diff --git a/authenticate/handlers.go b/authenticate/handlers.go
index c833e728a..5f352e668 100644
--- a/authenticate/handlers.go
+++ b/authenticate/handlers.go
@@ -19,6 +19,7 @@ import (
 	"gopkg.in/square/go-jose.v2/jwt"
 
 	"github.com/pomerium/pomerium/internal/httputil"
+	"github.com/pomerium/pomerium/internal/identity"
 	"github.com/pomerium/pomerium/internal/identity/manager"
 	"github.com/pomerium/pomerium/internal/identity/oidc"
 	"github.com/pomerium/pomerium/internal/log"
@@ -379,14 +380,20 @@ func (a *Authenticate) getOAuthCallback(w http.ResponseWriter, r *http.Request)
 	// Successful Authentication Response: rfc6749#section-4.1.2 & OIDC#3.1.2.5
 	//
 	// Exchange the supplied Authorization Code for a valid user session.
-	s := sessions.State{ID: uuid.New().String()}
-	accessToken, err := a.provider.Load().Authenticate(ctx, code, &s)
+	var claims identity.Claims
+	accessToken, err := a.provider.Load().Authenticate(ctx, code, &claims)
 	if err != nil {
 		return nil, fmt.Errorf("error redeeming authenticate code: %w", err)
 	}
 
+	s := sessions.State{ID: uuid.New().String()}
+	err = claims.Claims(&s)
+	if err != nil {
+		return nil, fmt.Errorf("error unmarshaling session state: %w", err)
+	}
+
 	// save the session and access token to the databroker
-	err = a.saveSessionToDataBroker(ctx, &s, accessToken)
+	err = a.saveSessionToDataBroker(ctx, &s, claims, accessToken)
 	if err != nil {
 		return nil, httputil.NewError(http.StatusInternalServerError, err)
 	}
@@ -526,7 +533,7 @@ func (a *Authenticate) Dashboard(w http.ResponseWriter, r *http.Request) error {
 	return a.templates.ExecuteTemplate(w, "dashboard.html", input)
 }
 
-func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState *sessions.State, accessToken *oauth2.Token) error {
+func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState *sessions.State, claims identity.Claims, accessToken *oauth2.Token) error {
 	state := a.state.Load()
 	options := a.options.Load()
 
@@ -546,6 +553,7 @@ func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState
 		},
 		OauthToken: manager.ToOAuthToken(accessToken),
 	}
+	s.AddClaims(claims.Flatten())
 
 	// if no user exists yet, create a new one
 	currentUser, _ := user.Get(ctx, state.dataBrokerClient, s.GetUserId())
diff --git a/authorize/evaluator/opa/policy/authz.rego b/authorize/evaluator/opa/policy/authz.rego
index af0513e38..16227cc97 100644
--- a/authorize/evaluator/opa/policy/authz.rego
+++ b/authorize/evaluator/opa/policy/authz.rego
@@ -12,6 +12,7 @@ groups := input.databroker_data.groups
 all_allowed_domains := get_allowed_domains(route_policy)
 all_allowed_groups := get_allowed_groups(route_policy)
 all_allowed_users := get_allowed_users(route_policy)
+all_allowed_idp_claims := get_allowed_idp_claims(route_policy)
 
 # allow public
 allow {
@@ -65,6 +66,14 @@ allow {
 	email_in_domain(input.session.impersonate_email, all_allowed_domains[domain])
 }
 
+# allow by arbitrary idp claims
+allow {
+    are_claims_allowed(all_allowed_idp_claims[_], session.claims)
+}
+allow {
+    are_claims_allowed(all_allowed_idp_claims[_], user.claims)
+}
+
 # allow pomerium urls
 allow {
 	contains(input.http.url, "/.pomerium/")
@@ -181,3 +190,21 @@ get_allowed_groups(policy) = v {
         [u | u := policy.sub_policies[_].allowed_groups[_]]
     )[_] }
 }
+
+get_allowed_idp_claims(policy) = v {
+    v := array.concat(
+        [policy.allowed_idp_claims],
+        [u | u := policy.sub_policies[_].allowed_idp_claims]
+     )
+}
+
+are_claims_allowed(a, b) {
+    is_object(a)
+    is_object(b)
+    avs := a[ak]
+    bvs := object.get(b, ak, null)
+
+    is_array(avs)
+    is_array(bvs)
+    avs[_] == bvs[_]
+}
diff --git a/authorize/evaluator/opa/policy/authz_test.rego b/authorize/evaluator/opa/policy/authz_test.rego
index 44bc75026..bf9b894b5 100644
--- a/authorize/evaluator/opa/policy/authz_test.rego
+++ b/authorize/evaluator/opa/policy/authz_test.rego
@@ -169,6 +169,25 @@ test_impersonate_domain_allowed {
 		input.session as { "id": "session1", "impersonate_email": "y@example1.com" }
 }
 
+test_idp_claims_allowed {
+    allow with
+        data.route_policies as [{
+            "source": "example.com",
+            "allowed_idp_claims": {
+                "some.claim": ["a", "b"]
+            }
+        }] with
+        input.databroker_data as {
+            "session": {
+                "claims": {
+                    "some.claim": ["b"]
+                }
+            }
+        } with
+		input.http as { "url": "http://example.com" } with
+        input.session as { "id": "session1", "impersonate_email": "" }
+}
+
 test_example {
 	not allow with
 		data.route_policies as [
@@ -344,3 +363,14 @@ test_sub_policy {
     })
 	z == {"g1", "g2", "g3", "g4"}
 }
+
+test_are_claims_allowed {
+    are_claims_allowed({"a": ["1"]}, {"a": ["1"]})
+    not are_claims_allowed({"a": ["2"]}, {"a": ["1"]})
+
+    are_claims_allowed({"a": ["1", "2", "3"]}, {"a": ["1"]})
+    are_claims_allowed({"a": ["1"]}, {"a": ["1", "2", "3"]})
+    not are_claims_allowed({"a": ["4", "5", "6"]}, {"a": ["1"]})
+
+    are_claims_allowed({"a.b.c": ["1"], "d.e.f": ["2"]}, {"d.e.f": ["2"]})
+}
diff --git a/authorize/evaluator/opa/policy/statik.go b/authorize/evaluator/opa/policy/statik.go
index d6e2eee91..a9a3449b1 100644
--- a/authorize/evaluator/opa/policy/statik.go
+++ b/authorize/evaluator/opa/policy/statik.go
@@ -9,6 +9,6 @@ import (
 const Rego = "rego" // static asset namespace
 
