diff --git a/.env b/.env
index 554880a291dcb359487b48c38e1545a0d542836b..f8b10bfdd889239670d5d3fd0c3c8305aa60e009 100644
--- a/.env
+++ b/.env
@@ -42,3 +42,9 @@ LDAP_PERSON_PROVIDER_LDAP_ATTRIBUTE_FAMILY_NAME=sn
 LDAP_PERSON_PROVIDER_LDAP_ATTRIBUTE_EMAIL=mail
 LDAP_PERSON_PROVIDER_LDAP_ATTRIBUTE_BIRTHDAY=DateOfBirth
 ###< dbp/relay-base-person-connector-ldap-bundle ###
+
+# PDF-AS
+PDF_AS_WEB_ADVANCED_URI=https://pdfas-dev.tugraz.at/pdf-as-web
+PDF_AS_WEB_QUALIFIED_URI=https://sig-dev.tugraz.at/pdf-as-web
+PDF_AS_WEB_QUALIFIED_STATIC_URI=https://sig-dev.tugraz.at/static
+PDF_AS_VERIFICATION_ENABLE=false
diff --git a/config/packages/dbp_relay_esign.yaml b/config/packages/dbp_relay_esign.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..49f6cfad181f7da7a2a3e3f6a0800c83d55fee8d
--- /dev/null
+++ b/config/packages/dbp_relay_esign.yaml
@@ -0,0 +1,35 @@
+dbp_relay_esign:
+  qualified_signature:
+    server_url: '%env(PDF_AS_WEB_QUALIFIED_URI)%'
+    callback_url: '%env(PDF_AS_WEB_QUALIFIED_STATIC_URI)%/callback.html'
+    error_callback_url: '%env(PDF_AS_WEB_QUALIFIED_STATIC_URI)%/error.html'
+    profiles:
+      - name: default
+        profile_id: SIGNATURBLOCK_TUGRAZ_QUAL
+        user_text_table: usercontent
+        user_text_row: 1
+        user_text_attach_parent: main
+        user_text_attach_child: user
+        user_text_attach_row: 3
+        role: ROLE_SCOPE_QUALIFIED-SIGNATURE
+  advanced_signature:
+    server_url: '%env(PDF_AS_WEB_ADVANCED_URI)%'
+    profiles:
+      - name: official
+        key_id: tugraz-official
+        profile_id: SIGNATURBLOCK_TUGRAZ_AMTSSIGNATUR
+        user_text_table: usercontent
+        user_text_row: 1
+        user_text_attach_parent: main
+        user_text_attach_child: user
+        user_text_attach_row: 2
+        role: ROLE_SCOPE_OFFICIAL-SIGNATURE
+      - name: sap
+        key_id: tugraz-sap
+        profile_id: SIGNATURBLOCK_TUGRAZ_SAP
+        user_text_table: usercontent
+        user_text_row: 1
+        user_text_attach_parent: main
+        user_text_attach_child: user
+        user_text_attach_row: 2
+        role: ROLE_SCOPE_CORPORATE-SIGNATURE
\ No newline at end of file
diff --git a/src/EventSubscriber/PersonFromUserItemSubscriber.php b/src/EventSubscriber/PersonFromUserItemSubscriber.php
new file mode 100644
index 0000000000000000000000000000000000000000..12385bf810841e843226bca61bd2a8413b5f1ff2
--- /dev/null
+++ b/src/EventSubscriber/PersonFromUserItemSubscriber.php
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\EventSubscriber;
+
+use Dbp\Relay\BasePersonConnectorLdapBundle\Event\PersonFromUserItemPostEvent;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+class PersonFromUserItemSubscriber implements EventSubscriberInterface
+{
+    public static function getSubscribedEvents(): array
+    {
+        return [
+            PersonFromUserItemPostEvent::NAME => 'onPost',
+        ];
+    }
+
+    public function onPost(PersonFromUserItemPostEvent $event)
+    {
+        $person = $event->getPerson();
+
+        $roles = ['ROLE_SCOPE_GREENLIGHT'];
+        $person->setExtraData('ldap-roles', $roles);
+
+        $event->setPerson($person);
+    }
+}