diff --git a/doc/LATEST.md b/doc/LATEST.md
index bf62d41..57e0498 100644
--- a/doc/LATEST.md
+++ b/doc/LATEST.md
@@ -2,13 +2,10 @@
 
 > For information how to get at a point to reproduce this, please read
 > - [README](README.md) or
-> - [Installation / Docker Setup](DockerSetup.md)
+> - [Setup.md](Setup.md)
 
 [TOC]
 
-# Instance-Token
-
-See [InstanceToken](InstanceToken.md).
 
 # Config-Token
 
@@ -59,3 +56,97 @@ m56oy1WRGSdHRiBt/6Mbb2I7BQ+YNsPrq9pI9wdPxbCbyT8UbEPM0/Qo4RSH77lx
 +rtqhXsNqrciBxg9iCfYTDBKW7gG8+3U+7OFkPfN7nAYfxEAKKO0z/vPih0KIF12
 ipX9bJaK63sIplYtPSBB2A==
 ```
+
+
+
+# Other Code
+
+Interesting is that for encryption the `service_instance.deployment` **Public-Key** is used. For that one, we have no
+private key.
+
+see
+
+```diff
+public_key_string=si_deployment_public_key.value
+```
+
+<details>
+    <summary>`return_file_export_manager.py`</summary>
+
+```python
+class ReturnFileExportManager:
+    def return_file_export_handler(self, event_args, params, dal):
+        if 'file_timestamp' not in event_args:
+            # file_timestamp not in event_args means original request on primary,
+            #   so we get current time as file_timestamp
+            license_allocation_file_timestamp = datetime.utcnow()
+            # modify incoming event_args parameter to add file_timestamp,
+            #   so broadcaster to sends file_timestamp to secondary
+            event_args['file_timestamp'] = license_allocation_file_timestamp
+        else:
+            # file_timestamp in event_args means replication call on secondary
+            #   so we use file_timestamp from event_args
+            license_allocation_file_timestamp = event_args['file_timestamp']
+
+        license_allocation_file_xid = self.processor.get_license_file_xid()
+        log.info(f'Generating license allocation return file: {license_allocation_file_xid}')
+
+        # Generate license allocation data
+        license_allocation = LicenseAllocation()
+        license_allocation.header = LicenseAllocationHeader(params.license_allotment_xid)
+        log.info(f'Generating return for license allocation: {params.license_allotment_xid}')
+        license_allocation.object_list = self._get_object_list(params, dal)
+
+        try:
+            si_deployment_public_key = dal.get_si_artifact_for_license_allotment(
+                params.license_allotment_xid, si_constants.SERVICE_INSTANCE_DEPLOYMENT_NAMESPACE,
+                si_constants.ARTIFACT_NAME_PUBLIC_KEY
+            )
+        except NotFoundError as ex:
+            log.error(f'Error fetching artifacts for SI attached to this license allocation return file', ex)
+            raise BadRequestError("Failed to return license allocation file")
+
+        # Build license file payload string
+        encrypted_payload_str = self.processor.build_license_payload(
+            license_allocation_file_xid=license_allocation_file_xid,
+            license_allocation_file_timestamp=license_allocation_file_timestamp,
+            license_allocation_list=[license_allocation],
+            public_key_string=si_deployment_public_key.value,
+            deployment_token="")
+
+        # insert LAF record
+        dal.insert_file_creation_record(license_allocation_file_xid, license_allocation_file_timestamp,
+                                        params.license_allotment_xid, encrypted_payload_str)
+
+        response = ReturnFileResponse(return_license=encrypted_payload_str)
+        return response
+```
+
+</details>
+
+
+<details>
+    <summary>`dls_license_file_installation_dal.py`</summary>
+
+```python
+class DlsLicenseFileInstallationDal:
+    def insert_file_creation_record(self, schema, license_file_xid, license_file_timestamp, license_allotment_xid, license_allocation_file, session=None):
+        insert_file_creation_record_query = f"""
+        insert into {schema}.license_allotment_file_publication (xid, license_allotment_xid, publication_detail)
+        values (:xid, :la_xid, :publication_detail)
+        on conflict (xid) do update
+        set license_allotment_xid = :la_xid, publication_detail = :publication_detail
+        """
+        publication_detail_dict = {
+            'timestamp': license_file_timestamp.isoformat(),
+            'license': license_allocation_file,
+        }
+
+        publication_detail = json_dumps(publication_detail_dict)
+        session.execute(insert_file_creation_record_query, {'xid': license_file_xid, 'la_xid': license_allotment_xid, 'publication_detail': publication_detail})
+
+```
+
+</details>
+
+
diff --git a/doc/README.md b/doc/README.md
index 35d0c1a..796658a 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -2,6 +2,14 @@
 
 > Current status / questions / is in [doc/LATEST.md](LATEST.md)
 
+## My Setup documentation
+
+In [Setup.md](Setup.md) I wrote down every step with each file on my setup.
+
+With this detailed guide I hope to understand licensing process and how data and keys/tokens are handled.
+
+## Read through
+
 - [Installation / Docker Setup](DockerSetup.md)
 - [Reverse Engineering Notes](ReverseEngineeringNotes.md)
 - [Licensing Flow / Process](LicensingFlow.md)
diff --git a/doc/Setup.md b/doc/Setup.md
new file mode 100644
index 0000000..57a6dd7
--- /dev/null
+++ b/doc/Setup.md
@@ -0,0 +1,61 @@
+# NLS Setup
+
+[TOC]
+
+# 1. Prepare Environment
+
+**Docker Setup**
+
+Please follow [DockerSetup](DockerSetup.md)-Guide.
+
+**External DB Access**
+
+To get superuser access to database from external, you have to add a user.
+Follow [ReverseEngineeringNotes - DB-Access](ReverseEngineeringNotes.md#db-access).
+
+After that, I modified `docker-compose.yaml` and added `ports` into `postgres-nls-si-0` container to get external
+database access.
+```diff
+ postgres-nls-si-0:
+        image: dls:pgsql_3.4.1
+        restart: always
++        ports: [ '5432:5432' ]
+```
+
+Now you can connect with `<your-instance-ip>:5432` with any Database-Client you want.
+
+# 2. Setup (NLS)
+
+1. Access `https://<your-instance-ip>:8080` and click on *New Installation*
+2. Enter *Username* and *Password*
+3. *Continue to Login* and login
+4. *Download DLS Instance Token*
+
+- Local Reset Token `28b22cb5-76db-4211-84a7-d2821293fe44`
+- [`dls_instance_token_03-26-2025-21-06-23.tok`](files/dls_instance_token_03-26-2025-21-06-23.tok)
+- See [dls_instance_token.md](dls_instance_token.md)
+
+# 3. Create License Server (Nvidia Application Hub)
+
+Goto *License Servers* > *Create Server*
+
+1. *Step 1 - Identification*: Enter a name
+2. *Step 2 - Features*: Add at least one feature
+3. *Step 3 - Environment*
+   1. Select *On-Premise (DLS)*
+   2. Select your *Registration Token* (DLS-Instance-Token)
+   3. *Upload*
+4. *Step 4 - Configuration*: Default *Standard Networked Licensing*
+5. *Create Server*
+
+Download your License
+
+1. On your License-Server click *Actions*
+2. Click *Download* and confirm
+
+- [`license_03-26-2025-21-27-51.bin`](files/license_03-26-2025-21-27-51.bin)
+- See [license.md](license.md)
+
+# 4. Debug Config-Token
+
+t.b.c.