fix: remove unnecessary functions from auth.proto

2025-08-11 21:07:31 +00:00 · 2020-03-31 11:07:48 +02:00
parent 9900e53afa
commit 52ac0772e3
23 changed files with 2759 additions and 12058 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,7 @@ debug
 # IDE
 .idea
 .vscode
 # credential
 google-credentials
 key.json
--- a/cmd/zitadel/main.go
+++ b/cmd/zitadel/main.go
@@ -44,20 +44,17 @@ func main() {
 	ctx := context.Background()
 	if *managementEnabled {
-		err = management.Start(ctx, conf.Mgmt, conf.AuthZ)
+		management.Start(ctx, conf.Mgmt, conf.AuthZ)
 		logging.Log("MAIN-39Nv5").OnError(err).Fatal("error starting management api")
 	}
 	if *authEnabled {
-		err = auth.Start(ctx, conf.Auth, conf.AuthZ)
+		auth.Start(ctx, conf.Auth, conf.AuthZ)
 		logging.Log("MAIN-x0nD2").OnError(err).Fatal("error starting auth api")
 	}
 	if *loginEnabled {
 		err = login.Start(ctx, conf.Login)
 		logging.Log("MAIN-53RF2").OnError(err).Fatal("error starting login ui")
 	}
 	if *adminEnabled {
-		err = admin.Start(ctx, conf.Admin, conf.AuthZ)
+		admin.Start(ctx, conf.Admin, conf.AuthZ)
 		logging.Log("MAIN-0na71").OnError(err).Fatal("error starting admin api")
 	}
 	if *consoleEnabled {
 		err = console.Start(ctx, conf.Console)
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/ghodss/yaml v1.0.0
 	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
 	github.com/golang/mock v1.4.3
-	github.com/golang/protobuf v1.3.5
+	github.com/golang/protobuf v1.4.0-rc.4
 	github.com/google/uuid v1.1.1 // indirect
 	github.com/gorilla/schema v1.1.0
 	github.com/gorilla/securecookie v1.1.1
@@ -37,5 +37,6 @@ require (
 	google.golang.org/api v0.20.0 // indirect
 	google.golang.org/genproto v0.0.0-20200319113533-08878b785e9c
 	google.golang.org/grpc v1.28.0
 	google.golang.org/protobuf v1.20.1
 	gopkg.in/yaml.v2 v2.2.8 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -76,6 +76,11 @@ github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
 github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
 github.com/golang/protobuf v1.3.5 h1:F768QJ1E9tib+q5Sc8MkdJi1RxLTbRcTf8LJV56aRls=
 github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
 github.com/golang/protobuf v1.4.0-rc.4 h1:+EOh4OY6tjM6ZueeUKinl1f0U2820HzQOuf1iqMnsks=
 github.com/golang/protobuf v1.4.0-rc.4/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -324,6 +329,12 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8
 google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.28.0 h1:bO/TA4OxCOummhSf10siHuG7vJOiwh7SpRpFZDkOgl4=
 google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.20.1 h1:ESRXHgpUBG5D2I5mmsQIyYxB/tQIZfSZ8wLyFDf/N/U=
 google.golang.org/protobuf v1.20.1/go.mod h1:KqelGeouBkcbcuB3HCk4/YH2tmNLk6YSWA5LIWeI/lY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
--- a/google-credentials/.gitignore
+++ b/google-credentials/.gitignore
@@ -1 +0,0 @@
 key.json
--- a/pkg/admin/admin.go
+++ b/pkg/admin/admin.go
@@ -2,8 +2,6 @@ package admin
 import (
 	"context"
 	"github.com/caos/logging"
 	app "github.com/caos/zitadel/internal/admin"
 	"github.com/caos/zitadel/internal/api/auth"
 	"github.com/caos/zitadel/pkg/admin/api"
@@ -14,8 +12,6 @@ type Config struct {
 	API api.Config
 }
-func Start(ctx context.Context, config Config, authZ auth.Config) error {
+func Start(ctx context.Context, config Config, authZ auth.Config) {
-	err := api.Start(ctx, config.API)
+	api.Start(ctx, config.API)
 	logging.Log("MAIN-lfo5h").OnError(err).Panic("unable to start api")
 	return err
 }
--- a/pkg/admin/api/api.go
+++ b/pkg/admin/api/api.go
@@ -16,13 +16,10 @@ type Config struct {
 	GRPC grpc_util.Config
 }
-func Start(ctx context.Context, conf Config) error {
+func Start(ctx context.Context, conf Config) {
-	api := &API{
+	grpcServer := grpc.StartServer(conf.GRPC.ToServerConfig())
-		grpcServer: *grpc.StartServer(conf.GRPC.ToServerConfig()),
+	grpcGateway := grpc.StartGateway(conf.GRPC.ToGatewayConfig())
 		gateway:    *grpc.StartGateway(conf.GRPC.ToGatewayConfig()),
 	}
 	server.StartServer(ctx, &api.grpcServer)
 	server.StartGateway(ctx, &api.gateway)
-	return nil
+	server.StartServer(ctx, grpcServer)
 	server.StartGateway(ctx, grpcGateway)
 }
--- a/pkg/auth/api/api.go
+++ b/pkg/auth/api/api.go
@@ -8,22 +8,14 @@ import (
 	"github.com/caos/zitadel/pkg/auth/api/grpc"
 )
 type API struct {
 	grpcServer grpc.Server
 	gateway    grpc.Gateway
 }
 type Config struct {
 	GRPC grpc_util.Config
 }
-func Start(ctx context.Context, conf Config) error {
+func Start(ctx context.Context, conf Config) {
-	api := &API{
+	grpcServer := grpc.StartServer(conf.GRPC.ToServerConfig())
-		grpcServer: *grpc.StartServer(conf.GRPC.ToServerConfig()),
+	grpcGateway := grpc.StartGateway(conf.GRPC.ToGatewayConfig())
 		gateway:    *grpc.StartGateway(conf.GRPC.ToGatewayConfig()),
 	}
 	server.StartServer(ctx, &api.grpcServer)
 	server.StartGateway(ctx, &api.gateway)
-	return nil
+	server.StartServer(ctx, grpcServer)
 	server.StartGateway(ctx, grpcGateway)
 }
--- a/pkg/auth/api/grpc/application.go
+++ b/pkg/auth/api/grpc/application.go
@@ -1,18 +0,0 @@
 package grpc
 import (
 	"context"
 	"github.com/caos/zitadel/internal/errors"
 )
 func (s *Server) GetApplicationByID(ctx context.Context, request *ApplicationID) (*Application, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-Rfh8e", "Not implemented")
 }
 func (s *Server) SearchApplications(ctx context.Context, appSearch *ApplicationSearchRequest) (*ApplicationSearchResponse, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-ju8Rd", "Not implemented")
 }
 func (s *Server) AuthorizeApplication(ctx context.Context, auth *ApplicationAuthorizeRequest) (*Application, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-lo8ws", "Not implemented")
 }
--- a/pkg/auth/api/grpc/auth.pb.go
+++ b/pkg/auth/api/grpc/auth.pb.go
--- a/pkg/auth/api/grpc/auth.pb.gw.go
+++ b/pkg/auth/api/grpc/auth.pb.gw.go
--- a/pkg/auth/api/grpc/auth.swagger.json
+++ b/pkg/auth/api/grpc/auth.swagger.json
--- a/pkg/auth/api/grpc/auth_session.go
+++ b/pkg/auth/api/grpc/auth_session.go
@@ -1,34 +0,0 @@
 package grpc
 import (
 	"context"
 	"github.com/caos/zitadel/internal/errors"
 )
 func (s *Server) CreateAuthSession(ctx context.Context, request *AuthSessionCreation) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dh3Rt", "Not implemented")
 }
 func (s *Server) GetAuthSession(ctx context.Context, id *AuthSessionID) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dk56g", "Not implemented")
 }
 func (s *Server) SelectUser(ctx context.Context, request *SelectUserRequest) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dl5gs", "Not implemented")
 }
 func (s *Server) VerifyUser(ctx context.Context, request *VerifyUserRequest) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-39dGs", "Not implemented")
 }
 func (s *Server) VerifyPassword(ctx context.Context, password *VerifyPasswordRequest) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-tu9j2", "Not implemented")
 }
