fix: V2 docs / error messages (#3611)

* docs: rewrite concept section

* docs: add instance to guides

* chore: error messages

* fix: scenarios

* docs: urls

* docs: change images

* docs: change images

* docs: change images

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

docs/docs/concepts/structure/_instance_description.mdx

@@ -0,0 +1,5 @@
+An instance is the top hierarchy in the ZITADEL.
+Within an instance all the default [settings](./policies), such as branding, login policy, password policy, etc. for the system can be configured.
+One instance normally runs on one domain and has one issuer. (e.g login.customer.com)
+
+One instance can contain multiple [organizations](./organizations). Which can represent the own company or the customers.

docs/docs/concepts/structure/_org_description.mdx

@@ -1,6 +1,6 @@
 ZITADEL is organized around the idea that:
 
-* Multiple organizations share the same system. In this case multiple organizations share the same service, zitadel.ch
+* Multiple organizations can be managed within one [instance](./instance).
 * organizations can grant each other rights to self-manage certain aspects of the IAM (eg, roles for access management)
 * organizations are vessels for users and projects
 

docs/docs/concepts/structure/instance.md

@@ -0,0 +1,8 @@
+---
+title: Instance
+---
+
+
+import InstanceDescription from './_instance_description.mdx';
+
+<InstanceDescription name="InstanceDescription" />

docs/docs/concepts/structure/overview.md

@@ -6,10 +6,11 @@ This overview shows the general structure of ZITADEL.
 
 ![Overview](/img/concepts/objects/object_overview.png)
 
-More details on the specific objets:
+More details on the specific objects:
 
+- [Instance](./instance)
 - [Organizations](./organizations)
-- [Policies](./policies)
+- [Policies/Settings](./policies)
 - [Projects](./projects)
 - [Applications](./applications)
 - [Granted Projects](./granted_projects)

docs/docs/concepts/structure/policies.md

@@ -1,13 +1,13 @@
 ---
-title: Policies
+title: Settings/Policies
 ---
 
-Policies are configurations of all the different parts of the IAM. For all parts we have a suitable default in the IAM.
+Settings and policies are configurations of all the different parts of the Instance or an organization. For all parts we have a suitable default in the Instance.
 The default configuration can be overridden for each organization.
 
 ## General
 
-You can find these settings in the menu organization in the section polcies.
+You can find these settings in the instance page under settings, or on a specific organization menu organization in the section polycies.
 Each policy can be overridden and reset to the default.
 
 ## Password Complexity
@@ -88,3 +88,11 @@ Make sure you click the "Set preview as current configuration" button after you
 
 Each organization is able to configure its own privacy policy and terms of service.
 A link to the current policies can be provided. On register each user has to accept these policies.
+
+
+## Domain policy
+
+In the domain policy you have two different settings. 
+One is the "user_login_must_be_domain", by setting this all the users within an organisation will be suffixed with the domain of the organisation.
+The second is "validate_org_domains" if this is set to true all created domains on an organisation must be verified per acme challenge. [Verify Domain] (../../guides/basics/organizations#domain-verification-and-primary-domain)
+If it is set to false, all registered domain will automatically be created as verified and the users will be able to use the domain for login.

docs/docs/concepts/usecases/saas.md

@@ -19,15 +19,7 @@ This means that the users and also their authorizations will be managed within Z
 An organization is the ZITADEL resource which contains users, projects, applications, policies and so on. 
 In an organization projects and users are managed by the organization.
 You need at least one organization for your own company in our case "The Timing Company".
-
-For your customers you have different possibilities:
-1. Your customer already owns an organization in ZITADEL
-2. Your customer creates a new organization in ZITADEL by itself
-3. You create an organization for your customer (If you like to verify the domain, the customer has to do it)
-
-:::info
-Subscriptions are organization based. This means, that each organization can choose their own tier based on the needed features.
-:::
+As next step grate an organization for each of your costumers.
 
 ## Project
 
@@ -70,7 +62,7 @@ More about the [Scopes](../../apis/openidoauth/scopes)
 2. Show private labeling (branding) of the project organization
 
 You can configure on project-level which branding should be shown to users.
-In the default the design of ZITADEL will be shown, but as soon as the user is identified, the policy of the users organization will be triggered.
+In the default the design of the instance will be shown, but as soon as the user is identified, the policy of the users organization (if specified) will be triggered.
 If the setting is set to `Ensure Project Resource Owner Setting`, the private labeling of the project organization will always be triggered.
 The last possibility is to show the private labeling of the project organization and as soon as the user is identitfied the user organization settings will be triggered.
 For this the Allow User Resource Owner Setting should be set.