diff --git a/index.html b/index.html
index bc837ed..785e77f 100644
--- a/index.html
+++ b/index.html
@@ -26,6 +26,7 @@
     <script src="/assets/oauth3.org/oauth3.core.js" charset="utf-8"></script>
     <script src="/assets/oauth3.org/oauth3.dns.js" charset="utf-8"></script>
     <script src="/assets/oauth3.org/oauth3.domains.js" charset="utf-8"></script>
+    <script src="/js/issuer@oauth3.org.js" charset="utf-8"></script>
     <script src="/js/www@daplie.com.js" charset="utf-8"></script>
     <script src="/js/email@daplie.com.js" charset="utf-8"></script>
     <!-- Angular Modules -->
@@ -40,6 +41,7 @@
     <script src="/js/services/auth-service.js" charset="utf-8"></script>
     <!-- Controllers -->
     <script src="/js/controllers/login-controller.js" charset="utf-8"></script>
+    <script src="/js/controllers/profile-controller.js" charset="utf-8"></script>
     <script src="/js/controllers/home-controller.js" charset="utf-8"></script>
     <script src="/js/controllers/bolt-controller.js" charset="utf-8"></script>
     <script src="/js/controllers/file-controller.js" charset="utf-8"></script>
diff --git a/js/app.js b/js/app.js
index a3dd002..116352a 100644
--- a/js/app.js
+++ b/js/app.js
@@ -1,4 +1,24 @@
-var app = angular.module('launchpad', ['oauth3.org', 'ui.router', 'LocalStorageModule', 'angucomplete-alt']);
+(function () {
+'use strict';
+
+var angular = window.angular;
+var OAUTH3 = window.OAUTH3;
+
+var app = window.app = angular.module('launchpad', ['oauth3.org', 'ui.router', 'LocalStorageModule', 'angucomplete-alt']);
+
+app.directive('daplieFileChange', function () {
+  return {
+    restrict: 'A',
+    require:"ngModel",
+    link: function (scope, element, attrs, ngModel) {
+      element.bind('change', function (event) {
+        var files = event.target.files;
+        ngModel.$setViewValue(files[0]);
+        scope.$eval(attrs.daplieFileChange);
+      });
+    }
+  };
+});
 
 app.config(['$stateProvider', '$urlRouterProvider', 'localStorageServiceProvider',
   function ($stateProvider, $urlRouterProvider, localStorageServiceProvider) {
@@ -106,7 +126,7 @@ app.config(['$stateProvider', '$urlRouterProvider', 'localStorageServiceProvider
     views: {
       'content@': {
         templateUrl: 'templates/account-settings.html',
-        controller: 'loginCtrl as vm',
+        controller: 'profileCtrl as vm',
       }
     }
   });
@@ -133,3 +153,4 @@ app.run(['$rootScope', '$state', 'Auth', '$location', function($rootScope, $stat
     }
   });
 }]);
+}());
diff --git a/js/controllers/login-controller.js b/js/controllers/login-controller.js
index 2e13dde..09499bf 100644
--- a/js/controllers/login-controller.js
+++ b/js/controllers/login-controller.js
@@ -148,5 +148,4 @@ app.controller('loginCtrl', [
       });
     });
   };
-
 }]);
diff --git a/js/controllers/profile-controller.js b/js/controllers/profile-controller.js
new file mode 100644
index 0000000..f3b7b29
--- /dev/null
+++ b/js/controllers/profile-controller.js
@@ -0,0 +1,183 @@
+app.controller('profileCtrl', [
+  '$scope', '$timeout', 'Auth', '$location', 'localStorageService', '$rootScope', 'azp@oauth3.org', '$stateParams'
+, function ($scope, $timeout, Auth, $location, localStorageService, $rootScope, Oauth3, $stateParams) {
+
+  var vm = this;
+
+  vm.independentIssuer = false;
+  // TODO reuse most recent issuer?