 func (s *Server) VerifyMfa(ctx context.Context, mfa *VerifyMfaRequest) (_ *AuthSessionResponse, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-oi9GB", "Not implemented")
 }
 func (s *Server) GetAuthSessionByTokenID(ctx context.Context, id *TokenID) (_ *AuthSessionView, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dk56z", "Not implemented")
 }
--- a/pkg/auth/api/grpc/grant.go
+++ b/pkg/auth/api/grpc/grant.go
@@ -6,10 +6,6 @@ import (
 	"github.com/golang/protobuf/ptypes/empty"
 )
 func (s *Server) SearchGrant(ctx context.Context, grantSearch *GrantSearchRequest) (*GrantSearchResponse, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-mcn5z", "Not implemented")
 }
 func (s *Server) SearchMyProjectOrgs(ctx context.Context, request *MyProjectOrgSearchRequest) (*MyProjectOrgSearchResponse, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-8kdRf", "Not implemented")
 }
--- a/pkg/auth/api/grpc/mock/auth.proto.mock.go
+++ b/pkg/auth/api/grpc/mock/auth.proto.mock.go
@@ -8,9 +8,9 @@ import (
 	context "context"
 	grpc "github.com/caos/zitadel/pkg/auth/api/grpc"
 	gomock "github.com/golang/mock/gomock"
 	empty "github.com/golang/protobuf/ptypes/empty"
 	struct0 "github.com/golang/protobuf/ptypes/struct"
 	grpc0 "google.golang.org/grpc"
 	emptypb "google.golang.org/protobuf/types/known/emptypb"
 	structpb "google.golang.org/protobuf/types/known/structpb"
 	reflect "reflect"
 )
@@ -38,7 +38,7 @@ func (m *MockAuthServiceClient) EXPECT() *MockAuthServiceClientMockRecorder {
 }
 // AddMfaOTP mocks base method
-func (m *MockAuthServiceClient) AddMfaOTP(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.MfaOtpResponse, error) {
+func (m *MockAuthServiceClient) AddMfaOTP(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.MfaOtpResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -57,35 +57,15 @@ func (mr *MockAuthServiceClientMockRecorder) AddMfaOTP(arg0, arg1 interface{}, a
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AddMfaOTP", reflect.TypeOf((*MockAuthServiceClient)(nil).AddMfaOTP), varargs...)
 }
 // AuthorizeApplication mocks base method
 func (m *MockAuthServiceClient) AuthorizeApplication(arg0 context.Context, arg1 *grpc.ApplicationAuthorizeRequest, arg2 ...grpc0.CallOption) (*grpc.Application, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "AuthorizeApplication", varargs...)
 	ret0, _ := ret[0].(*grpc.Application)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // AuthorizeApplication indicates an expected call of AuthorizeApplication
 func (mr *MockAuthServiceClientMockRecorder) AuthorizeApplication(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AuthorizeApplication", reflect.TypeOf((*MockAuthServiceClient)(nil).AuthorizeApplication), varargs...)
 }
 // ChangeMyPassword mocks base method
-func (m *MockAuthServiceClient) ChangeMyPassword(arg0 context.Context, arg1 *grpc.PasswordChange, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) ChangeMyPassword(arg0 context.Context, arg1 *grpc.PasswordChange, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "ChangeMyPassword", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -137,128 +117,8 @@ func (mr *MockAuthServiceClientMockRecorder) ChangeMyUserPhone(arg0, arg1 interf
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ChangeMyUserPhone", reflect.TypeOf((*MockAuthServiceClient)(nil).ChangeMyUserPhone), varargs...)
 }
 // CreateAuthSession mocks base method
 func (m *MockAuthServiceClient) CreateAuthSession(arg0 context.Context, arg1 *grpc.AuthSessionCreation, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "CreateAuthSession", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // CreateAuthSession indicates an expected call of CreateAuthSession
 func (mr *MockAuthServiceClientMockRecorder) CreateAuthSession(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAuthSession", reflect.TypeOf((*MockAuthServiceClient)(nil).CreateAuthSession), varargs...)
 }
 // CreateToken mocks base method
 func (m *MockAuthServiceClient) CreateToken(arg0 context.Context, arg1 *grpc.CreateTokenRequest, arg2 ...grpc0.CallOption) (*grpc.Token, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "CreateToken", varargs...)
 	ret0, _ := ret[0].(*grpc.Token)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // CreateToken indicates an expected call of CreateToken
 func (mr *MockAuthServiceClientMockRecorder) CreateToken(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateToken", reflect.TypeOf((*MockAuthServiceClient)(nil).CreateToken), varargs...)
 }
 // CreateUserAgent mocks base method
 func (m *MockAuthServiceClient) CreateUserAgent(arg0 context.Context, arg1 *grpc.UserAgentCreation, arg2 ...grpc0.CallOption) (*grpc.UserAgent, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "CreateUserAgent", varargs...)
 	ret0, _ := ret[0].(*grpc.UserAgent)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // CreateUserAgent indicates an expected call of CreateUserAgent
 func (mr *MockAuthServiceClientMockRecorder) CreateUserAgent(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateUserAgent", reflect.TypeOf((*MockAuthServiceClient)(nil).CreateUserAgent), varargs...)
 }
 // GetApplicationByID mocks base method
 func (m *MockAuthServiceClient) GetApplicationByID(arg0 context.Context, arg1 *grpc.ApplicationID, arg2 ...grpc0.CallOption) (*grpc.Application, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetApplicationByID", varargs...)
 	ret0, _ := ret[0].(*grpc.Application)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetApplicationByID indicates an expected call of GetApplicationByID
 func (mr *MockAuthServiceClientMockRecorder) GetApplicationByID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetApplicationByID", reflect.TypeOf((*MockAuthServiceClient)(nil).GetApplicationByID), varargs...)
 }
 // GetAuthSession mocks base method
 func (m *MockAuthServiceClient) GetAuthSession(arg0 context.Context, arg1 *grpc.AuthSessionID, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetAuthSession", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetAuthSession indicates an expected call of GetAuthSession
 func (mr *MockAuthServiceClientMockRecorder) GetAuthSession(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAuthSession", reflect.TypeOf((*MockAuthServiceClient)(nil).GetAuthSession), varargs...)
 }
 // GetAuthSessionByTokenID mocks base method
 func (m *MockAuthServiceClient) GetAuthSessionByTokenID(arg0 context.Context, arg1 *grpc.TokenID, arg2 ...grpc0.CallOption) (*grpc.AuthSessionView, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetAuthSessionByTokenID", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionView)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetAuthSessionByTokenID indicates an expected call of GetAuthSessionByTokenID
 func (mr *MockAuthServiceClientMockRecorder) GetAuthSessionByTokenID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAuthSessionByTokenID", reflect.TypeOf((*MockAuthServiceClient)(nil).GetAuthSessionByTokenID), varargs...)
