diff --git a/apps/login/package.json b/apps/login/package.json
index 44fd3388..896c508e 100644
--- a/apps/login/package.json
+++ b/apps/login/package.json
@@ -23,7 +23,8 @@
     "build": "next build",
     "prestart": "pnpm build",
     "start": "next start",
-    "clean": "pnpm mock:destroy && rm -rf .turbo && rm -rf node_modules && rm -rf .next"
+    "clean": "pnpm mock:destroy && rm -rf .turbo && rm -rf node_modules && rm -rf .next",
+    "format": "prettier --write \"**/*.{ts,tsx,md}\""
   },
   "git": {
     "pre-commit": "lint-staged"
diff --git a/apps/login/src/app/(login)/idp/[provider]/failure/page.tsx b/apps/login/src/app/(login)/idp/[provider]/failure/page.tsx
index 2c55493e..188aed21 100644
--- a/apps/login/src/app/(login)/idp/[provider]/failure/page.tsx
+++ b/apps/login/src/app/(login)/idp/[provider]/failure/page.tsx
@@ -1,16 +1,6 @@
 import { ProviderSlug } from "@/lib/demos";
-import { getBrandingSettings, server } from "@/lib/zitadel";
-import Alert, { AlertType } from "@/ui/Alert";
+import { getBrandingSettings } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
-import IdpSignin from "@/ui/IdpSignin";
-import {
-  AddHumanUserRequest,
-  IDPInformation,
-  RetrieveIdentityProviderIntentResponse,
-  user,
-  IDPLink,
-} from "@zitadel/server";
-import { ClientError } from "nice-grpc";
 
 const PROVIDER_NAME_MAPPING: {
   [provider: string]: string;
@@ -29,7 +19,7 @@ export default async function Page({
   const { id, token, authRequestId, organization } = searchParams;
   const { provider } = params;
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   if (provider) {
     return (
diff --git a/apps/login/src/app/(login)/idp/[provider]/success/page.tsx b/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
index 239afada..ddcd987e 100644
--- a/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
+++ b/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
@@ -1,14 +1,19 @@
 import { ProviderSlug } from "@/lib/demos";
-import {getBrandingSettings, userService} from "@/lib/zitadel";
+import { getBrandingSettings, userService } from "@/lib/zitadel";
 import Alert, { AlertType } from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
 import IdpSignin from "@/ui/IdpSignin";
-import {AddHumanUserRequest} from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
-import {IDPInformation, IDPLink} from "@zitadel/proto/zitadel/user/v2beta/idp_pb";
-import {PartialMessage} from "@zitadel/client2";
+import { AddHumanUserRequest } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
+import {
+  IDPInformation,
+  IDPLink,
+} from "@zitadel/proto/zitadel/user/v2beta/idp_pb";
+import { PartialMessage } from "@zitadel/client2";
 
 const PROVIDER_MAPPING: {
-  [provider: string]: (rI: IDPInformation) => PartialMessage<AddHumanUserRequest>;
+  [provider: string]: (
+    rI: IDPInformation,
+  ) => PartialMessage<AddHumanUserRequest>;
 } = {
   [ProviderSlug.GOOGLE]: (idp: IDPInformation) => {
     const rawInfo = idp.rawInformation?.toJson() as {
@@ -70,10 +75,7 @@ const PROVIDER_MAPPING: {
   },
 };
 
-function retrieveIDPIntent(
-  id: string,
-  token: string,
-) {
+function retrieveIDPIntent(id: string, token: string) {
   return userService.retrieveIdentityProviderIntent(
     { idpIntentId: id, idpIntentToken: token },
     {},
diff --git a/apps/login/src/app/(login)/idp/page.tsx b/apps/login/src/app/(login)/idp/page.tsx
index f9ea08d8..2a5186ec 100644
--- a/apps/login/src/app/(login)/idp/page.tsx
+++ b/apps/login/src/app/(login)/idp/page.tsx
@@ -1,28 +1,16 @@
 import {
   getBrandingSettings,
   getLegalAndSupportSettings,
-  server,
+  settingsService,
 } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
 import { SignInWithIDP } from "@/ui/SignInWithIDP";
-import {
-  GetActiveIdentityProvidersResponse,
-  IdentityProvider,
-  ZitadelServer,
-  settings,
-} from "@zitadel/server";
+import { makeReqCtx } from "@zitadel/client2/v2beta";
 
-function getIdentityProviders(
-  server: ZitadelServer,
-  orgId?: string,
-): Promise<IdentityProvider[] | undefined> {
-  const settingsService = settings.getSettings(server);
+function getIdentityProviders(orgId?: string) {
   return settingsService
-    .getActiveIdentityProviders(
-      orgId ? { ctx: { orgId } } : { ctx: { instance: true } },
-      {},
-    )
-    .then((resp: GetActiveIdentityProvidersResponse) => {
+    .getActiveIdentityProviders({ ctx: makeReqCtx(orgId) }, {})
+    .then((resp) => {
       return resp.identityProviders;
     });
 }
@@ -35,15 +23,15 @@ export default async function Page({
   const authRequestId = searchParams?.authRequestId;
   const organization = searchParams?.organization;
 
-  const legal = await getLegalAndSupportSettings(server, organization);
+  const legal = await getLegalAndSupportSettings(organization);
 
-  const identityProviders = await getIdentityProviders(server, organization);
+  const identityProviders = await getIdentityProviders(organization);
 
   const host = process.env.VERCEL_URL
     ? `https://${process.env.VERCEL_URL}`
     : "http://localhost:3000";
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/loginname/page.tsx b/apps/login/src/app/(login)/loginname/page.tsx
index ca875b6b..20cdeb41 100644
--- a/apps/login/src/app/(login)/loginname/page.tsx
+++ b/apps/login/src/app/(login)/loginname/page.tsx
@@ -2,29 +2,17 @@ import {
   getBrandingSettings,
   getLegalAndSupportSettings,
   getLoginSettings,
-  server,
+  settingsService,
 } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
 import { SignInWithIDP } from "@/ui/SignInWithIDP";
 import UsernameForm from "@/ui/UsernameForm";
-import {
-  GetActiveIdentityProvidersResponse,
-  IdentityProvider,
-  ZitadelServer,
-  settings,
-} from "@zitadel/server";
+import { makeReqCtx } from "@zitadel/client2/v2beta";
 
-function getIdentityProviders(
-  server: ZitadelServer,
-  orgId?: string,
-): Promise<IdentityProvider[] | undefined> {
-  const settingsService = settings.getSettings(server);
+function getIdentityProviders(orgId?: string) {
   return settingsService
-    .getActiveIdentityProviders(
-      orgId ? { ctx: { orgId } } : { ctx: { instance: true } },
-      {},
-    )
-    .then((resp: GetActiveIdentityProvidersResponse) => {
+    .getActiveIdentityProviders({ ctx: makeReqCtx(orgId) }, {})
+    .then((resp) => {
       return resp.identityProviders;
     });
 }
@@ -39,16 +27,16 @@ export default async function Page({
   const organization = searchParams?.organization;
   const submit: boolean = searchParams?.submit === "true";
 
-  const loginSettings = await getLoginSettings(server, organization);
-  const legal = await getLegalAndSupportSettings(server);
+  const loginSettings = await getLoginSettings(organization);
+  const legal = await getLegalAndSupportSettings();
 
-  const identityProviders = await getIdentityProviders(server, organization);
+  const identityProviders = await getIdentityProviders(organization);
 
   const host = process.env.VERCEL_URL
     ? `https://${process.env.VERCEL_URL}`
     : "http://localhost:3000";
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/mfa/page.tsx b/apps/login/src/app/(login)/mfa/page.tsx
index 1d13c02f..4efaca0f 100644
--- a/apps/login/src/app/(login)/mfa/page.tsx
+++ b/apps/login/src/app/(login)/mfa/page.tsx
@@ -2,7 +2,6 @@ import {
   getBrandingSettings,
   getSession,
   listAuthenticationMethodTypes,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import ChooseSecondFactor from "@/ui/ChooseSecondFactor";
@@ -33,7 +32,7 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session && response.session.factors?.user?.id) {
         return listAuthenticationMethodTypes(
           response.session.factors.user.id,
@@ -49,7 +48,7 @@ export default async function Page({
 
   async function loadSessionById(sessionId: string, organization?: string) {
     const recent = await getSessionCookieById(sessionId, organization);
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session && response.session.factors?.user?.id) {
         return listAuthenticationMethodTypes(
           response.session.factors.user.id,
@@ -63,7 +62,7 @@ export default async function Page({
     });
   }
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/mfa/set/page.tsx b/apps/login/src/app/(login)/mfa/set/page.tsx
index 9d855b10..eca46999 100644
--- a/apps/login/src/app/(login)/mfa/set/page.tsx
+++ b/apps/login/src/app/(login)/mfa/set/page.tsx
@@ -4,7 +4,6 @@ import {
   getSession,
   getUserByID,
   listAuthenticationMethodTypes,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import ChooseSecondFactorToSetup from "@/ui/ChooseSecondFactorToSetup";
@@ -14,7 +13,6 @@ import {
   getMostRecentCookieWithLoginname,
   getSessionCookieById,
 } from "@/utils/cookies";
-import { user } from "@zitadel/server";
 
 export default async function Page({
   searchParams,
@@ -36,16 +34,21 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session && response.session.factors?.user?.id) {
         const userId = response.session.factors.user.id;
         return listAuthenticationMethodTypes(userId).then((methods) => {
           return getUserByID(userId).then((user) => {
+            const humanUser =
+              user.user?.type.case === "human"
+                ? user.user?.type.value
+                : undefined;
+
             return {
               factors: response.session?.factors,
               authMethods: methods.authMethodTypes ?? [],
-              phoneVerified: user.user?.human?.phone?.isVerified ?? false,
-              emailVerified: user.user?.human?.email?.isVerified ?? false,
+              phoneVerified: humanUser?.phone?.isVerified ?? false,
+              emailVerified: humanUser?.email?.isVerified ?? false,
             };
           });
         });
@@ -55,16 +58,20 @@ export default async function Page({
 
   async function loadSessionById(sessionId: string, organization?: string) {
     const recent = await getSessionCookieById(sessionId, organization);
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session && response.session.factors?.user?.id) {
         const userId = response.session.factors.user.id;
         return listAuthenticationMethodTypes(userId).then((methods) => {
           return getUserByID(userId).then((user) => {
+            const humanUser =
+              user.user?.type.case === "human"
+                ? user.user?.type.value
+                : undefined;
             return {
               factors: response.session?.factors,
               authMethods: methods.authMethodTypes ?? [],
-              phoneVerified: user.user?.human?.phone?.isVerified ?? false,
-              emailVerified: user.user?.human?.email?.isVerified ?? false,
+              phoneVerified: humanUser?.phone?.isVerified ?? false,
+              emailVerified: humanUser?.email?.isVerified ?? false,
             };
           });
         });
@@ -72,8 +79,8 @@ export default async function Page({
     });
   }
 
