diff --git a/pom.xml b/pom.xml
index 71a06b9ac2165e25d1ab0b278dcc2e1300e5ad57..45d3e1a92fc8a7f659c2dcdadc8d9993d61aa071 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,10 +40,6 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-oauth2-client</artifactId>
diff --git a/scripts/build-vorgang-manager-image.sh b/scripts/build-vorgang-manager-image.sh
new file mode 100755
index 0000000000000000000000000000000000000000..b5c2cc287238727010c6e4fd2e9a22b4b06655eb
--- /dev/null
+++ b/scripts/build-vorgang-manager-image.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -e
+
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+pushd ..
+OSIV2_POSTFACH_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+echo "OSIV2_POSTFACH_VERSION: $OSIV2_POSTFACH_VERSION"
+mvn -DskipTests=true clean install
+popd
+
+PROJECT_DIRECTORY=../../
+pushd "$PROJECT_DIRECTORY"
+
+pushd nachrichten-manager
+NACHRICHTEN_MANAGER_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+echo "NACHRICHTEN_MANAGER_VERSION: $NACHRICHTEN_MANAGER_VERSION"
+sed -i \
+ 's|<osiv2-postfach.version>.*</osiv2-postfach.version>|<osiv2-postfach.version>'"$OSIV2_POSTFACH_VERSION"'</osiv2-postfach.version>|g' \
+ nachrichten-manager-server/pom.xml
+mvn -DskipTests=true clean install
+popd
+
+pushd vorgang-manager
+sed -i \
+ 's|<nachrichten-manager.version>.*</nachrichten-manager.version>|<nachrichten-manager.version>'"$NACHRICHTEN_MANAGER_VERSION"'</nachrichten-manager.version>|g' \
+ vorgang-manager-server/pom.xml
+mvn -DskipTests=true clean install
+cd vorgang-manager-server
+mvn -DskipTests=true spring-boot:build-image
+popd
\ No newline at end of file
diff --git a/scripts/smocker/receive-one.yaml b/scripts/smocker/receive-one.yaml
index 309326a721164b59d92759b64e1c4529039a04e5..09e5172ec174cb3f38765df74f675f8fd173a0c0 100644
--- a/scripts/smocker/receive-one.yaml
+++ b/scripts/smocker/receive-one.yaml
@@ -26,7 +26,7 @@
       Content-Type: application/json
     body: >
       {
-        "sequencenumber":"00000000-0000-0000-0000-000000000000",
+        "sequencenumber":"6799da548852e42b113b60dd",
         "subject":"AW: Test Subject",
         "body":"Hier eine eine Antwort ohne Anhang.",
         "displayName":"Sandy Smockia",
diff --git a/scripts/tag-and-push-vorgang-manager-image.sh b/scripts/tag-and-push-vorgang-manager-image.sh
new file mode 100755
index 0000000000000000000000000000000000000000..a9358632df041d70d4331cd3b0bdf4a21afacf75
--- /dev/null
+++ b/scripts/tag-and-push-vorgang-manager-image.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+
+VERSION=2.22.0-OZG-4094-SNAPSHOT-9
+
+docker tag docker.ozg-sh.de/vorgang-manager:build-latest docker.ozg-sh.de/vorgang-manager:$VERSION
+docker push docker.ozg-sh.de/vorgang-manager:$VERSION
\ No newline at end of file
diff --git a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/ApiClientConfiguration.java b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/ApiClientConfiguration.java
index a0d414ec0f8b44661bc2a9dd1dda47983f17eb66..e9948c36a99efc62d6d03c533da3971a5c515438 100644
--- a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/ApiClientConfiguration.java
+++ b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/ApiClientConfiguration.java
@@ -18,8 +18,12 @@ import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder;
 import org.springframework.security.oauth2.client.endpoint.RestClientClientCredentialsTokenResponseClient;
 import org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.client.OAuth2ClientHttpRequestInterceptor;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
@@ -30,29 +34,31 @@ import de.ozgcloud.nachrichten.postfach.osiv2.gen.api.MessageExchangeApi;
 import lombok.RequiredArgsConstructor;
 