 func init() {
-	data := "PK\x03\x04\x14\x00\x08\x00\x08\x00x\x83MQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00	\x00authz.regoUT\x05\x00\x01\x84\xd5\x85_\xacWO\x97\x9b6\x10?\xc3\xa7\x98\x90\x8biY\x9c\xf4\xcf\xa1\xce\xa3\xdb\xbc\x9czh7/iO<Bd\x90\x8d\x12\x90\xa8$\x12o6\xfb\xdd\xfbF\x126\xc6\x86\xdd\xecf\x0fk{\xf4\x9b?\xbf\x99a4\xb4\xa4\xf8H\xb6\x14Z\xd1P\xc9\xba&&\x9d\xae\xbe\xf8~I7\xa4\xab5\x90\xba\x16\x9f!\x81\x0d\xa9\x15\xf5}_\x8aN\xd3\xbc\x155+\xaesV\xee`\x95\xc0\x86I\xa5s\x83\xa4e>F,\x18o;\x1dWZ\xb7q'\xeb\xf0\xc8\x04\xaa\x97D\x93x dT\xa5c#\x99\xaf\xa8RLpT\xb0\x06Qm-\xc5G*sc\xc1\x01\xfcNQ9\x8d\xc2S\x7f+E\xd7\xaai\x90=\xf7}R\xd7{Z\xa5h\x08\xe3FiK\xf5X\xbc\x18\x06\x1c\x1e)\x1e\x9c\x0d\xf5\xactF\x0d\x03=\xd12\xc2\x91\x92\xff\xd4\x15\xa9\xed\xd65+|\xfb\xe3\xc6\xf7\x86\xb0\xf8%J_\x1b\xc4\xbf\x1ckL\xb9f\x05\xd1\xb4|Y\x14T)H\x12\xd0\xb2\xa3\xfe\xed\xc1`!\xa4\x82V\xd2M\xcd\xb6\x95\x9e0\xfc\xea\xea\xcd[k\xbc\x07\xeeMy\x83\xca7TW\xa2\xc4\xa3\xe0\xea\xf5?\x7f^\xfd\xfd6\xf0\xbdBt\\/\xc4\xfa\x03-t\xbc\xa5z\xd8*\x15%%\x95*\x82\xc0\x06x\xf1Jp-E}\xf1\x86\xfe\xd7Q\xa5/\xfe2\x16\x83\x08\xd2,\x0c\xe1wxv_{W\x92m\x19\x1f*\x0e8\xaf\xaf\x816\x84\xd5\x07\xb6\x98\xf3\xd8\xc80\xfa\x93\x12\xa5y\xd6\x13u\x1d\x18\xb3\xa6\xa5R	N4\xcd\xf7\x8aA0tc\xca\x7f\xf0\xa1DC\x9d\xcc\xb3\x9d\x91\xe6\x19$\xbd\xe8\xb4\x9d\x8e\x8e\xa7\xbd\xbb\xdeK\x12\xe0]]\x8fx\x0e\x80c\xce\xe7XB\xff\xb4L\xd2\x9c\xb1?\xc3\xf7\xae\xe8\xbf!\x13\xc7\xfe\xed\xa39r\xea\x84\x9e	8g\xdc=\xc0\x8bC\x95#8\xf3\xd8\xa7\xf63\x0b\x1fP\xebQ*\xbe)\xac;\x9c\xdd\x11\xeb \x88~\xbeC'kup^\x08\xae\xcd\xfc:\x1e\xd2\x11\x04\xcb\xb8WY\x06\xa1\xefq\xa1\xe1^`R6\x8c\x07G\xbe\xcdDf\n\xcc\xd1\xc17\xadiC\xb9F\xb65SzaF\xaf\xc1\xa8\x08\x0e\xf5\x08\xe7\xa2\x9c\xf0[R~\x0d\\\xf0\x0b#\x05;K7R4@p\x980\xbe\xb5\xc1\x80\x19e\xcaG|*)Q\x82gf\xc2\x99\xaf\x90@\xfa\xcb\xb3\x9f#\x08z\x06\x98\x05\xeb(\xb3)y<\x87\xf3\x14f\x02\xfa\xed\xd7\x08\x02\xc6?\x91\x9a\x95P\xd4\x8cr\x0d\x05\x95\x9am\xcc<\xc7\xc8\x98\xca\xd7B\xd4\x94\xf4\x0d\xc4Tn\xf0\xb9\xc5\xe7\x03\xbc\xab\xed\x9d8\x9bXIu'\xb9\x02]Q{\xedCCtQaBM*\xfd\xfb\xec\x029\xae\x01\xd0\xef\x0d\x83]\xe2\xc6\xf7Nd\xab\x04R\xfc\xfc\n\xe6Aa\xe5.\x02{\xfc\xc2}\xc2\xf9\x15\x02\xb7\x86\x17p\x14\xc9I\xff\xb8;4K\x9fe\xc8\xef\x0c8\x1f\xe2n\xdc\xd3\x8f\xc2\\\xac?`p-\x91\x8a\xa2`\xc0\xcd\xcc\xa9A\x02\x94\xe8d10\x88\xba{\xa3c0^\xb8lw_0\xd1\xd5=\xa1\x92n\xe9\xa4\xd91\xf9\xf9\x90\xb1P\x83[\xd6J#\x08\xacR\x10A\x10\x84\xfb9\xf8\xbd\xed>1v=+;_	\xb7\x9aXH8*Z\\	ev\x94c\x0bF|\x9a\x87\xd9jL\xc5k\x95f\xf3\xf0x\xbb}\x1e4\x91Z}f\xe3>\x88\xb15z\x8b\xb1\xd5<S\xe7\x99\x06\x9a\x8c\x82\xe8j\x9e\xdb\xa3l:^}\xe0DW\xe8\xe6\x94\xdb)\x97\xb9\x0e\x9frltf\xd9<\xd6\xaa\xe3#inFe\xdf\x9c\x06\x12\x9d\xe1e\x8at\xe8e\xa5%\xce\xca\x1b\x08TQ\xd1\x86\x06+\xb0_\"\x08\xb0e\x83\x15\xe0G\x9f\xc3\x15\x98\x8c\xddbdi\x1e\xed\xb1\x16#\xc9g<\xc6\x8d\xc9\xf8\x8f7\x8c\x978\xads\xa5%\xe3\xdb\\uk\x13e\xce\x17\xbe\xe7\xbd_\\\xae\x168-S\x95]\x86\xab\xe52\xbc\\\xa4\xef\x96\xd9\x8f\xe1\"}w\xf94\xfb!|\x1f\xf9\x9e\xa7\xb4\x8c\xe0y\x88C\xd4\xb3\xf5\x02.dCj\xf6\xc5>^\xa6!\x9coC\xef\xcc\xb1\xe3\x19,\x03\xb3\x14i\xb9/\xc74\x18Q\x0e\xfc\xa4\xdf\xba\xc6\x1b\x94\xdb\x93\xec/S0s\xa7\xa8\xb6f\xba?\x0c\xfe\x08\xc2\xfe\xedag\xfa\xe0'\xdf\xdb\xa5\xcf3\xfc\xeaV34=\xba\xec\xf1_dV\x00\xb4\x0b\x80\xbf\xed:\x8a2\xd48}w\xeb\x1b'\x81OF\x07@u\xeb\xd1K_\x02\xa9j\xe3c\xd9WP\xad\x19rn\xb4u\xeb\xc3M\x97g\x99\xb1\xf4	\x017\x80w\xe5\x0e\x12 R\x92\xeb\xb8\x10\xbc za\x00\xf8\xe7\x0c\x1cY\x8f\xf6\xa7i\x07_\xa1\x9bvt\xac\xb7\xf7\x1c\"\xed\xdb1\xe3\xfe\xdd\xf8\x94\xf3C\"u\xd6\x1e\x10k\xbf\x17\xcfG\xeb\xde\xc8\xbfO\xb0\xd6\xd8\x03b\xdd\xbf\xd4\x8cB\xfd?\x00\x00\xff\xffPK\x07\x08vQ\x81\xab\xc7\x04\x00\x00\xa8\x11\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00\xcc\xb1\xfcP\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f\x00	\x00authz_test.regoUT\x05\x00\x01@\xa3 _\xecXMo\xe36\x10=K\xbf\x82\xe0i\xb7pl8\xed\xc9@\xd0,\x16E\xd1C\x9b\xc5\xee\xf6\x14\x18\x02-M%v%QKRX;\x86\xff\xfb\x82\x1f\xfa\xb2%\x9b\x11b'\x07\xe7\x12\x9b\x9ay3\xf3\xde\x0cE\xba \xe17\x12\x03*X\x06\x9c\x96\xd9\x94\x942y\xf2}	B\x06\x90\x11\x9a\x06$M\xd9\x0f\x88\xd0\xd6\xf7\xf4G\xf4\x83\xca\xc4\xf7\xbc\x88H2\xe5\xac\x94\x10\x14,\xa5!\x05\x81\x88@\x8f[\xdf\xf3<,X\xc9C\xc0\x0b\x84aM\xb2\"\x85i\xc82<\xd1\xcf,bP\n\xe0\x02/\xd0#^\xdf\xb7\xad\x96\xbe\xe7\xed\x96U\x1c\x9a\x17\xa5\x9c\xaah+\xce\xbe\x01\x0f\xd4G\x15\xc9\x06\x02!(\xcb\xf1\xc2|\xf7\xb0B\x0dh\xa4B\xab\x8fs\xac\x96w&\xb2Zh,u}\xca\xae\x1b^\xdb\xab\x14\xba\x19$R\x16:,\xc2%\xd7nje1\x9b\xb5}\xd1\x9e\x93\xcd\xce\xfa\x99\xac\xec\xda\x1cO\x10\xa6Y\x01\\\xb0\x9cH\x08\xeat0\xda\xf9;\xab\xc1\x81A\x903\xd9\xd6$g\x12]u\xb9\x88.\x9b\xfb.\xe4\x11\x91.14\x9b\xab8.\xe2\xc4\x9c\x95\xc5\x19\x05\xd1\xf8F\x91\xf9k\xab0i9\x1c\xe6uai\xea\x04\xf22M\x07\xa6\xc5\xd8\\`O{K*\xb5\xec#\xca!\x94\x8co\x82\xb6'B\x08\x1d\xea\xf7*\xf3\xd5\xca\xe2\x16/\x8f\xabx\x91\x19\xbb\xbd\xaa\xf7\x02\xeaE,#4?\xa3b&\x80	}}M\x9d>\xdbYA\xce\xbf\x11^\x859q~\x98\x1f;\xdd\xbd\xc6\xdc\xcc\xaf\xfa\x1c\xd5\xc7\xae?k^T9\xb6\xe0F\x95\x9e\xd4'\xc6\xa6 2Q\x163R\xad\xb8\x8c\x93%xL\x9c\xd5~\x9c\xe6\xd8\x9f3\x96\xc3}}a\xef\x06[>_\x9e\xd9\xea@ \x15\xac\xa3\x8e\x96\xa5\x96\xe2\x7f\x06C\x87ms\xfb\x89 \xa7g\xdb\xc0\x1a&Vlu\xf2\n\xe4\xc2\xc0\x0b\xd6_\x94\xab\x94\x86g\xd8\x1f>(\x98O\x1a\xfd\xdf\x9c\x942\x81\\\xd2\x90H\x88>\x84!\x08E\x88\xe4%\x8cg\xc0\xdfu*\x18!ao\xaf\xf759\x87\xff\xe8\xda\xb4\xf9\xe6F\xef>\x83\xcd\xde'\xf1\xd0X\xf5\x84rgMonC\xcc\x99mrx\x80l\x15\x8a\xfc\xa6\x13\xec\x80\x9e\xa1\x17\xdch\x1a\xd3\x07\xb3i\x95\xf6\xac\xdd\x12U)#\x9a\xe2\xec\xd5\x9c\xd0\xa6)\x88D\x19\xcdm\xcc\x84	\xb9\x9fMG\xbd\x90q\x11\xa8FMi\x9c\xc8\xd7\xd1\xd0\x18~|\xf8\xfc\xc5\xb4q\x95\x8d\xc3\xa8k\xcf\x0cd\xc2\xf4\xf6\xf5\xf0\xe9\xeb_\x0f\xff|\xb1\xa1\x87\xc9\xaa\xd8\x01\x12\x99\xac\xec\x8c=p\x1a\xd3\\g)X\x06\xcc|]VC\xa6G\xe9\xe6#\xcb%g\xe9\xcdg\xf8^\x82\x907\x7fW\xe1\x1f\xf1\x9f\x7f|m\xdd\x81\xaa\xb6\xda\xe3\xf8\xcd6\xd7\x1b\xe6\xd1\xce'\xe1\x02\x82\x92\xa7*\x8e\xfa\xb7\xb8C\xf5\xda\xbb\xbe\x04U\xf4\x99:l\xfc\xfe]\xe0\xf7\xdai*\xc2\x042@ww\xa6$lV\xd5\xa4\xe8\xb5\xee\xa8\xa8G\xca_?j\xe0p\x9dSE\xbcQ\xcdHT\x8fO\xb5\xde\x97\x1b\x9e\xa0\xed\x80\xa4\xbb\xf7\xcf\xf7\xef1\x18\x0b#\xc6\xe0\xcc^\n\xe84\xce\xcc\x0d\xc8!#\x83T\x8f\xe1 \x1a\xe3\xf1q\xb9\xfa\xbb\xc1\x1c\x00\xdc\xbb\xa1u`p,Q\xef\xf5\xba-uW\xee\x81\x987\x81[\x89=9\xd4\xee\x03\xd5\xa9\xb1p\xaf\xad:\xf1;V\xd6\xe3\xe4TD/%\xf5\xadf\x0c!\x07\xce\xfdtp\x88\xe1\x19Zks\x85;\xfd\xc5\x91\x91\x9e\xc2j\x10\xfb\xd0b\xb9\x17W\x03<\xae7O\xcbvq\xa2\\\x99w\xd0F\xd5\xb4V[m\x0cM\xcd\xfa=\xf3n\xeb#\xfb7\xf8r\xaa\x0d\x0e\xdfP\xa5\xbem\x94\xb7\xea\xc5\xd0\xe0Tq)h\xab\xfa\x89\xfa\xdb\x1e\x81\xf9\x15/\xd1n\xe2`~\xab\xcd\x7f\xd3?\x13V\x96K\xfdIq\xb7V;\xfd\xb6\xc9\xcd@\x1b\x8f\x9d\xef\xfb\xdef\x9f\n{3\x1eEF\xfbV\x1d\xe9\x90\xd18:z\x80\x8e\x13\xd2q\xd0eFC\x94l\x0c%u~\x06\xdcxhJ\x9e\xf6)1?\xc7\x8eb\xa4\xf5Kn\xac\x03\xc6\xe3\x089\xc49\xceG\xdb^\x97\x18\x0f\xd1\xf1d\xe8\xa8\xb33\xd8\xc6C\x9dU~\x06\x00\x00\xff\xffPK\x07\x08tC\x13e,\x04\x00\x00k \x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00x\x83MQvQ\x81\xab\xc7\x04\x00\x00\xa8\x11\x00\x00\n\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x00\x00\x00\x00authz.regoUT\x05\x00\x01\x84\xd5\x85_PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00\xcc\xb1\xfcPtC\x13e,\x04\x00\x00k \x00\x00\x0f\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x08\x05\x00\x00authz_test.regoUT\x05\x00\x01@\xa3 _PK\x05\x06\x00\x00\x00\x00\x02\x00\x02\x00\x87\x00\x00\x00z	\x00\x00\x00\x00"
+	data := "PK\x03\x04\x14\x00\x08\x00\x08\x00)\x88WQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00	\x00authz.regoUT\x05\x00\x01_\x0c\x93_\xacX\xcdv\x9c\xb8\x12^\xc3ST\xc8\x06\xee\xc58\xb9wf1\x9d\xc3xr\xb2\x9a\xc5\x8cs\x92\x99\x15\x87(\x02\xd4\xdd\x8aAb$\xe1\xd8q\xf2\xees\xf4C\xf3\xd3\x0dv\xecx\xe1\xee.U}\xf5\x95\xaa(\x95hqy\x85w\x04Z\xde\x10A\xbb&\xc1\x9d\xda\x7f\xf1\xfd\x8alqW+\xc0u\xcd?C\n[\\K\xe2\xfb\xbe\xe0\x9d\"\xa8\xe55-o\x11\xadn`\x93\xc2\x96\n\xa9\x90\xd1$\x15\x9ak\x84\x94\xb5\x9dJ\xf6J\xb5I'\xeah\x02\xa1\xcd+\xacp2\x12R\"\xb39H\xeeK\"%\xe5L\x1bX@mV\x08~E\x042\x08N\xc1\xef$\x11\xcbZz\xd5\xdf	\xde\xb5rY\xc9\xae\xfb>\xae\xebCX\x15o0e\xc6hG\xd4\\\x1c\x8e	G\x13\xc3\xc1\xd9\xd8\xceJW\xcc4\xd1#+#\\1\xa2U\x8b\xca\x1a\xd3\xe6\xc8rX\x99\x99\xfb\xcf]\x8e\xdb\xae\xa8i\xe9\xdb\x1fw\xbe7VK^k\xe9[\xa3\xf17\xd3%B\x98\xa2%V\xa4z]\x96DJHSP\xa2#\xfe\xb7\x01\xb0\xe4BB+\xc8\xb6\xa6\xbb\xbdZ\x00~s\xf9\xee\xbd\x05\xef\x15\x0fP\xde\xa8p\x1a\xa2\xf6\xbc\xd2K\xc1\xe5\xdb\xbf~\xbf\xfc\xf3}\xe0{%\xef\x98\ny\xf1\x89\x94*\xd9\x115\xae\xb4=\xc1\x15\x112\x86\xc0\x12<{\xc3\x99\x12\xbc>{G\xfe\xe9\x88Tg\x7f\x18\xc4 \x86,\x8f\"\xf8\x15^<\x14\xefR\xd0\x1dec\xc3Q\xcc\xc5-\x90\x06\xd3z\x88V\xa7,12\xcd\xfe(\xc3\x19\xca\xfb@]\x01'\xb4i\x89\x90\x9caE\xd0\xc10\x08\xc6nL\xf5\x0c>$o\x88\x93y\xb6\xb02\x94C\xda\x8b\x8e\xabq\xb2\xbc\xec\xdd\x95n\x9a\x02\xeb\xeaz\x16\xe7Hq\x1e\xf3\xa9(\xa1\x7f\xd8\x16\xc3\\\xc1_\x89\xf7>\xf6\xdf\xb1\x13S\xff\xf6\xc9\x9e9uB\xcf\x10F\x94\xb9\xe7?\x1c\xb2\x1c\xc3\x89\xae\x91\xd9\xcf<zD\xaeg[\xf1]\xb4\xeeqv\x0f\xd7)	,\n\xaa\x04\x16\xb7@\xab\x16l/9\xd0\x00\x00\xc0\x82\xb8\x16\xd3C\x86\xa7{S\x86\xf2\x18zRV\xa4\x9d=\x1e\xcb\xec\xfe\x004\xb44w\xa8A'\xea\x81\xabWr\xa6L\xd3\x9e\x9eL1\x04\xe7Ior\x1eD\xbe\xc7\xb8\x82\x07)\xe3\xaa\xa1,\x98\xf86\xc7\x10\x95`\x96\x06\xdf\xa4&\x0daJ\xe7\xa8\xa6R\x85\xe6\xbc1:\xd2\xc5a2\x13\xad\xb1\\\xf0[\x11v\x0b\x8c\xb33#\x05{\x80l\x05o\x00\xeb\x16H\xd9\xce\x92\x01\xd3\x80\xa5\xaf\xf53A\xb0\xe4,7}\xd9|\x85\x14\xb2\x9f^\xfc?\x86\xa0\x8f@\xef\x82u\x94\xdb-yz\x0c\xa7CX!\xf4\xcb\xcf1\x04\x94]\xe3\x9aVP\xd6\x940\x05%\x11\x8an\xcd)\xa4\x99Q\x89\n\xcek\x82\xfb\xb2\xa7\x12\x19}d\xf5\xd1H\xdf\xe5\xf6^=\xbb\xb1\x82\xa8N0	jO\xec\xac\x03\x0dV\xe5^o\xa8\xd9J\xff!\x03\x10\xd2\xb3\x0f\xf4\xc3\xd2h\x80\xba\xf3\xbd#\xd9&\x85L\x7f~\x05\xf3x\xd3\xea&\x06\xbb\xfc\xca}\xc2\xe9\xb9I\x8fJ\xaf`\xc2\xe4\xa8~\xdc\xc9\x9fg/r\x1d\xdf	e4\xd6\xbbs=K\x0b\x11/>ir-\x16\x92h\xc1(6\xd3]G\x1b y'\xca\x11\xa0\xb6=\x80\xce\x95\xf5\x98@o\x1e\xaa\x8c\xd5\xfe\x81\xaa\x82\xec\xc8\"\xec<\xf8u\xca:Q\xa3\xd9\xc0Jc\x08\xacQ\x10C\x10D\x87\xee\xfd\xa3q\x9f\x19\\\xcf\xcaNg\xc2\x0dTV%\x9a%-\xd9si&\xab)\x82\x11\x1f\xef\xc3j6\x96\xf8Z\xa3\xd5}x:n\xbf\x0f\n\x0b%?\xd3y\x1d$\xba4z\xc4\xc4Z\x9e\xc8\xf3J\x01-\xb2\xc0j\xbf\x1e\xdb\x930]\\=q\xac\xf6\xda\xcdql\xc7\xb1\xacU\xf8\x92cc\xb3\x1a\xcdSQ]<\x82 \xd3*\xfb\xe24*\xf1\x89\xb8L\x92\x86Z\x96J\xe8^y\x07\x81,\xf7\xa4!\xc1\x06\xec\x97\x18\x02]\xb2\xc1\x06\xf4G\xbf\x87\x1b0;\xf6M3\xcbP|\xd0\xb5:\x02\x7f\xd6\xcbz\xce3\xfe\x93-e\x95\xee\xd6H*A\xd9\x0e\xc9\xae0,\x11\x0b}\xcf\xfb\x18^lB\xdd-3\x99_D\x9b\xf3\xf3\xe8\"\xcc>\x9c\xe7\xff\x8d\xc2\xec\xc3\xc5\xf3\xfc?\xd1\xc7\xd8\xf7<\xa9D\x0c/#\xddD=\x9b/`\\4\xb8\xa6_\xec\xe3e\n\xc2\xf96\xe1\x9dXvq\x06\xe7\x81\x19\xe5\x948\xa4cYYk9\xe5g\xfd\xac8\x9f\xfb\xdctg\x7f\x99\x84\x993E\xb65U\xfdb\xf0[\x10\xf5w\x9e\x1bS\x07\xff\xf3\xbd\x9b\xece\xae\xbf\xba\x81RC\xcf\x0e{\xfd/6#@df5\xfd\xdb\x0e\xd1Z\xa6-\x8e/\xac}\xe1\xa4p\xed\xe6;\xd9\x15\xb3\x9bn\n\x99l\x93\xa9\xec+\xc8\xd649\xd7\xda\xbab8\xe9P\x9e\x1b\xa4k\xadp\x07\xfa\xac\xbc\x81\x14\xb0\x10\xf86)9+\xb1\n\x8d\x82\xfes\x00\x13\xf4\xf8\xb0\x9au\xf0\x15\xbaeGS\xbb\x83\xe7H\x87\xfdm\x1eq\xffB\xe08\xe6\xc70uh\x8f\xe0\xdaO\xf3\xebl\xddk\x88\x1fC\xd6\x82=\x82\xeb\xe1*\xb6Fu\xf4\x06c\x81\xeei\x92\xd9\x8c\xe5\x80\x93?\x82\xea\xc8\xda\x1a\xdb\xe3\xe5\xc4u%\x86\"r\xec\xa8D\xb6a\x868\x9a	\n+\xc0\xd7\xe6\x8d\x0d\xce\xf0\x95\xc5-\xac`\xd4g\x8b\x18\xf0Uln\xe2\x91\xdf\xa3\x98\x90C|-\xa3\xa9\xa4\xe8%\xf8\xda^qS\x8d\x98!=\xf1\xfd\x1b\x00\x00\xff\xffPK\x07\x08I\x16	\x03W\x05\x00\x00\xf3\x13\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00,\x88WQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f\x00	\x00authz_test.regoUT\x05\x00\x01d\x0c\x93_\xecY\xcdo\xdb6\x14?[\x7f\x05\xc1S382\x92v;\x04\x08\x96\xa2\x18\x86\x1d\xb6\x14mw\n\x0c\x81\x96X\x9b\xab$\xaa\x14\x85\xda1\xfc\xbf\x0f\x8f\x1f\x12%K\xb2\xac\xc6I\x0e\xd6\xa1\xb5\xa8\xf7\xf9\xfb\xbd\xc7\xafd$\xfcF\x96\x14e<\xa1\x82\x15\x89O\n\xb9z\xf4<Is\x19\xd0\x84\xb08 q\xcc\x7f\xd0\x08m\xbd\x89\xfa\x89~0\xb9\xf2&\x93\x88H\xe2\x0b^H\x1ad<f!\xa39\"9z\xd8z\x93\xc9\x04\xe7\xbc\x10!\xc57\x08\xd35I\xb2\x98\xfa!O\xf0T}3\x16\x83\"\xa7\"\xc77\xe8\x01\xaf\xef\\\xa9\xb97\x99\xec\xe6\xd6\x0fK\xb3B\xfa\xe0m!\xf87*\x02\xf8	\x9e\x8c#\x9a\xe7\x8c\xa7\xf8F\xbfO0X\x0dX\x04\xae\xe1\xe7\x15\x86\xe1\x9d\xf6\x0c\x03\x95\xa4\xca\x0f\xe4\xea\xee\x95<\x84P\x8f`%e\xa6\xdc\"\\\x08\xa5\x06#7\xb3\x99\xab\x8b\x1aJ&:\xa3\xa7\xa32cWx\x8a0K2*r\x9e\x12I\x832\x1c\x8cv\xde\xcep\xb0'\x10\xa4\\\xba\x9c\xa4\\\xa23/\xcf\xc2\xcb\xe6\xaen\xb2\x87\xa4\xe7h\x9a\xcd\x99\x9c!\xe4,\x05/\xb2\x13\x12\xa2\xeckF\xae^\x9a\x85\xa9\xa3\xb0\x1f\xd73SS\x06\x90\x16q\xdc\xd1-Z\xe6\x19\xe6\xb4\xd7\xc4\x92#\x1f1AC\xc9\xc5&p5\x11Bh\x9f\xbf\x17\xe9/'\x8ak<\xefg\xf1Yz\xec\xfa\xcc\xde\x13\xb0\x17\xf1\x84\xb0\xf4\x84\x8ci\x07\xda\xf5y\x99:\xbc\xb73\x84\x9c~\"<\x13s`\xffp\xd5\xb7\xbb{\x89\xbe\xb9:\xf3\xd3\xcfO\x94\x05aLX\xe2\xae@0	;\xd4 \xf3t\x13\x84\x9c\xa7\x93\xa9\x9a\x90\xa5\xac\xf2\xafPD\x8d\x07\xe7<\xa1\xbe\x12P\xac\x12Hq\x81\xe75\xc1]\xf9f9\xb6\xef=L\xd7\xbd8\x94\xa3\xc6\x83{\xc2C-!6\xa3C\xb5\x08\xebo?S\x10\xd6\xc6O\x94\x85[\x08\xc6\xc5Q\x13'\xd4\xb5\xa9\xfc\x8a\xf4\x96\x90\xa7Z&#r\x05\x123bG\x86\xcc\xab\xa6\xd3\xc6\xf8Y4\xfdT\xe7\xbf\x94\xf3\x94\xde\x9577ug\xf3\xe3i\x99-\xf6:\x15\x9c\xd5\xf8PD\x94\xe0\xff\xc7i\xd7\xa9K\x1f\x83#\x9a\xb2\x93\xadd\x15\x12\x0b\xbe8x\x16\x1e\x82\xc0\x13\xe6\x9f\x15\x8b\x98\x85'X(\xde\x83\x99\x8f\xca\xfa\xbf))\xe4\x8a\xa6\x92\x85D\xd2\xe8}\x18\xd2\x1c\x00\x91\xa2\xa0\xe3\x11\xf0v\xb5\x0cFP\xd8Z\xebmE.\xe8W\xb6\xd6e\xbe\xb9T\xcbPg\xb1\xb7Q\xdc\xd5V-\xae\x86\xa3\xa6V\xb9.\xe4\xf4z\xd9\xdd@&\x0b\x00\xbf\xaa\x04\xd3\xa0'\xa8\x85a0\x8d\xa9\x83\x99o\xc3\x9e\xb9%aS\x19Q\x14'\xcf\xe6\x007UB$JXj|\xaex.\x9b\xd1\xd4\xd8\x0b\xb9\xc8\x03(\xd4\x98-W\xf2e8\xd4\x82\x1f\xee?}\xd6el\xa3\x19\xd0\xeaJ3\xa1r\xc5\xd5\xf4u\xff\xf1\xcb_\xf7\xff|6\xae\xbb\xc1\xb2\xe8P\x12\xe9\xa8L\x8f\xdd\x0b\xb6d\xa9\x8a\x12\xb6\x0c\\\xbf\xcem\x93\xa9V\xba\xfc\xc0S)x|\xf9\x89~/h./\xff\xb6\xee\x1f\xf0\x9f\x7f|q\x0e\xc3\xb6\xac\x1a\x18\xbf\xda\xe2z\xc58\x9a\xfe$\"\xa7A!b\xf0\x03\xff\xdd\xdc\xa2r\xecM[\x80\xe0}\x06\x9b\x8d\xdf\xbf\xe7\xf8B)\xf9y\xb8\xa2	E\xb7\xb7:%\xacG\xa1S\xd4X\xbdU\xe0\x13\xe8\xabO\x959\\\xc6d\x81\xd7\xaci\x8a\xca\xf6\xb1\xe3m\xb1\xe1)\xdavP\xba\xbb8^\xbfE`\xac\x99|\x8c\x9d\xd9S\x19:lg6\xcc\xd0\x80\x88\xb4\xa5\xb2\x0d;\xadq\xb1\xec\xa7\xab\xbd\x1a\xf4\x06`x58\x1b\x86\x81)\xaa\xb9^\x95\xa5\xaa\xca\x86\x11\xbd\x12\x0cK\xb1%\x86R\xbd#;h\x8b\xe1\xb9\xd9\x1d\xff\xc0\xccZ\x94\x06%\xd1\nIy\xaa\x19\x03\xc8\x9er;\x1c\x82.\xe9\x11\\+q\xb0\xeb\xff2\x10\x91\x96\xc4J#\xe6\xa3\xb15<\xb9\xd2\xc0\xc3z\xf38w\x93\xcb\x8b\x85^\x836\x90\xd3\x1a\xa6\xda%\xadrV\xeb\xcc\x9b\xea\xb8}\xf0J\xa1e\x85*\xd4i\xa3\xb8\x86\x85\xa1\xb2c\xfd2\xaa\xa4j\xc7\xf2m\x8f\x99\xb7x\x8ev\xd3\x01\xe2\xd7J\xfc\x9d\xba/\xb6\x92\xfa>\x00\xb0[\xc3L\xbf\xadb\xd3\xa6\xb5\xc6\xce\xf3\xbc\xc9\xa6	\x859\x19\x8f\x02\xc3=UG\xcae4\x0e\x8e\x16C\xfd\x80\xd4\x14T\x9aQ\x17$\x1b\x0dI\x19\x9f6\xae5\x14$\x8fMH\xf4\xbd\xfc(D\x9c+\xfd\xa5r\xb8\x1c\x07\xc8\xbe\x9d~<\\y\x95\xe2\xb2\x0b\x8eG\x0dG\x19\x9d\xb6\xad5\xaa\xbd\n\x11\xb4\xe3\xd6n\xef\xc3\x9b-&\xf6/);\xe8\xca\xea\xedB\xa9\xa8~\xeeV\xbbnQ;\xecj\x8a\xb0\x8a\xfdm\x87\xd3#\xe2tM\x0d\x8a\xf8\x1dH\xff\n\xff\xfcv\\\xec\xfe\xc2\x0f\xad$\x14\xa0O\xfd\xaf5\x0c\xea#0\x9d\xfd\x1f\x00\x00\xff\xffPK\x07\x08Y\x04c\xaa\xc6\x04\x00\x00\x03$\x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00)\x88WQI\x16	\x03W\x05\x00\x00\xf3\x13\x00\x00\n\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x00\x00\x00\x00authz.regoUT\x05\x00\x01_\x0c\x93_PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00,\x88WQY\x04c\xaa\xc6\x04\x00\x00\x03$\x00\x00\x0f\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x98\x05\x00\x00authz_test.regoUT\x05\x00\x01d\x0c\x93_PK\x05\x06\x00\x00\x00\x00\x02\x00\x02\x00\x87\x00\x00\x00\xa4\n\x00\x00\x00\x00"
 	fs.RegisterWithNamespace("rego", data)
 }
diff --git a/config/policy.go b/config/policy.go
index b288079c4..83e1c7544 100644
--- a/config/policy.go
+++ b/config/policy.go
@@ -16,6 +16,7 @@ import (
 	"github.com/golang/protobuf/ptypes"
 	"github.com/mitchellh/hashstructure"
 
