signed or valid).
 
 ## Configuration verification
diff --git a/website/integrations/services/frappe/index.md b/website/integrations/services/frappe/index.md
index 3cd046da1d..428cdcbf27 100644
--- a/website/integrations/services/frappe/index.md
+++ b/website/integrations/services/frappe/index.md
@@ -39,7 +39,7 @@ To support the integration of Frappe with authentik, you need to create an appli
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>frappe.company</em>/api/method/frappe.integrations.oauth2_logins.custom/provider</kbd>.
+    - Set a `Strict` redirect URI to `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider`.
     - Select any available signing key.
     - Under **Advanced Protocol Settings**, set **Subject mode** to be `Based on the Users's username`.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
@@ -72,11 +72,11 @@ To support the integration of Frappe with authentik, you need to create an appli
 
     - **Identity Details**
 
-        - **Base URL**: <kbd>https://<em>authentik.company</em>/</kbd>
+        - **Base URL**: `https://authentik.company/`
         - **Client URLs**:
             - **Authorize URL**: `/application/o/authorize/`
             - **Access Token URL**: `/application/o/token/`
-            - **Redirect URL**: <kbd>https://<em>frappe.company</em>/api/method/frappe.integrations.oauth2_logins.custom/provider</kbd>
+            - **Redirect URL**: `https://frappe.company/api/method/frappe.integrations.oauth2_logins.custom/provider`
             - **API Endpoint**: `/application/o/userinfo/`
               ![](./frappe3.png)
 
diff --git a/website/integrations/services/freshrss/index.mdx b/website/integrations/services/freshrss/index.mdx
index 8f99af3590..ae034adfe4 100644
--- a/website/integrations/services/freshrss/index.mdx
+++ b/website/integrations/services/freshrss/index.mdx
@@ -34,7 +34,7 @@ To support the integration of FreshRss with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Add two `Strict` redirect URI and set them to <kbd>https://<em>freshrss.company</em>/i/oidc/</kbd> and <kbd>https://<em>freshrss.company:443</em>/i/oidc/</kbd>. If FreshRSS is exposed on a port other than `443`, update the second redirect URI accordingly.
+    - Add two `Strict` redirect URI and set them to `https://freshrss.company/i/oidc/` and `https://freshrss.company:443/i/oidc/`. If FreshRSS is exposed on a port other than `443`, update the second redirect URI accordingly.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/gatus/index.mdx b/website/integrations/services/gatus/index.mdx
index 3873f32b70..96751a732e 100644
--- a/website/integrations/services/gatus/index.mdx
+++ b/website/integrations/services/gatus/index.mdx
@@ -34,7 +34,7 @@ To support the integration of Gatus with authentik, you need to create an applic
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>gatus.company</em>/authorization-code/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://gatus.company/authorization-code/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/github-enterprise-cloud/index.md b/website/integrations/services/github-enterprise-cloud/index.md
index 5216343b1d..6caab23ce7 100644
--- a/website/integrations/services/github-enterprise-cloud/index.md
+++ b/website/integrations/services/github-enterprise-cloud/index.md
@@ -37,9 +37,9 @@ To support the integration of GitHub Enterprise Cloud with authentik, you need t
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://github.com/enterprises/foo/saml/consume</kbd>.
-    - Set the **Audience** to <kbd>https://github.com/enterprises/foo</kbd>.
-    - Set the **Issuer** to <kbd>https://github.com/enterprises/foo</kbd>.
+    - Set the **ACS URL** to `https://github.com/enterprises/foo/saml/consume`.
+    - Set the **Audience** to `https://github.com/enterprises/foo`.
+    - Set the **Issuer** to `https://github.com/enterprises/foo`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate. It is advised to download this certificate as it will be required later. It can be found under **System** > **Certificates** in the Admin Interface.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/github-enterprise-emu/index.md b/website/integrations/services/github-enterprise-emu/index.md
index 1ab3114051..b75d10b1c0 100644
--- a/website/integrations/services/github-enterprise-emu/index.md
+++ b/website/integrations/services/github-enterprise-emu/index.md
@@ -49,9 +49,9 @@ GitHub will create usenames for your EMU users based on the SAML `NameID` proper
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://github.com/enterprises/foo/saml/consume</kbd>.
-    - Set the **Audience** to <kbd>https://github.com/enterprises/foo</kbd>.
-    - Set the **Issuer** to <kbd>https://github.com/enterprises/foo</kbd>.
+    - Set the **ACS URL** to `https://github.com/enterprises/foo/saml/consume`.
+    - Set the **Audience** to `https://github.com/enterprises/foo`.
+    - Set the **Issuer** to `https://github.com/enterprises/foo`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate. It is advised to download this certificate as it will be required later. It can be found under **System** > **Certificates** in the Admin Interface.
     - Under **NameID Property Mapping**, set **NameID Property Mapping** to be based on the `Email` field.
diff --git a/website/integrations/services/github-enterprise-server/index.md b/website/integrations/services/github-enterprise-server/index.md
index df6997e038..0630b82748 100644
--- a/website/integrations/services/github-enterprise-server/index.md
+++ b/website/integrations/services/github-enterprise-server/index.md
@@ -39,8 +39,8 @@ In order to use GitHub Enterprise Server, SCIM must also be set up.
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>github.company</em>/saml/consume</kbd>.
-    - Set the **Audience** and **Issuer** to <kbd>https://<em>github.company</em></kbd>.
+    - Set the **ACS URL** to `https://github.company/saml/consume`.
+    - Set the **Audience** and **Issuer** to `https://github.company`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate. It is advised to download this certificate as it will be required later. It can be found under **System** > **Certificates** in the Admin Interface.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/github-organization/index.md b/website/integrations/services/github-organization/index.md
index 05127f0ec5..7f08f1967f 100644
--- a/website/integrations/services/github-organization/index.md
+++ b/website/integrations/services/github-organization/index.md
@@ -33,9 +33,9 @@ To support the integration of AWX Tower with authentik, you need to create an ap
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://github.com/orgs/<em>foo</em>/saml/consume</kbd>.
-    - Set the **Audience** to <kbd>https://github.com/orgs/<em>foo</em></kbd>.
-    - Set the **Issuer** to <kbd>https://github.com/orgs/<em>foo</em></kbd>.
+    - Set the **ACS URL** to `https://github.com/orgs/foo/saml/consume`.
+    - Set the **Audience** to `https://github.com/orgs/foo`.
+    - Set the **Issuer** to `https://github.com/orgs/foo`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate. It is advised to download this certificate as it will be required later. It can be found under **System** > **Certificates** in the Admin Interface.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/gitlab/index.mdx b/website/integrations/services/gitlab/index.mdx
index 61bff8689f..b933c96777 100644
--- a/website/integrations/services/gitlab/index.mdx
+++ b/website/integrations/services/gitlab/index.mdx
@@ -52,8 +52,8 @@ To support the integration of GitLab with authentik, you need to create an appli
     - **Application**: Provide a descriptive name, an optional group, and UI settings. Take note of the **slug** as it will be required later.
     - **Choose a Provider type**: Select **SAML Provider**.
     - **Configure the Provider**:
-        - Set the **ACS URL** to <kbd>https://<em>gitlab.company</em>/users/auth/saml/callback</kbd>.
-        - Set the **Audience** and **Issuer** to <kbd>https://<em>gitlab.company</em></kbd>.
+        - Set the **ACS URL** to `https://gitlab.company/users/auth/saml/callback`.
+        - Set the **Audience** and **Issuer** to `https://gitlab.company`.
         - Set the **Service Provider Binding** to `Post`.
         - Under **Advanced protocol settings**, select an available signing certificate.
 3. Click **Submit** to save the new application and provider.
@@ -111,7 +111,7 @@ To support the integration of GitLab with authentik, you need to create an appli
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>gitlab.company</em>/users/auth/openid_connect/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://gitlab.company/users/auth/openid_connect/callback`.
     - Select any available signing key.
     - Under **Advanced protocol settings**, set the **Subject mode** to `Based on the User's Email`.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/glitchtip/index.md b/website/integrations/services/glitchtip/index.md
index 4316346eb2..063184372c 100644
--- a/website/integrations/services/glitchtip/index.md
+++ b/website/integrations/services/glitchtip/index.md
@@ -34,7 +34,7 @@ To support the integration of Glitchtip with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>glitchtip.company</em>/accounts/oidc/authentik/login/callback/</kbd>.
+    - Set a `Strict` redirect URI to `https://glitchtip.company/accounts/oidc/authentik/login/callback/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/globalprotect/index.md b/website/integrations/services/globalprotect/index.md
index 72659bf354..732b3d934f 100644
--- a/website/integrations/services/globalprotect/index.md
+++ b/website/integrations/services/globalprotect/index.md
@@ -38,8 +38,8 @@ To support the integration of GlobalProtect with authentik, you need to create a
     - **Application**: Provide a descriptive name, an optional group, and UI settings. Take note of the **slug** as it will be required later.
     - **Choose a Provider type**: Select **SAML Provider**.
     - **Configure the Provider**:
-        - Set the **ACS URL** to <kbd>https://<em>gp.company:443</em>/SAML20/SP/ACS</kbd>. (Note the absence of the trailing slash and the inclusion of the web interface port)
-        - Set the **Issuer** to <kbd>https://<em>authentik.company</em>/application/saml/<em>application-slug</em>/sso/binding/redirect/</kbd>.
+        - Set the **ACS URL** to `https://gp.company:443/SAML20/SP/ACS`. (Note the absence of the trailing slash and the inclusion of the web interface port)
+        - Set the **Issuer** to `https://authentik.company/application/saml/application-slug/sso/binding/redirect/`.
         - Set the **Service Provider Binding** to `Post`.
         - Under **Advanced protocol settings**, select an available signing certificate.
 3. Click **Submit** to save the new application and provider.
diff --git a/website/integrations/services/grafana/index.mdx b/website/integrations/services/grafana/index.mdx
index 5478055592..e4867ee47b 100644
--- a/website/integrations/services/grafana/index.mdx
+++ b/website/integrations/services/grafana/index.mdx
@@ -34,7 +34,7 @@ To support the integration of Grafana with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>grafana.company</em>/login/generic_oauth</kbd>.
+    - Set a `Strict` redirect URI to `https://grafana.company/login/generic_oauth`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/gravitee/index.md b/website/integrations/services/gravitee/index.md
index 124c7e7ced..fb1ac0ed2a 100644
--- a/website/integrations/services/gravitee/index.md
+++ b/website/integrations/services/gravitee/index.md
@@ -36,7 +36,7 @@ To support the integration of Gravitee with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Add two `Strict` redirect URI and set them to <kbd>https://<em>gravitee.company</em>/user/login</kbd> and <kbd>https://<em>gravitee.company</em>/console/</kbd>. Ensure a trailing slash is present at the end of the second redirect URI.
+    - Add two `Strict` redirect URI and set them to `https://gravitee.company/user/login` and `https://gravitee.company/console/`. Ensure a trailing slash is present at the end of the second redirect URI.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -53,8 +53,8 @@ Only settings that have been modified from default have been listed.
 - **Allow portal authentication to use this identity provider**: enable this
 - **Client ID**: Enter the Client ID from authentik that you noted in step 1
 - **Client Secret**: Enter the Client Secret from authentik that you noted in step 1
-- **Token Endpoint**: <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-- **Authorize Endpoint**: <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-- **Userinfo Endpoint**: <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
-- **Userinfo Logout Endpoint**: <kbd>https://<em>authentik.company</em>/application/o/<em>application-slug</em>/end-session/</kbd>
+- **Token Endpoint**: `https://authentik.company/application/o/token/`
+- **Authorize Endpoint**: `https://authentik.company/application/o/authorize/`
+- **Userinfo Endpoint**: `https://authentik.company/application/o/userinfo/`
+- **Userinfo Logout Endpoint**: `https://authentik.company/application/o/application-slug/end-session/`
 - **Scopes**: `email openid profile`
diff --git a/website/integrations/services/gravity/index.md b/website/integrations/services/gravity/index.md
index ae6a00a09b..4c32fef73c 100644
--- a/website/integrations/services/gravity/index.md
+++ b/website/integrations/services/gravity/index.md
@@ -22,7 +22,7 @@ This documentation lists only the settings that you need to change from their de
 :::
 