 @Configuration
-@EnableWebSecurity
 @RequiredArgsConstructor
 @ConditionalOnProperty(prefix = Osi2PostfachProperties.PREFIX, name = "enabled", havingValue = "true")
 public class ApiClientConfiguration {
 
+	private final Osi2PostfachProperties.AuthConfiguration authConfiguration;
 	private final Osi2PostfachProperties.ApiConfiguration apiConfiguration;
 	private final Osi2PostfachProperties.ProxyConfiguration proxyConfiguration;
 
+	private static final String CLIENT_REGISTRATION_ID = "osi2";
+
 	@Bean
 	MessageExchangeApi messageExchangeApi(ApiClient apiClient) {
 		return new MessageExchangeApi(apiClient);
 	}
 
 	@Bean
-	ApiClient apiClient(ClientRegistrationRepository clientRegistrations) {
-		var apiClient = new ApiClient(restClient(clientRegistrations));
+	ApiClient apiClient() {
+		var apiClient = new ApiClient(restClient());
 		apiClient.setBasePath(apiConfiguration.getUrl());
 		return apiClient;
 	}
 
-	private RestClient restClient(ClientRegistrationRepository clientRegistrations) {
-		var requestInterceptor = new OAuth2ClientHttpRequestInterceptor(authorizedClientManager(clientRegistrations));
-		requestInterceptor.setClientRegistrationIdResolver(request -> "osi2");
+	private RestClient restClient() {
+		var requestInterceptor = new OAuth2ClientHttpRequestInterceptor(authorizedClientManager());
+		requestInterceptor.setClientRegistrationIdResolver(request -> CLIENT_REGISTRATION_ID);
 
 		return defaultRestClientBuilder()
 				.requestInterceptor(requestInterceptor)
@@ -88,8 +94,8 @@ public class ApiClientConfiguration {
 		return credentialsProvider;
 	}
 
-	private AuthorizedClientServiceOAuth2AuthorizedClientManager authorizedClientManager(
-			ClientRegistrationRepository clientRegistrations) {
+	private AuthorizedClientServiceOAuth2AuthorizedClientManager authorizedClientManager() {
+		var clientRegistrations = clientRegistrationsRepository();
 		var clientService = new InMemoryOAuth2AuthorizedClientService(
 				clientRegistrations);
 		var authorizedClientManager = new AuthorizedClientServiceOAuth2AuthorizedClientManager(
@@ -100,6 +106,21 @@ public class ApiClientConfiguration {
 		return authorizedClientManager;
 	}
 
+	private ClientRegistrationRepository clientRegistrationsRepository() {
+		return new InMemoryClientRegistrationRepository(osi2ClientRegistration());
+	}
+
+	private ClientRegistration osi2ClientRegistration() {
+		return ClientRegistration.withRegistrationId(CLIENT_REGISTRATION_ID)
+				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST)
+				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
+				.clientId(authConfiguration.getClientId())
+				.clientSecret(authConfiguration.getClientSecret())
+				.tokenUri(authConfiguration.getTokenUri())
+				.scope(authConfiguration.getScope())
+				.build();
+	}
+
 	private OAuth2AuthorizedClientProvider authorizedClientProvider() {
 		return OAuth2AuthorizedClientProviderBuilder.builder()
 				.clientCredentials(builder ->
@@ -130,7 +151,7 @@ public class ApiClientConfiguration {
 		client.addParametersConverter(source -> {
 			MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
 			// Pass a resource indicator parameter https://datatracker.ietf.org/doc/html/rfc8707
-			parameters.add("resource", apiConfiguration.getResource());
+			parameters.add("resource", authConfiguration.getResource());
 			return parameters;
 		});
 	}
diff --git a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/Osi2PostfachProperties.java b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/Osi2PostfachProperties.java
index cec943d8ed04fa3a27dffbb491f078e97a4ce3c4..f670ec7a5c42c51c5953aa1703ff2485b1beb3aa 100644
--- a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/Osi2PostfachProperties.java
+++ b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/config/Osi2PostfachProperties.java
@@ -1,5 +1,7 @@
 package de.ozgcloud.nachrichten.postfach.osiv2.config;
 