+  vm.newOauth3 = Oauth3.create(location);
+  vm.timers = {};
+  vm.defaultIssuer = 'provider.' + location.host.replace(/^cloud\./, '');
+
+  vm.Auth = Auth;
+  vm.session = Auth.session;
+  vm.sessions = Auth.sessions;
+
+  vm.showAdvanced = true;
+
+  vm.toggleAdvanced = function () {
+    vm.showAdvanced = !vm.showAdvanced;
+    vm.independentIssuer = !vm.independentIssuer;
+  };
+
+  vm.notification = true;
+
+  vm._setSubject = function (subject) {
+    vm.currentSubject = vm.newSubject;
+    subject = subject || vm.newSubject;
+    var issuer = subject.replace(/.*@/, '');
+    if (vm.independentIssuer) {
+      return $timeout(function () { return; }, 0);
+    }
+    return Oauth3.discover(issuer, { client_uri: Oauth3.clientUri(location) }).then(function (deets) {
+      return vm._setIssuer(issuer);
+    }, function () {
+      // ignore error
+    });
+  };
+
+  vm.setSubject = function (subject) {
+    $timeout.cancel(vm.timers.subject);
+    vm.timers.subject = $timeout(function () {
+      vm._setSubject(subject);
+    }, 300);
+  };
+
+  vm._setIssuer = function (url) {
+    vm.spinner = true;
+    url = (url || vm.newIssuer).replace(/.*@/, '');
+    if (!url) {
+      url = vm.defaultIssuer;
+    }
+
+    return Oauth3.discover(url, { client_uri: Oauth3.clientUri(location) }).then(function (deets) {
+      vm.currentIssuer = url;
+      vm.issuerName = url;
+
+      return vm.newOauth3.setIdentityProvider(url).then(function (deets) {
+        vm.newOauth3.setResourceProvider(url);
+        vm.spinner = false;
+        // TODO add icon and name to directives
+      });
+    }, function () {
+      console.log("oauth3 discover timeout: No dice, no change for '" + url + "'");
+      vm.spinner = false;
+    });
+  };
+
+  vm.setIssuer = function (url) {
+    $timeout.cancel(vm.timers.issuer);
+    vm.timers.issuer = $timeout(function () {
+      vm._setIssuer(url);
+    }, 300);
+  };
+
+  vm.setAudience = function (url) {
+    url = url || vm.audienceUrl;
+    vm.audienceName = url;
+    vm.newOauth3.setResourceProvider(url);
+  };
+
+  vm.selectSession = function (session) {
+    vm.xauth = true;
+    vm.session = session;
+    return Auth.select(session).then(function (oauth3) {
+      vm.xauth = false;
+    });
+  };
+
+  vm.instaauth = function () {
+    return vm._setSubject().then(function () {
+      return vm._setIssuer().then(function () {
+        return vm.auth();
+      });
+    });
+  };
+
+  vm.auth = function () {
+    var subject = vm.currentSubject;
+    var issuer = vm.issuerName;
+    return vm.newOauth3.authenticate({
+      subject: subject
+    , scope: [ 'domains@oauth3.org', 'domains', 'dns@oauth3.org', 'dns', 'www@daplie.com' ]
+    }).then(function (session) {
+      session.subject = subject;
+      session.issuer = issuer;
+      Auth.add(session);
+      if ($rootScope.redirectedURL === '/splash-page') {
+        $location.path('/home');
+      } else {
+        $location.path('/' + $rootScope.redirectedURL);
+      }
+    }, function (err) {
+      console.error('auth error');
+      console.error(err);
+    });
+  };
+
+  vm.newIssuer = vm.defaultIssuer;
+  vm.setIssuer(vm.defaultIssuer);
+
+  vm.getSession = function() {
+    return Auth.select(Auth.session);
+  };
+
+  vm.initListLoggedInProfiles = function () {
+    vm.activeProfiles = Auth.getActiveSessions();
+  };
+
+  vm.signIn = function () {
+    vm.auth();
+  };
+
+  vm.masterLogOut = function () {
+    localStorage.clear();
+    $location.path('/splash-page');
+  };
+
+  vm.signOut = function () {
+    vm.getSession().then(function(){
+      // TODO the sign-out url for each account should be fixed.