+	"github.com/pomerium/pomerium/internal/identity"
 	"github.com/pomerium/pomerium/internal/urlutil"
 	"github.com/pomerium/pomerium/pkg/cryptutil"
 	configpb "github.com/pomerium/pomerium/pkg/grpc/config"
@@ -26,9 +27,10 @@ type Policy struct {
 	From string `mapstructure:"from" yaml:"from"`
 	To   string `mapstructure:"to" yaml:"to"`
 	// Identity related policy
-	AllowedUsers   []string `mapstructure:"allowed_users" yaml:"allowed_users,omitempty" json:"allowed_users,omitempty"`
-	AllowedGroups  []string `mapstructure:"allowed_groups" yaml:"allowed_groups,omitempty" json:"allowed_groups,omitempty"`
-	AllowedDomains []string `mapstructure:"allowed_domains" yaml:"allowed_domains,omitempty" json:"allowed_domains,omitempty"`
+	AllowedUsers     []string                 `mapstructure:"allowed_users" yaml:"allowed_users,omitempty" json:"allowed_users,omitempty"`
+	AllowedGroups    []string                 `mapstructure:"allowed_groups" yaml:"allowed_groups,omitempty" json:"allowed_groups,omitempty"`
+	AllowedDomains   []string                 `mapstructure:"allowed_domains" yaml:"allowed_domains,omitempty" json:"allowed_domains,omitempty"`
+	AllowedIDPClaims identity.FlattenedClaims `mapstructure:"allowed_idp_claims" yaml:"allowed_idp_claims,omitempty" json:"allowed_idp_claims,omitempty"`
 