+import java.util.List;
+
 import jakarta.annotation.Nullable;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -21,6 +23,20 @@ public class Osi2PostfachProperties {
 
 	private boolean enabled;
 
+	@Getter
+	@Setter
+	@Configuration
+	@ConfigurationProperties(prefix = AuthConfiguration.PREFIX)
+	public static class AuthConfiguration {
+		public static final String PREFIX = Osi2PostfachProperties.PREFIX + ".auth";
+
+		private String clientId;
+		private String clientSecret;
+		private List<String> scope;
+		private String tokenUri;
+		private String resource;
+	}
+
 	@Getter
 	@Setter
 	@Configuration
@@ -28,7 +44,6 @@ public class Osi2PostfachProperties {
 	public static class ApiConfiguration {
 		public static final String PREFIX = Osi2PostfachProperties.PREFIX + ".api";
 
-		private String resource;
 		private String url;
 		private String tenant;
 		private String nameIdentifier;
diff --git a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapper.java b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapper.java
index 4b1482c4efeb283320bd9abace07dc89da77f52f..c2aab079e54ede89a9b32c09d5791e663283b71f 100644
--- a/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapper.java
+++ b/src/main/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapper.java
@@ -21,7 +21,7 @@ public interface Osi2RequestMapper {
 
 	@Mapping(target = "sequencenumber", source = "vorgangId")
 	@Mapping(target = "body", source = "mailBody")
-	@Mapping(target = "displayName", source = "createdBy")
+	@Mapping(target = "displayName", ignore = true)
 	@Mapping(target = "originSender", ignore = true)
 	@Mapping(target = "replyAction", source = "replyOption")
 	@Mapping(target = "eidasLevel", constant = "LOW")
diff --git a/src/main/resources/application-stage.yml b/src/main/resources/application-stage.yml
index c2804acf5bd4bec3a1e037f7cf334c73b2905050..2618fc516f3b8383f3ad2d4ddfccb4c8c06eeccb 100644
--- a/src/main/resources/application-stage.yml
+++ b/src/main/resources/application-stage.yml
@@ -1,22 +1,13 @@
-spring:
-  security:
-    oauth2:
-      client:
-        registration:
-          osi2:
-            client-id: 'OZG-Kopfstelle'
-            client-secret: 'changeme'
-            scope: default, access_urn:dataport:osi:sh:stage:ozgkopfstelle
-            authorization-grant-type: 'client_credentials'
-            client-authentication-method: client_secret_post
-        provider:
-          osi2:
-            token-uri: 'https://idp.serviceportal-stage.schleswig-holstein.de/webidp2/connect/token'
 ozgcloud:
   osiv2:
     enabled: false
-    api:
+    auth:
+      client-id: 'OZG-Kopfstelle'
+      client-secret: 'changeme'
+      scope: default, access_urn:dataport:osi:sh:stage:ozgkopfstelle
+      token-uri: 'https://idp.serviceportal-stage.schleswig-holstein.de/webidp2/connect/token'
       resource: 'urn:dataport:osi:postfach:rz2:stage:sh'
+    api:
       url: 'https://api-gateway-stage.dataport.de:443/api/osi_postfach/1.0.0'
       tenant: 'SH'
       name-identifier: 'ozgkopfstelle'
diff --git a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceITCase.java b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceITCase.java
index c4f0c35732b3d4889f0198fec5ff0569b74c22df..94405d692b164bdf5d1d3b3c51974274a314d39b 100644
--- a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceITCase.java
+++ b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceITCase.java
@@ -48,11 +48,11 @@ class OsiPostfachRemoteServiceITCase {
 