 :::note
-Gravity automatically triggers SSO authentication when configured. To prevent this behavior, log in using the following URL: <kbd>https://<em>gravity.company</em>/ui/?local</kbd>.
+Gravity automatically triggers SSO authentication when configured. To prevent this behavior, log in using the following URL: `https://gravity.company/ui/?local`.
 :::
 
 ## authentik configuration
@@ -38,7 +38,7 @@ To support the integration of Gravity with authentik, you need to create an appl
 - **Choose a Provider type**: Select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: Provide a name (or accept the auto-provided name), choose the authorization flow for this provider, and configure the following required settings:
     - Note the **Client ID**, **Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>gravity.company</em>/auth/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://gravity.company/auth/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: Create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -49,10 +49,10 @@ To support the integration of Gravity with authentik, you need to create an appl
 1. From the **Gravity administrative interface**, navigate to **Cluster** > **Roles** and click **API**.
 2. Under the **OIDC** sub-section, configure the following values:
 
-- **Issuer**: <kbd>https://<em>authentik.company</em>/application/o/<em>application-slug</em>/</kbd>
+- **Issuer**: `https://authentik.company/application/o/application-slug/`
 - **Client ID**: Your Client ID from authentik
 - **Client Secret**: Your Client Secret from authentik
-- **Redirect URL**: <kbd>https://<em>gravity.company</em>/auth/oidc/callback</kbd>
+- **Redirect URL**: `https://gravity.company/auth/oidc/callback`
 
 3. Click **Update** to save and apply your configuration.
 
diff --git a/website/integrations/services/harbor/index.md b/website/integrations/services/harbor/index.md
index d90f47f807..82e923539c 100644
--- a/website/integrations/services/harbor/index.md
+++ b/website/integrations/services/harbor/index.md
@@ -36,7 +36,7 @@ To support the integration of Harbor with authentik, you need to create an appli
 
     - **Protocol Settings**:
         - **Redirect URI**:
-            - Strict: <kbd>https://<em>harbor.company</em>/c/oidc/callback/</kbd>.
+            - Strict: `https://harbor.company/c/oidc/callback/`.
         - **Signing Key**: select any available signing key.
     - **Advanced Protocol Settings**:
         - **Scopes**: add `authentik default OAuth Mapping: OpenID 'offline_access'` to **Selected Scopes**.
@@ -54,9 +54,9 @@ To support the integration of authentik with Harbor, you need to configure OIDC
 3. In the **Auth Mode** dropdown, select **OIDC** and provide the following required configurations.
 
     - **OIDC Provider Name**: `authentik`
-    - **OIDC Endpoint**: <kbd>https://<em>authentik.company</em>/application/o/<em>harbor</em></kbd>
-    - **OIDC Client ID**: <em>client ID from authentik</em>
-    - **OIDC Client Secret**: <em>client secret from authentik</em>
+    - **OIDC Endpoint**: `https://authentik.company/application/o/harbor`
+    - **OIDC Client ID**: client ID from authentik
+    - **OIDC Client Secret**: client secret from authentik
     - **OIDC Scope**: `openid,profile,email,offline_access`
     - **Username Claim**: `preferred_username`
 
diff --git a/website/integrations/services/hashicorp-cloud/index.md b/website/integrations/services/hashicorp-cloud/index.md
index bf2dc0fa85..496f2a0650 100644
--- a/website/integrations/services/hashicorp-cloud/index.md
+++ b/website/integrations/services/hashicorp-cloud/index.md
@@ -37,8 +37,8 @@ To support the integration of HashiCorp Cloud with authentik, you need to create
     - **Application**: Provide a descriptive name, an optional group, and UI settings. Take note of the **slug** as it will be required later.
     - **Choose a Provider type**: Select **SAML Provider**.
     - **Configure the Provider**:
-        - Set the **ACS URL** to the value of <kbd>SSO Sign-On URL</kbd> in the **HashiCorp Cloud preparation** section.
-        - Set the **Issuer** and **Audience** to the value of <kbd>Entity ID</kbd> in the **HashiCorp Cloud preparation** section.
+        - Set the **ACS URL** to the value of `SSO Sign-On URL` in the **HashiCorp Cloud preparation** section.
+        - Set the **Issuer** and **Audience** to the value of `Entity ID` in the **HashiCorp Cloud preparation** section.
         - Set the **Service Provider Binding** to `Post`.
         - Under **Advanced protocol settings**, select an available signing certificate.
 3. Click **Submit** to save the new application and provider.
diff --git a/website/integrations/services/hashicorp-vault/index.md b/website/integrations/services/hashicorp-vault/index.md
index e40c85545c..b3329ba9fd 100644
--- a/website/integrations/services/hashicorp-vault/index.md
+++ b/website/integrations/services/hashicorp-vault/index.md
@@ -38,7 +38,7 @@ To support the integration of Hashicorp Vault with authentik, you need to create
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Add three `Strict` redirect URIs and set them to <kbd>https://<em>vault.company</em>/ui/vault/auth/oidc/oidc/callback</kbd>, <kbd>https://<em>vault.company</em>/oidc/callback</kbd>, and <kbd>http://localhost:8250/oidc/callback</kbd>.
+    - Add three `Strict` redirect URIs and set them to `https://vault.company/ui/vault/auth/oidc/oidc/callback`, `https://vault.company/oidc/callback`, and `http://localhost:8250/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/hedgedoc/index.md b/website/integrations/services/hedgedoc/index.md
index 639c3a85a7..65cbab83ad 100644
--- a/website/integrations/services/hedgedoc/index.md
+++ b/website/integrations/services/hedgedoc/index.md
@@ -34,7 +34,7 @@ To support the integration of HedgeDoc with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>hedgedoc.company</em>/auth/oauth2/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://hedgedoc.company/auth/oauth2/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/homarr/index.md b/website/integrations/services/homarr/index.md
index 20dfdf67d0..78c016bd7b 100644
--- a/website/integrations/services/homarr/index.md
+++ b/website/integrations/services/homarr/index.md
@@ -34,7 +34,7 @@ To support the integration of Homarr with authentik, you need to create an appli
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Create two `strict` redirect URIs and set to <kbd>https://homarr.company/api/auth/callback/oidc</kbd> and <kbd> http://localhost:50575/api/auth/callback/oidc</kbd>.
+    - Create two `strict` redirect URIs and set to `https://homarr.company/api/auth/callback/oidc` and ` http://localhost:50575/api/auth/callback/oidc`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/jenkins/index.md b/website/integrations/services/jenkins/index.md
index 7164004c76..d68faf44cc 100644
--- a/website/integrations/services/jenkins/index.md
+++ b/website/integrations/services/jenkins/index.md
@@ -34,7 +34,7 @@ To support the integration of Jenkins with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>jenkins.company</em>/securityRealm/finishLogin</kbd>.
+    - Set a `Strict` redirect URI to `https://jenkins.company/securityRealm/finishLogin`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/karakeep/index.md b/website/integrations/services/karakeep/index.md
index dfec6b3122..8b3493433b 100644
--- a/website/integrations/services/karakeep/index.md
+++ b/website/integrations/services/karakeep/index.md
@@ -34,7 +34,7 @@ To support the integration of Karakeep with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>karakeep.company</em>/api/auth/callback/custom</kbd>.
+    - Set a `Strict` redirect URI to `https://karakeep.company/api/auth/callback/custom`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/kimai/index.md b/website/integrations/services/kimai/index.md
index 8ec58037b2..12de340e7d 100644
--- a/website/integrations/services/kimai/index.md
+++ b/website/integrations/services/kimai/index.md
@@ -34,9 +34,9 @@ To support the integration of Kimai with authentik, you need to create an applic
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>kimai.company</em>/auth/saml/acs</kbd>.
-    - Set the **Audience** to <kbd>https://<em>kimai.company</em>auth/saml</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>authentik.company</em></kbd>.
+    - Set the **ACS URL** to `https://kimai.company/auth/saml/acs`.
+    - Set the **Audience** to `https://kimai.companyauth/saml`.
+    - Set the **Issuer** to `https://authentik.company`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/knocknoc/index.md b/website/integrations/services/knocknoc/index.md
index 23fcf1f9d7..a1d38898c1 100644
--- a/website/integrations/services/knocknoc/index.md
+++ b/website/integrations/services/knocknoc/index.md
@@ -79,10 +79,10 @@ This example will set session duration at 540 minutes. Change the value to match
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
   **Protocol Settings**:
-    - **ACS URL**: <kbd>https://<em>knocknoc.company</em>/api/saml/acs</kbd>
-    - **Issuer**: <kbd>https://<em>authentik.company</em></kbd>
+    - **ACS URL**: `https://knocknoc.company/api/saml/acs`
+    - **Issuer**: `https://authentik.company`
     - **Service Provider Binding**: `Post`
-    - **Audience**: <kbd>https://<em>kocknoc.company</em>/api/saml/metadata</kbd>
+    - **Audience**: `https://kocknoc.company/api/saml/metadata`
     - Under **Advanced protocol settings**, add the three **Property Mappings** you created in the previous section, then set the **NameID Property Mapping** to `Authentik default SAML Mapping: Username`.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -99,7 +99,7 @@ This example will set session duration at 540 minutes. Change the value to match
 2. Set the following configuration:
 