 }
 // GetMyMfas mocks base method
-func (m *MockAuthServiceClient) GetMyMfas(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.MultiFactors, error) {
+func (m *MockAuthServiceClient) GetMyMfas(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.MultiFactors, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -278,7 +138,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyMfas(arg0, arg1 interface{}, a
 }
 // GetMyUserAddress mocks base method
-func (m *MockAuthServiceClient) GetMyUserAddress(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.UserAddress, error) {
+func (m *MockAuthServiceClient) GetMyUserAddress(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.UserAddress, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -298,7 +158,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyUserAddress(arg0, arg1 interfa
 }
 // GetMyUserEmail mocks base method
-func (m *MockAuthServiceClient) GetMyUserEmail(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.UserEmail, error) {
+func (m *MockAuthServiceClient) GetMyUserEmail(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.UserEmail, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -318,7 +178,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyUserEmail(arg0, arg1 interface
 }
 // GetMyUserPhone mocks base method
-func (m *MockAuthServiceClient) GetMyUserPhone(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.UserPhone, error) {
+func (m *MockAuthServiceClient) GetMyUserPhone(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.UserPhone, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -338,7 +198,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyUserPhone(arg0, arg1 interface
 }
 // GetMyUserProfile mocks base method
-func (m *MockAuthServiceClient) GetMyUserProfile(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.UserProfile, error) {
+func (m *MockAuthServiceClient) GetMyUserProfile(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.UserProfile, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -358,7 +218,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyUserProfile(arg0, arg1 interfa
 }
 // GetMyUserSessions mocks base method
-func (m *MockAuthServiceClient) GetMyUserSessions(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.UserSessionViews, error) {
+func (m *MockAuthServiceClient) GetMyUserSessions(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.UserSessionViews, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -378,7 +238,7 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyUserSessions(arg0, arg1 interf
 }
 // GetMyZitadelPermissions mocks base method
-func (m *MockAuthServiceClient) GetMyZitadelPermissions(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.MyPermissions, error) {
+func (m *MockAuthServiceClient) GetMyZitadelPermissions(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.MyPermissions, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -397,46 +257,6 @@ func (mr *MockAuthServiceClientMockRecorder) GetMyZitadelPermissions(arg0, arg1
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetMyZitadelPermissions", reflect.TypeOf((*MockAuthServiceClient)(nil).GetMyZitadelPermissions), varargs...)
 }
 // GetUserAgent mocks base method
 func (m *MockAuthServiceClient) GetUserAgent(arg0 context.Context, arg1 *grpc.UserAgentID, arg2 ...grpc0.CallOption) (*grpc.UserAgent, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetUserAgent", varargs...)
 	ret0, _ := ret[0].(*grpc.UserAgent)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetUserAgent indicates an expected call of GetUserAgent
 func (mr *MockAuthServiceClientMockRecorder) GetUserAgent(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserAgent", reflect.TypeOf((*MockAuthServiceClient)(nil).GetUserAgent), varargs...)
 }
 // GetUserAgentSessions mocks base method
 func (m *MockAuthServiceClient) GetUserAgentSessions(arg0 context.Context, arg1 *grpc.UserAgentID, arg2 ...grpc0.CallOption) (*grpc.UserSessions, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetUserAgentSessions", varargs...)
 	ret0, _ := ret[0].(*grpc.UserSessions)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetUserAgentSessions indicates an expected call of GetUserAgentSessions
 func (mr *MockAuthServiceClientMockRecorder) GetUserAgentSessions(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserAgentSessions", reflect.TypeOf((*MockAuthServiceClient)(nil).GetUserAgentSessions), varargs...)
 }
 // GetUserByID mocks base method
 func (m *MockAuthServiceClient) GetUserByID(arg0 context.Context, arg1 *grpc.UserID, arg2 ...grpc0.CallOption) (*grpc.User, error) {
 	m.ctrl.T.Helper()
@@ -457,35 +277,15 @@ func (mr *MockAuthServiceClientMockRecorder) GetUserByID(arg0, arg1 interface{},
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserByID", reflect.TypeOf((*MockAuthServiceClient)(nil).GetUserByID), varargs...)
 }
 // GetUserSession mocks base method
 func (m *MockAuthServiceClient) GetUserSession(arg0 context.Context, arg1 *grpc.UserSessionID, arg2 ...grpc0.CallOption) (*grpc.UserSession, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "GetUserSession", varargs...)
 	ret0, _ := ret[0].(*grpc.UserSession)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // GetUserSession indicates an expected call of GetUserSession
 func (mr *MockAuthServiceClientMockRecorder) GetUserSession(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserSession", reflect.TypeOf((*MockAuthServiceClient)(nil).GetUserSession), varargs...)
 }
 // Healthz mocks base method
-func (m *MockAuthServiceClient) Healthz(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) Healthz(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "Healthz", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -498,7 +298,7 @@ func (mr *MockAuthServiceClientMockRecorder) Healthz(arg0, arg1 interface{}, arg
 }
 // IsIamAdmin mocks base method
-func (m *MockAuthServiceClient) IsIamAdmin(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*grpc.IsAdminResponse, error) {
+func (m *MockAuthServiceClient) IsIamAdmin(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*grpc.IsAdminResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -517,55 +317,15 @@ func (mr *MockAuthServiceClientMockRecorder) IsIamAdmin(arg0, arg1 interface{},
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsIamAdmin", reflect.TypeOf((*MockAuthServiceClient)(nil).IsIamAdmin), varargs...)
 }
 // IsUserUnique mocks base method
 func (m *MockAuthServiceClient) IsUserUnique(arg0 context.Context, arg1 *grpc.UniqueUserRequest, arg2 ...grpc0.CallOption) (*grpc.UniqueUserResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "IsUserUnique", varargs...)
 	ret0, _ := ret[0].(*grpc.UniqueUserResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // IsUserUnique indicates an expected call of IsUserUnique
 func (mr *MockAuthServiceClientMockRecorder) IsUserUnique(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsUserUnique", reflect.TypeOf((*MockAuthServiceClient)(nil).IsUserUnique), varargs...)
 }
 // PasswordReset mocks base method
 func (m *MockAuthServiceClient) PasswordReset(arg0 context.Context, arg1 *grpc.ResetPassword, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "PasswordReset", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // PasswordReset indicates an expected call of PasswordReset
 func (mr *MockAuthServiceClientMockRecorder) PasswordReset(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PasswordReset", reflect.TypeOf((*MockAuthServiceClient)(nil).PasswordReset), varargs...)
 }
 // Ready mocks base method
-func (m *MockAuthServiceClient) Ready(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) Ready(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "Ready", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -577,55 +337,15 @@ func (mr *MockAuthServiceClientMockRecorder) Ready(arg0, arg1 interface{}, arg2
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Ready", reflect.TypeOf((*MockAuthServiceClient)(nil).Ready), varargs...)
 }
 // RegisterUser mocks base method
 func (m *MockAuthServiceClient) RegisterUser(arg0 context.Context, arg1 *grpc.RegisterUserRequest, arg2 ...grpc0.CallOption) (*grpc.User, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "RegisterUser", varargs...)
 	ret0, _ := ret[0].(*grpc.User)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // RegisterUser indicates an expected call of RegisterUser
 func (mr *MockAuthServiceClientMockRecorder) RegisterUser(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegisterUser", reflect.TypeOf((*MockAuthServiceClient)(nil).RegisterUser), varargs...)
 }
 // RegisterUserWithExternal mocks base method
 func (m *MockAuthServiceClient) RegisterUserWithExternal(arg0 context.Context, arg1 *grpc.RegisterUserExternalIDPRequest, arg2 ...grpc0.CallOption) (*grpc.User, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "RegisterUserWithExternal", varargs...)
 	ret0, _ := ret[0].(*grpc.User)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // RegisterUserWithExternal indicates an expected call of RegisterUserWithExternal
 func (mr *MockAuthServiceClientMockRecorder) RegisterUserWithExternal(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegisterUserWithExternal", reflect.TypeOf((*MockAuthServiceClient)(nil).RegisterUserWithExternal), varargs...)
 }
 // RemoveMfaOTP mocks base method
-func (m *MockAuthServiceClient) RemoveMfaOTP(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) RemoveMfaOTP(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "RemoveMfaOTP", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -637,55 +357,15 @@ func (mr *MockAuthServiceClientMockRecorder) RemoveMfaOTP(arg0, arg1 interface{}
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RemoveMfaOTP", reflect.TypeOf((*MockAuthServiceClient)(nil).RemoveMfaOTP), varargs...)
 }
 // RequestPasswordReset mocks base method
 func (m *MockAuthServiceClient) RequestPasswordReset(arg0 context.Context, arg1 *grpc.ResetPasswordRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "RequestPasswordReset", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // RequestPasswordReset indicates an expected call of RequestPasswordReset
 func (mr *MockAuthServiceClientMockRecorder) RequestPasswordReset(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RequestPasswordReset", reflect.TypeOf((*MockAuthServiceClient)(nil).RequestPasswordReset), varargs...)