 	@DynamicPropertySource
 	static void dynamicProperties(DynamicPropertyRegistry registry) {
-		registry.add("spring.security.oauth2.client.provider.osi2.token-uri", OSI_MOCK_SERVER_EXTENSION::getAccessTokenUrl);
-		registry.add("spring.security.oauth2.client.registration.osi2.scope", () -> CLIENT_SCOPES);
-		registry.add("spring.security.oauth2.client.registration.osi2.client-id", () -> CLIENT_ID);
+		registry.add("ozgcloud.osiv2.auth.token-uri", OSI_MOCK_SERVER_EXTENSION::getAccessTokenUrl);
+		registry.add("ozgcloud.osiv2.auth.scope", () -> CLIENT_SCOPES);
+		registry.add("ozgcloud.osiv2.auth.client-id", () -> CLIENT_ID);
 		registry.add("ozgcloud.osiv2.api.url", OSI_MOCK_SERVER_EXTENSION::getPostfachFacadeUrl);
-		registry.add("ozgcloud.osiv2.api.resource", () -> RESOURCE_URN);
+		registry.add("ozgcloud.osiv2.auth.resource", () -> RESOURCE_URN);
 	}
 
 	private WireMockServer postfachFacadeMockServer;
diff --git a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceRemoteITCase.java b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceRemoteITCase.java
index fd5c11bc956b400822c0dd6064fa7bb4dcc7794d..4bcdb775d291573e8a3ec8f1d503726ff31b878b 100644
--- a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceRemoteITCase.java
+++ b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/OsiPostfachRemoteServiceRemoteITCase.java
@@ -31,7 +31,7 @@ class OsiPostfachRemoteServiceRemoteITCase {
 	@DynamicPropertySource
 	static void dynamicProperties(DynamicPropertyRegistry registry) {
 		registry.add(
-				"spring.security.oauth2.client.registration.osi2.client-secret",
+				"ozgcloud.osiv2.auth.client-secret",
 				() -> System.getenv("SH_STAGE_CLIENT_SECRET")
 		);
 		registry.add(
diff --git a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapperTest.java b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapperTest.java
index 3abec1a5f53dd2c897230896e38a443eebd4ce4d..2f1cbe4af9940226535af88324de563b10261338 100644
--- a/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapperTest.java
+++ b/src/test/java/de/ozgcloud/nachrichten/postfach/osiv2/transfer/Osi2RequestMapperTest.java
@@ -94,14 +94,6 @@ class Osi2RequestMapperTest {
 			assertThat(result.getBody()).isEqualTo(MAIL_BODY);
 		}
 
-		@DisplayName("should map display name")
-		@Test
-		void shouldMapDisplayName() {
-			var result = doMapping();
-
-			assertThat(result.getDisplayName()).isEqualTo(USER_ID);
-		}
-
 		@DisplayName("should map origin sender to null")
 		@Test
 		void shouldMapOriginSenderToNull() {
diff --git a/src/test/resources/application-dev.yml b/src/test/resources/application-dev.yml
index 42c79c97a9e25c34d6547d9dee3b96bbddf5a308..ac690fd234df32535926c332fed7b75b2387df70 100644
--- a/src/test/resources/application-dev.yml
+++ b/src/test/resources/application-dev.yml
@@ -1,22 +1,13 @@
-spring:
-  security:
-    oauth2:
-      client:
-        registration:
-          osi2:
-            client-id: 'OZG-Kopfstelle'
-            client-secret: 'changeme'
-            scope: default, access_urn:dataport:osi:sh:stage:ozgkopfstelle
-            authorization-grant-type: 'client_credentials'
-            client-authentication-method: client_secret_post
-        provider:
-          osi2:
-            token-uri: 'http://localhost:8080/osi-postfach-v2-token'
 ozgcloud:
   osiv2:
     enabled: false
-    api:
+    auth:
+      client-id: 'OZG-Kopfstelle'
+      client-secret: 'changeme'
+      scope: default, access_urn:dataport:osi:sh:stage:ozgkopfstelle
       resource: 'urn:dataport:osi:postfach:rz2:stage:sh'
+      token-uri: 'http://localhost:8080/osi-postfach-v2-token'
+    api:
       url: 'http://localhost:8080'
       tenant: 'SH'
       name-identifier: 'ozgkopfstelle'