 	Source      *StringURL `yaml:",omitempty" json:"source,omitempty" hash:"ignore"`
 	Destination *url.URL   `yaml:",omitempty" json:"destination,omitempty" hash:"ignore"`
@@ -134,12 +136,13 @@ type Policy struct {
 
 // A SubPolicy is a protobuf Policy within a protobuf Route.
 type SubPolicy struct {
-	ID             string   `mapstructure:"id" yaml:"id" json:"id"`
-	Name           string   `mapstructure:"name" yaml:"name" json:"name"`
-	AllowedUsers   []string `mapstructure:"allowed_users" yaml:"allowed_users,omitempty" json:"allowed_users,omitempty"`
-	AllowedGroups  []string `mapstructure:"allowed_groups" yaml:"allowed_groups,omitempty" json:"allowed_groups,omitempty"`
-	AllowedDomains []string `mapstructure:"allowed_domains" yaml:"allowed_domains,omitempty" json:"allowed_domains,omitempty"`
-	Rego           []string `mapstructure:"rego" yaml:"rego" json:"rego,omitempty"`
+	ID               string                   `mapstructure:"id" yaml:"id" json:"id"`
+	Name             string                   `mapstructure:"name" yaml:"name" json:"name"`
+	AllowedUsers     []string                 `mapstructure:"allowed_users" yaml:"allowed_users,omitempty" json:"allowed_users,omitempty"`
+	AllowedGroups    []string                 `mapstructure:"allowed_groups" yaml:"allowed_groups,omitempty" json:"allowed_groups,omitempty"`
+	AllowedDomains   []string                 `mapstructure:"allowed_domains" yaml:"allowed_domains,omitempty" json:"allowed_domains,omitempty"`
+	AllowedIDPClaims identity.FlattenedClaims `mapstructure:"allowed_idp_claims" yaml:"allowed_idp_claims,omitempty" json:"allowed_idp_claims,omitempty"`
+	Rego             []string                 `mapstructure:"rego" yaml:"rego" json:"rego,omitempty"`
 }
 
