diff --git a/internal/brokers/examplebroker/broker.go b/internal/brokers/examplebroker/broker.go
index 087b04a86..73c825619 100644
--- a/internal/brokers/examplebroker/broker.go
+++ b/internal/brokers/examplebroker/broker.go
@@ -40,8 +40,8 @@ type sessionInfo struct {
 
 	pwdChange passwdReset
 
-	neededMfa      int
-	currentMfaStep int
+	neededAuthSteps int
+	currentAuthStep int
 }
 
 type isAuthenticatedCtx struct {
@@ -59,76 +59,13 @@ type Broker struct {
 	isAuthenticatedCallsMu sync.Mutex
 }
 
-type exampleUser struct {
-	UID    string                       `json:"uid"`
-	Name   string                       `json:"name"`
-	Groups map[string]map[string]string `json:"groups"`
-}
-
-func (u exampleUser) String() string {
-	data, err := json.Marshal(u)
-	if err != nil {
-		panic(fmt.Sprintf("Invalid user data: %v", err))
-	}
-	return string(data)
-}
-
 var (
-	exampleUsers = map[string]exampleUser{
-		"user1": {
-			UID:  "4245874",
-			Name: "My user",
-			Groups: map[string]map[string]string{
-				"group1": {
-					"name": "Group 1",
-					"gid":  "3884",
-				},
-				"group2": {
-					"name": "Group 2",
-					"gid":  "4884",
-				},
-			},
-		},
-		"user2": {
-			UID:  "33333",
-			Name: "My secondary user",
-			Groups: map[string]map[string]string{
-				"group2": {
-					"name": "Group 2",
-					"gid":  "4884",
-				},
-			},
-		},
-		"user-mfa": {
-			UID:  "44444",
-			Name: "User that needs MFA",
-			Groups: map[string]map[string]string{
-				"group1": {
-					"name": "Group 1",
-					"gid":  "3884",
-				},
-			},
-		},
-		"user-needs-reset": {
-			UID:  "55555",
-			Name: "User that needs passwd reset",
-			Groups: map[string]map[string]string{
-				"group1": {
-					"name": "Group 1",
-					"gid":  "3884",
-				},
-			},
-		},
-		"user-can-reset": {
-			UID:  "66666",
-			Name: "User that can passwd reset",
-			Groups: map[string]map[string]string{
-				"group1": {
-					"name": "Group 1",
-					"gid":  "3884",
-				},
-			},
-		},
+	exampleUsers = map[string]string{
+		"user1":            "My user",
+		"user2":            "My secondary user",
+		"user-mfa":         "User that needs MFA",
+		"user-needs-reset": "User that needs passwd reset",
+		"user-can-reset":   "User that can passwd reset",
 	}
 )
 
@@ -155,16 +92,18 @@ func (b *Broker) NewSession(ctx context.Context, username, lang string) (session
 		username:        username,
 		lang:            lang,
 		pwdChange:       noReset,
+		currentAuthStep: 1,
+		neededAuthSteps: 1,
 		attemptsPerMode: make(map[string]int),
 	}
 	switch username {
 	case "user-mfa":
-		info.neededMfa = 3
+		info.neededAuthSteps = 3
 	case "user-needs-reset":
-		info.neededMfa = 1
+		info.neededAuthSteps = 2
 		info.pwdChange = mustReset
 	case "user-can-reset":
-		info.neededMfa = 1
+		info.neededAuthSteps = 2
 		info.pwdChange = canReset
 	}
 
@@ -185,11 +124,11 @@ func (b *Broker) GetAuthenticationModes(ctx context.Context, sessionID string, s
 	allModes := getSupportedModes(sessionInfo, supportedUILayouts)
 
 	// If the user needs mfa, we remove the last used mode from the list of available modes.
-	if sessionInfo.currentMfaStep > 0 && sessionInfo.currentMfaStep < sessionInfo.neededMfa {
+	if sessionInfo.currentAuthStep > 1 && sessionInfo.currentAuthStep < sessionInfo.neededAuthSteps {
 		allModes = getMfaModes(sessionInfo, sessionInfo.allModes)
 	}
 	// If the user needs or can reset the password, we only show those authentication modes.
-	if sessionInfo.currentMfaStep > 0 && sessionInfo.pwdChange != noReset {
+	if sessionInfo.currentAuthStep > 1 && sessionInfo.pwdChange != noReset {
 		allModes = getPasswdResetModes(sessionInfo, sessionInfo.allModes)
 	}
 