-  const branding = await getBrandingSettings(server, organization);
-  const loginSettings = await getLoginSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
+  const loginSettings = await getLoginSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/otp/[method]/page.tsx b/apps/login/src/app/(login)/otp/[method]/page.tsx
index 814c75e5..fc1641da 100644
--- a/apps/login/src/app/(login)/otp/[method]/page.tsx
+++ b/apps/login/src/app/(login)/otp/[method]/page.tsx
@@ -2,7 +2,6 @@ import {
   getBrandingSettings,
   getLoginSettings,
   getSession,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
@@ -24,7 +23,7 @@ export default async function Page({
 
   const { session, token } = await loadSession(loginName, organization);
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   async function loadSession(loginName?: string, organization?: string) {
     const recent = await getMostRecentCookieWithLoginname(
@@ -32,7 +31,7 @@ export default async function Page({
       organization,
     );
 
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       return { session: response?.session, token: recent.token };
     });
   }
diff --git a/apps/login/src/app/(login)/otp/[method]/set/page.tsx b/apps/login/src/app/(login)/otp/[method]/set/page.tsx
index f1785fd6..d4161e09 100644
--- a/apps/login/src/app/(login)/otp/[method]/set/page.tsx
+++ b/apps/login/src/app/(login)/otp/[method]/set/page.tsx
@@ -4,7 +4,6 @@ import {
   getBrandingSettings,
   getSession,
   registerTOTP,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import { Button, ButtonVariants } from "@/ui/Button";
@@ -13,9 +12,8 @@ import { Spinner } from "@/ui/Spinner";
 import TOTPRegister from "@/ui/TOTPRegister";
 import UserAvatar from "@/ui/UserAvatar";
 import { getMostRecentCookieWithLoginname } from "@/utils/cookies";
-import { RegisterTOTPResponse } from "@zitadel/server";
 import Link from "next/link";
-import { ClientError } from "nice-grpc";
+import { RegisterTOTPResponse } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 
 export default async function Page({
   searchParams,
@@ -28,11 +26,11 @@ export default async function Page({
     searchParams;
   const { method } = params;
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
   const { session, token } = await loadSession(loginName, organization);
 
   let totpResponse: RegisterTOTPResponse | undefined,
-    totpError: ClientError | undefined;
+    totpError: Error | undefined;
   if (session && session.factors?.user?.id) {
     if (method === "time-based") {
       await registerTOTP(session.factors.user.id)
@@ -63,7 +61,7 @@ export default async function Page({
       organization,
     );
 
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       return { session: response?.session, token: recent.token };
     });
   }
@@ -111,7 +109,7 @@ export default async function Page({
 
         {totpError && (
           <div className="py-4">
-            <Alert>{totpError?.details}</Alert>
+            <Alert>{totpError?.message}</Alert>
           </div>
         )}
 
diff --git a/apps/login/src/app/(login)/passkey/add/page.tsx b/apps/login/src/app/(login)/passkey/add/page.tsx
index 33980960..ac865634 100644
--- a/apps/login/src/app/(login)/passkey/add/page.tsx
+++ b/apps/login/src/app/(login)/passkey/add/page.tsx
@@ -1,4 +1,4 @@
-import { getBrandingSettings, getSession, server } from "@/lib/zitadel";
+import { getBrandingSettings, getSession } from "@/lib/zitadel";
 import Alert, { AlertType } from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
 import RegisterPasskey from "@/ui/RegisterPasskey";
@@ -20,7 +20,7 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
@@ -33,7 +33,7 @@ export default async function Page({
     ? "When set up, you will be able to authenticate without a password."
     : "Your device will ask for your fingerprint, face, or screen lock";
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/passkey/login/page.tsx b/apps/login/src/app/(login)/passkey/login/page.tsx
index 00a1b2a1..fe315348 100644
--- a/apps/login/src/app/(login)/passkey/login/page.tsx
+++ b/apps/login/src/app/(login)/passkey/login/page.tsx
@@ -1,4 +1,4 @@
-import { getBrandingSettings, getSession, server } from "@/lib/zitadel";
+import { getBrandingSettings, getSession } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
 import LoginPasskey from "@/ui/LoginPasskey";
@@ -32,7 +32,7 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
@@ -41,14 +41,14 @@ export default async function Page({
 
   async function loadSessionById(sessionId: string, organization?: string) {
     const recent = await getSessionCookieById(sessionId, organization);
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
     });
   }
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/password/page.tsx b/apps/login/src/app/(login)/password/page.tsx
index 75938ccd..c0fa08bd 100644
--- a/apps/login/src/app/(login)/password/page.tsx
+++ b/apps/login/src/app/(login)/password/page.tsx
@@ -2,7 +2,6 @@ import {
   getBrandingSettings,
   getLoginSettings,
   getSession,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
@@ -25,15 +24,15 @@ export default async function Page({
       organization,
     );
 
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
     });
   }
 
-  const branding = await getBrandingSettings(server, organization);
-  const loginSettings = await getLoginSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
+  const loginSettings = await getLoginSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/register/page.tsx b/apps/login/src/app/(login)/register/page.tsx
index b41634c4..d9f7ef0f 100644
--- a/apps/login/src/app/(login)/register/page.tsx
+++ b/apps/login/src/app/(login)/register/page.tsx
@@ -2,7 +2,6 @@ import {
   getBrandingSettings,
   getLegalAndSupportSettings,
   getPasswordComplexitySettings,
-  server,
 } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
 import RegisterFormWithoutPassword from "@/ui/RegisterFormWithoutPassword";
@@ -18,13 +17,11 @@ export default async function Page({
 
   const setPassword = !!(firstname && lastname && email);
 
-  const legal = await getLegalAndSupportSettings(server, organization);
-  const passwordComplexitySettings = await getPasswordComplexitySettings(
-    server,
-    organization,
-  );
+  const legal = await getLegalAndSupportSettings(organization);
+  const passwordComplexitySettings =
+    await getPasswordComplexitySettings(organization);
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return setPassword ? (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/signedin/page.tsx b/apps/login/src/app/(login)/signedin/page.tsx
index edf4b491..bdc6d0d6 100644
--- a/apps/login/src/app/(login)/signedin/page.tsx
+++ b/apps/login/src/app/(login)/signedin/page.tsx
@@ -1,9 +1,4 @@
-import {
-  createCallback,
-  getBrandingSettings,
-  getSession,
-  server,
-} from "@/lib/zitadel";
+import { createCallback, getBrandingSettings, getSession } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
 import UserAvatar from "@/ui/UserAvatar";
 import { getMostRecentCookieWithLoginname } from "@/utils/cookies";
@@ -13,14 +8,17 @@ async function loadSession(loginName: string, authRequestId?: string) {
   const recent = await getMostRecentCookieWithLoginname(`${loginName}`);
 
   if (authRequestId) {
-    return createCallback(server, {
+    return createCallback({
       authRequestId,
-      session: { sessionId: recent.id, sessionToken: recent.token },
+      callbackKind: {
+        case: "session",
+        value: { sessionId: recent.id, sessionToken: recent.token },
+      },
     }).then(({ callbackUrl }) => {
       return redirect(callbackUrl);
     });
   }
-  return getSession(server, recent.id, recent.token).then((response) => {
+  return getSession(recent.id, recent.token).then((response) => {
     if (response?.session) {
       return response.session;
     }
@@ -31,7 +29,7 @@ export default async function Page({ searchParams }: { searchParams: any }) {
   const { loginName, authRequestId, organization } = searchParams;
   const sessionFactors = await loadSession(loginName, authRequestId);
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/u2f/page.tsx b/apps/login/src/app/(login)/u2f/page.tsx
index 87573bca..2c8c8b19 100644
--- a/apps/login/src/app/(login)/u2f/page.tsx
+++ b/apps/login/src/app/(login)/u2f/page.tsx
@@ -2,7 +2,6 @@ import {
   getBrandingSettings,
   getLoginSettings,
   getSession,
-  server,
 } from "@/lib/zitadel";
 import Alert from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
@@ -22,7 +21,7 @@ export default async function Page({
 }) {
   const { loginName, authRequestId, sessionId, organization } = searchParams;
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   const sessionFactors = sessionId
     ? await loadSessionById(sessionId, organization)
@@ -36,7 +35,7 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
@@ -45,7 +44,7 @@ export default async function Page({
 