 // NewPolicyFromProto creates a new Policy from a protobuf policy config route.
@@ -152,6 +155,7 @@ func NewPolicyFromProto(pb *configpb.Route) (*Policy, error) {
 		AllowedUsers:                     pb.GetAllowedUsers(),
 		AllowedGroups:                    pb.GetAllowedGroups(),
 		AllowedDomains:                   pb.GetAllowedDomains(),
+		AllowedIDPClaims:                 identity.NewFlattenedClaimsFromPB(pb.GetAllowedIdpClaims()),
 		Prefix:                           pb.GetPrefix(),
 		Path:                             pb.GetPath(),
 		Regex:                            pb.GetRegex(),
@@ -178,12 +182,13 @@ func NewPolicyFromProto(pb *configpb.Route) (*Policy, error) {
 	}
 	for _, sp := range pb.GetPolicies() {
 		p.SubPolicies = append(p.SubPolicies, SubPolicy{
-			ID:             sp.GetId(),
-			Name:           sp.GetName(),
-			AllowedUsers:   sp.GetAllowedUsers(),
-			AllowedGroups:  sp.GetAllowedGroups(),
-			AllowedDomains: sp.GetAllowedDomains(),
-			Rego:           sp.GetRego(),
+			ID:               sp.GetId(),
+			Name:             sp.GetName(),
+			AllowedUsers:     sp.GetAllowedUsers(),
+			AllowedGroups:    sp.GetAllowedGroups(),
+			AllowedDomains:   sp.GetAllowedDomains(),
+			AllowedIDPClaims: identity.NewFlattenedClaimsFromPB(sp.GetAllowedIdpClaims()),
+			Rego:             sp.GetRego(),
 		})
 	}
 	return p, p.Validate()
@@ -195,12 +200,13 @@ func (p *Policy) ToProto() *configpb.Route {
 	sps := make([]*configpb.Policy, 0, len(p.SubPolicies))
 	for _, sp := range p.SubPolicies {
 		sps = append(sps, &configpb.Policy{
-			Id:             sp.ID,
-			Name:           sp.Name,
-			AllowedUsers:   sp.AllowedUsers,
-			AllowedGroups:  sp.AllowedGroups,
-			AllowedDomains: sp.AllowedDomains,
-			Rego:           sp.Rego,
+			Id:               sp.ID,
+			Name:             sp.Name,
+			AllowedUsers:     sp.AllowedUsers,
+			AllowedGroups:    sp.AllowedGroups,
+			AllowedDomains:   sp.AllowedDomains,
+			AllowedIdpClaims: sp.AllowedIDPClaims.ToPB(),
+			Rego:             sp.Rego,
 		})
 	}
 	return &configpb.Route{
@@ -210,6 +216,7 @@ func (p *Policy) ToProto() *configpb.Route {
 		AllowedUsers:                     p.AllowedUsers,
 		AllowedGroups:                    p.AllowedGroups,
 		AllowedDomains:                   p.AllowedDomains,
+		AllowedIdpClaims:                 p.AllowedIDPClaims.ToPB(),
 		Prefix:                           p.Prefix,
 		Path:                             p.Path,
 		Regex:                            p.Regex,
diff --git a/internal/controlplane/luascripts/statik.go b/internal/controlplane/luascripts/statik.go
index b9aaea67e..f446f37cc 100644
--- a/internal/controlplane/luascripts/statik.go
+++ b/internal/controlplane/luascripts/statik.go
@@ -9,6 +9,6 @@ import (
 const Luascripts = "luascripts" // static asset namespace
 