@@ -350,7 +289,7 @@ func getSupportedModes(sessionInfo sessionInfo, supportedUILayouts []map[string]
 				break
 			}
 			allModes["mandatoryreset"] = map[string]string{
-				"selection_label": "Password reset (3 days until mandatory)",
+				"selection_label": "Password reset",
 				"ui": mapToJSON(map[string]string{
 					"type":  "newpassword",
 					"label": "Enter your new password",
@@ -358,14 +297,14 @@ func getSupportedModes(sessionInfo sessionInfo, supportedUILayouts []map[string]
 				}),
 			}
 
-			if layout["skip-button"] != "" {
+			if layout["button"] != "" {
 				allModes["optionalreset"] = map[string]string{
 					"selection_label": "Password reset",
 					"ui": mapToJSON(map[string]string{
-						"type":        "newpassword",
-						"label":       "Enter your new password",
-						"entry":       "chars_password",
-						"skip-button": "Skip",
+						"type":   "newpassword",
+						"label":  "Enter your new password (3 days until mandatory)",
+						"entry":  "chars_password",
+						"button": "Skip",
 					}),
 				}
 			}
@@ -481,18 +420,10 @@ func (b *Broker) IsAuthenticated(ctx context.Context, sessionID, authenticationD
 	}()
 
 	access, data, err = b.handleIsAuthenticated(b.isAuthenticatedCalls[sessionID].ctx, sessionInfo, authData)
-	if access == responses.AuthGranted {
-		switch sessionInfo.username {
-		case "user-needs-reset":
-			fallthrough
-		case "user-can-reset":
-			fallthrough
-		case "user-mfa":
-			if sessionInfo.currentMfaStep < sessionInfo.neededMfa {
-				sessionInfo.currentMfaStep++
-				access = responses.AuthNext
-			}
-		}
+	if access == responses.AuthGranted && sessionInfo.currentAuthStep < sessionInfo.neededAuthSteps {
+		sessionInfo.currentAuthStep++
+		access = responses.AuthNext
+		data = ""
 	} else if access == responses.AuthRetry {
 		sessionInfo.attemptsPerMode[sessionInfo.selectedMode]++
 		if sessionInfo.attemptsPerMode[sessionInfo.selectedMode] >= maxAttempts {
@@ -603,12 +534,12 @@ func (b *Broker) handleIsAuthenticated(ctx context.Context, sessionInfo sessionI
 		}
 	}
 
-	user, exists := exampleUsers[sessionInfo.username]
+	name, exists := exampleUsers[sessionInfo.username]
 	if !exists {
 		return responses.AuthDenied, `{"message": "user not found"}`, nil
 	}
 
-	return responses.AuthGranted, userInfoFromName(user.Name), nil
+	return responses.AuthGranted, fmt.Sprintf(`{"userinfo": %s}`, userInfoFromName(name)), nil
 }
 
 // EndSession ends the requested session and triggers the necessary clean up steps, if any.
diff --git a/internal/brokers/examplebroker/dbus.go b/internal/brokers/examplebroker/dbus.go
index 220179158..d5fa51ef1 100644
--- a/internal/brokers/examplebroker/dbus.go
+++ b/internal/brokers/examplebroker/dbus.go
@@ -8,13 +8,14 @@ import (
 
 	"github.com/godbus/dbus/v5"
 	"github.com/godbus/dbus/v5/introspect"
-	"github.com/ubuntu/authd/internal/brokers"
 	"github.com/ubuntu/decorate"
 )
 
 const (
 	dbusObjectPath = "/com/ubuntu/authd/ExampleBroker"
 	busName        = "com.ubuntu.authd.ExampleBroker"
+	// we need to redeclare the interface here to avoid include cycles.
+	dbusInterface = "com.ubuntu.authd.Broker"
 )
 
 // Bus is the D-Bus object that will answer calls for the broker.
@@ -34,7 +35,7 @@ func StartBus(ctx context.Context, cfgPath string) (err error) {
 
 	b, _, _ := New("ExampleBroker")
 	obj := Bus{broker: b}
-	err = conn.Export(&obj, dbusObjectPath, brokers.DbusInterface)
+	err = conn.Export(&obj, dbusObjectPath, dbusInterface)
 	if err != nil {
 		return err
 	}
@@ -44,7 +45,7 @@ func StartBus(ctx context.Context, cfgPath string) (err error) {
 		Interfaces: []introspect.Interface{
 			introspect.IntrospectData,
 			{
-				Name:    brokers.DbusInterface,
+				Name:    dbusInterface,
 				Methods: introspect.Methods(&obj),
 			},
 		},