     - **Metadata URL**: **SAML Metadata URL** copied from the authentik provider.
-    - **Public URL**: <kbd>https://<em>knocknoc.company</em></kbd>
+    - **Public URL**: `https://knocknoc.company`
     - **Key file**: select a key file.
     - **Cert file**: select a certificate file.
 
diff --git a/website/integrations/services/komga/index.md b/website/integrations/services/komga/index.md
index a5cb4b9e70..ed1c30079d 100644
--- a/website/integrations/services/komga/index.md
+++ b/website/integrations/services/komga/index.md
@@ -34,7 +34,7 @@ To support the integration of Komga with authentik, you need to create an applic
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>komga.company</em>/login/oauth2/code/authentik</kbd>.
+    - Set a `Strict` redirect URI to `https://komga.company/login/oauth2/code/authentik`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/linkwarden/index.md b/website/integrations/services/linkwarden/index.md
index 10ecc8a628..a10262c805 100644
--- a/website/integrations/services/linkwarden/index.md
+++ b/website/integrations/services/linkwarden/index.md
@@ -34,7 +34,7 @@ To support the integration of Linkwarden with authentik, you need to create an a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>linkwarden.company</em>/api/v1/auth/callback/authentik</kbd>.
+    - Set a `Strict` redirect URI to `https://linkwarden.company/api/v1/auth/callback/authentik`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/mailcow/index.md b/website/integrations/services/mailcow/index.md
index 1831feebc6..a90914fa19 100644
--- a/website/integrations/services/mailcow/index.md
+++ b/website/integrations/services/mailcow/index.md
@@ -38,7 +38,7 @@ To support the integration of mailcow with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID** and **Client Secret** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>mailcow.company</em></kbd>.
+    - Set a `Strict` redirect URI to `https://mailcow.company`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -49,14 +49,14 @@ To support the integration of mailcow with authentik, you need to create an appl
 To configure mailcow with authentik, log in as an administrator and navigate to **System** > **Configuration**.
 Then, go to **Access** > **Identity Provider** and enter the following information in the form:
 
-- **Identity Provider**: <kbd>Generic-OIDC</kbd>
-- **Authorization endpoint**: <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-- **Token endpoint**: <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-- **User info endpoint**: <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+- **Identity Provider**: `Generic-OIDC`
+- **Authorization endpoint**: `https://authentik.company/application/o/authorize/`
+- **Token endpoint**: `https://authentik.company/application/o/token/`
+- **User info endpoint**: `https://authentik.company/application/o/userinfo/`
 - **Client ID**: The `Client ID` from the authentik provider
 - **Client Secret**: The `Client secret` from the authentik provider
-- **Redirect Url**: <kbd>https://<em>mailcow.company</em></kbd>
-- **Client Scopes**: <kbd>openid profile email</kbd>
+- **Redirect Url**: `https://mailcow.company`
+- **Client Scopes**: `openid profile email`
 
 ## Configuration verification
 
diff --git a/website/integrations/services/mastodon/index.md b/website/integrations/services/mastodon/index.md
index c7d1acf433..150a6feb88 100644
--- a/website/integrations/services/mastodon/index.md
+++ b/website/integrations/services/mastodon/index.md
@@ -34,7 +34,7 @@ To support the integration of Mastodon with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>mastodon.company</em>/auth/auth/openid_connect/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://mastodon.company/auth/auth/openid_connect/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/matrix-synapse/index.md b/website/integrations/services/matrix-synapse/index.md
index a0d4c50e7b..269aa28e4c 100644
--- a/website/integrations/services/matrix-synapse/index.md
+++ b/website/integrations/services/matrix-synapse/index.md
@@ -34,7 +34,7 @@ To support the integration of Matrix Synapse with authentik, you need to create
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>matrix.company</em>/\_synapse/client/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://matrix.company/\_synapse/client/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/mautic/index.md b/website/integrations/services/mautic/index.md
index daebcc075e..def12835af 100644
--- a/website/integrations/services/mautic/index.md
+++ b/website/integrations/services/mautic/index.md
@@ -69,15 +69,15 @@ Because Mautic requires a first name and last name attribute, create two [SAML p
     - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
     - **Choose a Provider**: select **SAML Provider** as the provider type.
     - **Configure the Provider**:
-        - Set the **Name** to <kbd><em>mautic-provider</em></kbd>
-        - Set the **ACS URL** to <kbd>https://<em>mautic.company</em>/s/saml/login_check</kbd>
-        - Set the **Issuer** to <kbd><em>mautic.company</em></kbd>
+        - Set the **Name** to `mautic-provider`
+        - Set the **ACS URL** to `https://mautic.company/s/saml/login_check`
+        - Set the **Issuer** to `mautic.company`
         - Set the **Service Provider Binding** to `Post`
         - Under **Advanced protocol settings** set the **Signing Certificate** to `authentik Self-signed Certificate` and check **Sign assertions** and **Sign responses**
         - Under **Advanced protocol settings** add the newly created property mappings `SAML-FirstName-from-Name` and `SAML-LastName-from-Name` under **Property Mappings**. **Property Mappings**.
 3. Click **Submit** to save the new application and provider.
-4. Go to **Applications** > **Providers** and click on <kbd><em>mautic-provider</em></kbd>.
-    - Under **Metadata** click on **Download** to save the file as <kbd><em>mautic-provider</em>\_authentik_meta.xml</kbd>.
+4. Go to **Applications** > **Providers** and click on `mautic-provider`.
+    - Under **Metadata** click on **Download** to save the file as `mautic-provider\_authentik_meta.xml`.
 
 ## Mautic configuration
 
@@ -92,8 +92,8 @@ When running behind an SSL-terminating reverse proxy (e.g. traefik): In **Config
 
 In **Configuration > User/Authentication Settings**, set the following values:
 
-- **Entity ID for the IDP**: <kbd>https://<em>mautic.company</em></kbd>
-- **Identity provider metadata file**: The <kbd><em>mautic-provider</em>\_authentik_meta.xml</kbd> file
+- **Entity ID for the IDP**: `https://mautic.company`
+- **Identity provider metadata file**: The `mautic-provider\_authentik_meta.xml` file
 - **Default role for created users**: Choose one to enable creating users.
 - **Email**: `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` (as per provider > preview in authentik)
 - **Username**: `http://schemas.goauthentik.io/2021/02/saml/username` (as per provider > preview in authentik)
@@ -145,16 +145,16 @@ Therefore, follow these steps (where the placeholder `Mautic Self-signed Certifi
 To avoid changing certificates in authentik, go to the authentik Admin interface and generate a new one:
 