   async function loadSessionById(sessionId: string, organization?: string) {
     const recent = await getSessionCookieById(sessionId, organization);
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
diff --git a/apps/login/src/app/(login)/u2f/set/page.tsx b/apps/login/src/app/(login)/u2f/set/page.tsx
index c51c88cf..2b3caf3d 100644
--- a/apps/login/src/app/(login)/u2f/set/page.tsx
+++ b/apps/login/src/app/(login)/u2f/set/page.tsx
@@ -1,4 +1,4 @@
-import { getBrandingSettings, getSession, server } from "@/lib/zitadel";
+import { getBrandingSettings, getSession } from "@/lib/zitadel";
 import Alert, { AlertType } from "@/ui/Alert";
 import DynamicTheme from "@/ui/DynamicTheme";
 import RegisterPasskey from "@/ui/RegisterPasskey";
@@ -20,7 +20,7 @@ export default async function Page({
       loginName,
       organization,
     );
-    return getSession(server, recent.id, recent.token).then((response) => {
+    return getSession(recent.id, recent.token).then((response) => {
       if (response?.session) {
         return response.session;
       }
@@ -30,7 +30,7 @@ export default async function Page({
   const description =
     "Your device will ask for your fingerprint, face, or screen lock";
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/(login)/verify/page.tsx b/apps/login/src/app/(login)/verify/page.tsx
index 0049fcec..5bc0cb0e 100644
--- a/apps/login/src/app/(login)/verify/page.tsx
+++ b/apps/login/src/app/(login)/verify/page.tsx
@@ -1,4 +1,4 @@
-import { getBrandingSettings, server } from "@/lib/zitadel";
+import { getBrandingSettings } from "@/lib/zitadel";
 import DynamicTheme from "@/ui/DynamicTheme";
 import VerifyEmailForm from "@/ui/VerifyEmailForm";
 import { ExclamationTriangleIcon } from "@heroicons/react/24/outline";
@@ -15,7 +15,7 @@ export default async function Page({ searchParams }: { searchParams: any }) {
     passwordset,
   } = searchParams;
 
-  const branding = await getBrandingSettings(server, organization);
+  const branding = await getBrandingSettings(organization);
 
   return (
     <DynamicTheme branding={branding}>
diff --git a/apps/login/src/app/api/idp/start/route.ts b/apps/login/src/app/api/idp/start/route.ts
index 795e563f..7d7d9679 100644
--- a/apps/login/src/app/api/idp/start/route.ts
+++ b/apps/login/src/app/api/idp/start/route.ts
@@ -1,4 +1,4 @@
-import { server, startIdentityProviderFlow } from "@/lib/zitadel";
+import { startIdentityProviderFlow } from "@/lib/zitadel";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
@@ -6,7 +6,7 @@ export async function POST(request: NextRequest) {
   if (body) {
     let { idpId, successUrl, failureUrl } = body;
 
-    return startIdentityProviderFlow(server, {
+    return startIdentityProviderFlow({
       idpId,
       urls: {
         successUrl,
diff --git a/apps/login/src/app/api/loginname/route.ts b/apps/login/src/app/api/loginname/route.ts
index 75c9635c..7707a01c 100644
--- a/apps/login/src/app/api/loginname/route.ts
+++ b/apps/login/src/app/api/loginname/route.ts
@@ -7,11 +7,7 @@ export async function POST(request: NextRequest) {
   if (body) {
     const { loginName, authRequestId, organization } = body;
     return listUsers(loginName, organization).then((users) => {
-      if (
-        users.details &&
-        users.details.totalResult == 1 &&
-        users.result[0].userId
-      ) {
+      if (users.details?.totalResult == BigInt(1) && users.result[0].userId) {
         const userId = users.result[0].userId;
         return createSessionForUserIdAndUpdateCookie(
           userId,
diff --git a/apps/login/src/app/api/otp/set/route.ts b/apps/login/src/app/api/otp/set/route.ts
index 244702cd..b9d27b63 100644
--- a/apps/login/src/app/api/otp/set/route.ts
+++ b/apps/login/src/app/api/otp/set/route.ts
@@ -5,8 +5,9 @@ import {
   getSessionCookieByLoginName,
 } from "@/utils/cookies";
 import { setSessionAndUpdateCookie } from "@/utils/session";
-import { Checks } from "@zitadel/server";
 import { NextRequest, NextResponse, userAgent } from "next/server";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import { PlainMessage } from "@zitadel/client2";
 
 export async function POST(request: NextRequest) {
   const body = await request.json();
@@ -31,7 +32,7 @@ export async function POST(request: NextRequest) {
 
     return recentPromise
       .then((recent) => {
-        const checks: Checks = {};
+        const checks: PlainMessage<Checks> = {};
 
         if (method === "time-based") {
           checks.totp = {
diff --git a/apps/login/src/app/api/passkeys/route.ts b/apps/login/src/app/api/passkeys/route.ts
index 36293280..4489bee3 100644
--- a/apps/login/src/app/api/passkeys/route.ts
+++ b/apps/login/src/app/api/passkeys/route.ts
@@ -2,7 +2,6 @@ import {
   createPasskeyRegistrationLink,
   getSession,
   registerPasskey,
-  server,
 } from "@/lib/zitadel";
 import { getSessionCookieById } from "@/utils/cookies";
 import { NextRequest, NextResponse } from "next/server";
@@ -14,11 +13,7 @@ export async function POST(request: NextRequest) {
 
     const sessionCookie = await getSessionCookieById(sessionId);
 
-    const session = await getSession(
-      server,
-      sessionCookie.id,
-      sessionCookie.token,
-    );
+    const session = await getSession(sessionCookie.id, sessionCookie.token);
 
     const domain: string = request.nextUrl.hostname;
 
@@ -29,6 +24,9 @@ export async function POST(request: NextRequest) {
       return createPasskeyRegistrationLink(userId)
         .then((resp) => {
           const code = resp.code;
+          if (!code) {
+            throw new Error("Missing code in response");
+          }
           return registerPasskey(userId, code, domain).then((resp) => {
             return NextResponse.json(resp);
           });
diff --git a/apps/login/src/app/api/passkeys/verify/route.ts b/apps/login/src/app/api/passkeys/verify/route.ts
index 4cfd8342..a09b848c 100644
--- a/apps/login/src/app/api/passkeys/verify/route.ts
+++ b/apps/login/src/app/api/passkeys/verify/route.ts
@@ -1,4 +1,4 @@
-import { getSession, server, verifyPasskeyRegistration } from "@/lib/zitadel";
+import { getSession, verifyPasskeyRegistration } from "@/lib/zitadel";
 import { getSessionCookieById } from "@/utils/cookies";
 import { NextRequest, NextResponse, userAgent } from "next/server";
 
@@ -15,17 +15,12 @@ export async function POST(request: NextRequest) {
     }
     const sessionCookie = await getSessionCookieById(sessionId);
 
-    const session = await getSession(
-      server,
-      sessionCookie.id,
-      sessionCookie.token,
-    );
+    const session = await getSession(sessionCookie.id, sessionCookie.token);
 
     const userId = session?.session?.factors?.user?.id;
 
     if (userId) {
       return verifyPasskeyRegistration(
-        server,
         passkeyId,
         passkeyName,
         publicKeyCredential,
diff --git a/apps/login/src/app/api/registeruser/route.ts b/apps/login/src/app/api/registeruser/route.ts
index 7ed49f48..dcb3626a 100644
--- a/apps/login/src/app/api/registeruser/route.ts
+++ b/apps/login/src/app/api/registeruser/route.ts
@@ -1,4 +1,4 @@
-import { addHumanUser, server } from "@/lib/zitadel";
+import { addHumanUser } from "@/lib/zitadel";
 import {
   createSessionAndUpdateCookie,
   createSessionForUserIdAndUpdateCookie,
@@ -17,7 +17,7 @@ export async function POST(request: NextRequest) {
       authRequestId,
     } = body;
 
-    return addHumanUser(server, {
+    return addHumanUser({
       email: email,
       firstName,
       lastName,
diff --git a/apps/login/src/app/api/resendverifyemail/route.ts b/apps/login/src/app/api/resendverifyemail/route.ts
index 3ccd724d..bf75776d 100644
--- a/apps/login/src/app/api/resendverifyemail/route.ts
+++ b/apps/login/src/app/api/resendverifyemail/route.ts
@@ -1,4 +1,4 @@
-import { setEmail, server } from "@/lib/zitadel";
+import { setEmail } from "@/lib/zitadel";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
@@ -7,7 +7,7 @@ export async function POST(request: NextRequest) {
     const { userId, code } = body;
 
     // replace with resend Mail method once its implemented
-    return setEmail(server, userId)
+    return setEmail(userId)
       .then((resp) => {
         return NextResponse.json(resp);
       })
diff --git a/apps/login/src/app/api/session/route.ts b/apps/login/src/app/api/session/route.ts
index 40493340..c0bc0d06 100644
--- a/apps/login/src/app/api/session/route.ts
+++ b/apps/login/src/app/api/session/route.ts
@@ -1,5 +1,4 @@
 import {
-  server,
   deleteSession,
   getSession,
   getUserByID,
@@ -17,7 +16,6 @@ import {
   createSessionForIdpAndUpdateCookie,
   setSessionAndUpdateCookie,
 } from "@/utils/session";
-import { Challenges, Checks, RequestChallenges } from "@zitadel/server";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
@@ -104,27 +102,23 @@ export async function PUT(request: NextRequest) {
           challenges &&
           (challenges.otpEmail === "" || challenges.otpSms === "")
         ) {
-          const sessionResponse = await getSession(
-            server,
-            recent.id,
-            recent.token,
-          );
+          const sessionResponse = await getSession(recent.id, recent.token);
+
           if (sessionResponse && sessionResponse.session?.factors?.user?.id) {
             const userResponse = await getUserByID(
               sessionResponse.session.factors.user.id,
             );
-            if (
-              challenges.otpEmail === "" &&
-              userResponse.user?.human?.email?.email
-            ) {
-              challenges.otpEmail = userResponse.user?.human?.email?.email;
+            const humanUser =
+              userResponse.user?.type.case === "human"
+                ? userResponse.user?.type.value
+                : undefined;
+
+            if (challenges.otpEmail === "" && humanUser?.email?.email) {
+              challenges.otpEmail = humanUser?.email?.email;
             }
 