 }
 // ResendEmailVerificationMail mocks base method
 func (m *MockAuthServiceClient) ResendEmailVerificationMail(arg0 context.Context, arg1 *grpc.UserID, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "ResendEmailVerificationMail", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // ResendEmailVerificationMail indicates an expected call of ResendEmailVerificationMail
 func (mr *MockAuthServiceClientMockRecorder) ResendEmailVerificationMail(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ResendEmailVerificationMail", reflect.TypeOf((*MockAuthServiceClient)(nil).ResendEmailVerificationMail), varargs...)
 }
 // ResendMyEmailVerificationMail mocks base method
-func (m *MockAuthServiceClient) ResendMyEmailVerificationMail(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) ResendMyEmailVerificationMail(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "ResendMyEmailVerificationMail", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -698,14 +378,14 @@ func (mr *MockAuthServiceClientMockRecorder) ResendMyEmailVerificationMail(arg0,
 }
 // ResendMyPhoneVerificationCode mocks base method
-func (m *MockAuthServiceClient) ResendMyPhoneVerificationCode(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) ResendMyPhoneVerificationCode(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "ResendMyPhoneVerificationCode", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -717,66 +397,6 @@ func (mr *MockAuthServiceClientMockRecorder) ResendMyPhoneVerificationCode(arg0,
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ResendMyPhoneVerificationCode", reflect.TypeOf((*MockAuthServiceClient)(nil).ResendMyPhoneVerificationCode), varargs...)
 }
 // RevokeUserAgent mocks base method
 func (m *MockAuthServiceClient) RevokeUserAgent(arg0 context.Context, arg1 *grpc.UserAgentID, arg2 ...grpc0.CallOption) (*grpc.UserAgent, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "RevokeUserAgent", varargs...)
 	ret0, _ := ret[0].(*grpc.UserAgent)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // RevokeUserAgent indicates an expected call of RevokeUserAgent
 func (mr *MockAuthServiceClientMockRecorder) RevokeUserAgent(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RevokeUserAgent", reflect.TypeOf((*MockAuthServiceClient)(nil).RevokeUserAgent), varargs...)
 }
 // SearchApplications mocks base method
 func (m *MockAuthServiceClient) SearchApplications(arg0 context.Context, arg1 *grpc.ApplicationSearchRequest, arg2 ...grpc0.CallOption) (*grpc.ApplicationSearchResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "SearchApplications", varargs...)
 	ret0, _ := ret[0].(*grpc.ApplicationSearchResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // SearchApplications indicates an expected call of SearchApplications
 func (mr *MockAuthServiceClientMockRecorder) SearchApplications(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchApplications", reflect.TypeOf((*MockAuthServiceClient)(nil).SearchApplications), varargs...)
 }
 // SearchGrant mocks base method
 func (m *MockAuthServiceClient) SearchGrant(arg0 context.Context, arg1 *grpc.GrantSearchRequest, arg2 ...grpc0.CallOption) (*grpc.GrantSearchResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "SearchGrant", varargs...)
 	ret0, _ := ret[0].(*grpc.GrantSearchResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // SearchGrant indicates an expected call of SearchGrant
 func (mr *MockAuthServiceClientMockRecorder) SearchGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchGrant", reflect.TypeOf((*MockAuthServiceClient)(nil).SearchGrant), varargs...)
 }
 // SearchMyProjectOrgs mocks base method
 func (m *MockAuthServiceClient) SearchMyProjectOrgs(arg0 context.Context, arg1 *grpc.MyProjectOrgSearchRequest, arg2 ...grpc0.CallOption) (*grpc.MyProjectOrgSearchResponse, error) {
 	m.ctrl.T.Helper()
@@ -797,35 +417,15 @@ func (mr *MockAuthServiceClientMockRecorder) SearchMyProjectOrgs(arg0, arg1 inte
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchMyProjectOrgs", reflect.TypeOf((*MockAuthServiceClient)(nil).SearchMyProjectOrgs), varargs...)
 }
 // SelectUser mocks base method
 func (m *MockAuthServiceClient) SelectUser(arg0 context.Context, arg1 *grpc.SelectUserRequest, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "SelectUser", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // SelectUser indicates an expected call of SelectUser
 func (mr *MockAuthServiceClientMockRecorder) SelectUser(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SelectUser", reflect.TypeOf((*MockAuthServiceClient)(nil).SelectUser), varargs...)
 }
 // SetMyPassword mocks base method
-func (m *MockAuthServiceClient) SetMyPassword(arg0 context.Context, arg1 *grpc.PasswordRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) SetMyPassword(arg0 context.Context, arg1 *grpc.PasswordRequest, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "SetMyPassword", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -837,46 +437,6 @@ func (mr *MockAuthServiceClientMockRecorder) SetMyPassword(arg0, arg1 interface{
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SetMyPassword", reflect.TypeOf((*MockAuthServiceClient)(nil).SetMyPassword), varargs...)
 }
 // SkipMfaInit mocks base method
 func (m *MockAuthServiceClient) SkipMfaInit(arg0 context.Context, arg1 *grpc.SkipMfaInitRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "SkipMfaInit", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // SkipMfaInit indicates an expected call of SkipMfaInit
 func (mr *MockAuthServiceClientMockRecorder) SkipMfaInit(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SkipMfaInit", reflect.TypeOf((*MockAuthServiceClient)(nil).SkipMfaInit), varargs...)
 }
 // TerminateUserSession mocks base method
 func (m *MockAuthServiceClient) TerminateUserSession(arg0 context.Context, arg1 *grpc.UserSessionID, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "TerminateUserSession", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // TerminateUserSession indicates an expected call of TerminateUserSession
 func (mr *MockAuthServiceClientMockRecorder) TerminateUserSession(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "TerminateUserSession", reflect.TypeOf((*MockAuthServiceClient)(nil).TerminateUserSession), varargs...)
 }
 // UpdateMyUserAddress mocks base method
 func (m *MockAuthServiceClient) UpdateMyUserAddress(arg0 context.Context, arg1 *grpc.UpdateUserAddressRequest, arg2 ...grpc0.CallOption) (*grpc.UserAddress, error) {
 	m.ctrl.T.Helper()
@@ -918,14 +478,14 @@ func (mr *MockAuthServiceClientMockRecorder) UpdateMyUserProfile(arg0, arg1 inte
 }
 // Validate mocks base method
-func (m *MockAuthServiceClient) Validate(arg0 context.Context, arg1 *empty.Empty, arg2 ...grpc0.CallOption) (*struct0.Struct, error) {
+func (m *MockAuthServiceClient) Validate(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc0.CallOption) (*structpb.Struct, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "Validate", varargs...)
-	ret0, _ := ret[0].(*struct0.Struct)
+	ret0, _ := ret[0].(*structpb.Struct)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -937,26 +497,6 @@ func (mr *MockAuthServiceClientMockRecorder) Validate(arg0, arg1 interface{}, ar
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Validate", reflect.TypeOf((*MockAuthServiceClient)(nil).Validate), varargs...)
 }
 // VerifyMfa mocks base method
 func (m *MockAuthServiceClient) VerifyMfa(arg0 context.Context, arg1 *grpc.VerifyMfaRequest, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyMfa", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // VerifyMfa indicates an expected call of VerifyMfa
 func (mr *MockAuthServiceClientMockRecorder) VerifyMfa(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifyMfa", reflect.TypeOf((*MockAuthServiceClient)(nil).VerifyMfa), varargs...)