 1. Go to **System > Certificates** and click on **Generate**. Use the following values:
-    - **Common Name**: <kbd><em>Mautic Self-signed Certificate</em></kbd>
+    - **Common Name**: `Mautic Self-signed Certificate`
     - **Private key Algorithm**: `RSA`
-2. Click the caret (**>**) next to the newly generated certificate, then select **Download certificate** to get the <kbd><em>Mautic Self-signed Certificate</em>\_certificate.pem</kbd> file and **Download Private key** to get the <kbd><em>Mautic Self-signed Certificate</em>\_private_key.pem</kbd> file.
-3. Make sure that the <kbd><em>Mautic Self-signed Certificate</em>\_private_key.pem</kbd> is in PKCS#1 format.
-   To verify, use `grep` to check for `RSA` in the header and footer of the file:
-    ```sh
-    grep "RSA PRIVATE KEY" "Mautic Self-signed Certificate_private_key.pem"
-    ```
-    If the command returns the correct match (e.g., `-----BEGIN RSA PRIVATE KEY-----` and `-----BEGIN RSA PRIVATE KEY-----`), the key is in PKCS#1 format, and you can skip steps 4 to 6.
-4. If the key is not in PKCS#1 format, add RSA after `BEGIN` and `END` in <kbd><em>Mautic Self-signed Certificate</em>\_private_key.pem</kbd> as shown below and save the file as `private_key_new.pem`:
+2. Click the caret (**>**) next to the newly generated certificate, then select **Download certificate** to get the `Mautic Self-signed Certificate\_certificate.pem` file and **Download Private key** to get the `Mautic Self-signed Certificate\_private_key.pem` file.
+3. Make sure that the `Mautic Self-signed Certificate\_private_key.pem` is in PKCS#1 format.
+   To verify, use `grep`to check for`RSA` in the header and footer of the file:
+   `sh
+grep "RSA PRIVATE KEY" "Mautic Self-signed Certificate_private_key.pem"
+`
+   If the command returns the correct match (e.g., `-----BEGIN RSA PRIVATE KEY-----` and `-----BEGIN RSA PRIVATE KEY-----`), the key is in PKCS#1 format, and you can skip steps 4 to 6.
+4. If the key is not in PKCS#1 format, add RSA after `BEGIN` and `END` in `Mautic Self-signed Certificate\_private_key.pem` as shown below and save the file as `private_key_new.pem`:
     ```diff
     - -----BEGIN PRIVATE KEY-----
     + -----BEGIN RSA PRIVATE KEY-----
@@ -175,7 +175,7 @@ To avoid changing certificates in authentik, go to the authentik Admin interface
 
     - **Organization Name**: `authentik`
     - **Organizational Unit Name**: `Self-signed`
-    - **Common Name**: <kbd><em>Mautic Self-signed Certificate</em></kbd>
+    - **Common Name**: `Mautic Self-signed Certificate`
 
 6. Next, generate the certificate with the (now) PKCS#1-compliant key and the previously generated signing request using the following command:
 
@@ -185,16 +185,16 @@ To avoid changing certificates in authentik, go to the authentik Admin interface
 
 7. In authentik, navigate to **System > Certificates** and click on **Edit** the update previously generated certificate.
    Click on the description below the text inputs to activate the inputs.
-    - **Certificate**: Enter the contents of `certificate_new.pem` or, if steps 4 to 6 were skipped, <kbd><em>Mautic Self-signed Certificate</em>\_certificate.pem</kbd>
-    - **Private Key**: Enter the contents of `private_key_new.pem` or, if steps 4 to 6 were skipped, <kbd><em>Mautic Self-signed Certificate</em>\_private_key.pem</kbd>
+    - **Certificate**: Enter the contents of `certificate_new.pem` or, if steps 4 to 6 were skipped, `Mautic Self-signed Certificate\_certificate.pem`
+    - **Private Key**: Enter the contents of `private_key_new.pem` or, if steps 4 to 6 were skipped, `Mautic Self-signed Certificate\_private_key.pem`
     - Click on **Update**
-8. Navigate to **Applications > Providers** and **Edit** <kbd><em>mautic-provider</em></kbd> (which was created in [Create an application and provider in authentik](#create-an-application-and-provider-in-authentik)).
-   In **Advanced protocol settings**, change **Signing Certificate** to <kbd><em>Mautic Self-signed Certificate</em></kbd>
-9. Save the provider, view it, and download the metadata file to <kbd><em>mautic-provider</em>\_authentik_meta.xml</kbd>
+8. Navigate to **Applications > Providers** and **Edit** `mautic-provider` (which was created in [Create an application and provider in authentik](#create-an-application-and-provider-in-authentik)).
+   In **Advanced protocol settings**, change **Signing Certificate** to `Mautic Self-signed Certificate`
+9. Save the provider, view it, and download the metadata file to `mautic-provider\_authentik_meta.xml`
 10. In Mautic, navigate to **Configuration > User/Authentication Settings** and set the following values:
 
 - **X.509 certificate**: The `certificate_new.crt` file
 - **Private key**: The `private_key_new.pem` file
-- **Identity provider metadata file**: The new <kbd><em>mautic-provider</em>\_authentik_meta.xml</kbd> file
+- **Identity provider metadata file**: The new `mautic-provider\_authentik_meta.xml` file
 
 11. Click on **Save**.
diff --git a/website/integrations/services/meshcentral/index.md b/website/integrations/services/meshcentral/index.md
index 2c66252975..bfa36d5f26 100644
--- a/website/integrations/services/meshcentral/index.md
+++ b/website/integrations/services/meshcentral/index.md
@@ -34,7 +34,7 @@ To support the integration of MeshCentral with authentik, you need to create an
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>meshcentral.company</em>/auth-oidc-callback</kbd>.
+    - Set a `Strict` redirect URI to `https://meshcentral.company/auth-oidc-callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/miniflux/index.md b/website/integrations/services/miniflux/index.md
index 9fd29b7ce7..dd2baf8b53 100644
--- a/website/integrations/services/miniflux/index.md
+++ b/website/integrations/services/miniflux/index.md
@@ -37,7 +37,7 @@ To support the integration of Miniflux with authentik, you need to create an app
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
 
     - **Redirect URI**:
-        - Strict: <kbd>https://<em>miniflux.company</em>/oauth2/oidc/callback</kbd>
+        - Strict: `https://miniflux.company/oauth2/oidc/callback`
 
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -52,7 +52,7 @@ OAUTH2_PROVIDER=oidc
 OAUTH2_CLIENT_ID=<Client ID from authentik>
 OAUTH2_CLIENT_SECRET=<Client Secret from authentik>
 OAUTH2_REDIRECT_URL=https://miniflux.company/oauth2/oidc/callback
-OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://authentik.company</em>/application/o/<application slug>/
+OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://authentik.company/application/o/<application slug>/
 OAUTH2_USER_CREATION=1
 ```
 
diff --git a/website/integrations/services/minio/index.md b/website/integrations/services/minio/index.md
index 35cb768ffc..d2777dd1a9 100644
--- a/website/integrations/services/minio/index.md
+++ b/website/integrations/services/minio/index.md
@@ -71,7 +71,7 @@ You can assign multiple policies to a user by returning a list, and returning `N
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>minio.company</em>/oauth_callback</kbd>.
+    - Set a `Strict` redirect URI to `https://minio.company/oauth_callback`.
     - Select any available signing key.
     - Under **Advanced protocol settings**, add the **Scope** you just created to the list of selected scopes.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/mobilizon/index.md b/website/integrations/services/mobilizon/index.md
index c86e403e22..d58a642b36 100644
--- a/website/integrations/services/mobilizon/index.md
+++ b/website/integrations/services/mobilizon/index.md
@@ -34,7 +34,7 @@ To support the integration of Mobilizon with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>mobilizon.company</em>/auth/keycloak/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://mobilizon.company/auth/keycloak/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/netbox/index.md b/website/integrations/services/netbox/index.md
index af8a051977..5d7410f888 100644
--- a/website/integrations/services/netbox/index.md
+++ b/website/integrations/services/netbox/index.md
@@ -34,7 +34,7 @@ To support the integration of NetBox with authentik, you need to create an appli
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>netbox.company</em>/oauth/complete/oidc/</kbd>.
+    - Set a `Strict` redirect URI to `https://netbox.company/oauth/complete/oidc/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/node-red/index.md b/website/integrations/services/node-red/index.md
index 5d3e944175..5c5c0f5899 100644
--- a/website/integrations/services/node-red/index.md
+++ b/website/integrations/services/node-red/index.md
@@ -40,7 +40,7 @@ To support the integration of Node-RED with authentik, you need to create an app
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>nodered.company</em>/auth/strategy/callback/</kbd>.
+    - Set a `Strict` redirect URI to `https://nodered.company/auth/strategy/callback/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/observium/index.md b/website/integrations/services/observium/index.md
index 1cc2efef51..beea6e2f6b 100644
--- a/website/integrations/services/observium/index.md
+++ b/website/integrations/services/observium/index.md
@@ -51,7 +51,7 @@ To support the integration of Observium with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>observium.company</em>/secure/redirect_uri</kbd>. Note that the Redirect URI can be anything, as long as it does not point to existing content.
+    - Set a `Strict` redirect URI to `https://observium.company/secure/redirect_uri`. Note that the Redirect URI can be anything, as long as it does not point to existing content.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/omni/index.md b/website/integrations/services/omni/index.md
index a3df14a3f9..2483770272 100644
--- a/website/integrations/services/omni/index.md
+++ b/website/integrations/services/omni/index.md
@@ -45,9 +45,9 @@ To support the integration of Omni with authentik, you need to create a property
 
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
 
-    - **ACS URL**: <kbd>https://<em>omni.company</em>/saml/acs</kbd>
+    - **ACS URL**: `https://omni.company/saml/acs`
     - **Service Provider Binding**: `Post`
-    - **Audience**: <kbd>https://<em>omni.company</em>/saml/metadata</kbd>
+    - **Audience**: `https://omni.company/saml/metadata`
     - **Signing Certificate**: select a signing certificate, either the `authentik Self-signed Certificate` or generate a certificate via **System** > **Certificate**
     - **Sign assertions**: `true`
     - **Sign responses**: `true`
@@ -64,7 +64,7 @@ Add the following environment variables to your Omni configuration. Make sure to
 