-            if (
-              challenges.otpSms === "" &&
-              userResponse.user?.human?.phone?.phone
-            ) {
-              challenges.otpSms = userResponse.user?.human?.phone?.phone;
+            if (challenges.otpSms === "" && humanUser?.phone?.phone) {
+              challenges.otpSms = humanUser?.phone?.phone;
             }
           }
         }
@@ -176,7 +170,7 @@ export async function DELETE(request: NextRequest) {
   if (id) {
     const session = await getSessionCookieById(id);
 
-    return deleteSession(server, session.id, session.token)
+    return deleteSession(session.id, session.token)
       .then(() => {
         return removeSessionFromCookie(session)
           .then(() => {
diff --git a/apps/login/src/app/api/u2f/route.ts b/apps/login/src/app/api/u2f/route.ts
index 368c5a80..6a1c1a82 100644
--- a/apps/login/src/app/api/u2f/route.ts
+++ b/apps/login/src/app/api/u2f/route.ts
@@ -3,7 +3,6 @@ import {
   getSession,
   registerPasskey,
   registerU2F,
-  server,
 } from "@/lib/zitadel";
 import { getSessionCookieById } from "@/utils/cookies";
 import { NextRequest, NextResponse } from "next/server";
@@ -15,11 +14,7 @@ export async function POST(request: NextRequest) {
 
     const sessionCookie = await getSessionCookieById(sessionId);
 
-    const session = await getSession(
-      server,
-      sessionCookie.id,
-      sessionCookie.token,
-    );
+    const session = await getSession(sessionCookie.id, sessionCookie.token);
 
     const domain: string = request.nextUrl.hostname;
 
diff --git a/apps/login/src/app/api/u2f/verify/route.ts b/apps/login/src/app/api/u2f/verify/route.ts
index 1ea83f72..ef597e5f 100644
--- a/apps/login/src/app/api/u2f/verify/route.ts
+++ b/apps/login/src/app/api/u2f/verify/route.ts
@@ -1,7 +1,8 @@
-import { getSession, server, verifyU2FRegistration } from "@/lib/zitadel";
+import { getSession, verifyU2FRegistration } from "@/lib/zitadel";
 import { getSessionCookieById } from "@/utils/cookies";
-import { VerifyU2FRegistrationRequest } from "@zitadel/server";
 import { NextRequest, NextResponse, userAgent } from "next/server";
+import { VerifyU2FRegistrationRequest } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
+import { PlainMessage } from "@zitadel/client2";
 
 export async function POST(request: NextRequest) {
   const body = await request.json();
@@ -16,16 +17,12 @@ export async function POST(request: NextRequest) {
     }
     const sessionCookie = await getSessionCookieById(sessionId);
 
-    const session = await getSession(
-      server,
-      sessionCookie.id,
-      sessionCookie.token,
-    );
+    const session = await getSession(sessionCookie.id, sessionCookie.token);
 
     const userId = session?.session?.factors?.user?.id;
 
     if (userId) {
-      const req: VerifyU2FRegistrationRequest = {
+      const req: PlainMessage<VerifyU2FRegistrationRequest> = {
         publicKeyCredential,
         u2fId,
         userId,
diff --git a/apps/login/src/app/api/verifyemail/route.ts b/apps/login/src/app/api/verifyemail/route.ts
index e2aae983..f8a21c46 100644
--- a/apps/login/src/app/api/verifyemail/route.ts
+++ b/apps/login/src/app/api/verifyemail/route.ts
@@ -1,4 +1,4 @@
-import { server, verifyEmail } from "@/lib/zitadel";
+import { verifyEmail } from "@/lib/zitadel";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
@@ -6,7 +6,7 @@ export async function POST(request: NextRequest) {
   if (body) {
     const { userId, code } = body;
 
-    return verifyEmail(server, userId, code)
+    return verifyEmail(userId, code)
       .then((resp) => {
         return NextResponse.json(resp);
       })
diff --git a/apps/login/src/app/layout.tsx b/apps/login/src/app/layout.tsx
index 0eb4b191..5e299faf 100644
--- a/apps/login/src/app/layout.tsx
+++ b/apps/login/src/app/layout.tsx
@@ -6,8 +6,6 @@ import { LayoutProviders } from "@/ui/LayoutProviders";
 import { Analytics } from "@vercel/analytics/react";
 import ThemeWrapper from "@/ui/ThemeWrapper";
 import { getBrandingSettings } from "@/lib/zitadel";
-import { server } from "../lib/zitadel";
-import { BrandingSettings } from "@zitadel/server";
 import ThemeProvider from "@/ui/ThemeProvider";
 import Theme from "@/ui/Theme";
 
diff --git a/apps/login/src/app/login/route.ts b/apps/login/src/app/login/route.ts
index e6a8c335..e81f5663 100644
--- a/apps/login/src/app/login/route.ts
+++ b/apps/login/src/app/login/route.ts
@@ -3,15 +3,17 @@ import {
   getAuthRequest,
   getOrgByDomain,
   listSessions,
-  server,
 } from "@/lib/zitadel";
 import { SessionCookie, getAllSessions } from "@/utils/cookies";
-import { Session, AuthRequest, Prompt } from "@zitadel/server";
 import { NextRequest, NextResponse } from "next/server";
+import { Session } from "@zitadel/proto/zitadel/session/v2beta/session_pb";
+import {
+  AuthRequest,
+  Prompt,
+} from "@zitadel/proto/zitadel/oidc/v2beta/authorization_pb";
 
 async function loadSessions(ids: string[]): Promise<Session[]> {
   const response = await listSessions(
-    server,
     ids.filter((id: string | undefined) => !!id),
   );
 
@@ -81,9 +83,12 @@ export async function GET(request: NextRequest) {
           sessionToken: cookie?.token,
         };
 
-        const { callbackUrl } = await createCallback(server, {
+        const { callbackUrl } = await createCallback({
           authRequestId,
-          session,
+          callbackKind: {
+            case: "session",
+            value: session,
+          },
         });
         return NextResponse.redirect(callbackUrl);
       }
@@ -92,7 +97,7 @@ export async function GET(request: NextRequest) {
 
   if (authRequestId) {
     console.log(`Login with authRequest: ${authRequestId}`);
-    const { authRequest } = await getAuthRequest(server, { authRequestId });
+    const { authRequest } = await getAuthRequest({ authRequestId });
 
     let organization = "";
 
@@ -132,7 +137,7 @@ export async function GET(request: NextRequest) {
       return NextResponse.redirect(accountsUrl);
     };
 
-    if (authRequest && authRequest.prompt.includes(Prompt.PROMPT_CREATE)) {
+    if (authRequest && authRequest.prompt.includes(Prompt.CREATE)) {
       const registerUrl = new URL("/register", request.url);
       if (authRequest?.id) {
         registerUrl.searchParams.set("authRequestId", authRequest?.id);
@@ -147,9 +152,9 @@ export async function GET(request: NextRequest) {
     // use existing session and hydrate it for oidc
     if (authRequest && sessions.length) {
       // if some accounts are available for selection and select_account is set
-      if (authRequest.prompt.includes(Prompt.PROMPT_SELECT_ACCOUNT)) {
+      if (authRequest.prompt.includes(Prompt.SELECT_ACCOUNT)) {
         return gotoAccounts();
-      } else if (authRequest.prompt.includes(Prompt.PROMPT_LOGIN)) {
+      } else if (authRequest.prompt.includes(Prompt.LOGIN)) {
         // if prompt is login
         const loginNameUrl = new URL("/loginname", request.url);
         if (authRequest?.id) {
@@ -162,7 +167,7 @@ export async function GET(request: NextRequest) {
           loginNameUrl.searchParams.set("organization", organization);
         }
         return NextResponse.redirect(loginNameUrl);
-      } else if (authRequest.prompt.includes(Prompt.PROMPT_NONE)) {
+      } else if (authRequest.prompt.includes(Prompt.NONE)) {
         // NONE prompt - silent authentication
 
         let selectedSession = findSession(sessions, authRequest);
@@ -177,9 +182,12 @@ export async function GET(request: NextRequest) {
               sessionId: cookie?.id,
               sessionToken: cookie?.token,
             };
-            const { callbackUrl } = await createCallback(server, {
+            const { callbackUrl } = await createCallback({
               authRequestId,
-              session,
+              callbackKind: {
+                case: "session",
+                value: session,
+              },
             });
             return NextResponse.redirect(callbackUrl);
           } else {
@@ -209,9 +217,12 @@ export async function GET(request: NextRequest) {
               sessionToken: cookie?.token,
             };
             try {
-              const { callbackUrl } = await createCallback(server, {
+              const { callbackUrl } = await createCallback({
                 authRequestId,
-                session,
+                callbackKind: {
+                  case: "session",
+                  value: session,
+                },
               });
               if (callbackUrl) {
                 return NextResponse.redirect(callbackUrl);
diff --git a/apps/login/src/lib/server-actions.ts b/apps/login/src/lib/server-actions.ts
index 5ced55c6..612f5f05 100644
--- a/apps/login/src/lib/server-actions.ts
+++ b/apps/login/src/lib/server-actions.ts
@@ -1,7 +1,7 @@
 "use server";
 
 import { getMostRecentCookieWithLoginname } from "@/utils/cookies";
-import { getSession, server, verifyTOTPRegistration } from "./zitadel";
+import { getSession, verifyTOTPRegistration } from "./zitadel";
 