+      return Auth.signOut().then(function () {
+        if (Auth.sessions.length === 0) {
+          $location.path('/splash-page');
+          return;
+        }
+        window.alert("You are still logged in with other accounts.");
+      });
+    });
+  };
+
+  vm.Profile = {};
+  vm.Profile.update = function (a) {
+    console.log('Click click click!!!');
+    var pkg = Auth.oauth3.pkg('issuer@oauth3.org');
+
+    return pkg.update({
+      displayName: a.displayName
+    , avatarUrl: a.avatarUrl
+    , firstName: a.firstName
+    , lastName: a.lastName
+    //, names: a.names
+    , primaryEmail: a.primaryEmail // TODO make a combobox of available emails (and require confirm before making primary)
+    , primaryPhone: a.primaryPhone
+    }).then(function (result) {
+      window.alert(JSON.stringify(result));
+      // TODO use iframe to initiate download?
+      vm.account = result.data;
+    });
+  };
+  vm.Profile.get = function () {
+    var pkg = Auth.oauth3.pkg('issuer@oauth3.org');
+
+    return pkg.get().then(function (result) {
+      console.log(result.data);
+      vm.account = result.data;
+      vm.profile = result.data;
+    });
+  };
+
+  vm.Profile.get();
+
+}]);
diff --git a/js/issuer@oauth3.org.js b/js/issuer@oauth3.org.js
new file mode 100644
index 0000000..ab0e06c
--- /dev/null
+++ b/js/issuer@oauth3.org.js
@@ -0,0 +1,78 @@
+(function (exports) {
+'use strict';
+
+var OAUTH3 = exports.OAUTH3 = exports.OAUTH3 || require('./oauth3.core.js').OAUTH3;
+
+OAUTH3._pkgs['issuer@oauth3.org'] = {
+  update: function (opts) {
+    var providerUri = opts.audience;
+    var session = opts.session;
+
+    return OAUTH3.request({
+      method: 'POST'
+    , url: OAUTH3.url.normalize(providerUri)
+        + '/api/issuer@oauth3.org/acl/profile/'
+    , session: session
+    , data: {
+        displayName: opts.displayName
+      , avatarUrl: opts.avatarUrl
+      , firstName: opts.firstName
+      , lastName: opts.lastName
+      , primaryEmail: opts.primaryEmail
+      , primaryPhone: opts.primaryPhone
+      }
+    }).then(function (result) {
+      return result;
+    });
+  }
+, get: function (opts) {
+    var providerUri = opts.audience;
+    var session = opts.session;
+
+    return OAUTH3.request({
+      method: 'GET'
+    , url: OAUTH3.url.normalize(providerUri)
+        + '/api/issuer@oauth3.org/acl/profile/'
+    , session: session
+    }).then(function (result) {
+      return result;
+    });
+  }
+, requestContact: function (opts) {
+    var providerUri = opts.audience;
+    var session = opts.session;
+
+    return OAUTH3.request({
+      method: 'POST'
+    , url: OAUTH3.url.normalize(providerUri)
+        + '/api/issuer@oauth3.org/acl/contact_nodes/'
+    , session: session
+    , data: {
+        type: opts.type
+      , node: opts.node
+      }
+    }).then(function (result) {
+      return result;
+    });
+  }
+, verifyContact: function (opts) {
+    var providerUri = opts.audience;
+    var session = opts.session;
+
+    return OAUTH3.request({
+      method: 'POST'
+    , url: OAUTH3.url.normalize(providerUri)
+        + '/api/issuer@oauth3.org/acl/contact_nodes/'
+    , session: session
+    , data: {
+        type: opts.type
+      , node: opts.node
+      , challenge: opts.challenge
+      }
+    }).then(function (result) {
+      return result;
+    });
+  }
+};
+
+}('undefined' !== typeof exports ? exports : window));
diff --git a/templates/account-settings.html b/templates/account-settings.html
index 75e88b9..e0e13ee 100644
--- a/templates/account-settings.html
+++ b/templates/account-settings.html
@@ -1,4 +1,4 @@
-<h1 class="text-center">Account Settings</h1>
+<h1 class="text-center">Profile Settings</h1>
 <div class="row">
   <div class="col-md-4 col-sm-6 col-xs-12">
     <div class="text-center">
@@ -9,22 +9,34 @@
   </div>
   <div class="col-md-8 col-sm-6 col-xs-12 personal-info">
     <form class="form-horizontal" role="form">
+      <div class="form-group">
+        <label class="col-lg-3 control-label">Display name:</label>
+        <div class="col-lg-8">