 ```shell
 auth-saml-enabled=true
-auth-saml-url=https://<em>authentik.company</em>/application/saml/<em><application_slug></em>/metadata/
+auth-saml-url=https://authentik.company/application/saml/<application_slug>/metadata/
 ```
 
 ## Configuration verification
diff --git a/website/integrations/services/open-webui/index.md b/website/integrations/services/open-webui/index.md
index 5efd555a43..37f0bd8bad 100644
--- a/website/integrations/services/open-webui/index.md
+++ b/website/integrations/services/open-webui/index.md
@@ -34,7 +34,7 @@ To support the integration of Open WebUI with authentik, you need to create an a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>openwebui.company</em>/oauth/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://openwebui.company/oauth/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -49,21 +49,21 @@ Enter the following details from the authentik provider:
 - Set **OAUTH_CLIENT_ID** to the Client ID copied from authentik.
 - Set **OAUTH_CLIENT_SECRET** to the Client Secret copied from authentik.
 - Set **OAUTH_PROVIDER_NAME** to `authentik`.
-- Set **OPENID_PROVIDER_URL** to <kbd>https://<em>authentik.company</em>/application/o/<em>your-slug-here</em>/.well-known/openid-configuration</kbd>.
-- Set **OPENID_REDIRECT_URI** to <kbd>https://<em>openwebui.company</em>/oauth/oidc/callback</kbd>.
+- Set **OPENID_PROVIDER_URL** to `https://authentik.company/application/o/your-slug-here/.well-known/openid-configuration`.
+- Set **OPENID_REDIRECT_URI** to `https://openwebui.company/oauth/oidc/callback`.
 - If you wish for new users to be created on Open Web UI, set **ENABLE_OAUTH_SIGNUP** to 'true'.
 
 ## Configuration verification
 
-- Open your web browser and go to <kbd>https://<em>openwebui.company</em></kbd>.
+- Open your web browser and go to `https://openwebui.company`.
 - Make sure you are logged off any previous session.
 - Click **Continue with authentik** to log in.
-- After logging in, authentik will redirect you back to <kbd>https://<em>openwebui.company</em></kbd>.
+- After logging in, authentik will redirect you back to `https://openwebui.company`.
 - If you successfully return to the Open WebUI, the login is working correctly.
 
 :::note
 Users are automatically created, but an administrator must update their role to at least **User** via the WebGUI.
-To do so, log in as an administrator and access the **Admin Panel** (URL: <kbd>https://openwebui.company</kbd>/admin/users).
+To do so, log in as an administrator and access the **Admin Panel** (URL: `https://openwebui.company`/admin/users).
 Click on the user whose role should be increased from **Pending** to at least **User**.
-More details on how to administer Open WebUI can be found here <kbd>https://docs.openwebui.com/</kbd>.
+More details on how to administer Open WebUI can be found here `https://docs.openwebui.com/`.
 :::
diff --git a/website/integrations/services/openproject/index.md b/website/integrations/services/openproject/index.md
index 7b44ca1f54..5989b2c620 100644
--- a/website/integrations/services/openproject/index.md
+++ b/website/integrations/services/openproject/index.md
@@ -62,7 +62,7 @@ OpenProject requires a first and last name for each user. By default authentik o
     - **Protocol settings**:
         - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
         - **Redirect URI**:
-            - Strict: <kbd>https://<em>openproject.company</em>/auth/oidc-<em>authentik</em>/callback</kbd>
+            - Strict: `https://openproject.company/auth/oidc-authentik/callback`
         - **Signing key**: select any available signing key.
     - **Advanced protocol settings**:
         - **Scopes**:
@@ -80,7 +80,7 @@ To support the integration of authentik with OpenProject, you need to configure
 2. Navigate to **Authentication** > **OpenID providers**.
 3. Provide a display name (e.g. `Authentik`) and click **Save**.
 4. Click on **I have a discover endpoint URL** and enter:
-   <kbd>https://<em>authentik.company</em>/application/o/<em>openproject</em>/.well-known/openid-configuration</kbd>
+   `https://authentik.company/application/o/openproject/.well-known/openid-configuration`
 5. Under **Advanced configuration** > **Metadata** the values should be automatically populated based on your discovery endpoint URL. If not, these values can be copied from the **Overview** page of the OpenProject provider in authentik.
 6. Under **Advanced configuration** > **Client details** enter your authentik client ID and client secret.
 7. Under **Optional configuration** > **Attribute mapping** enter the following required configurations:
diff --git a/website/integrations/services/oracle-cloud/index.md b/website/integrations/services/oracle-cloud/index.md
index 46fd8d1549..70a4814419 100644
--- a/website/integrations/services/oracle-cloud/index.md
+++ b/website/integrations/services/oracle-cloud/index.md
@@ -34,7 +34,7 @@ To support the integration of Oracle Cloud with authentik, you need to create an
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>tenant.identity.oraclecloud.com</em>/oauth2/v1/authorize</kbd>.
+    - Set a `Strict` redirect URI to `https://tenant.identity.oraclecloud.com/oauth2/v1/authorize`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/outline/index.md b/website/integrations/services/outline/index.md
index 6f48a6be03..de6034f1fd 100644
--- a/website/integrations/services/outline/index.md
+++ b/website/integrations/services/outline/index.md
@@ -35,7 +35,7 @@ To support the integration of Outline with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>outline.company</em>/auth/oidc.callback</kbd>.
+    - Set a `Strict` redirect URI to `https://outline.company/auth/oidc.callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/owncloud/index.md b/website/integrations/services/owncloud/index.md
index ef5bfd1f72..a215a5f212 100644
--- a/website/integrations/services/owncloud/index.md
+++ b/website/integrations/services/owncloud/index.md
@@ -46,7 +46,7 @@ The configuration for each application is nearly identical, except for the **Cli
         - **Client Secret**: Use the value generated by authentik.
         - **Redirect URIs**:
 
-            - Strict: <kbd>https://<em>owncloud.company</em>/apps/openidconnect/redirect</kbd>
+            - Strict: `https://owncloud.company/apps/openidconnect/redirect`
 
         **Desktop Application**
 
@@ -55,8 +55,8 @@ The configuration for each application is nearly identical, except for the **Cli
         - **Client Secret**: Use the predefined value found in the [ownCloud admin manual](https://doc.owncloud.com/server/latest/admin_manual/configuration/user/oidc/oidc.html#client-secret).
         - **Redirect URIs**:
 
-            - Regex: <kbd>http://localhost:\d+</kbd>
-            - Regex: <kbd>http://127.0.0.1:\d+</kbd>
+            - Regex: `http://localhost:\d+`
+            - Regex: `http://127.0.0.1:\d+`
 
         **Android Application**
 
@@ -65,7 +65,7 @@ The configuration for each application is nearly identical, except for the **Cli
         - **Client Secret**: Use the predefined value found in the [ownCloud admin manual](https://doc.owncloud.com/server/latest/admin_manual/configuration/user/oidc/oidc.html#client-secret).
         - **Redirect URI**:
 
-            - Strict: <kbd>oc://android.owncloud.com</kbd>
+            - Strict: `oc://android.owncloud.com`
 
         **iOS Application**
 
@@ -74,7 +74,7 @@ The configuration for each application is nearly identical, except for the **Cli
         - **Client Secret**: Use the predefined value found in the [ownCloud admin manual](https://doc.owncloud.com/server/latest/admin_manual/configuration/user/oidc/oidc.html#client-secret).
         - **Redirect URI**:
 
-            - Strict: <kbd>oc://ios.owncloud.com</kbd>
+            - Strict: `oc://ios.owncloud.com`
 
     - **Advanced protocol settings:**
         - **Scopes**: Select the following scopes for each of the four application/provider pairs: `email`, `offline_access`, `openid`, `profile`.
diff --git a/website/integrations/services/paperless-ngx/index.mdx b/website/integrations/services/paperless-ngx/index.mdx
index b05577e1a1..3d29f1738d 100644
--- a/website/integrations/services/paperless-ngx/index.mdx
+++ b/website/integrations/services/paperless-ngx/index.mdx
@@ -34,7 +34,7 @@ To support the integration of Paperless-ngx with authentik, you need to create a
     - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
     - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
         - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-        - Set a `Strict` redirect URI to <kbd>https://<em>paperless.company</em>/accounts/oidc/authentik/login/callback/</kbd>.
+        - Set a `Strict` redirect URI to `https://paperless.company/accounts/oidc/authentik/login/callback/`.
     - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
     - **Advanced protocol settings**:
         - **Selected Scopes**: Add the following
diff --git a/website/integrations/services/pgadmin/index.md b/website/integrations/services/pgadmin/index.md
index 2637142dea..b621c629c5 100644
--- a/website/integrations/services/pgadmin/index.md
+++ b/website/integrations/services/pgadmin/index.md
@@ -38,7 +38,7 @@ To support the integration of pgAdmin with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>pgadmin.company</em>/oauth2/authorize</kbd>.
+    - Set a `Strict` redirect URI to `https://pgadmin.company/oauth2/authorize`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/plesk/index.md b/website/integrations/services/plesk/index.md
index 70d85de4d8..6d61b30d99 100644
--- a/website/integrations/services/plesk/index.md
+++ b/website/integrations/services/plesk/index.md
@@ -38,7 +38,7 @@ To support the integration of Plesk with authentik, you need to create an applic
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>plesk.company</em>/modules/oauth/public/login.php</kbd>.
+    - Set a `Strict` redirect URI to `https://plesk.company/modules/oauth/public/login.php`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -63,10 +63,10 @@ To support the integration of Plesk with authentik, you need to create an applic
 
     - **Client ID**: Enter the Client ID from your authentik provider
     - **Client Secret**: Enter the Client Secret from your authentik provider
-    - **Callback Host**: Enter your Plesk FQDN (example: <kbd>https://<em>plesk.company</em></kbd>)
-    - **Authorize URL**: <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-    - **Token URL**: <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-    - **Userinfo URL**: <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+    - **Callback Host**: Enter your Plesk FQDN (example: `https://plesk.company`)
+    - **Authorize URL**: `https://authentik.company/application/o/authorize/`