 export async function verifyTOTP(
   code: string,
@@ -10,7 +10,7 @@ export async function verifyTOTP(
 ) {
   return getMostRecentCookieWithLoginname(loginName, organization)
     .then((recent) => {
-      return getSession(server, recent.id, recent.token).then((response) => {
+      return getSession(recent.id, recent.token).then((response) => {
         return { session: response?.session, token: recent.token };
       });
     })
diff --git a/apps/login/src/lib/zitadel.ts b/apps/login/src/lib/zitadel.ts
index 495b7afb..3ead5d2a 100644
--- a/apps/login/src/lib/zitadel.ts
+++ b/apps/login/src/lib/zitadel.ts
@@ -2,17 +2,24 @@ import {
   createOIDCServiceClient,
   createSessionServiceClient,
   createSettingsServiceClient,
-  createUserServiceClient, makeReqCtx
+  createUserServiceClient,
+  makeReqCtx,
 } from "@zitadel/client2/v2beta";
-import {createManagementServiceClient} from "@zitadel/client2/v1";
-import {createServerTransport} from "@zitadel/node";
-import {Checks} from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
-import {RequestChallenges} from "@zitadel/proto/zitadel/session/v2beta/challenge_pb";
-import {RetrieveIdentityProviderIntentRequest,VerifyU2FRegistrationRequest} from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
-import {CreateCallbackRequest, GetAuthRequestRequest} from "@zitadel/proto/zitadel/oidc/v2beta/oidc_service_pb";
-import {TextQueryMethod} from "@zitadel/proto/zitadel/object/v2beta/object_pb";
-import type {RedirectURLs} from "@zitadel/proto/zitadel/user/v2beta/idp_pb";
-import {PlainMessage} from "@zitadel/client2";
+import { createManagementServiceClient } from "@zitadel/client2/v1";
+import { createServerTransport } from "@zitadel/node";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import { RequestChallenges } from "@zitadel/proto/zitadel/session/v2beta/challenge_pb";
+import {
+  RetrieveIdentityProviderIntentRequest,
+  VerifyU2FRegistrationRequest,
+} from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
+import {
+  CreateCallbackRequest,
+  GetAuthRequestRequest,
+} from "@zitadel/proto/zitadel/oidc/v2beta/oidc_service_pb";
+import { TextQueryMethod } from "@zitadel/proto/zitadel/object/v2beta/object_pb";
+import type { RedirectURLs } from "@zitadel/proto/zitadel/user/v2beta/idp_pb";
+import { PlainMessage } from "@zitadel/client2";
 
 const SESSION_LIFETIME_S = 3000;
 
@@ -30,28 +37,19 @@ export const userService = createUserServiceClient(transport);
 export const oidcService = createOIDCServiceClient(transport);
 export const settingsService = createSettingsServiceClient(transport);
 
-export async function getBrandingSettings(
-  organization?: string,
-) {
+export async function getBrandingSettings(organization?: string) {
   return settingsService
-    .getBrandingSettings(
-      {ctx: makeReqCtx(organization)},
-      {},
-    )
+    .getBrandingSettings({ ctx: makeReqCtx(organization) }, {})
     .then((resp) => resp.settings);
 }
 
-export async function getLoginSettings(
-  orgId?: string,
-) {
+export async function getLoginSettings(orgId?: string) {
   return settingsService
-    .getLoginSettings({ctx: makeReqCtx(orgId)}, {})
+    .getLoginSettings({ ctx: makeReqCtx(orgId) }, {})
     .then((resp) => resp.settings);
 }
 
-export async function addOTPEmail(
-  userId: string,
-) {
+export async function addOTPEmail(userId: string) {
   return userService.addOTPEmail(
     {
       userId,
@@ -60,10 +58,7 @@ export async function addOTPEmail(
   );
 }
 
-export async function addOTPSMS(
-  userId: string,
-  token?: string,
-) {
+export async function addOTPSMS(userId: string, token?: string) {
   // TODO: Follow up here, I do not understand the branching
   // let userService;
   // if (token) {
@@ -78,13 +73,10 @@ export async function addOTPSMS(
   //   userService = user.getUser(server);
   // }
 
-  return userService.addOTPSMS({userId}, {});
+  return userService.addOTPSMS({ userId }, {});
 }
 
-export async function registerTOTP(
-  userId: string,
-  token?: string,
-) {
+export async function registerTOTP(userId: string, token?: string) {
   // TODO: Follow up here, I do not understand the branching
   // let userService;
   // if (token) {
@@ -99,7 +91,7 @@ export async function registerTOTP(
   // } else {
   //   userService = user.getUser(server);
   // }
-  return userService.registerTOTP({userId}, {});
+  return userService.registerTOTP({ userId }, {});
 }
 
 export async function getGeneralSettings() {
@@ -110,22 +102,15 @@ export async function getGeneralSettings() {
 
 export async function getLegalAndSupportSettings(organization?: string) {
   return settingsService
-    .getLegalAndSupportSettings(
-      {ctx: makeReqCtx(organization)},
-      {},
-    )
+    .getLegalAndSupportSettings({ ctx: makeReqCtx(organization) }, {})
     .then((resp) => {
       return resp.settings;
     });
 }
 
-export async function getPasswordComplexitySettings(
-  organization?: string,
-) {
+export async function getPasswordComplexitySettings(organization?: string) {
   return settingsService
-    .getPasswordComplexitySettings(
-      {ctx: makeReqCtx(organization)}
-    )
+    .getPasswordComplexitySettings({ ctx: makeReqCtx(organization) })
     .then((resp) => resp.settings);
 }
 
@@ -153,67 +138,63 @@ export async function createSessionForUserIdAndIdpIntent(
     idpIntentToken?: string | undefined;
   },
 ) {
-  return sessionService.createSession(
-    {
-      checks: {
-        user: {
-          search: {
-            case: "userId",
-            value: userId,
-          },
+  return sessionService.createSession({
+    checks: {
+      user: {
+        search: {
+          case: "userId",
+          value: userId,
         },
-        idpIntent,
       },
-      // lifetime: {
-      //   seconds: 300,
-      //   nanos: 0,
-      // },
+      idpIntent,
     },
-  );
+    // lifetime: {
+    //   seconds: 300,
+    //   nanos: 0,
+    // },
+  });
 }
 
 export async function setSession(
   sessionId: string,
   sessionToken: string,
   challenges: RequestChallenges | undefined,
-  checks: Checks,
+  checks?: PlainMessage<Checks>,
 ) {
-  return sessionService.setSession({
-    sessionId,
-    sessionToken,
-    challenges,
-    checks: checks ? checks : {},
-    metadata: {},
-  }, {});
+  return sessionService.setSession(
+    {
+      sessionId,
+      sessionToken,
+      challenges,
+      checks: checks ? checks : {},
+      metadata: {},
+    },
+    {},
+  );
 }
 
-export async function getSession(
-  sessionId: string,
-  sessionToken: string,
-) {
-  return sessionService.getSession({sessionId, sessionToken}, {});
+export async function getSession(sessionId: string, sessionToken: string) {
+  return sessionService.getSession({ sessionId, sessionToken }, {});
 }
 
-export async function deleteSession(
-  sessionId: string,
-  sessionToken: string,
-) {
-  return sessionService.deleteSession({sessionId, sessionToken}, {});
+export async function deleteSession(sessionId: string, sessionToken: string) {
+  return sessionService.deleteSession({ sessionId, sessionToken }, {});
 }
 
-export async function listSessions(
-  ids: string[],
-) {
-  return sessionService.listSessions({
-    queries: [
-      {
-        query: {
-          case: "idsQuery",
-          value: {ids: ids},
+export async function listSessions(ids: string[]) {
+  return sessionService.listSessions(
+    {
+      queries: [
+        {
+          query: {
+            case: "idsQuery",
+            value: { ids: ids },
+          },
         },
-      },
-    ]
-  }, {});
+      ],
+    },
+    {},
+  );
 }
 
 export type AddHumanUserData = {
@@ -224,18 +205,24 @@ export type AddHumanUserData = {
   organization: string | undefined;
 };
 
-export async function addHumanUser(
-  {email, firstName, lastName, password, organization}: AddHumanUserData,
-) {
-  return userService.addHumanUser(
-    {
-      email: {email},
-      username: email,
-      profile: {givenName: firstName, familyName: lastName},
-      organization: organization ? {org: {case: 'orgId', value: organization}} : undefined,
-      passwordType: password ? {case: 'password', value: {password: password}} : undefined,
-    },
-  );
+export async function addHumanUser({
+  email,
+  firstName,
+  lastName,
+  password,
+  organization,
+}: AddHumanUserData) {
+  return userService.addHumanUser({
+    email: { email },
+    username: email,
+    profile: { givenName: firstName, familyName: lastName },
+    organization: organization
+      ? { org: { case: "orgId", value: organization } }
+      : undefined,
+    passwordType: password
+      ? { case: "password", value: { password: password } }
+      : undefined,
+  });
 }
 
 export async function verifyTOTPRegistration(
@@ -256,105 +243,97 @@ export async function verifyTOTPRegistration(
   // } else {
   //   userService = user.getUser(server);
   // }
-  return userService.verifyTOTPRegistration({code, userId}, {});
+  return userService.verifyTOTPRegistration({ code, userId }, {});
 }
 
-export async function getUserByID(
-  userId: string,
-) {
-  return userService.getUserByID({userId}, {});
+export async function getUserByID(userId: string) {
+  return userService.getUserByID({ userId }, {});
 }
 