+          <input class="form-control" type="text" ng-model="vm.account.displayName">
+        </div>
+      </div>
       <div class="form-group">
         <label class="col-lg-3 control-label">First name:</label>
         <div class="col-lg-8">
-          <input class="form-control" type="text">
+          <input class="form-control" type="text" ng-model="vm.account.firstName">
         </div>
       </div>
       <div class="form-group">
         <label class="col-lg-3 control-label">Last name:</label>
         <div class="col-lg-8">
-          <input class="form-control" type="text">
+          <input class="form-control" type="text" ng-model="vm.account.lastName">
         </div>
       </div>
       <div class="form-group">
         <label class="col-lg-3 control-label">Email:</label>
         <div class="col-lg-8">
-          <input class="form-control" type="email" value="{{ vm.session.subject }}" disabled>
+          <input class="form-control" type="email" ng-model="vm.account.primaryEmail">
+        </div>
+      </div>
+      <div class="form-group">
+        <label class="col-lg-3 control-label"> </label>
+        <div class="col-lg-8">
+          <button class="btn btn-primary form-control" ng-click="vm.Profile.update(vm.account)">Save</button>
         </div>
       </div>
     </form>
diff --git a/templates/website.html b/templates/website.html
index 6abe41b..344b370 100644
--- a/templates/website.html
+++ b/templates/website.html
@@ -52,7 +52,7 @@
         <br>
         -->
         <div class="input-group">
-          <div><label>Select .zip upload</label> <input type="file" class="js-file-upload this-has-a-special-non-angular-event-handler" /></div>
+          <div><label>Select .zip upload</label> <input type="file" ng-model="vm.newFile" daplie-file-change="vm.Sites.setUpload(vm)" /></div>
 
           <div ng-if="vm.isZip" ><label><input type="checkbox" ng-model="vm.unzip" /> Unpack .zip</label></div>
 
@@ -89,22 +89,27 @@
       <table class="table">
         <tbody>
           <tr>
-            <td><a ng-href="https://{{r.domain}}" target="_blank" ng-bind="r.domain">example.com</a>
+            <td>
+              <a ng-href="https://{{r.domain}}" target="_blank" ng-bind="r.domain">example.com</a>
+              <span ng-if="r.pending">(pending)</span>
               <a ng-href="{{r.download}}" target="_blank">Download</a>
               <!-- button class="btn btn-link" ng-click="vm.Sites.archive(r)">download</button -->
-              <button class="btn btn-link" ng-click="vm.Sites.remove(r)">Clear</button></td>
+              <button class="btn btn-link" ng-click="vm.Sites.remove(r)">Clear</button>
+            </td>
             <td>
               <input type="text" ng-model="r.newPath" placeholder="/" />
               <button class="btn btn-default" ng-click="vm.Sites.contents(r)">List Files</button>
             </td>
             <td ng-bind="r.path">Sites > blogs > blog.jane.smith.net</td>
-            <td><div ng-repeat="share in r.sharedWith" ng-if="!share.me">
-              <span ng-bind="share.path">/</span>
-              <span ng-bind="share.comment">friend@email.com</span>
-              <em ng-if="share.pending">pending</em>
-              (<span ng-bind="share.mode">rwx</span>)
-              <button class="btn btn-link" ng-click="vm.Shares.remove(r, share)">[X]</button>
-            </div></td>
+            <td>
+              <div ng-repeat="share in r.sharedWith" ng-if="!share.me">
+                <span ng-bind="share.path">/</span>
+                <span ng-bind="share.comment">friend@email.com</span>
+                <em ng-if="share.pending">pending</em>
+                (<span ng-bind="share.mode">rwx</span>)
+                <button class="btn btn-link" ng-click="vm.Shares.remove(r, share)">[X]</button>
+              </div>
+            </td>
             <td>
               <input type="text" ng-model="r.shareEmail" placeholder="ex: john@example.com" />
               <input type="text" ng-model="r.sharePath" placeholder="/" />