+    - **Token URL**: `https://authentik.company/application/o/token/`
+    - **Userinfo URL**: `https://authentik.company/application/o/userinfo/`
     - **Scopes**: `openid,profile,email`
     - **Login Button Text**: Set your preferred text (example: "Log in with authentik")
 
diff --git a/website/integrations/services/pocketbase/index.md b/website/integrations/services/pocketbase/index.md
index 3220335659..3e41789eb4 100644
--- a/website/integrations/services/pocketbase/index.md
+++ b/website/integrations/services/pocketbase/index.md
@@ -41,7 +41,7 @@ To support the integration of Pocketbase with authentik, you need to create an a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>pocketbase.company</em>/api/oauth2-redirect</kbd>.
+    - Set a `Strict` redirect URI to `https://pocketbase.company/api/oauth2-redirect`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -49,9 +49,9 @@ To support the integration of Pocketbase with authentik, you need to create an a
 
 ## PocketBase configuration
 
-1. Sign in to PocketBase and access the superusers dashboard by navigating to <kbd>https://<em>pocketbase.company</em>/\_/#/settings</kbd>.
+1. Sign in to PocketBase and access the superusers dashboard by navigating to `https://pocketbase.company/\_/#/settings`.
 2. Toggle off **Hide collection create and edit controls**," then click the **Save changes** button.
-3. Open the **users** collection by clicking the **Collections** icon on the sidebar or head to <kbd>https://<em>pocketbase.company</em>/\_/#/collections?collection=pb_users_auth</kbd>.
+3. Open the **users** collection by clicking the **Collections** icon on the sidebar or head to `https://pocketbase.company/\_/#/collections?collection=pb_users_auth`.
 4. Click the gear icon next to the collection's name, then select the **Options** tab in the popup on the right.
 5. Enable the **OAuth2** authentication method by clicking the **OAuth2** tab and toggling **Enable**.
 6. Click **+ Add provider**, then select **OpenID Connect**.
@@ -59,6 +59,6 @@ To support the integration of Pocketbase with authentik, you need to create an a
     - Set **Client ID** to the Client ID copied from authentik.
     - Set **Client secret** to the Client Secret copied from authentik.
     - Set **Display name** to `authentik`.
-    - Set **Auth URL** to <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>.
-    - Set **Token URL** to <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>.
-    - Make sure **Fetch user info from** is set to `User info URL`, then set **User info URL** to <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+    - Set **Auth URL** to `https://authentik.company/application/o/authorize/`.
+    - Set **Token URL** to `https://authentik.company/application/o/token/`.
+    - Make sure **Fetch user info from** is set to `User info URL`, then set **User info URL** to `https://authentik.company/application/o/userinfo/`
diff --git a/website/integrations/services/portainer/index.md b/website/integrations/services/portainer/index.md
index e309f94fe9..4f5e13b872 100644
--- a/website/integrations/services/portainer/index.md
+++ b/website/integrations/services/portainer/index.md
@@ -38,7 +38,7 @@ To support the integration of Portainer with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>portainer.company</em>/</kbd>.
+    - Set a `Strict` redirect URI to `https://portainer.company/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/proxmox-ve/index.md b/website/integrations/services/proxmox-ve/index.md
index 024f8fba6d..d40f110c8b 100644
--- a/website/integrations/services/proxmox-ve/index.md
+++ b/website/integrations/services/proxmox-ve/index.md
@@ -38,7 +38,7 @@ To support the integration of Proxmox with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>proxmox.company:8006</em></kbd>.
+    - Set a `Strict` redirect URI to `https://proxmox.company:8006`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/rocketchat/index.md b/website/integrations/services/rocketchat/index.md
index e9385e261e..473cefdf86 100644
--- a/website/integrations/services/rocketchat/index.md
+++ b/website/integrations/services/rocketchat/index.md
@@ -38,7 +38,7 @@ To support the integration of Rocket.chat with authentik, you need to create an
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>rocket.company</em>/\_oauth/authentik</kbd>.
+    - Set a `Strict` redirect URI to `https://rocket.company/\_oauth/authentik`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/roundcube/index.md b/website/integrations/services/roundcube/index.md
index 797c0bdd52..ed6ad15e43 100644
--- a/website/integrations/services/roundcube/index.md
+++ b/website/integrations/services/roundcube/index.md
@@ -56,7 +56,7 @@ To support the integration of Roundcube with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>roundcube.company</em>/index.php?\_task=settings&\_action=plugin.oauth_redirect</kbd>.
+    - Set a `Strict` redirect URI to `https://roundcube.company/index.php?\_task=settings&\_action=plugin.oauth_redirect`.
     - Select any available signing key.
     - Under **Advanced protocol settings**, add the scope you just created to the list of selected scopes.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/rustdesk-pro/index.mdx b/website/integrations/services/rustdesk-pro/index.mdx
index 9b96454e07..768b8933eb 100644
--- a/website/integrations/services/rustdesk-pro/index.mdx
+++ b/website/integrations/services/rustdesk-pro/index.mdx
@@ -38,7 +38,7 @@ To support the integration of Rustdesk Server Pro with authentik, you need to cr
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>rustdesk.company</em>/api/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://rustdesk.company/api/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -54,11 +54,11 @@ To support the integration of Rustdesk Server Pro with authentik, you need to cr
     - Set **Name** to `authentik`
     - Set **Client ID** to the Client ID copied from authentik.
     - Set **Client secret** to the Client Secret copied from authentik.
-    - Set **Issuer** to <kbd>https://<em>authentik.company</em>/application/o/<em>slug</em>/</kbd>
-    - Set **Authorization Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-    - Set **Token Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-    - Set **Userinfo Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
-    - Set **JWKS Endpoint** to <kbd>https://<em>authentik.company</em>/application/o/<em>slug</em>/jwks/</kbd>
+    - Set **Issuer** to `https://authentik.company/application/o/slug/`
+    - Set **Authorization Endpoint** to `https://authentik.company/application/o/authorize/`
+    - Set **Token Endpoint** to `https://authentik.company/application/o/token/`
+    - Set **Userinfo Endpoint** to `https://authentik.company/application/o/userinfo/`
+    - Set **JWKS Endpoint** to `https://authentik.company/application/o/slug/jwks/`
 
 :::info
 Users are created automatically on login. Permissions must be assigned by an administrator after user creation.
@@ -66,7 +66,7 @@ Users are created automatically on login. Permissions must be assigned by an adm
 
 ## Test the Login
 
-- Open a browser and navigate to <kbd>https://<em>rustdesk.company</em></kbd>.
+- Open a browser and navigate to `https://rustdesk.company`.
 - Click **Continue with authentik**.
-- You should be redirected to authentik (with the login flows you configured). After logging in, authentik will redirect you back to <kbd>https://<em>rustdesk.company</em></kbd>.
-- If you are redirected back to <kbd>https://<em>rustdesk.company</em></kbd> and can read the username in the top right corner, the setup was successful.
+- You should be redirected to authentik (with the login flows you configured). After logging in, authentik will redirect you back to `https://rustdesk.company`.
+- If you are redirected back to `https://rustdesk.company` and can read the username in the top right corner, the setup was successful.
diff --git a/website/integrations/services/semaphore/index.mdx b/website/integrations/services/semaphore/index.mdx
index aee1d9f989..e01a8befdc 100644
--- a/website/integrations/services/semaphore/index.mdx
+++ b/website/integrations/services/semaphore/index.mdx
@@ -36,7 +36,7 @@ To support the integration of Semaphore with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>semaphore.company</em>/api/auth/oidc/authentik/redirect</kbd>.
+    - Set a `Strict` redirect URI to `https://semaphore.company/api/auth/oidc/authentik/redirect`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -84,10 +84,10 @@ More information on this can be found in the Semaphore documentation https://doc
 
 ## Test the login
 
-- Open a browser of your choice and open the URL <kbd>https://<em>semaphore.company</em></kbd>.
+- Open a browser of your choice and open the URL `https://semaphore.company`.
 - Click on the SSO-Login button.
-- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to <kbd>https://<em>semaphore.company</em></kbd> URL.
-- If you are redirected back to the <kbd>https://<em>semaphore.company</em></kbd> URL you did everything correct.
+- You should be redirected to authentik (with the login flows you created) and then authentik should redirect you back to `https://semaphore.company` URL.
+- If you are redirected back to the `https://semaphore.company` URL you did everything correct.
 
 :::info
 Users are created upon logging in with authentik. They will not have the rights to create anything initially. These permissions must be assigned later by the local admin created during the first login to the Semaphore UI.
diff --git a/website/integrations/services/slack/index.md b/website/integrations/services/slack/index.md
index 5eeb8944e8..16c0f02b67 100644
--- a/website/integrations/services/slack/index.md
+++ b/website/integrations/services/slack/index.md
@@ -12,7 +12,7 @@ support_level: authentik
 
 The following placeholders are used in this guide:
 
-- <kbd><em>company</em>.slack.com</kbd> is the FQDN of your Slack workspace.
+- `company.slack.com` is the FQDN of your Slack workspace.
 - `authentik.company` is the FQDN of the authentik installation.
 
 :::note
@@ -31,14 +31,14 @@ To support the integration of Slack with authentik, you need to create an applic
 2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create two **SAML Provider Property Mapping**s with the following settings:
     - **Name Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>User.Email</kbd>
+        - **SAML Attribute Name**: `User.Email`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return request.user.email</kbd>
+        - **Expression**: `return request.user.email`
     - **Email Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>User.Username</kbd>