-export async function listUsers(
-  userName: string,
-  organizationId: string,
-) {
+export async function listUsers(userName: string, organizationId: string) {
   return userService.listUsers(
     {
       queries: organizationId
         ? [
-          {
-            query: {
-              case: "userNameQuery",
-              value: {
-                userName,
-                method: TextQueryMethod.EQUALS,
-              }
-            }
-          },
-          {
-            query: {
-              case: 'organizationIdQuery',
-              value: {
-                organizationId,
+            {
+              query: {
+                case: "userNameQuery",
+                value: {
+                  userName,
+                  method: TextQueryMethod.EQUALS,
+                },
               },
-            }
-          },
-        ]
+            },
+            {
+              query: {
+                case: "organizationIdQuery",
+                value: {
+                  organizationId,
+                },
+              },
+            },
+          ]
         : [
-          {
-            query: {
-              case: 'userNameQuery',
-              value: {
-                userName,
-                method: TextQueryMethod.EQUALS,
+            {
+              query: {
+                case: "userNameQuery",
+                value: {
+                  userName,
+                  method: TextQueryMethod.EQUALS,
+                },
               },
-            }
-          },
-        ],
+            },
+          ],
     },
     {},
   );
 }
 
-export async function getOrgByDomain(
-  domain: string,
-) {
-  return managementService.getOrgByDomainGlobal({domain}, {});
+export async function getOrgByDomain(domain: string) {
+  return managementService.getOrgByDomainGlobal({ domain }, {});
 }
 
-export async function startIdentityProviderFlow(
-  {idpId, urls}: {
-    idpId: string;
-    urls: RedirectURLs;
-  },
-) {
+export async function startIdentityProviderFlow({
+  idpId,
+  urls,
+}: {
+  idpId: string;
+  urls: PlainMessage<RedirectURLs>;
+}) {
   return userService.startIdentityProviderIntent({
     idpId,
     content: {
-      case: 'urls',
-      value: urls
-    }
+      case: "urls",
+      value: urls,
+    },
   });
 }
 
-export async function retrieveIdentityProviderInformation(
-  {idpIntentId, idpIntentToken}: RetrieveIdentityProviderIntentRequest,
-) {
+export async function retrieveIdentityProviderInformation({
+  idpIntentId,
+  idpIntentToken,
+}: RetrieveIdentityProviderIntentRequest) {
   return userService.retrieveIdentityProviderIntent({
     idpIntentId,
     idpIntentToken,
   });
 }
 
-export async function getAuthRequest(
-  {authRequestId}: GetAuthRequestRequest,
-) {
+export async function getAuthRequest({
+  authRequestId,
+}: {
+  authRequestId: string;
+}) {
   return oidcService.getAuthRequest({
     authRequestId,
   });
 }
 
-export async function createCallback(
-  req: CreateCallbackRequest,
-) {
+export async function createCallback(req: PlainMessage<CreateCallbackRequest>) {
   return oidcService.createCallback(req);
 }
 
-export async function verifyEmail(
-  userId: string,
-  verificationCode: string,
-) {
+export async function verifyEmail(userId: string, verificationCode: string) {
   return userService.verifyEmail(
     {
       userId,
@@ -369,9 +348,7 @@ export async function verifyEmail(
  * @param userId the id of the user where the email should be set
  * @returns the newly set email
  */
-export async function setEmail(
-  userId: string,
-) {
+export async function setEmail(userId: string) {
   return userService.setEmail(
     {
       userId,
@@ -406,9 +383,9 @@ export async function createPasskeyRegistrationLink(
   return userService.createPasskeyRegistrationLink({
     userId,
     medium: {
-      case: 'returnCode',
+      case: "returnCode",
       value: {},
-    }
+    },
   });
 }
 
@@ -418,10 +395,7 @@ export async function createPasskeyRegistrationLink(
  * @param domain the domain on which the factor is registered
  * @returns the newly set email
  */
-export async function registerU2F(
-  userId: string,
-  domain: string,
-) {
+export async function registerU2F(userId: string, domain: string) {
   return userService.registerU2F({
     userId,
     domain,
@@ -435,7 +409,7 @@ export async function registerU2F(
  * @returns the newly set email
  */
 export async function verifyU2FRegistration(
-  request: VerifyU2FRegistrationRequest,
+  request: PlainMessage<VerifyU2FRegistrationRequest>,
 ) {
   return userService.verifyU2FRegistration(request, {});
 }
@@ -450,8 +424,8 @@ export async function verifyPasskeyRegistration(
   passkeyName: string,
   publicKeyCredential:
     | {
-    [key: string]: any;
-  }
+        [key: string]: any;
+      }
     | undefined,
   userId: string,
 ) {
@@ -489,9 +463,7 @@ export async function registerPasskey(
  * @param userId the id of the user where the email should be set
  * @returns the newly set email
  */
-export async function listAuthenticationMethodTypes(
-  userId: string,
-) {
+export async function listAuthenticationMethodTypes(userId: string) {
   return userService.listAuthenticationMethodTypes({
     userId,
   });
diff --git a/apps/login/src/ui/ChooseSecondFactor.tsx b/apps/login/src/ui/ChooseSecondFactor.tsx
index 46cef177..48154cf0 100644
--- a/apps/login/src/ui/ChooseSecondFactor.tsx
+++ b/apps/login/src/ui/ChooseSecondFactor.tsx
@@ -1,15 +1,11 @@
 "use client";
 
-import {
-  AuthenticationMethodType,
-  LoginSettings,
-  login,
-} from "@zitadel/server";
 import Link from "next/link";
 import { BadgeState, StateBadge } from "./StateBadge";
 import clsx from "clsx";
 import { CheckIcon } from "@heroicons/react/24/outline";
 import { EMAIL, SMS, TOTP, U2F } from "./AuthMethods";
+import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 
 type Props = {
   loginName?: string;
@@ -46,10 +42,14 @@ export default function ChooseSecondFactor({
       {userMethods.map((method, i) => {
         return (
           <div key={"method-" + i}>
-            {method === 4 && TOTP(false, "/otp/time-based?" + params)}
-            {method === 5 && U2F(false, "/u2f?" + params)}
-            {method === 7 && EMAIL(false, "/otp/email?" + params)}
-            {method === 6 && SMS(false, "/otp/sms?" + params)}
+            {method === AuthenticationMethodType.TOTP &&
+              TOTP(false, "/otp/time-based?" + params)}
+            {method === AuthenticationMethodType.U2F &&
+              U2F(false, "/u2f?" + params)}
+            {method === AuthenticationMethodType.OTP_EMAIL &&
+              EMAIL(false, "/otp/email?" + params)}
+            {method === AuthenticationMethodType.OTP_SMS &&
+              SMS(false, "/otp/sms?" + params)}
           </div>
         );
       })}
diff --git a/apps/login/src/ui/ChooseSecondFactorToSetup.tsx b/apps/login/src/ui/ChooseSecondFactorToSetup.tsx
index f868a235..de502cb8 100644
--- a/apps/login/src/ui/ChooseSecondFactorToSetup.tsx
+++ b/apps/login/src/ui/ChooseSecondFactorToSetup.tsx
@@ -1,7 +1,8 @@
 "use client";
 
-import { AuthenticationMethodType, LoginSettings } from "@zitadel/server";
 import { EMAIL, SMS, TOTP, U2F } from "./AuthMethods";
+import { LoginSettings } from "@zitadel/proto/zitadel/settings/v2beta/login_settings_pb";
+import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 
 type Props = {
   loginName?: string;
@@ -48,13 +49,25 @@ export default function ChooseSecondFactorToSetup({
     <div className="grid grid-cols-1 gap-5 w-full pt-4">
       {loginSettings.secondFactors.map((factor, i) => {
         return factor === 1
-          ? TOTP(userMethods.includes(4), "/otp/time-based/set?" + params)
+          ? TOTP(
+              userMethods.includes(AuthenticationMethodType.TOTP),
+              "/otp/time-based/set?" + params,
+            )
           : factor === 2
-            ? U2F(userMethods.includes(5), "/u2f/set?" + params)
+            ? U2F(
+                userMethods.includes(AuthenticationMethodType.U2F),
+                "/u2f/set?" + params,
+              )
             : factor === 3 && emailVerified
-              ? EMAIL(userMethods.includes(7), "/otp/email/set?" + params)
+              ? EMAIL(
+                  userMethods.includes(AuthenticationMethodType.OTP_EMAIL),
+                  "/otp/email/set?" + params,
+                )
               : factor === 4 && phoneVerified
-                ? SMS(userMethods.includes(6), "/otp/sms/set?" + params)
+                ? SMS(
+                    userMethods.includes(AuthenticationMethodType.OTP_SMS),
+                    "/otp/sms/set?" + params,
+                  )
                 : null;
       })}
     </div>
diff --git a/apps/login/src/ui/DynamicTheme.tsx b/apps/login/src/ui/DynamicTheme.tsx
index 0a91d8a5..6c8a1ffe 100644
--- a/apps/login/src/ui/DynamicTheme.tsx
+++ b/apps/login/src/ui/DynamicTheme.tsx
@@ -1,10 +1,10 @@
 "use client";
 
-import { BrandingSettings } from "@zitadel/server";
 import React from "react";
 import { Logo } from "@/ui/Logo";
 import ThemeWrapper from "./ThemeWrapper";
 import { LayoutProviders } from "./LayoutProviders";
+import { BrandingSettings } from "@zitadel/proto/zitadel/settings/v2beta/branding_settings_pb";
 
 export default function DynamicTheme({
   branding,
diff --git a/apps/login/src/ui/LoginOTP.tsx b/apps/login/src/ui/LoginOTP.tsx
index 1235d6ec..f95077bd 100644
--- a/apps/login/src/ui/LoginOTP.tsx
+++ b/apps/login/src/ui/LoginOTP.tsx
@@ -6,10 +6,11 @@ import { coerceToArrayBuffer, coerceToBase64Url } from "@/utils/base64";
 import { Button, ButtonVariants } from "./Button";
 import Alert, { AlertType } from "./Alert";
 import { Spinner } from "./Spinner";
-import { Checks } from "@zitadel/server";
 import { useForm } from "react-hook-form";
 import { TextInput } from "./Input";
-import { Challenges } from "@zitadel/server";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import { PlainMessage } from "@zitadel/client2";
+import { Challenges } from "@zitadel/proto/zitadel/session/v2beta/challenge_pb";
 