 }
 // VerifyMfaOTP mocks base method
 func (m *MockAuthServiceClient) VerifyMfaOTP(arg0 context.Context, arg1 *grpc.VerifyMfaOtp, arg2 ...grpc0.CallOption) (*grpc.MfaOtpResponse, error) {
 	m.ctrl.T.Helper()
@@ -978,14 +518,14 @@ func (mr *MockAuthServiceClientMockRecorder) VerifyMfaOTP(arg0, arg1 interface{}
 }
 // VerifyMyUserEmail mocks base method
-func (m *MockAuthServiceClient) VerifyMyUserEmail(arg0 context.Context, arg1 *grpc.VerifyMyUserEmailRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) VerifyMyUserEmail(arg0 context.Context, arg1 *grpc.VerifyMyUserEmailRequest, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyMyUserEmail", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -998,14 +538,14 @@ func (mr *MockAuthServiceClientMockRecorder) VerifyMyUserEmail(arg0, arg1 interf
 }
 // VerifyMyUserPhone mocks base method
-func (m *MockAuthServiceClient) VerifyMyUserPhone(arg0 context.Context, arg1 *grpc.VerifyUserPhoneRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
+func (m *MockAuthServiceClient) VerifyMyUserPhone(arg0 context.Context, arg1 *grpc.VerifyUserPhoneRequest, arg2 ...grpc0.CallOption) (*emptypb.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyMyUserPhone", varargs...)
-	ret0, _ := ret[0].(*empty.Empty)
+	ret0, _ := ret[0].(*emptypb.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
@@ -1016,63 +556,3 @@ func (mr *MockAuthServiceClientMockRecorder) VerifyMyUserPhone(arg0, arg1 interf
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifyMyUserPhone", reflect.TypeOf((*MockAuthServiceClient)(nil).VerifyMyUserPhone), varargs...)
 }
 // VerifyPassword mocks base method
 func (m *MockAuthServiceClient) VerifyPassword(arg0 context.Context, arg1 *grpc.VerifyPasswordRequest, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyPassword", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // VerifyPassword indicates an expected call of VerifyPassword
 func (mr *MockAuthServiceClientMockRecorder) VerifyPassword(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifyPassword", reflect.TypeOf((*MockAuthServiceClient)(nil).VerifyPassword), varargs...)
 }
 // VerifyUser mocks base method
 func (m *MockAuthServiceClient) VerifyUser(arg0 context.Context, arg1 *grpc.VerifyUserRequest, arg2 ...grpc0.CallOption) (*grpc.AuthSessionResponse, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyUser", varargs...)
 	ret0, _ := ret[0].(*grpc.AuthSessionResponse)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // VerifyUser indicates an expected call of VerifyUser
 func (mr *MockAuthServiceClientMockRecorder) VerifyUser(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifyUser", reflect.TypeOf((*MockAuthServiceClient)(nil).VerifyUser), varargs...)
 }
 // VerifyUserEmail mocks base method
 func (m *MockAuthServiceClient) VerifyUserEmail(arg0 context.Context, arg1 *grpc.VerifyUserEmailRequest, arg2 ...grpc0.CallOption) (*empty.Empty, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
 		varargs = append(varargs, a)
 	}
 	ret := m.ctrl.Call(m, "VerifyUserEmail", varargs...)
 	ret0, _ := ret[0].(*empty.Empty)
 	ret1, _ := ret[1].(error)
 	return ret0, ret1
 }
 // VerifyUserEmail indicates an expected call of VerifyUserEmail
 func (mr *MockAuthServiceClientMockRecorder) VerifyUserEmail(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
 	mr.mock.ctrl.T.Helper()
 	varargs := append([]interface{}{arg0, arg1}, arg2...)
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "VerifyUserEmail", reflect.TypeOf((*MockAuthServiceClient)(nil).VerifyUserEmail), varargs...)
 }
--- a/pkg/auth/api/grpc/token.go
+++ b/pkg/auth/api/grpc/token.go
@@ -1,10 +0,0 @@
 package grpc
 import (
 	"context"
 	"github.com/caos/zitadel/internal/errors"
 )
 func (s *Server) CreateToken(ctx context.Context, request *CreateTokenRequest) (_ *Token, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-86dG3", "Not implemented")
 }
--- a/pkg/auth/api/grpc/user.go
+++ b/pkg/auth/api/grpc/user.go
@@ -10,10 +10,6 @@ func (s *Server) GetUserByID(ctx context.Context, request *UserID) (*User, error
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-fj74G", "Not implemented")
 }
 func (s *Server) IsUserUnique(ctx context.Context, request *UniqueUserRequest) (*UniqueUserResponse, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dke9f", "Not implemented")
 }
 func (s *Server) GetMyUserProfile(ctx context.Context, _ *empty.Empty) (*UserProfile, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-fis93", "Not implemented")
 }
@@ -34,14 +30,6 @@ func (s *Server) GetMyMfas(ctx context.Context, _ *empty.Empty) (*MultiFactors,
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-vkl9i", "Not implemented")
 }
 func (s *Server) RegisterUser(ctx context.Context, request *RegisterUserRequest) (*User, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-03idx", "Not implemented")
 }
 func (s *Server) RegisterUserWithExternal(ctx context.Context, request *RegisterUserExternalIDPRequest) (*User, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dlwpd", "Not implemented")
 }
 func (s *Server) UpdateMyUserProfile(ctx context.Context, request *UpdateUserProfileRequest) (*UserProfile, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dlep3", "Not implemented")
 }
@@ -85,13 +73,6 @@ func (s *Server) UpdateMyUserAddress(ctx context.Context, request *UpdateUserAdd
 func (s *Server) SetMyPassword(ctx context.Context, request *PasswordRequest) (*empty.Empty, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-pl9c2", "Not implemented")
 }
 func (s *Server) RequestPasswordReset(ctx context.Context, request *ResetPasswordRequest) (*empty.Empty, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-xm5hW", "Not implemented")
 }
 func (s *Server) PasswordReset(ctx context.Context, request *ResetPassword) (*empty.Empty, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-mce5W", "Not implemented")
 }
 func (s *Server) ChangeMyPassword(ctx context.Context, request *PasswordChange) (*empty.Empty, error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dlo6G", "Not implemented")
@@ -109,14 +90,6 @@ func (s *Server) RemoveMfaOTP(ctx context.Context, _ *empty.Empty) (_ *empty.Emp
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-9k46d", "Not implemented")
 }
 func (s *Server) SkipMfaInit(ctx context.Context, request *SkipMfaInitRequest) (_ *empty.Empty, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dl3i5", "Not implemented")
 }
 func (s *Server) VerifyUserInit(ctx context.Context, request *VerifyUserInitRequest) (_ *empty.Empty, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-itk6h", "Not implemented")
 }
 func (s *Server) ResendUserInitMail(ctx context.Context, request *UserID) (_ *empty.Empty, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-dk467", "Not implemented")
 }
--- a/pkg/auth/api/grpc/user_agent.go
+++ b/pkg/auth/api/grpc/user_agent.go
@@ -1,18 +0,0 @@
 package grpc
 import (
 	"context"
 	"github.com/caos/zitadel/internal/errors"
 )
 func (s *Server) GetUserAgent(ctx context.Context, request *UserAgentID) (_ *UserAgent, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-iu7jF", "Not implemented")
 }
 func (s *Server) CreateUserAgent(ctx context.Context, request *UserAgentCreation) (_ *UserAgent, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-sdfk3", "Not implemented")
 }
 func (s *Server) RevokeUserAgent(ctx context.Context, id *UserAgentID) (_ *UserAgent, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-09HjK", "Not implemented")
 }
--- a/pkg/auth/api/grpc/user_session.go
+++ b/pkg/auth/api/grpc/user_session.go