+        - **SAML Attribute Name**: `User.Username`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return request.user.username</kbd>
+        - **Expression**: `return request.user.username`
 
 ### Create an application and provider in authentik
 
@@ -48,8 +48,8 @@ To support the integration of Slack with authentik, you need to create an applic
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>company</em>.slack.com/sso/saml</kbd>.
-    - Set the **Issuer** to <kbd>https://slack.com</kbd>.
+    - Set the **ACS URL** to `https://company.slack.com/sso/saml`.
+    - Set the **Issuer** to `https://slack.com`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, add the two **Property Mappings** you created in the previous section, then select a **Signing Certificate**.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/synology-dsm/index.md b/website/integrations/services/synology-dsm/index.md
index b3bbe29090..d54b2e0657 100644
--- a/website/integrations/services/synology-dsm/index.md
+++ b/website/integrations/services/synology-dsm/index.md
@@ -38,7 +38,7 @@ To support the integration of Synology DSM with authentik, you need to create an
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>synology.company</em></kbd>.
+    - Set a `Strict` redirect URI to `https://synology.company`.
     - Select any available signing key.
     - Under **Advanced Protocol Settings**, set the **subject mode** to be based on the user's email.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/tandoor/index.md b/website/integrations/services/tandoor/index.md
index 0ae54bc863..5cd4cfbfd6 100644
--- a/website/integrations/services/tandoor/index.md
+++ b/website/integrations/services/tandoor/index.md
@@ -34,7 +34,7 @@ To support the integration of Tandoor with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>tandoor.company</em>/accounts/oidc/authentik/login/callback/</kbd>.
+    - Set a `Strict` redirect URI to `https://tandoor.company/accounts/oidc/authentik/login/callback/`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/terrakube/index.md b/website/integrations/services/terrakube/index.md
index 54fbea8621..a1437c6b8b 100644
--- a/website/integrations/services/terrakube/index.md
+++ b/website/integrations/services/terrakube/index.md
@@ -34,7 +34,7 @@ To support the integration of Terrakube with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>terrakube-dex.company</em>/dex/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://terrakube-dex.company/dex/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/truecommand/index.md b/website/integrations/services/truecommand/index.md
index b0f24dcedc..4983ede264 100644
--- a/website/integrations/services/truecommand/index.md
+++ b/website/integrations/services/truecommand/index.md
@@ -35,29 +35,29 @@ To support the integration of TrueCommand with authentik, you need to create an
 2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create create three or five **SAML Provider Property Mapping**s, depending on your setup, with the following settings:
     - **Username Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>unique_name</kbd>
+        - **SAML Attribute Name**: `unique_name`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return request.user.username</kbd>
+        - **Expression**: `return request.user.username`
     - **Email Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>email</kbd>
+        - **SAML Attribute Name**: `email`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return request.user.email</kbd>
+        - **Expression**: `return request.user.email`
     - **Name Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>given_name</kbd> or <em>display_name</em>
+        - **SAML Attribute Name**: `given_name` or display_name
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return request.user.name</kbd>
+        - **Expression**: `return request.user.name`
     - **Title Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>title</kbd>
+        - **SAML Attribute Name**: `title`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return [custom_attribute]</kbd>
+        - **Expression**: `return [custom_attribute]`
     - **Telephone Number Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>telephone_number</kbd>
+        - **SAML Attribute Name**: `telephone_number`
         - **Friendly Name**: Leave blank
-        - **Expression**: <kbd>return [custom_attribute]</kbd>
+        - **Expression**: `return [custom_attribute]`
 
 ### Create an application and provider in authentik
 
@@ -67,8 +67,8 @@ To support the integration of TrueCommand with authentik, you need to create an
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>truecommand.company</em>/saml/acs</kbd>.
-    - Set the **Issuer** to <kbd>truecommand-saml</kbd>.
+    - Set the **ACS URL** to `https://truecommand.company/saml/acs`.
+    - Set the **Issuer** to `truecommand-saml`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, add the three or five **Property Mappings** you created in the previous section, then set the **NameID Property Mapping** to be based on the user's email. Finally, select an available signing certificate.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/ubuntu-landscape/index.md b/website/integrations/services/ubuntu-landscape/index.md
index a81f6c9bb6..8d17c63e0c 100644
--- a/website/integrations/services/ubuntu-landscape/index.md
+++ b/website/integrations/services/ubuntu-landscape/index.md
@@ -40,7 +40,7 @@ To support the integration of Landscape with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>landscape.company</em>/login/handle-openid</kbd>.
+    - Set a `Strict` redirect URI to `https://landscape.company/login/handle-openid`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/uptime-kuma/index.md b/website/integrations/services/uptime-kuma/index.md
index 86f73a6edb..6e5c10b0f6 100644
--- a/website/integrations/services/uptime-kuma/index.md
+++ b/website/integrations/services/uptime-kuma/index.md
@@ -36,8 +36,8 @@ To support the integration of Uptime Kuma with authentik, you need to create an
 - **Choose a Provider type**: select **Proxy Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
 
-    - Set the **External host** to <kbd>https://<em>uptime-kuma</em>.company</kbd>.
-    - Set the **Internal host** to <kbd>http://<em>uptime-kuma:3001</em></kbd> where <kbd><em>uptime-kuma:3001</em></kbd> is the hostname and port of your Uptime Kuma container.
+    - Set the **External host** to `https://uptime-kuma.company`.
+    - Set the **Internal host** to `http://uptime-kuma:3001` where `uptime-kuma:3001` is the hostname and port of your Uptime Kuma container.
     - Under **Advanced protocol settings**, set **Unauthenticated Paths** to the following to allow unauthenticated access to the public status page:
 
         ```
diff --git a/website/integrations/services/vikunja/index.md b/website/integrations/services/vikunja/index.md
index dbff2b68b0..068f677b11 100644
--- a/website/integrations/services/vikunja/index.md
+++ b/website/integrations/services/vikunja/index.md
@@ -39,7 +39,7 @@ To support the integration of Vikunja with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>vik.company</em>/auth/openid/authentiklogin</kbd>.
+    - Set a `Strict` redirect URI to `https://vik.company/auth/openid/authentiklogin`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/vmware-vcenter/index.md b/website/integrations/services/vmware-vcenter/index.md
index 76132aea3d..8ff52b7ba3 100644
--- a/website/integrations/services/vmware-vcenter/index.md
+++ b/website/integrations/services/vmware-vcenter/index.md
@@ -36,7 +36,7 @@ To support the integration of vCenter with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>vcenter.company</em>/ui/login/oauth2/authcode</kbd>.
+    - Set a `Strict` redirect URI to `https://vcenter.company/ui/login/oauth2/authcode`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/wazuh/index.mdx b/website/integrations/services/wazuh/index.mdx
index 4d32940d67..68a26869e6 100644
--- a/website/integrations/services/wazuh/index.mdx
+++ b/website/integrations/services/wazuh/index.mdx
@@ -59,7 +59,7 @@ To support the integration of Wazuh with authentik, you need to create a group,
 - **Application**: provide a descriptive name (e.g., `Wazuh`), an optional group for the type of application, the policy engine mode, and optional UI settings.
 - **Choose a Provider type**: Select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - **ACS URL**: <kbd>https://<em>wazuh-dashboard.company</em>/\_opendistro/\_security/saml/acs</kbd>
+    - **ACS URL**: `https://wazuh-dashboard.company/\_opendistro/\_security/saml/acs`
     - **Issuer**: `wazuh-saml`
     - **Service Provider Binding**: `Post`
     - Under **Advanced protocol settings**:
diff --git a/website/integrations/services/weblate/index.md b/website/integrations/services/weblate/index.md
index 4baa39b2b2..a0e1da3de1 100644
--- a/website/integrations/services/weblate/index.md
+++ b/website/integrations/services/weblate/index.md
@@ -32,7 +32,7 @@ To support the integration of Weblate with authentik, you need to create an appl
 2. Navigate to **Customization** > **Property Mappings** and click **Create**. Create four **SAML Provider Property Mapping**s with the following settings:
     - **Full Name Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>urn:oid:2.5.4.3</kbd>
+        - **SAML Attribute Name**: `urn:oid:2.5.4.3`
         - **Friendly Name**: Leave blank
         - **Expression**:
         ```python
@@ -40,7 +40,7 @@ To support the integration of Weblate with authentik, you need to create an appl
         ```
     - **OID_USERID Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>urn:oid:0.9.2342.19200300.100.1.1</kbd>
+        - **SAML Attribute Name**: `urn:oid:0.9.2342.19200300.100.1.1`
         - **Friendly Name**: Leave blank
         - **Expression**:
         ```python
@@ -48,7 +48,7 @@ To support the integration of Weblate with authentik, you need to create an appl
         ```
     - **Username Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>username</kbd>
+        - **SAML Attribute Name**: `username`
         - **Friendly Name**: Leave blank
         - **Expression**:
         ```python
@@ -56,7 +56,7 @@ To support the integration of Weblate with authentik, you need to create an appl
         ```
     - **Email Mapping:**
         - **Name**: Choose a descriptive name
-        - **SAML Attribute Name**: <kbd>email</kbd>
+        - **SAML Attribute Name**: `email`
         - **Friendly Name**: Leave blank
         - **Expression**:
         ```python
@@ -71,9 +71,9 @@ To support the integration of Weblate with authentik, you need to create an appl
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>weblate.company</em>/accounts/complete/saml/</kbd>.