 // either loginName or sessionId must be provided
 type Props = {
@@ -63,7 +64,7 @@ export default function LoginOTP({
   }, []);
 
   async function updateSessionForOTPChallenge() {
-    const challenges: Challenges = {};
+    const challenges: PlainMessage<Challenges> = {};
 
     if (method === "email") {
       challenges.otpEmail = "";
@@ -111,7 +112,7 @@ export default function LoginOTP({
       body.authRequestId = authRequestId;
     }
 
-    const checks: Checks = {};
+    const checks: PlainMessage<Checks> = {};
     if (method === "sms") {
       checks.otpSms = { code: values.code };
     }
diff --git a/apps/login/src/ui/LoginPasskey.tsx b/apps/login/src/ui/LoginPasskey.tsx
index 6048d5b7..da27581a 100644
--- a/apps/login/src/ui/LoginPasskey.tsx
+++ b/apps/login/src/ui/LoginPasskey.tsx
@@ -6,7 +6,7 @@ import { coerceToArrayBuffer, coerceToBase64Url } from "@/utils/base64";
 import { Button, ButtonVariants } from "./Button";
 import Alert from "./Alert";
 import { Spinner } from "./Spinner";
-import { Checks } from "@zitadel/server";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
 
 // either loginName or sessionId must be provided
 type Props = {
diff --git a/apps/login/src/ui/PasswordComplexity.tsx b/apps/login/src/ui/PasswordComplexity.tsx
index 7b18dffb..35ee959c 100644
--- a/apps/login/src/ui/PasswordComplexity.tsx
+++ b/apps/login/src/ui/PasswordComplexity.tsx
@@ -4,7 +4,7 @@ import {
   symbolValidator,
   upperCaseValidator,
 } from "@/utils/validators";
-import { PasswordComplexitySettings } from "@zitadel/server";
+import { PasswordComplexitySettings } from "@zitadel/proto/zitadel/settings/v2beta/password_settings_pb";
 
 type Props = {
   passwordComplexitySettings: PasswordComplexitySettings;
@@ -68,7 +68,7 @@ export default function PasswordComplexity({
         <div className="flex flex-row items-center">
           {hasMinLength ? check : cross}
           <span className={desc}>
-            Password length {passwordComplexitySettings.minLength}
+            Password length {passwordComplexitySettings.minLength.toString()}
           </span>
         </div>
       ) : (
diff --git a/apps/login/src/ui/PasswordForm.tsx b/apps/login/src/ui/PasswordForm.tsx
index d9e766b6..26f21927 100644
--- a/apps/login/src/ui/PasswordForm.tsx
+++ b/apps/login/src/ui/PasswordForm.tsx
@@ -7,12 +7,9 @@ import { useForm } from "react-hook-form";
 import { useRouter } from "next/navigation";
 import { Spinner } from "./Spinner";
 import Alert from "./Alert";
-import {
-  LoginSettings,
-  AuthFactor,
-  Checks,
-  AuthenticationMethodType,
-} from "@zitadel/server";
+import { LoginSettings } from "@zitadel/proto/zitadel/settings/v2beta/login_settings_pb";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 
 type Inputs = {
   password: string;
@@ -83,7 +80,8 @@ export default function PasswordForm({
 
       // exclude password
       const availableSecondFactors = resp.authMethods?.filter(
-        (m: AuthenticationMethodType) => m !== 1,
+        (m: AuthenticationMethodType) =>
+          m !== AuthenticationMethodType.PASSWORD,
       );
       if (availableSecondFactors.length == 1) {
         const params = new URLSearchParams({
diff --git a/apps/login/src/ui/PrivacyPolicyCheckboxes.tsx b/apps/login/src/ui/PrivacyPolicyCheckboxes.tsx
index da94e428..4879bad3 100644
--- a/apps/login/src/ui/PrivacyPolicyCheckboxes.tsx
+++ b/apps/login/src/ui/PrivacyPolicyCheckboxes.tsx
@@ -2,7 +2,7 @@
 import React, { useState } from "react";
 import Link from "next/link";
 import { Checkbox } from "./Checkbox";
-import { LegalAndSupportSettings } from "@zitadel/server";
+import { LegalAndSupportSettings } from "@zitadel/proto/zitadel/settings/v2beta/legal_settings_pb";
 
 type Props = {
   legal: LegalAndSupportSettings;
diff --git a/apps/login/src/ui/RegisterFormWithoutPassword.tsx b/apps/login/src/ui/RegisterFormWithoutPassword.tsx
index fc95aac0..c8dfb1f7 100644
--- a/apps/login/src/ui/RegisterFormWithoutPassword.tsx
+++ b/apps/login/src/ui/RegisterFormWithoutPassword.tsx
@@ -1,6 +1,5 @@
 "use client";
 
-import { LegalAndSupportSettings } from "@zitadel/server";
 import { useState } from "react";
 import { Button, ButtonVariants } from "./Button";
 import { TextInput } from "./Input";
@@ -12,6 +11,7 @@ import AuthenticationMethodRadio, {
   methods,
 } from "./AuthenticationMethodRadio";
 import Alert from "./Alert";
+import { LegalAndSupportSettings } from "@zitadel/proto/zitadel/settings/v2beta/legal_settings_pb";
 
 type Inputs =
   | {
diff --git a/apps/login/src/ui/RegisterPasskey.tsx b/apps/login/src/ui/RegisterPasskey.tsx
index 67c864c0..ffb30788 100644
--- a/apps/login/src/ui/RegisterPasskey.tsx
+++ b/apps/login/src/ui/RegisterPasskey.tsx
@@ -6,8 +6,8 @@ import { useForm } from "react-hook-form";
 import { useRouter } from "next/navigation";
 import { Spinner } from "./Spinner";
 import Alert from "./Alert";
-import { AuthRequest, RegisterPasskeyResponse } from "@zitadel/server";
 import { coerceToArrayBuffer, coerceToBase64Url } from "@/utils/base64";
+import { RegisterPasskeyResponse } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 type Inputs = {};
 
 type Props = {
@@ -89,37 +89,31 @@ export default function RegisterPasskey({
   function submitRegisterAndContinue(value: Inputs): Promise<boolean | void> {
     return submitRegister().then((resp: RegisterPasskeyResponse) => {
       const passkeyId = resp.passkeyId;
-
-      if (
-        resp.publicKeyCredentialCreationOptions &&
-        resp.publicKeyCredentialCreationOptions.publicKey
-      ) {
-        resp.publicKeyCredentialCreationOptions.publicKey.challenge =
-          coerceToArrayBuffer(
-            resp.publicKeyCredentialCreationOptions.publicKey.challenge,
-            "challenge",
-          );
-        resp.publicKeyCredentialCreationOptions.publicKey.user.id =
-          coerceToArrayBuffer(
-            resp.publicKeyCredentialCreationOptions.publicKey.user.id,
-            "userid",
-          );
-        if (
-          resp.publicKeyCredentialCreationOptions.publicKey.excludeCredentials
-        ) {
-          resp.publicKeyCredentialCreationOptions.publicKey.excludeCredentials.map(
-            (cred: any) => {
-              cred.id = coerceToArrayBuffer(
-                cred.id as string,
-                "excludeCredentials.id",
-              );
-              return cred;
-            },
-          );
+      const options: CredentialCreationOptions =
+        (resp.publicKeyCredentialCreationOptions?.toJson() as CredentialCreationOptions) ??
+        {};
+
+      if (options?.publicKey) {
+        options.publicKey.challenge = coerceToArrayBuffer(
+          options.publicKey.challenge,
+          "challenge",
+        );
+        options.publicKey.user.id = coerceToArrayBuffer(
+          options.publicKey.user.id,
+          "userid",
+        );
+        if (options.publicKey.excludeCredentials) {
+          options.publicKey.excludeCredentials.map((cred: any) => {
+            cred.id = coerceToArrayBuffer(
+              cred.id as string,
+              "excludeCredentials.id",
+            );
+            return cred;
+          });
         }
 
         navigator.credentials
-          .create(resp.publicKeyCredentialCreationOptions)
+          .create(options)
           .then((resp) => {
             if (
               resp &&
diff --git a/apps/login/src/ui/RegisterU2F.tsx b/apps/login/src/ui/RegisterU2F.tsx
index 71ccad81..9c5bf4d9 100644
--- a/apps/login/src/ui/RegisterU2F.tsx
+++ b/apps/login/src/ui/RegisterU2F.tsx
@@ -6,8 +6,8 @@ import { useForm } from "react-hook-form";
 import { useRouter } from "next/navigation";
 import { Spinner } from "./Spinner";
 import Alert from "./Alert";
-import { RegisterU2FResponse } from "@zitadel/server";
 import { coerceToArrayBuffer, coerceToBase64Url } from "@/utils/base64";
+import { RegisterU2FResponse } from "@zitadel/proto/zitadel/user/v2beta/user_service_pb";
 type Inputs = {};
 