 func init() {
-	data := "PK\x03\x04\x14\x00\x08\x00\x08\x00\x88\xbd\xbbP\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00	\x00clean-upstream.luaUT\x05\x00\x01P\xfb\xce^\x94S\xc1n\x9c0\x10\xbd\xf3\x15O\xf4PV%\x91z\xdd\xc8\xff\xd0{\xd5\"\x17f\x17\xab`\xbb\xf68\x9b\xe4\xd0o\xaf\x00\xc3\xe2\x00\xaa\xe2\x03\x1e\xcb\xf3\xde<\xde\x8c/A\xd7\xac\x8c\x86\xa3\xde<SeMON\x85\xbe\xaa\x8d\xf9\xad\xa8\x98\xb6J\xcb\x9eJL\x87S\x06\x00\x0f\x0f\xe8\x82Dc\xc8\xeb\xcf\x0c\x1f\xac5\x8ea\xec\xc0&;\xd4\xd2rp\x84\xab3\xc1\xfa\x19\xe2\x0dn\x04G\xb6\x935\x81oj\xf8\x1a\xb4R7\x1da..^^\xdf \x19\xdc\x12H70\x971\xf4\xec\x94\xbe\x8eT\x93\x12\x88\x18\x9c\xaf>\xfcZk\xc5\xe3#r\xf1\xfd\xe7\xd3\x8f/O\xc8K\xe4\xf9\xe9\xa3\xb8\x15\xca\x11\x07\xa7#&#\xddd\xd9\xe2[+}e\x1d]\xd4K\xe1\xd9\x95\x98\xe2\x04\xe7\xd9\xe1\xaf\x80V\x1d\xa4n\x86\xe3y(\xfb\xb5\xc4\xa7\x98\x0d!\"\xf0\x1d;\xe9g\xf3Z\x19]9\xfa\x13\xc8s\x11\xf7jrl*\xd3\x99ZvhI6\xe4<\x04\xd2\x9cs\xbc(\xd6\xc9=\xb1l$\xcbm\xf6|S\x9c\xb2U~\x9c\x8e\xb5Sb!9_\x89\x8b|\x7f\x80\xa2\x83\xea\xb2G\xc1-\xe9\xf1\xfa^hiPT=q'\\\x91/fFc\x13\xaaai\xba-\\\x07\xb3\xbdU\x94\x8e\xf8\xbcf)ql\x179\xe5\xbd\xc8\x1d0\xf4o\xde\xb7\x06\xca\xc0\xadq\xeaM\x8e\xdd\xfd\x9f\x85I\xf6\xc6\xc9\x94k\xc7\xcb\xf7\xc5\x12K\xf7\xb8\x0f\xa0q\xbe!\x90\x7f\x8b\xd2\x90\xaf[\xb1z\x03	\xb0\xdc\xe59m\x9buwx\xf8\xb3cqks\x0f\x1f\x8a\xb7F\xfb\xa1\xbbS\xb0<\x95\x11\xf1/\x00\x00\xff\xffPK\x07\x08\xfb\x06j<\xa2\x01\x00\x00\xf0\x04\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00\x88\xbd\xbbP\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00	\x00ext-authz-set-cookie.luaUT\x05\x00\x01P\xfb\xce^\x8c\x91An\x830\x10E\xf7\x9cb\xc4\xcaHI\x0e\x80\x94\x03t\xd1\x13T\x955\xc5C\xb0j\x8fS{\x88\x9aM\xcf^AM\x04\x0dM\x19	\x01\xe2\xff?\xf8\xbf\xb6\xe7Fl` \xbe\x84\xab\x0e\xac#}\xf4\x94D\xe5\xbb\xee\x90\x8d\xa3\xaa\x00\x00p\xa1A\x07\x1d\xa1\xa1\x98\xe0\x08KM\x9d?\xa8\xb9\xd8\\\x19\xbdm\xb4'\xc1{G\x92H\xe8\x9f\xb8\x0d\xaa\xaa\xb3\xf4\x99\x04\x0d\n\xe6\x18\xdbN\x0b\xeb\x13\x89*?\xf7\xe7\xe0)\xda\xde\xef\x13\xc9\xbe	\xe1\xddRY\xc1\xd7\x11\xd8:\x90\x8ex\xf4\x0d3_^\xa7\xc1=\x1e\xf3\xd0Z'\x14\xd3\xa1\x139\x1f\\\x8f\xe5\x0e\xca)U'\x12\x9dSw\xb7\xa4\xbb\xd9\xf2OU\xf1[\x1d\xc9\x87\x0b\xfdi\x18\xf5\xc4\xa6\x18\xaeb\x8dM:\x07N\xa4\xa6\x87\x7f\xe8,D\xdb\xf0,-\x1b\xf8\xfc\xe4\xc8\x9b\x83\xe3\xb2\xef\xd3\x83\xbeoh\x07_&\x87l\x86\xd7\x97U\x12\xaf\xab|\xa7Z\xd1\x18U\xce\x8a\xdc=\x08Z\x96\xfc\x1d\x00\x00\xff\xffPK\x07\x08\x93\xe7\xad\x94\x07\x01\x00\x00\x00\x03\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00\xc8\x92*Q\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1e\x00	\x00remove-impersonate-headers.luaUT\x05\x00\x01\xd9nZ_|\x92\xd1n\xb30\x0c\x85\xefy\n\x8b\xff&H\xf4\x97v\x8b\xc4\xb3DiqKTH\x98\xed\xb0M\xd3\xde}\xca\x02)\xack\xb9I\xc4\xf9|\xec#g\xf0'3\xc09\xb8\x93X\xef\x80\xc5\x90\xb0~\xb3\xd2+\x16\xaa\xd3\x8f\xaa\x00\x00 \x94@\x11\xa1\x86\xc3Q\xbd\xd4\xf0/\xa9\xd0\xb6\x89+\xd0uE\x91\xcd\xd0\xcd\xfeC{\xa7	_\x03\xb2\xa8\xe5\xd4\xbdq\xdd\x80\xc95\x0d\xd0\xa3\xe9\x90\x18Z\xd83\xcd\"\xa8-<\xa2\x98\xce\x88\xb9\xa7WEU\xc5\x86'\x1c\xfd\x8c\xda\x8e\x13\x12{g\x04\xf5\xad\xdfZ\xd2\\PT\xf9\x18-\xd3\x04\xf6\xfc\xccNzt?\xd8\xad\xb9x\x9d\n\xa0\x85\xcf\xaf,\x9e=\xc1\xb5\x86\x19\xac\x83\xc9Xb\xb5xT\xd0\xf9L-\x1d\xb7[\xb9\xd6PnZ\x1f\xf0]\xc8\x1c\xca\n\xa2a\xdc\xc4N\xbd\x90\x0fS\xf9\xb7\x16\x18\xa9\xdc\x8f\xbc~b\x8e\x03\xfe\xb7\x8e\x91D\xe5\x045\\\xab\x1d\x1a\xd7\xbd\xbd?I\x97M\xee\xf2-\xb9\x9b$\xab\xb9*~\xdb\xc7\xf3\xe1\xcb\xe2\xc9;F\xb5^\xf2\xdb\x8a\x05\xdf\x01\x00\x00\xff\xffPK\x07\x08y\x19$\xa3\x1b\x01\x00\x00\xdd\x02\x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00\x88\xbd\xbbP\xfb\x06j<\xa2\x01\x00\x00\xf0\x04\x00\x00\x12\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x00\x00\x00\x00clean-upstream.luaUT\x05\x00\x01P\xfb\xce^PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00\x88\xbd\xbbP\x93\xe7\xad\x94\x07\x01\x00\x00\x00\x03\x00\x00\x18\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\xeb\x01\x00\x00ext-authz-set-cookie.luaUT\x05\x00\x01P\xfb\xce^PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00\xc8\x92*Qy\x19$\xa3\x1b\x01\x00\x00\xdd\x02\x00\x00\x1e\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81A\x03\x00\x00remove-impersonate-headers.luaUT\x05\x00\x01\xd9nZ_PK\x05\x06\x00\x00\x00\x00\x03\x00\x03\x00\xed\x00\x00\x00\xb1\x04\x00\x00\x00\x00"
+	data := "PK\x03\x04\x14\x00\x08\x00\x08\x00]\xa2PQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00	\x00clean-upstream.luaUT\x05\x00\x013\x00\x8a_\x94S\xc1n\x9c0\x10\xbd\xf3\x15O\xf4PV%\x91z\xdd\xc8\xff\xd0{\xd5\"\x17f\x17\xab`\xbb\xf68\x9b\xe4\xd0o\xaf\x00\xc3\xe2\x00\xaa\xe2\x03\x1e\xcb\xf3\xde<\xde\x8c/A\xd7\xac\x8c\x86\xa3\xde<SeMON\x85\xbe\xaa\x8d\xf9\xad\xa8\x98\xb6J\xcb\x9eJL\x87S\x06\x00\x0f\x0f\xe8\x82Dc\xc8\xeb\xcf\x0c\x1f\xac5\x8ea\xec\xc0&;\xd4\xd2rp\x84\xab3\xc1\xfa\x19\xe2\x0dn\x04G\xb6\x935\x81oj\xf8\x1a\xb4R7\x1da..^^\xdf \x19\xdc\x12H70\x971\xf4\xec\x94\xbe\x8eT\x93\x12\x88\x18\x9c\xaf>\xfcZk\xc5\xe3#r\xf1\xfd\xe7\xd3\x8f/O\xc8K\xe4\xf9\xe9\xa3\xb8\x15\xca\x11\x07\xa7#&#\xddd\xd9\xe2[+}e\x1d]\xd4K\xe1\xd9\x95\x98\xe2\x04\xe7\xd9\xe1\xaf\x80V\x1d\xa4n\x86\xe3y(\xfb\xb5\xc4\xa7\x98\x0d!\"\xf0\x1d;\xe9g\xf3Z\x19]9\xfa\x13\xc8s\x11\xf7jrl*\xd3\x99ZvhI6\xe4<\x04\xd2\x9cs\xbc(\xd6\xc9=\xb1l$\xcbm\xf6|S\x9c\xb2U~\x9c\x8e\xb5Sb!9_\x89\x8b|\x7f\x80\xa2\x83\xea\xb2G\xc1-\xe9\xf1\xfa^hiPT=q'\\\x91/fFc\x13\xaaai\xba-\\\x07\xb3\xbdU\x94\x8e\xf8\xbcf)ql\x179\xe5\xbd\xc8\x1d0\xf4o\xde\xb7\x06\xca\xc0\xadq\xeaM\x8e\xdd\xfd\x9f\x85I\xf6\xc6\xc9\x94k\xc7\xcb\xf7\xc5\x12K\xf7\xb8\x0f\xa0q\xbe!\x90\x7f\x8b\xd2\x90\xaf[\xb1z\x03	\xb0\xdc\xe59m\x9buwx\xf8\xb3cqks\x0f\x1f\x8a\xb7F\xfb\xa1\xbbS\xb0<\x95\x11\xf1/\x00\x00\xff\xffPK\x07\x08\xfb\x06j<\xa2\x01\x00\x00\xf0\x04\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00]\xa2PQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00	\x00ext-authz-set-cookie.luaUT\x05\x00\x013\x00\x8a_\x8c\x91An\x830\x10E\xf7\x9cb\xc4\xcaHI\x0e\x80\x94\x03t\xd1\x13T\x955\xc5C\xb0j\x8fS{\x88\x9aM\xcf^AM\x04\x0dM\x19	\x01\xe2\xff?\xf8\xbf\xb6\xe7Fl` \xbe\x84\xab\x0e\xac#}\xf4\x94D\xe5\xbb\xee\x90\x8d\xa3\xaa\x00\x00p\xa1A\x07\x1d\xa1\xa1\x98\xe0\x08KM\x9d?\xa8\xb9\xd8\\\x19\xbdm\xb4'\xc1{G\x92H\xe8\x9f\xb8\x0d\xaa\xaa\xb3\xf4\x99\x04\x0d\n\xe6\x18\xdbN\x0b\xeb\x13\x89*?\xf7\xe7\xe0)\xda\xde\xef\x13\xc9\xbe	\xe1\xddRY\xc1\xd7\x11\xd8:\x90\x8ex\xf4\x0d3_^\xa7\xc1=\x1e\xf3\xd0Z'\x14\xd3\xa1\x139\x1f\\\x8f\xe5\x0e\xca)U'\x12\x9dSw\xb7\xa4\xbb\xd9\xf2OU\xf1[\x1d\xc9\x87\x0b\xfdi\x18\xf5\xc4\xa6\x18\xaeb\x8dM:\x07N\xa4\xa6\x87\x7f\xe8,D\xdb\xf0,-\x1b\xf8\xfc\xe4\xc8\x9b\x83\xe3\xb2\xef\xd3\x83\xbeoh\x07_&\x87l\x86\xd7\x97U\x12\xaf\xab|\xa7Z\xd1\x18U\xce\x8a\xdc=\x08Z\x96\xfc\x1d\x00\x00\xff\xffPK\x07\x08\x93\xe7\xad\x94\x07\x01\x00\x00\x00\x03\x00\x00PK\x03\x04\x14\x00\x08\x00\x08\x00]\xa2PQ\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1e\x00	\x00remove-impersonate-headers.luaUT\x05\x00\x013\x00\x8a_|\x92\xd1n\xb30\x0c\x85\xefy\n\x8b\xff&H\xf4\x97v\x8b\xc4\xb3DiqKTH\x98\xed\xb0M\xd3\xde}\xca\x02)\xack\xb9I\xc4\xf9|\xec#g\xf0'3\xc09\xb8\x93X\xef\x80\xc5\x90\xb0~\xb3\xd2+\x16\xaa\xd3\x8f\xaa\x00\x00 \x94@\x11\xa1\x86\xc3Q\xbd\xd4\xf0/\xa9\xd0\xb6\x89+\xd0uE\x91\xcd\xd0\xcd\xfeC{\xa7	_\x03\xb2\xa8\xe5\xd4\xbdq\xdd\x80\xc95\x0d\xd0\xa3\xe9\x90\x18Z\xd83\xcd\"\xa8-<\xa2\x98\xce\x88\xb9\xa7WEU\xc5\x86'\x1c\xfd\x8c\xda\x8e\x13\x12{g\x04\xf5\xad\xdfZ\xd2\\PT\xf9\x18-\xd3\x04\xf6\xfc\xccNzt?\xd8\xad\xb9x\x9d\n\xa0\x85\xcf\xaf,\x9e=\xc1\xb5\x86\x19\xac\x83\xc9Xb\xb5xT\xd0\xf9L-\x1d\xb7[\xb9\xd6PnZ\x1f\xf0]\xc8\x1c\xca\n\xa2a\xdc\xc4N\xbd\x90\x0fS\xf9\xb7\x16\x18\xa9\xdc\x8f\xbc~b\x8e\x03\xfe\xb7\x8e\x91D\xe5\x045\\\xab\x1d\x1a\xd7\xbd\xbd?I\x97M\xee\xf2-\xb9\x9b$\xab\xb9*~\xdb\xc7\xf3\xe1\xcb\xe2\xc9;F\xb5^\xf2\xdb\x8a\x05\xdf\x01\x00\x00\xff\xffPK\x07\x08y\x19$\xa3\x1b\x01\x00\x00\xdd\x02\x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00]\xa2PQ\xfb\x06j<\xa2\x01\x00\x00\xf0\x04\x00\x00\x12\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\x00\x00\x00\x00clean-upstream.luaUT\x05\x00\x013\x00\x8a_PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00]\xa2PQ\x93\xe7\xad\x94\x07\x01\x00\x00\x00\x03\x00\x00\x18\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81\xeb\x01\x00\x00ext-authz-set-cookie.luaUT\x05\x00\x013\x00\x8a_PK\x01\x02\x14\x03\x14\x00\x08\x00\x08\x00]\xa2PQy\x19$\xa3\x1b\x01\x00\x00\xdd\x02\x00\x00\x1e\x00	\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb4\x81A\x03\x00\x00remove-impersonate-headers.luaUT\x05\x00\x013\x00\x8a_PK\x05\x06\x00\x00\x00\x00\x03\x00\x03\x00\xed\x00\x00\x00\xb1\x04\x00\x00\x00\x00"
 	fs.RegisterWithNamespace("luascripts", data)
 }
diff --git a/internal/identity/claims.go b/internal/identity/claims.go
new file mode 100644
index 000000000..fc31700a6
--- /dev/null
+++ b/internal/identity/claims.go
@@ -0,0 +1,140 @@
+package identity
+
+import (
+	"encoding/json"
+	"fmt"
+	"reflect"
+
+	"google.golang.org/protobuf/types/known/anypb"
+	"google.golang.org/protobuf/types/known/structpb"
+
+	"github.com/pomerium/pomerium/pkg/protoutil"
+)
+
+// Claims are JWT claims.
+type Claims map[string]interface{}
+
+// NewClaimsFromRaw creates a new Claims map from a map of raw messages.
+func NewClaimsFromRaw(raw map[string]json.RawMessage) Claims {
+	claims := make(Claims)
+	for k, rawv := range raw {
+		var v interface{}
+		if err := json.Unmarshal(rawv, &v); err == nil {
+			claims[k] = v
+		}
+	}
+	return claims
+}
+
+// UnmarshalJSON unmarshals the raw json data into the claims object.
+func (claims *Claims) UnmarshalJSON(data []byte) error {
+	if *claims == nil {
+		*claims = make(Claims)
+	}
+
+	var m map[string]interface{}
+	err := json.Unmarshal(data, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		(*claims)[k] = v
+	}
+	return nil
+}
+
+// Claims takes the claims data and fills v.
+func (claims Claims) Claims(v interface{}) error {
+	bs, err := json.Marshal(claims)
+	if err != nil {
+		return err
+	}
+	return json.Unmarshal(bs, v)
+}
+
+// Flatten flattens the claims to a FlattenedClaims map. For example:
+//
+//   { "a": { "b": { "c": 12345 } } } => { "a.b.c": [12345] }
+//
+func (claims Claims) Flatten() FlattenedClaims {
+	flattened := make(FlattenedClaims)
+	for k, v := range claims {
+		rv := reflect.ValueOf(v)
+		switch rv.Kind() {
+		case reflect.Map:
+			subClaims := make(Claims)
+			iter := rv.MapRange()
+			for iter.Next() {
+				subClaims[fmt.Sprint(iter.Key().Interface())] = iter.Value().Interface()
+			}
+			for sk, sv := range subClaims.Flatten() {
+				flattened[k+"."+sk] = sv
+			}
+		case reflect.Slice:
+			slc := make([]interface{}, rv.Len())
+			for i := 0; i < rv.Len(); i++ {
+				slc[i] = rv.Index(i).Interface()
+			}
+			flattened[k] = slc
+		default:
+			flattened[k] = []interface{}{v}
+		}
+	}
+	return flattened
+}
+
+// ToAnyMap converts the claims into a map of string => any.
+func (claims Claims) ToAnyMap() map[string]*anypb.Any {
+	m := map[string]*anypb.Any{}
+	for k, v := range claims {
+		m[k] = protoutil.ToAny(v)
+	}
+	return m
+}
+
+// FlattenedClaims are a set claims flattened into a single-level map.
+type FlattenedClaims map[string][]interface{}
+
+// NewFlattenedClaimsFromPB creates a new FlattenedClaims from the protobuf struct type.
+func NewFlattenedClaimsFromPB(m map[string]*structpb.ListValue) FlattenedClaims {
+	claims := make(FlattenedClaims)
+	if m == nil {
+		return claims
+	}
+	bs, _ := json.Marshal(m)
+	_ = json.Unmarshal(bs, &claims)
+	return claims
+}
+
+// ToPB converts the flattened claims into a protobuf type.
+func (claims FlattenedClaims) ToPB() map[string]*structpb.ListValue {
+	if claims == nil {
+		return nil
+	}
+	m := make(map[string]*structpb.ListValue)
+	for k, vs := range claims {
+		svs := make([]*structpb.Value, len(vs))
+		for i, v := range vs {
+			svs[i] = protoutil.ToStruct(v)
+		}
+		m[k] = &structpb.ListValue{Values: svs}
+	}
+	return m
+}
+
+// UnmarshalJSON unmarshals JSON into the flattened claims.
+func (claims *FlattenedClaims) UnmarshalJSON(data []byte) error {
+	var unflattened Claims
+	err := json.Unmarshal(data, &unflattened)
+	if err != nil {
+		return err
+	}
+
+	if *claims == nil {
+		*claims = make(FlattenedClaims)
+	}
+	for k, v := range unflattened.Flatten() {
+		(*claims)[k] = v
+	}
+	return nil
+}
diff --git a/internal/identity/claims_test.go b/internal/identity/claims_test.go
new file mode 100644
index 000000000..a0924760c
--- /dev/null
+++ b/internal/identity/claims_test.go
@@ -0,0 +1,28 @@
+package identity
+
+import (
+	"encoding/json"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestClaims_Flatten(t *testing.T) {
+	var claims Claims
+	_ = json.Unmarshal([]byte(`
+		{
+			"a": {
+				"aa": {
+					"aaa": 12345
+				},
+				"ab": [1, 2, 3, 4, 5]
+			}
+		}
+	`), &claims)
+
+	flattened := claims.Flatten()
+	assert.Equal(t, FlattenedClaims{
+		"a.aa.aaa": {12345.0},
+		"a.ab":     {1.0, 2.0, 3.0, 4.0, 5.0},
+	}, flattened)
+}
diff --git a/internal/identity/manager/data.go b/internal/identity/manager/data.go
index 6c82d3d7c..c66a46399 100644
--- a/internal/identity/manager/data.go
+++ b/internal/identity/manager/data.go
@@ -6,8 +6,8 @@ import (
 