-    - Set the **Audience** to <kbd>https://<em>weblate.company</em>/accounts/metadata/saml/</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>authentik.company</em>/application/saml/<em>application-slug</em>/sso/binding/redirect/</kbd>.
+    - Set the **ACS URL** to `https://weblate.company/accounts/complete/saml/`.
+    - Set the **Audience** to `https://weblate.company/accounts/metadata/saml/`.
+    - Set the **Issuer** to `https://authentik.company/application/saml/application-slug/sso/binding/redirect/`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate. Then, under **Property mappings**, add the ones you just created.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/wekan/index.mdx b/website/integrations/services/wekan/index.mdx
index 217f56b7b5..2d5e3de342 100644
--- a/website/integrations/services/wekan/index.mdx
+++ b/website/integrations/services/wekan/index.mdx
@@ -34,7 +34,7 @@ To support the integration of Wekan with authentik, you need to create an applic
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>wekan.company</em>/\_oauth/oidc</kbd>.
+    - Set a `Strict` redirect URI to `https://wekan.company/\_oauth/oidc`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/whats-up-docker/index.md b/website/integrations/services/whats-up-docker/index.md
index cd988863ef..55e325aa45 100644
--- a/website/integrations/services/whats-up-docker/index.md
+++ b/website/integrations/services/whats-up-docker/index.md
@@ -34,7 +34,7 @@ To support the integration of What's Up Docker with authentik, you need to creat
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>wud.company</em>/auth/oidc/authentik/cb</kbd>.
+    - Set a `Strict` redirect URI to `https://wud.company/auth/oidc/authentik/cb`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/wiki-js/index.md b/website/integrations/services/wiki-js/index.md
index 2aac3bada1..72bfef1e33 100644
--- a/website/integrations/services/wiki-js/index.md
+++ b/website/integrations/services/wiki-js/index.md
@@ -44,7 +44,7 @@ To support the integration of Wiki.js with authentik, you need to create an appl
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>wiki.company</em>/login/<em>id-from-wiki</em>/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://wiki.company/login/id-from-wiki/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/wordpress/index.md b/website/integrations/services/wordpress/index.md
index 0b46114d1b..3d91281545 100644
--- a/website/integrations/services/wordpress/index.md
+++ b/website/integrations/services/wordpress/index.md
@@ -38,7 +38,7 @@ To support the integration of WordPress with authentik, you need to create an ap
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>wp.company</em>/wp-admin/admin-ajax.php\?action=openid-connect-authorize</kbd>.
+    - Set a `Strict` redirect URI to `https://wp.company/wp-admin/admin-ajax.php\?action=openid-connect-authorize`.
     - Select any available signing key.
     - Under **Advanced Protocol Settings**, add `offline_access` to the list of available scopes.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/writefreely/index.md b/website/integrations/services/writefreely/index.md
index 54725dfbbb..8616c839d0 100644
--- a/website/integrations/services/writefreely/index.md
+++ b/website/integrations/services/writefreely/index.md
@@ -38,7 +38,7 @@ To support the integration of Writefreely with authentik, you need to create an
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>writefreely.company</em>/oauth/callback/generic</kbd>.
+    - Set a `Strict` redirect URI to `https://writefreely.company/oauth/callback/generic`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/xen-orchestra/index.md b/website/integrations/services/xen-orchestra/index.md
index 3548061b55..757a24bfcb 100644
--- a/website/integrations/services/xen-orchestra/index.md
+++ b/website/integrations/services/xen-orchestra/index.md
@@ -39,7 +39,7 @@ To support the integration of Xen Orchestra with authentik, you need to create a
 - **Choose a Provider type**: select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
     - Note the **Client ID**,**Client Secret**, and **slug** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>xenorchestra.company</em>/signin/oidc/callback</kbd>.
+    - Set a `Strict` redirect URI to `https://xenorchestra.company/signin/oidc/callback`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
diff --git a/website/integrations/services/zabbix/index.md b/website/integrations/services/zabbix/index.md
index 4e2053c3fc..c87baf1fa6 100644
--- a/website/integrations/services/zabbix/index.md
+++ b/website/integrations/services/zabbix/index.md
@@ -35,8 +35,8 @@ To support the integration of Zabbix with authentik, you need to create an appli
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>zabbix.company</em>/zabbix/index_sso.php?acs</kbd>.
-    - Set the **Issuer** to <kbd>zabbix</kbd>.
+    - Set the **ACS URL** to `https://zabbix.company/zabbix/index_sso.php?acs`.
+    - Set the **Issuer** to `zabbix`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
diff --git a/website/integrations/services/zammad/index.md b/website/integrations/services/zammad/index.md
index 26d6edc0f2..8ae724415c 100644
--- a/website/integrations/services/zammad/index.md
+++ b/website/integrations/services/zammad/index.md
@@ -32,14 +32,14 @@ To support the integration of Zammad with authentik, you need to create an appli
 2. Navigate to **Applications** > **Applications** and click **Create with Provider** to create an application and provider pair. (Alternatively you can first create a provider separately, then create the application and connect it with the provider.)
 
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
-- **Choose a Provider type**: select **SAML Provider** as the provider type.
+- **Choose a Provider type**: selec`AML Provider\*\* as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>zammad.company</em>/auth/saml/callback</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>zammad.company</em>/auth/saml/metadata</kbd>.
-    - Set the **Audience** to <kbd>https://<em>zammad.company</em>/auth/saml/metadata</kbd>.
-    - Set the **Service Provider Binding** to `Post`.
+    - Set the **ACS URL** `bd>https://zammad.company/auth/saml/callback`.
+    - Set the **Issuer** to `https://zammad.company/auth/saml/metadata`.
+    - Set the **Audience** to `https://zammad.company/auth/saml/metadata`.
+    - Set the **Service Provider Bi`** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
-- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
+- **Configure Bindings** _`onal)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
 3. Click **Submit** to save the new application and provider.
 
@@ -49,9 +49,10 @@ To support the integration of Zammad with authentik, you need to create an appli
 2. Navigate to **Applications** > **Providers** and click on the name of the provider that you created in the previous section (e.g. `Provider for zammad`).
 3. Under **Related objects** > **Download signing certificate **, click on **Download**. This downloaded file is your certificate file and it will be required in the next section.
 
-## Zammad configuration
+## Zammad configuration`
 
-To configure the Zammad SAML options go to **Settings** (the gear icon) and select **Security** > **Third-party Applications**. Next, activate the **Authentication via SAML** toggle and change the following fields:
+`
+To configure the Zammad SAML o`s go to **Settings** (the gear icon) and select **Security** > **Third-party Applications**. Next, activate the **Authentication via SAML** toggle and change the following fields:
 
     - **Display name**: authentik
     - **IDP SSO target URL**: `https://authentik.company/application/saml/<application_slug>/sso/binding/post/`
diff --git a/website/integrations/services/zipline/index.md b/website/integrations/services/zipline/index.md
index 8835bdacec..8c1374d1b6 100644
--- a/website/integrations/services/zipline/index.md
+++ b/website/integrations/services/zipline/index.md
@@ -38,7 +38,7 @@ To support the integration of Zipline with authentik, you need to create an appl
 - **Choose a Provider type**: Select **OAuth2/OpenID Connect** as the provider type.
 - **Configure the Provider**: Provide a name (or accept the auto-provided name), choose the authorization flow for this provider, and configure the following required settings:
     - Note the **Client ID** and **Client Secret** values because they will be required later.
-    - Set a `Strict` redirect URI to <kbd>https://<em>zipline.company</em>/api/auth/oauth/oidc</kbd>.
+    - Set a `Strict` redirect URI to `https://zipline.company/api/auth/oauth/oidc`.
     - Select any available signing key.
 - **Configure Bindings** _(optional)_: Create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
 
@@ -52,9 +52,9 @@ To support the integration of Zipline with authentik, you need to create an appl
 
 - **OIDC Client ID**: Your Client ID from authentik
 - **OIDC Client Secret**: Your Client Secret from authentik
-- **OIDC Authorize URL**: <kbd>https://<em>authentik.company</em>/application/o/authorize/</kbd>
-- **OIDC Token URL**: <kbd>https://<em>authentik.company</em>/application/o/token/</kbd>
-- **OIDC Userinfo URL**: <kbd>https://<em>authentik.company</em>/application/o/userinfo/</kbd>
+- **OIDC Authorize URL**: `https://authentik.company/application/o/authorize/`
+- **OIDC Token URL**: `https://authentik.company/application/o/token/`
+- **OIDC Userinfo URL**: `https://authentik.company/application/o/userinfo/`
 
 3. Then, click **Save**.
 
diff --git a/website/integrations/services/zulip/index.md b/website/integrations/services/zulip/index.md
index 7b7a9c3b79..e951cda029 100644
--- a/website/integrations/services/zulip/index.md
+++ b/website/integrations/services/zulip/index.md
@@ -33,8 +33,8 @@ To support the integration of Zulip with authentik, you need to create an applic
 - **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings. Take note of the **slug** as it will be required later.
 - **Choose a Provider type**: select **SAML Provider** as the provider type.
 - **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
-    - Set the **ACS URL** to <kbd>https://<em>zulip.company</em>/complete/saml/</kbd>.
-    - Set the **Issuer** to <kbd>https://<em>zulip.company</em></kbd>.
+    - Set the **ACS URL** to `https://zulip.company/complete/saml/`.
+    - Set the **Issuer** to `https://zulip.company`.
     - Set the **Service Provider Binding** to `Post`.
     - Under **Advanced protocol settings**, select an available signing certificate.
 - **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/flows-stages/bindings/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.