@@ -6,18 +6,6 @@ import (
 	"github.com/golang/protobuf/ptypes/empty"
 )
 func (s *Server) GetUserAgentSessions(ctx context.Context, id *UserAgentID) (_ *UserSessions, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-ue45f", "Not implemented")
 }
 func (s *Server) GetUserSession(ctx context.Context, id *UserSessionID) (_ *UserSession, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-lor5h", "Not implemented")
 }
 func (s *Server) TerminateUserSession(ctx context.Context, id *UserSessionID) (_ *empty.Empty, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-bnmt6", "Not implemented")
 }
 func (s *Server) GetMyUserSessions(ctx context.Context, _ *empty.Empty) (_ *UserSessionViews, err error) {
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-nc52s", "Not implemented")
 }
--- a/pkg/auth/api/proto/auth.proto
+++ b/pkg/auth/api/proto/auth.proto
@@ -51,85 +51,6 @@ service AuthService {
    }
    // Authorization
    rpc GetUserAgent(UserAgentID) returns (UserAgent) {
        option (google.api.http) = {
                get: "/useragents/{id}"
                };
    }
    rpc CreateUserAgent(UserAgentCreation) returns (UserAgent) {
        option (google.api.http) = {
                post: "/useragents"
                body: "*"
            };
    }
    rpc RevokeUserAgent(UserAgentID) returns (UserAgent) {
        option (google.api.http) = {
                put: "/useragents/{id}"
                body: "*"
            };
    }
    rpc CreateAuthSession(AuthSessionCreation) returns (AuthSessionResponse) {
        option (google.api.http) = {
                post: "/useragents/{agent_id}/authsessions"
                body: "*"
            };
    }
    rpc GetAuthSession(AuthSessionID) returns (AuthSessionResponse) {
        option (google.api.http) = {
                get: "/useragents/{agent_id}/authsessions/{id}"
            };
    }
    rpc GetAuthSessionByTokenID(TokenID) returns (AuthSessionView) {
        option (google.api.http) = {
                get: "/tokens/{id}/authsession"
            };
    }
    rpc SelectUser(SelectUserRequest) returns (AuthSessionResponse) {
        option (google.api.http) = {
                put: "/useragents/{agent_id}/authsessions/{auth_session_id}/_selectuser"
                body: "*"
            };
    }
    rpc VerifyUser(VerifyUserRequest) returns (AuthSessionResponse) {
        option (google.api.http) = {
                put: "/useragents/{agent_id}/authsessions/{auth_session_id}/_verifyuser"
                body: "*"
            };
    }
    rpc VerifyPassword(VerifyPasswordRequest) returns (AuthSessionResponse) {
        option (google.api.http) = {
                put: "/useragents/{agent_id}/authsessions/{auth_session_id}/_verifypassword"
                body: "*"
            };
    }
    rpc VerifyMfa(VerifyMfaRequest) returns (AuthSessionResponse) {
        option (google.api.http) = {
                put: "/useragents/{agent_id}/authsessions/{auth_session_id}/_verifymfa"
                body: "*"
            };
    }
    rpc GetUserAgentSessions(UserAgentID)  returns (UserSessions) {
        option (google.api.http) = {
                get: "/useragents/{id}/usersessions"
            };
    }
    rpc GetUserSession(UserSessionID)  returns (UserSession) {
        option (google.api.http) = {
                get: "/useragents/{agent_id}/usersessions/{id}"
            };
    }
    rpc GetMyUserSessions(google.protobuf.Empty) returns (UserSessionViews) {
        option (google.api.http) = {
                get: "/me/usersessions"
@@ -140,40 +61,7 @@ service AuthService {
            };
    }
    rpc TerminateUserSession(UserSessionID) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                delete: "/useragents/{agent_id}/usersessions/{id}"
            };
    }
    rpc CreateToken(CreateTokenRequest) returns (Token) {
        option (google.api.http) = {
                post: "/useragents/{agent_id}/authsessions/{auth_session_id}/tokens"
                body: "*"
            };
    }
    //User
    rpc IsUserUnique(UniqueUserRequest) returns (UniqueUserResponse) {
        option (google.api.http) = {
                get: "/users/_isunique"
            };
    }
    rpc RegisterUser(RegisterUserRequest) returns (User) {
        option (google.api.http) = {
                post: "/users/_register"
                body: "*"
            };
    }
    rpc RegisterUserWithExternal(RegisterUserExternalIDPRequest) returns (User) {
        option (google.api.http) = {
                post: "/users/_externalregister"
                body: "*"
            };
    }
    rpc GetMyUserProfile(google.protobuf.Empty) returns (UserProfile) {
        option (google.api.http) = {
                get: "/users/me/profile"
@@ -227,14 +115,6 @@ service AuthService {
            };
    }
    rpc VerifyUserEmail(VerifyUserEmailRequest) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/{id}/email/_verify"
                body: "*"
            };
    }
    rpc ResendMyEmailVerificationMail(google.protobuf.Empty) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/me/email/_resendverification"
@@ -246,14 +126,6 @@ service AuthService {
            };
    }
    rpc ResendEmailVerificationMail(UserID) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/{id}/email/_resendverification"
                body: "*"
            };
    }
    rpc GetMyUserPhone(google.protobuf.Empty) returns (UserPhone) {
        option (google.api.http) = {
                get: "/users/me/phone"
@@ -340,20 +212,6 @@ service AuthService {
            };
    }
    rpc RequestPasswordReset(ResetPasswordRequest) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/passwords/_requestpwreset"
                body: "*"
            };
    }
    rpc PasswordReset(ResetPassword) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/{id}/passwords/_resetpw"
                body: "*"
            };
    }
    rpc ChangeMyPassword(PasswordChange) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                put: "/users/me/passwords/_change"
@@ -397,14 +255,6 @@ service AuthService {
            };
    }
    rpc SkipMfaInit(SkipMfaInitRequest) returns (google.protobuf.Empty) {
        option (google.api.http) = {
                post: "/users/{user_id}/mfa/_skipinit"
                body: "*"
            };
    }
    //TODO: Remove func only for tests
    rpc GetUserByID(UserID) returns (User) {
        option (google.api.http) = {
@@ -412,35 +262,6 @@ service AuthService {
            };
    }
    //Application
    rpc GetApplicationByID(ApplicationID) returns (Application) {
        option (google.api.http) = {
                get: "/applications/{id}"
            };
    }
    rpc SearchApplications(ApplicationSearchRequest) returns (ApplicationSearchResponse) {
        option (google.api.http) = {
                post: "/applications/_search"
                body: "*"
            };
    }
    rpc AuthorizeApplication(ApplicationAuthorizeRequest) returns (Application) {
        option (google.api.http) = {
                post: "/applications/_authorize"
                body: "*"
            };
    }
    //Grant
    rpc SearchGrant(GrantSearchRequest) returns (GrantSearchResponse) {
        option (google.api.http) = {
                post: "/grants/_search"
                body: "*"
            };
    }
    rpc SearchMyProjectOrgs(MyProjectOrgSearchRequest) returns (MyProjectOrgSearchResponse) {
        option (google.api.http) = {
                post: "/global/projectorgs/_search"
@@ -474,111 +295,6 @@ service AuthService {