 	"github.com/golang/protobuf/ptypes"
 	"github.com/google/btree"
-	"google.golang.org/protobuf/types/known/anypb"
 
+	"github.com/pomerium/pomerium/internal/identity"
 	"github.com/pomerium/pomerium/pkg/grpc/session"
 	"github.com/pomerium/pomerium/pkg/grpc/user"
 )
@@ -45,17 +45,7 @@ func (u *User) UnmarshalJSON(data []byte) error {
 		delete(raw, "email")
 	}
 
-	u.User.Claims = make(map[string]*anypb.Any)
-	for k, rawv := range raw {
-		var v interface{}
-		if json.Unmarshal(rawv, &v) != nil {
-			continue
-		}
-
-		if anyv, err := toAny(v); err == nil {
-			u.User.Claims[k] = anyv
-		}
-	}
+	u.AddClaims(identity.NewClaimsFromRaw(raw).Flatten())
 
 	return nil
 }
@@ -141,17 +131,7 @@ func (s *Session) UnmarshalJSON(data []byte) error {
 		delete(raw, "iat")
 	}
 
-	s.Session.Claims = make(map[string]*anypb.Any)
-	for k, rawv := range raw {
-		var v interface{}
-		if json.Unmarshal(rawv, &v) != nil {
-			continue
-		}
-
-		if anyv, err := toAny(v); err == nil {
-			s.Session.Claims[k] = anyv
-		}
-	}
+	s.AddClaims(identity.NewClaimsFromRaw(raw).Flatten())
 
 	return nil
 }
diff --git a/internal/identity/manager/data_test.go b/internal/identity/manager/data_test.go
index 5e8ec8272..be9f8c9dd 100644
--- a/internal/identity/manager/data_test.go
+++ b/internal/identity/manager/data_test.go
@@ -8,10 +8,10 @@ import (
 
 	"github.com/golang/protobuf/ptypes"
 	"github.com/stretchr/testify/assert"
-	"google.golang.org/protobuf/types/known/anypb"
-	"google.golang.org/protobuf/types/known/wrapperspb"
+	"google.golang.org/protobuf/types/known/structpb"
 
 	"github.com/pomerium/pomerium/pkg/grpc/session"
+	"github.com/pomerium/pomerium/pkg/protoutil"
 )
 
 func TestUser_UnmarshalJSON(t *testing.T) {
@@ -25,9 +25,8 @@ func TestUser_UnmarshalJSON(t *testing.T) {
 	assert.NotNil(t, u.User)
 	assert.Equal(t, "joe", u.User.Name)
 	assert.Equal(t, "joe@test.com", u.User.Email)
-	anyv, _ := ptypes.MarshalAny(&wrapperspb.StringValue{Value: "xyz"})
-	assert.Equal(t, map[string]*anypb.Any{
-		"some-other-claim": anyv,
+	assert.Equal(t, map[string]*structpb.ListValue{
+		"some-other-claim": {Values: []*structpb.Value{protoutil.ToStruct("xyz")}},
 	}, u.Claims)
 }
 
@@ -72,8 +71,7 @@ func TestSession_UnmarshalJSON(t *testing.T) {
 	assert.Equal(t, "subject", s.Session.IdToken.Subject)
 	assert.Equal(t, pbtm, s.Session.IdToken.ExpiresAt)
 	assert.Equal(t, pbtm, s.Session.IdToken.IssuedAt)
-	anyv, _ := ptypes.MarshalAny(&wrapperspb.StringValue{Value: "xyz"})
-	assert.Equal(t, map[string]*anypb.Any{
-		"some-other-claim": anyv,
+	assert.Equal(t, map[string]*structpb.ListValue{
+		"some-other-claim": {Values: []*structpb.Value{protoutil.ToStruct("xyz")}},
 	}, s.Claims)
 }
diff --git a/internal/identity/manager/misc.go b/internal/identity/manager/misc.go
index 1256fc744..5206c025a 100644
--- a/internal/identity/manager/misc.go
+++ b/internal/identity/manager/misc.go
@@ -1,90 +1,14 @@
 package manager
 
 import (
-	"fmt"
 	"strings"
 
 	"github.com/golang/protobuf/ptypes"
-	structpb "github.com/golang/protobuf/ptypes/struct"
 	"golang.org/x/oauth2"
-	"google.golang.org/protobuf/types/known/anypb"
-	"google.golang.org/protobuf/types/known/wrapperspb"
 
 	"github.com/pomerium/pomerium/pkg/grpc/session"
 )
 