 type Props = {
@@ -87,37 +87,31 @@ export default function RegisterU2F({
   function submitRegisterAndContinue(value: Inputs): Promise<boolean | void> {
     return submitRegister().then((resp: RegisterU2FResponse) => {
       const u2fId = resp.u2fId;
-
-      if (
-        resp.publicKeyCredentialCreationOptions &&
-        resp.publicKeyCredentialCreationOptions.publicKey
-      ) {
-        resp.publicKeyCredentialCreationOptions.publicKey.challenge =
-          coerceToArrayBuffer(
-            resp.publicKeyCredentialCreationOptions.publicKey.challenge,
-            "challenge",
-          );
-        resp.publicKeyCredentialCreationOptions.publicKey.user.id =
-          coerceToArrayBuffer(
-            resp.publicKeyCredentialCreationOptions.publicKey.user.id,
-            "userid",
-          );
-        if (
-          resp.publicKeyCredentialCreationOptions.publicKey.excludeCredentials
-        ) {
-          resp.publicKeyCredentialCreationOptions.publicKey.excludeCredentials.map(
-            (cred: any) => {
-              cred.id = coerceToArrayBuffer(
-                cred.id as string,
-                "excludeCredentials.id",
-              );
-              return cred;
-            },
-          );
+      const options: CredentialCreationOptions =
+        (resp.publicKeyCredentialCreationOptions?.toJson() as CredentialCreationOptions) ??
+        {};
+
+      if (options.publicKey) {
+        options.publicKey.challenge = coerceToArrayBuffer(
+          options.publicKey.challenge,
+          "challenge",
+        );
+        options.publicKey.user.id = coerceToArrayBuffer(
+          options.publicKey.user.id,
+          "userid",
+        );
+        if (options.publicKey.excludeCredentials) {
+          options.publicKey.excludeCredentials.map((cred: any) => {
+            cred.id = coerceToArrayBuffer(
+              cred.id as string,
+              "excludeCredentials.id",
+            );
+            return cred;
+          });
         }
 
         navigator.credentials
-          .create(resp.publicKeyCredentialCreationOptions)
+          .create(options)
           .then((resp) => {
             if (
               resp &&
diff --git a/apps/login/src/ui/SessionItem.tsx b/apps/login/src/ui/SessionItem.tsx
index 5a620f21..577bf9dc 100644
--- a/apps/login/src/ui/SessionItem.tsx
+++ b/apps/login/src/ui/SessionItem.tsx
@@ -1,10 +1,11 @@
 "use client";
-import { Session } from "@zitadel/server";
+
 import Link from "next/link";
 import { useState } from "react";
 import { Avatar } from "./Avatar";
 import moment from "moment";
 import { XCircleIcon } from "@heroicons/react/24/outline";
+import { Session } from "@zitadel/proto/zitadel/session/v2beta/session_pb";
 
 export default function SessionItem({
   session,
@@ -43,7 +44,7 @@ export default function SessionItem({
   const validPassword = session?.factors?.password?.verifiedAt;
   const validPasskey = session?.factors?.webAuthN?.verifiedAt;
   const stillValid = session.expirationDate
-    ? session.expirationDate > new Date()
+    ? session.expirationDate.toDate() > new Date()
     : true;
 
   const validDate = validPassword || validPasskey;
@@ -96,7 +97,7 @@ export default function SessionItem({
         </span>
         {validUser && (
           <span className="text-xs opacity-80">
-            {validDate && moment(new Date(validDate)).fromNow()}
+            {validDate && moment(validDate.toDate()).fromNow()}
           </span>
         )}
       </div>
diff --git a/apps/login/src/ui/SessionsList.tsx b/apps/login/src/ui/SessionsList.tsx
index a7e0c4cf..d55679f8 100644
--- a/apps/login/src/ui/SessionsList.tsx
+++ b/apps/login/src/ui/SessionsList.tsx
@@ -1,9 +1,9 @@
 "use client";
 
-import { Session } from "@zitadel/server";
 import SessionItem from "./SessionItem";
 import Alert from "./Alert";
 import { useEffect, useState } from "react";
+import { Session } from "@zitadel/proto/zitadel/session/v2beta/session_pb";
 
 type Props = {
   sessions: Session[];
diff --git a/apps/login/src/ui/SetPasswordForm.tsx b/apps/login/src/ui/SetPasswordForm.tsx
index ed74d7b6..177d302a 100644
--- a/apps/login/src/ui/SetPasswordForm.tsx
+++ b/apps/login/src/ui/SetPasswordForm.tsx
@@ -1,6 +1,5 @@
 "use client";
 
-import { PasswordComplexitySettings } from "@zitadel/server";
 import PasswordComplexity from "./PasswordComplexity";
 import { useState } from "react";
 import { Button, ButtonVariants } from "./Button";
@@ -15,6 +14,7 @@ import {
 import { useRouter } from "next/navigation";
 import { Spinner } from "./Spinner";
 import Alert from "./Alert";
+import { PasswordComplexitySettings } from "@zitadel/proto/zitadel/settings/v2beta/password_settings_pb";
 
 type Inputs =
   | {
diff --git a/apps/login/src/ui/TOTPRegister.tsx b/apps/login/src/ui/TOTPRegister.tsx
index c24c18fd..bdec18af 100644
--- a/apps/login/src/ui/TOTPRegister.tsx
+++ b/apps/login/src/ui/TOTPRegister.tsx
@@ -10,7 +10,6 @@ import { useState } from "react";
 import { useForm } from "react-hook-form";
 import { useRouter } from "next/navigation";
 import { verifyTOTP } from "@/lib/server-actions";
-import { login } from "@zitadel/server";
 
 type Inputs = {
   code: string;
diff --git a/apps/login/src/ui/ThemeWrapper.tsx b/apps/login/src/ui/ThemeWrapper.tsx
index 9c9d0bc0..2cfdcbc0 100644
--- a/apps/login/src/ui/ThemeWrapper.tsx
+++ b/apps/login/src/ui/ThemeWrapper.tsx
@@ -1,11 +1,12 @@
 "use client";
 
-import { BrandingSettings } from "@zitadel/server";
 import { setTheme } from "@/utils/colors";
 import { useEffect } from "react";
+import { BrandingSettings } from "@zitadel/proto/zitadel/settings/v2beta/branding_settings_pb";
+import { PartialMessage } from "@zitadel/client2";
 
 type Props = {
-  branding: Partial<BrandingSettings> | undefined;
+  branding: PartialMessage<BrandingSettings> | undefined;
   children: React.ReactNode;
 };
 
diff --git a/apps/login/src/ui/UsernameForm.tsx b/apps/login/src/ui/UsernameForm.tsx
index 9ac66eaf..39c54049 100644
--- a/apps/login/src/ui/UsernameForm.tsx
+++ b/apps/login/src/ui/UsernameForm.tsx
@@ -7,7 +7,7 @@ import { useForm } from "react-hook-form";
 import { useRouter } from "next/navigation";
 import { Spinner } from "./Spinner";
 import Alert from "./Alert";
-import {LoginSettings} from "@zitadel/proto/zitadel/settings/v2beta/login_settings_pb";
+import { LoginSettings } from "@zitadel/proto/zitadel/settings/v2beta/login_settings_pb";
 
 type Inputs = {
   loginName: string;
diff --git a/apps/login/src/utils/colors.ts b/apps/login/src/utils/colors.ts
index a5fba8e0..d542dea6 100644
--- a/apps/login/src/utils/colors.ts
+++ b/apps/login/src/utils/colors.ts
@@ -1,6 +1,6 @@
 import tinycolor from "tinycolor2";
-
-import { BrandingSettings } from "@zitadel/server";
+import { BrandingSettings } from "@zitadel/proto/zitadel/settings/v2beta/branding_settings_pb";
+import { PartialMessage } from "@zitadel/client2";
 
 export interface Color {
   name: string;
@@ -69,7 +69,10 @@ type BrandingColors = {
   };
 };
 
-export function setTheme(document: any, policy?: Partial<BrandingSettings>) {
+export function setTheme(
+  document: any,
+  policy?: PartialMessage<BrandingSettings>,
+) {
   const lP: BrandingColors = {
     lightTheme: {
       backgroundColor: policy?.lightTheme?.backgroundColor || BACKGROUND,
diff --git a/apps/login/src/utils/session.ts b/apps/login/src/utils/session.ts
index 13de05ee..36e16e0e 100644
--- a/apps/login/src/utils/session.ts
+++ b/apps/login/src/utils/session.ts
@@ -11,9 +11,13 @@ import {
   addSessionToCookie,
   updateSessionCookie,
 } from "./cookies";
-import {Challenges, RequestChallenges} from "@zitadel/proto/zitadel/session/v2beta/challenge_pb";
-import {Session} from "@zitadel/proto/zitadel/session/v2beta/session_pb";
-import {Checks} from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import {
+  Challenges,
+  RequestChallenges,
+} from "@zitadel/proto/zitadel/session/v2beta/challenge_pb";
+import { Session } from "@zitadel/proto/zitadel/session/v2beta/session_pb";
+import { Checks } from "@zitadel/proto/zitadel/session/v2beta/session_service_pb";
+import { PlainMessage } from "@zitadel/client2";
 
 export async function createSessionAndUpdateCookie(
   loginName: string,
@@ -25,11 +29,11 @@ export async function createSessionAndUpdateCookie(
   const createdSession = await createSessionFromChecks(
     password
       ? {
-          user: { search: {case: 'loginName', value: loginName} },
+          user: { search: { case: "loginName", value: loginName } },
           password: { password },
           // totp: { code: totpCode },
         }
-      : { user: { search: {case: 'loginName', value: loginName} } },
+      : { user: { search: { case: "loginName", value: loginName } } },
     challenges,
   );
 
@@ -78,11 +82,11 @@ export async function createSessionForUserIdAndUpdateCookie(
   const createdSession = await createSessionFromChecks(
     password
       ? {
-          user: { search: {case: "userId", value: userId} },
+          user: { search: { case: "userId", value: userId } },
           password: { password },
           // totp: { code: totpCode },
         }
-      : { user: { search: {case: "userId", value: userId} } },
+      : { user: { search: { case: "userId", value: userId } } },
     challenges,
   );
 
@@ -178,7 +182,7 @@ export type SessionWithChallenges = Session & {
 
 export async function setSessionAndUpdateCookie(
   recentCookie: SessionCookie,
-  checks: Checks,
+  checks: PlainMessage<Checks>,
   challenges: RequestChallenges | undefined,
   authRequestId: string | undefined,
 ) {