    }
 }
 message SessionRequest {
    string user_id = 1;
    BrowserInformation browser_info = 2;
 }
 message UserAgent {
    string id = 1;
    BrowserInformation browser_info = 2;
    UserAgentState state = 3;
 }
 enum UserAgentState {
    USERAGENTSTATE_UNSPECIFIED = 0;
    USERAGENTSTATE_ACTIVE = 1;
    USERAGENTSTATE_TERMINATED = 2;
 }
 message UserAgentID {
    string id = 1;
 }
 message UserAgentCreation {
    BrowserInformation browser_info = 1 [(validate.rules).message.required = true];
 }
 message UserAgents {
    repeated UserAgent sessions = 1;
 }
 message AuthSessionCreation {
    string agent_id = 1 [(validate.rules).string.min_len = 1];
    AuthSessionType type = 2;
    BrowserInformation browser_info = 3 [(validate.rules).message.required = true];
    string client_id = 4 [(validate.rules).string.min_len = 1];
    string redirect_uri = 5 [(validate.rules).string.min_len = 1];
    string state = 6;
    Prompt prompt = 7;
    repeated string auth_context_class_reference = 8;
    repeated string ui_locales = 9;
    string login_hint = 10;
    uint32 max_age = 11;
    oneof type_info {
        AuthRequestOIDC oidc = 12;
    }
    string preselected_user_id = 13;
 }
 message AuthSessionResponse {
    string agent_id = 1;
    string id = 2;
    AuthSessionType type = 3;
    string client_id = 4;
    string redirect_uri = 5;
    string state = 6;
    Prompt prompt = 7;
    repeated string auth_context_class_reference = 8;
    repeated string ui_locales = 9;
    string login_hint = 10;
    uint32 max_age = 11;
    oneof type_info {
        AuthRequestOIDC oidc = 12;
    }
    repeated NextStep possible_steps = 13;
    repeated string project_client_ids = 14;
    UserSession user_session = 15;
 }
 message AuthSessionView {
    string agent_id = 1;
    string auth_session_id = 2;
    AuthSessionType type = 3;
    string client_id = 4;
    string user_session_id = 5;
    repeated string project_client_ids = 6;
    string token_id = 7;
    google.protobuf.Timestamp token_expiration = 8;
    string user_id = 9;
 }
 message TokenID {
    string id = 1;
 }
 message UserSessionID {
    string id = 1;
    string agent_id = 2;
 }
 message UserSessions {
    repeated UserSession user_sessions = 1;
 }
 message UserSession {
    string id = 1;
    string agent_id = 2;
    UserSessionState auth_state = 3;
    AuthUser user = 4;
    bool password_verified = 5;
    MfaType mfa = 6;
    bool mfa_verified = 7;
    google.protobuf.Timestamp auth_time = 8;
 }
 message UserSessionViews {
    repeated UserSessionView user_sessions = 1;
 }
@@ -590,212 +306,22 @@ message UserSessionView {
    string user_name = 5;
 }
 message AuthUser {
    string user_id = 1;
    string user_name = 2;
 }
 enum UserSessionState {
    USERSESSIONSTATE_UNSPECIFIED = 0;
    USERSESSIONSTATE_ACTIVE = 1;
    USERSESSIONSTATE_TERMINATED = 2;
 }
 message AuthSessionID {
    string id = 1;
    string agent_id = 2;
    BrowserInformation browser_info = 3;
 }
 message SelectUserRequest {
    string agent_id = 1;
    string auth_session_id = 2;
    string user_session_id = 3;
    BrowserInformation browser_info = 4 [(validate.rules).message.required = true];
 }
 message VerifyUserRequest {
    string agent_id = 1 [(validate.rules).string.min_len = 1];
    string auth_session_id = 2 [(validate.rules).string.min_len = 1];
    string user_name = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
    BrowserInformation browser_info = 4 [(validate.rules).message.required = true];
 }
 message VerifyPasswordRequest {
    string agent_id = 1 [(validate.rules).string.min_len = 1];
    string auth_session_id = 2 [(validate.rules).string.min_len = 1];
    string password = 3 [(validate.rules).string = {min_len: 1, max_len: 72}];
    BrowserInformation browser_info = 4 [(validate.rules).message.required = true];
 }
 message VerifyMfaRequest {
    string agent_id = 1 [(validate.rules).string.min_len = 1];
    string auth_session_id = 2 [(validate.rules).string.min_len = 1];
    BrowserInformation browser_info = 3;
    oneof mfa {
        AuthSessionMultiFactorOTP otp = 4;
    }
 }
 message AuthSessionMultiFactorOTP {
    string code = 1 [(validate.rules).string = {max_len: 200}];
 }
 message NextStep {
    NextStepType type = 1;
    oneof data {
        LoginData login = 2;
        PasswordData password = 3;
        MfaVerifyData mfa_verify = 4;
        MfaPromptData mfa_prompt = 5;
        ChooseUserData choose_user = 6;
    }
 }
 enum NextStepType {
    NEXTSTEP_UNSPECIFIED = 0;
    NEXTSTEP_LOGIN = 1;
    NEXTSTEP_PASSWORD = 2;
    NEXTSTEP_CHANGE_PASSWORD = 3;
    NEXTSTEP_MFA_PROMPT = 4; //TODO: ?
    NEXTSTEP_MFA_INIT_CHOICE = 5; //TODO: ?
    NEXTSTEP_MFA_INIT_CREATE = 6;
    NEXTSTEP_MFA_INIT_VERIFY = 7;
    NEXTSTEP_MFA_INIT_DONE = 8;
    NEXTSTEP_MFA_VERIFY = 9;
    NEXTSTEP_MFA_VERIFY_ASYNC = 10;
    NEXTSTEP_VERIFY_EMAIL = 11;
    NEXTSTEP_REDIRECT_TO_CALLBACK = 12;
    NEXTSTEP_INIT_PASSWORD = 13;
    NEXTSTEP_CHOOSE_USER = 14;
 }
 message LoginData {
    string err_msg = 1;
 }
 message PasswordData {
    string err_msg = 1;
    uint32 failure_count = 2;
 }
 message MfaVerifyData {
    string err_msg = 1;
    uint32 failure_count = 2;
    repeated MfaType mfa_providers = 3;
 }
 message MfaPromptData {
    bool required = 1;
    repeated MfaType mfa_providers = 2;
 }
 message ChooseUserData {
    repeated ChooseUser users = 1;
 }
 message ChooseUser {
    string user_session_id = 1;
    string user_id = 2;
    string user_name = 3;
    UserSessionState user_session_state = 4;
 }
 message SkipMfaInitRequest {
    string user_id = 1;
 }
 enum AuthSessionType {
    AUTHSESSIONTYPE_UNSPECIFIED = 0; //TODO: necessary?
    AUTHSESSIONTYPE_OIDC = 1;
    AUTHSESSIONTYPE_SAML = 2;
 }
 message BrowserInformation {
    string user_agent = 1;
    IP remote_ip = 2 [(validate.rules).message.required = true];
    string accept_language = 3;
 }
 message IP {
    string V4 = 1;
    string V6 = 2;
 }
 enum Prompt {
    PROMPT_UNSPECIFIED = 0;
    PROMPT_NONE = 1;
    PROMPT_LOGIN = 2;
    PROMPT_CONSENT = 3;
    PROMPT_SELECT_ACCOUNT = 4;
 }
 message AuthRequestOIDC {
    repeated string scope = 1;
    OIDCResponseType response_type = 2;
    string nonce = 3;
    CodeChallenge code_challenge = 4;
 }
 enum OIDCResponseType {
    OIDCRESPONSETYPE_CODE = 0;
    OIDCRESPONSETYPE_ID_TOKEN = 1;
    OIDCRESPONSETYPE_ID_TOKEN_TOKEN = 2;
 }
 message CodeChallenge {
    string challenge = 1;
    CodeChallengeMethod method = 2;
 }
 enum CodeChallengeMethod {
    CODECHALLENGEMETHOD_PLAIN = 0;
    CODECHALLENGEMETHOD_S256 = 1;
 }
 message UserID {
    string id = 1;
 }
 message UniqueUserRequest {
    string user_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string email = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
 }
 message UniqueUserResponse {
    bool is_unique = 1;
 }
 message RegisterUserRequest {
    string email = 1 [(validate.rules).string = {min_len: 1, max_len: 200, email: true}];
    string first_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string last_name = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string nick_name = 4 [(validate.rules).string = {max_len: 200}];
    string display_name = 5 [(validate.rules).string = {max_len: 200}];
    string preferred_language = 6 [(validate.rules).string = {max_len: 200}];
    Gender gender = 7;
    string password = 8 [(validate.rules).string = {min_len: 1, max_len: 72}];
    string org_id = 9 [(validate.rules).string.min_len = 1];
 }
 message RegisterUserExternalIDPRequest {
    string email = 1 [(validate.rules).string = {min_len: 1, max_len: 200, email: true}];
    string first_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string last_name = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string nick_name = 4 [(validate.rules).string = {max_len: 200}];
    string display_name = 5 [(validate.rules).string = {max_len: 200}];
    string preferred_language = 6 [(validate.rules).string = {max_len: 200}];
    Gender gender = 7;
    IDPProvider idp_provider = 8;
    string org_id = 9 [(validate.rules).string.min_len = 1];
 }
 message IDPProvider {
    string provider = 8;
    string externalIdpID = 9;
 }
 message User {
    string id = 1;
    UserState state = 2;
@@ -910,7 +436,7 @@ message UpdateUserAddressRequest {
    string street_address = 5 [(validate.rules).string = {max_len: 200}];
 }
-message PasswordID{
+message PasswordID {
    string id = 1;
 }
@@ -918,27 +444,6 @@ message PasswordRequest {
    string password = 1 [(validate.rules).string = {min_len: 1, max_len: 72}];
 }
 message ResetPasswordRequest {
    string user_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
    NotificationType type = 2;
 }
 message ResetPassword {
    string id = 1 [(validate.rules).string.min_len = 1];
    string code = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
    string new_password = 3 [(validate.rules).string = {min_len: 1, max_len: 72}];
 }
 message SetPasswordNotificationRequest {
    string id = 1;
    NotificationType type = 2;
 }
 enum NotificationType {
    NOTIFICATIONTYPE_EMAIL = 0;
    NOTIFICATIONTYPE_SMS = 1;
 }
 message PasswordChange {
    string old_password = 1 [(validate.rules).string = {min_len: 1, max_len: 72}];
    string new_password = 2 [(validate.rules).string = {min_len: 1, max_len: 72}];
@@ -977,143 +482,11 @@ enum MFAState {
    MFASTATE_REMOVED = 3;
 }
 message ApplicationID {
    string id = 1;
 }
 message Application {
    string id = 1;
    AppState state = 2;
    google.protobuf.Timestamp creation_date = 3;
    google.protobuf.Timestamp change_date = 4;
    string name = 5;
    oneof app_config {
        OIDCConfig oidc_config = 8;
    }
 }
 enum AppState {
    APPSTATE_UNSPECIFIED = 0;
    APPSTATE_ACTIVE = 1;
    APPSTATE_INACTIVE = 2;
    APPSTATE_DELETED = 3;
 }
 message OIDCConfig {
    repeated string redirect_uris = 1;
    repeated OIDCResponseType response_types = 2;
    repeated OIDCGrantType grant_types = 3;
    OIDCApplicationType application_type = 4;
    string client_secret = 5;
    string client_id = 6;
    OIDCAuthMethodType auth_method_type = 7;
    repeated string post_logout_redirect_uris = 8;
 }
 enum OIDCGrantType {
    OIDCGRANTTYPE_AUTHORIZATION_CODE = 0;
    OIDCGRANTTYPE_GRANT_TYPE_NONE = 1;
    OIDCGRANTTYPE_REFRESH_TOKEN = 2;
 }
 enum OIDCApplicationType {
    OIDCAPPLICATIONTYPE_WEB = 0;
    OIDCAPPLICATIONTYPE_USER_AGENT = 1;
    OIDCAPPLICATIONTYPE_NATIVE = 2;
 }
 enum OIDCAuthMethodType {
    OIDCAUTHMETHODTYPE_BASIC = 0;
    OIDCAUTHMETHODTYPE_POST = 1;
    OIDCAUTHMETHODTYPE_NONE = 2;
 }
 message ApplicationSearchRequest {
    uint64 offset = 1;
    uint64 limit = 2;
    ApplicationSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];;
    bool asc = 4;
    repeated ApplicationSearchQuery queries = 5;
 }
 message ApplicationSearchQuery {
    ApplicationSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
    SearchMethod method = 2;
    string value = 3;
 }
 enum ApplicationSearchKey {
    APPLICATIONSEARCHKEY_UNSPECIFIED = 0;
    APPLICATIONSEARCHKEY_APP_TYPE = 1;
    APPLICATIONSEARCHKEY_STATE = 2;
    APPLICATIONSEARCHKEY_CLIENT_ID = 3;
    APPLICATIONSEARCHKEY_APP_NAME = 4;
    APPLICATIONSEARCHKEY_PROJECT_ID = 5;
 }
 message ApplicationSearchResponse {
    uint64 offset = 1;
    uint64 limit = 2;
    uint64 total_result = 3;
    repeated Application result = 4;
 }
 enum SearchMethod {
    SEARCHMETHOD_EQUALS = 0;
    SEARCHMETHOD_STARTS_WITH = 1;
    SEARCHMETHOD_CONTAINS = 2;
 }
 message ApplicationAuthorizeRequest {
    oneof auth {
        OIDCClientAuth oidc_client_auth = 1;
    }
 }
 message OIDCClientAuth {
    string client_id = 1;
    string client_secret = 2;
 }
 message GrantSearchRequest {
    uint64 offset = 1;
    uint64 limit = 2;
    GrantSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];;
    bool asc = 4;
    repeated GrantSearchQuery queries = 5;
 }
 message GrantSearchQuery {
    GrantSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
    SearchMethod method = 2;
    string value = 3;
 }
 enum GrantSearchKey {
    GRANTSEARCHKEY_UNSPECIFIED = 0;
    GRANTSEARCHKEY_ORG_ID = 1;
    GRANTSEARCHKEY_PROJECT_ID = 2;
    GRANTSEARCHKEY_USER_ID = 3;
 }
 message GrantSearchResponse {
    uint64 offset = 1;
    uint64 limit = 2;
    uint64 total_result = 3;
    repeated Grant result = 4;
 }
 message Grant {
    string OrgId = 1;
    string ProjectId = 2;
    string UserId = 3;
    repeated string Roles = 4;
    string OrgName = 5;
 }
 message MyProjectOrgSearchRequest {
    uint64 offset = 1;
    uint64 limit = 2;
@@ -1148,23 +521,12 @@ message Org {
    string name = 2;
 }
 message CreateTokenRequest {
    string agent_id = 1 [(validate.rules).string.min_len = 1];
    string auth_session_id = 2 [(validate.rules).string.min_len = 1];
 }
 message Token {
    string id = 1;
    google.protobuf.Timestamp expiration = 8;
 }
 message MyPermissions {
    repeated string permissions = 1;
 }
-
+enum SearchMethod {
-message VerifyUserInitRequest {
+    SEARCHMETHOD_EQUALS = 0;
-    string id = 1;
+    SEARCHMETHOD_STARTS_WITH = 1;
-    string code = 2;
+    SEARCHMETHOD_CONTAINS = 2;
    string password = 3;
 }
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -2,8 +2,6 @@ package auth
 import (
 	"context"
 	"github.com/caos/logging"
 	"github.com/caos/zitadel/internal/api/auth"
 	app "github.com/caos/zitadel/internal/auth"
 	"github.com/caos/zitadel/pkg/auth/api"
@@ -14,8 +12,6 @@ type Config struct {
 	API api.Config
 }
-func Start(ctx context.Context, config Config, authZ auth.Config) error {
+func Start(ctx context.Context, config Config, authZ auth.Config) {
-	err := api.Start(ctx, config.API)
+	api.Start(ctx, config.API)
 	logging.Log("MAIN-udjed").OnError(err).Panic("unable to start api")
 	return err
 }
--- a/pkg/management/api/api.go
+++ b/pkg/management/api/api.go
@@ -17,13 +17,10 @@ type Config struct {
 	GRPC grpc_util.Config
 }
-func Start(ctx context.Context, conf Config) error {
+func Start(ctx context.Context, conf Config) {
-	api := &API{
+	grpcServer := grpc.StartServer(conf.GRPC.ToServerConfig())
-		grpcServer: *grpc.StartServer(conf.GRPC.ToServerConfig()),
+	grpcGateway := grpc.StartGateway(conf.GRPC.ToGatewayConfig())
 		gateway:    *grpc.StartGateway(conf.GRPC.ToGatewayConfig()),
 	}
 	server.StartServer(ctx, &api.grpcServer)
 	server.StartGateway(ctx, &api.gateway)
-	return nil
+	server.StartServer(ctx, grpcServer)
 	server.StartGateway(ctx, grpcGateway)
 }
--- a/pkg/management/management.go
+++ b/pkg/management/management.go
@@ -2,8 +2,6 @@ package management
 import (
 	"context"
 	"github.com/caos/logging"
 	"github.com/caos/zitadel/internal/api/auth"
 	app "github.com/caos/zitadel/internal/management"
 	"github.com/caos/zitadel/pkg/management/api"
@@ -14,8 +12,6 @@ type Config struct {
 	API api.Config
 }
-func Start(ctx context.Context, config Config, authZ auth.Config) error {
+func Start(ctx context.Context, config Config, authZ auth.Config) {
-	err := api.Start(ctx, config.API)
+	api.Start(ctx, config.API)
 	logging.Log("MAIN-6dhRs").OnError(err).Panic("unable to start api")
 	return err
 }