-func toAny(value interface{}) (*anypb.Any, error) {
-	switch v := value.(type) {
-	case bool:
-		return ptypes.MarshalAny(&wrapperspb.BoolValue{Value: v})
-	case []byte:
-		return ptypes.MarshalAny(&wrapperspb.BytesValue{Value: v})
-	case float64:
-		return ptypes.MarshalAny(&wrapperspb.DoubleValue{Value: v})
-	case float32:
-		return ptypes.MarshalAny(&wrapperspb.FloatValue{Value: v})
-	case int32:
-		return ptypes.MarshalAny(&wrapperspb.Int32Value{Value: v})
-	case int64:
-		return ptypes.MarshalAny(&wrapperspb.Int64Value{Value: v})
-	case string:
-		return ptypes.MarshalAny(&wrapperspb.StringValue{Value: v})
-	case uint32:
-		return ptypes.MarshalAny(&wrapperspb.UInt32Value{Value: v})
-	case uint64:
-		return ptypes.MarshalAny(&wrapperspb.UInt64Value{Value: v})
-
-	case []interface{}:
-		lst := &structpb.ListValue{}
-		for _, c := range v {
-			if cv, err := toValue(c); err == nil {
-				lst.Values = append(lst.Values, cv)
-			}
-		}
-		return ptypes.MarshalAny(lst)
-	}
-	return nil, fmt.Errorf("unknown type %T", value)
-}
-
-func toValue(value interface{}) (*structpb.Value, error) {
-	switch v := value.(type) {
-	case bool:
-		return &structpb.Value{
-			Kind: &structpb.Value_BoolValue{BoolValue: v},
-		}, nil
-	case float64:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: v},
-		}, nil
-	case float32:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: float64(v)},
-		}, nil
-	case int32:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: float64(v)},
-		}, nil
-	case int64:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: float64(v)},
-		}, nil
-	case string:
-		return &structpb.Value{
-			Kind: &structpb.Value_StringValue{StringValue: v},
-		}, nil
-	case uint32:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: float64(v)},
-		}, nil
-	case uint64:
-		return &structpb.Value{
-			Kind: &structpb.Value_NumberValue{NumberValue: float64(v)},
-		}, nil
-
-	}
-	return nil, fmt.Errorf("unknown type %T", value)
-}
-
 func toSessionSchedulerKey(userID, sessionID string) string {
 	return userID + "\037" + sessionID
 }
diff --git a/pkg/grpc/config/config.pb.go b/pkg/grpc/config/config.pb.go
index ae3f1aca5..4d18db282 100644
--- a/pkg/grpc/config/config.pb.go
+++ b/pkg/grpc/config/config.pb.go
@@ -9,6 +9,7 @@ package config
 import (
 	proto "github.com/golang/protobuf/proto"
 	duration "github.com/golang/protobuf/ptypes/duration"
+	_struct "github.com/golang/protobuf/ptypes/struct"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
@@ -102,32 +103,34 @@ type Route struct {
 	// Deprecated: Do not use.
 	AllowedGroups []string `protobuf:"bytes,5,rep,name=allowed_groups,json=allowedGroups,proto3" json:"allowed_groups,omitempty"`
 	// Deprecated: Do not use.
-	AllowedDomains                   []string           `protobuf:"bytes,6,rep,name=allowed_domains,json=allowedDomains,proto3" json:"allowed_domains,omitempty"`
-	Prefix                           string             `protobuf:"bytes,7,opt,name=prefix,proto3" json:"prefix,omitempty"`
-	Path                             string             `protobuf:"bytes,8,opt,name=path,proto3" json:"path,omitempty"`
-	Regex                            string             `protobuf:"bytes,9,opt,name=regex,proto3" json:"regex,omitempty"`
-	PrefixRewrite                    string             `protobuf:"bytes,29,opt,name=prefix_rewrite,json=prefixRewrite,proto3" json:"prefix_rewrite,omitempty"`
-	RegexRewritePattern              string             `protobuf:"bytes,30,opt,name=regex_rewrite_pattern,json=regexRewritePattern,proto3" json:"regex_rewrite_pattern,omitempty"`
-	RegexRewriteSubstitution         string             `protobuf:"bytes,31,opt,name=regex_rewrite_substitution,json=regexRewriteSubstitution,proto3" json:"regex_rewrite_substitution,omitempty"`
-	CorsAllowPreflight               bool               `protobuf:"varint,10,opt,name=cors_allow_preflight,json=corsAllowPreflight,proto3" json:"cors_allow_preflight,omitempty"`
-	AllowPublicUnauthenticatedAccess bool               `protobuf:"varint,11,opt,name=allow_public_unauthenticated_access,json=allowPublicUnauthenticatedAccess,proto3" json:"allow_public_unauthenticated_access,omitempty"`
-	Timeout                          *duration.Duration `protobuf:"bytes,12,opt,name=timeout,proto3" json:"timeout,omitempty"`
-	AllowWebsockets                  bool               `protobuf:"varint,13,opt,name=allow_websockets,json=allowWebsockets,proto3" json:"allow_websockets,omitempty"`
-	TlsSkipVerify                    bool               `protobuf:"varint,14,opt,name=tls_skip_verify,json=tlsSkipVerify,proto3" json:"tls_skip_verify,omitempty"`
-	TlsServerName                    string             `protobuf:"bytes,15,opt,name=tls_server_name,json=tlsServerName,proto3" json:"tls_server_name,omitempty"`
-	TlsCustomCa                      string             `protobuf:"bytes,16,opt,name=tls_custom_ca,json=tlsCustomCa,proto3" json:"tls_custom_ca,omitempty"`
-	TlsCustomCaFile                  string             `protobuf:"bytes,17,opt,name=tls_custom_ca_file,json=tlsCustomCaFile,proto3" json:"tls_custom_ca_file,omitempty"`
-	TlsClientCert                    string             `protobuf:"bytes,18,opt,name=tls_client_cert,json=tlsClientCert,proto3" json:"tls_client_cert,omitempty"`
-	TlsClientKey                     string             `protobuf:"bytes,19,opt,name=tls_client_key,json=tlsClientKey,proto3" json:"tls_client_key,omitempty"`
-	TlsClientCertFile                string             `protobuf:"bytes,20,opt,name=tls_client_cert_file,json=tlsClientCertFile,proto3" json:"tls_client_cert_file,omitempty"`
-	TlsClientKeyFile                 string             `protobuf:"bytes,21,opt,name=tls_client_key_file,json=tlsClientKeyFile,proto3" json:"tls_client_key_file,omitempty"`
-	SetRequestHeaders                map[string]string  `protobuf:"bytes,22,rep,name=set_request_headers,json=setRequestHeaders,proto3" json:"set_request_headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
-	RemoveRequestHeaders             []string           `protobuf:"bytes,23,rep,name=remove_request_headers,json=removeRequestHeaders,proto3" json:"remove_request_headers,omitempty"`
-	PreserveHostHeader               bool               `protobuf:"varint,24,opt,name=preserve_host_header,json=preserveHostHeader,proto3" json:"preserve_host_header,omitempty"`
-	PassIdentityHeaders              bool               `protobuf:"varint,25,opt,name=pass_identity_headers,json=passIdentityHeaders,proto3" json:"pass_identity_headers,omitempty"`
-	KubernetesServiceAccountToken    string             `protobuf:"bytes,26,opt,name=kubernetes_service_account_token,json=kubernetesServiceAccountToken,proto3" json:"kubernetes_service_account_token,omitempty"`
-	Policies                         []*Policy          `protobuf:"bytes,27,rep,name=policies,proto3" json:"policies,omitempty"`
-	Id                               string             `protobuf:"bytes,28,opt,name=id,proto3" json:"id,omitempty"`
+	AllowedDomains []string `protobuf:"bytes,6,rep,name=allowed_domains,json=allowedDomains,proto3" json:"allowed_domains,omitempty"`
+	// Deprecated: Do not use.
+	AllowedIdpClaims                 map[string]*_struct.ListValue `protobuf:"bytes,32,rep,name=allowed_idp_claims,json=allowedIdpClaims,proto3" json:"allowed_idp_claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	Prefix                           string                        `protobuf:"bytes,7,opt,name=prefix,proto3" json:"prefix,omitempty"`
+	Path                             string                        `protobuf:"bytes,8,opt,name=path,proto3" json:"path,omitempty"`
+	Regex                            string                        `protobuf:"bytes,9,opt,name=regex,proto3" json:"regex,omitempty"`
+	PrefixRewrite                    string                        `protobuf:"bytes,29,opt,name=prefix_rewrite,json=prefixRewrite,proto3" json:"prefix_rewrite,omitempty"`
+	RegexRewritePattern              string                        `protobuf:"bytes,30,opt,name=regex_rewrite_pattern,json=regexRewritePattern,proto3" json:"regex_rewrite_pattern,omitempty"`
+	RegexRewriteSubstitution         string                        `protobuf:"bytes,31,opt,name=regex_rewrite_substitution,json=regexRewriteSubstitution,proto3" json:"regex_rewrite_substitution,omitempty"`
+	CorsAllowPreflight               bool                          `protobuf:"varint,10,opt,name=cors_allow_preflight,json=corsAllowPreflight,proto3" json:"cors_allow_preflight,omitempty"`
+	AllowPublicUnauthenticatedAccess bool                          `protobuf:"varint,11,opt,name=allow_public_unauthenticated_access,json=allowPublicUnauthenticatedAccess,proto3" json:"allow_public_unauthenticated_access,omitempty"`
+	Timeout                          *duration.Duration            `protobuf:"bytes,12,opt,name=timeout,proto3" json:"timeout,omitempty"`
+	AllowWebsockets                  bool                          `protobuf:"varint,13,opt,name=allow_websockets,json=allowWebsockets,proto3" json:"allow_websockets,omitempty"`
+	TlsSkipVerify                    bool                          `protobuf:"varint,14,opt,name=tls_skip_verify,json=tlsSkipVerify,proto3" json:"tls_skip_verify,omitempty"`
+	TlsServerName                    string                        `protobuf:"bytes,15,opt,name=tls_server_name,json=tlsServerName,proto3" json:"tls_server_name,omitempty"`
+	TlsCustomCa                      string                        `protobuf:"bytes,16,opt,name=tls_custom_ca,json=tlsCustomCa,proto3" json:"tls_custom_ca,omitempty"`
+	TlsCustomCaFile                  string                        `protobuf:"bytes,17,opt,name=tls_custom_ca_file,json=tlsCustomCaFile,proto3" json:"tls_custom_ca_file,omitempty"`
+	TlsClientCert                    string                        `protobuf:"bytes,18,opt,name=tls_client_cert,json=tlsClientCert,proto3" json:"tls_client_cert,omitempty"`
+	TlsClientKey                     string                        `protobuf:"bytes,19,opt,name=tls_client_key,json=tlsClientKey,proto3" json:"tls_client_key,omitempty"`
+	TlsClientCertFile                string                        `protobuf:"bytes,20,opt,name=tls_client_cert_file,json=tlsClientCertFile,proto3" json:"tls_client_cert_file,omitempty"`
+	TlsClientKeyFile                 string                        `protobuf:"bytes,21,opt,name=tls_client_key_file,json=tlsClientKeyFile,proto3" json:"tls_client_key_file,omitempty"`
+	SetRequestHeaders                map[string]string             `protobuf:"bytes,22,rep,name=set_request_headers,json=setRequestHeaders,proto3" json:"set_request_headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	RemoveRequestHeaders             []string                      `protobuf:"bytes,23,rep,name=remove_request_headers,json=removeRequestHeaders,proto3" json:"remove_request_headers,omitempty"`
+	PreserveHostHeader               bool                          `protobuf:"varint,24,opt,name=preserve_host_header,json=preserveHostHeader,proto3" json:"preserve_host_header,omitempty"`
+	PassIdentityHeaders              bool                          `protobuf:"varint,25,opt,name=pass_identity_headers,json=passIdentityHeaders,proto3" json:"pass_identity_headers,omitempty"`
+	KubernetesServiceAccountToken    string                        `protobuf:"bytes,26,opt,name=kubernetes_service_account_token,json=kubernetesServiceAccountToken,proto3" json:"kubernetes_service_account_token,omitempty"`
+	Policies                         []*Policy                     `protobuf:"bytes,27,rep,name=policies,proto3" json:"policies,omitempty"`
+	Id                               string                        `protobuf:"bytes,28,opt,name=id,proto3" json:"id,omitempty"`
 }
 
 func (x *Route) Reset() {
@@ -207,6 +210,14 @@ func (x *Route) GetAllowedDomains() []string {
 	return nil
 }
 
+// Deprecated: Do not use.
+func (x *Route) GetAllowedIdpClaims() map[string]*_struct.ListValue {
+	if x != nil {
+		return x.AllowedIdpClaims
+	}
+	return nil
+}
+
 func (x *Route) GetPrefix() string {
 	if x != nil {
 		return x.Prefix
@@ -387,12 +398,13 @@ type Policy struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 
-	Id             string   `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
-	Name           string   `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
-	AllowedUsers   []string `protobuf:"bytes,3,rep,name=allowed_users,json=allowedUsers,proto3" json:"allowed_users,omitempty"`
-	AllowedGroups  []string `protobuf:"bytes,4,rep,name=allowed_groups,json=allowedGroups,proto3" json:"allowed_groups,omitempty"`
-	AllowedDomains []string `protobuf:"bytes,5,rep,name=allowed_domains,json=allowedDomains,proto3" json:"allowed_domains,omitempty"`
-	Rego           []string `protobuf:"bytes,6,rep,name=rego,proto3" json:"rego,omitempty"`
+	Id               string                        `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
+	Name             string                        `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
+	AllowedUsers     []string                      `protobuf:"bytes,3,rep,name=allowed_users,json=allowedUsers,proto3" json:"allowed_users,omitempty"`
+	AllowedGroups    []string                      `protobuf:"bytes,4,rep,name=allowed_groups,json=allowedGroups,proto3" json:"allowed_groups,omitempty"`
+	AllowedDomains   []string                      `protobuf:"bytes,5,rep,name=allowed_domains,json=allowedDomains,proto3" json:"allowed_domains,omitempty"`
+	AllowedIdpClaims map[string]*_struct.ListValue `protobuf:"bytes,7,rep,name=allowed_idp_claims,json=allowedIdpClaims,proto3" json:"allowed_idp_claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	Rego             []string                      `protobuf:"bytes,6,rep,name=rego,proto3" json:"rego,omitempty"`
 }
 
 func (x *Policy) Reset() {
@@ -462,6 +474,13 @@ func (x *Policy) GetAllowedDomains() []string {
 	return nil
 }
 
+func (x *Policy) GetAllowedIdpClaims() map[string]*_struct.ListValue {
+	if x != nil {
+		return x.AllowedIdpClaims
+	}
+	return nil
+}
+
 func (x *Policy) GetRego() []string {
 	if x != nil {
 		return x.Rego
@@ -1002,7 +1021,7 @@ type Settings_Certificate struct {
 func (x *Settings_Certificate) Reset() {
 	*x = Settings_Certificate{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_config_proto_msgTypes[5]
+		mi := &file_config_proto_msgTypes[7]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -1015,7 +1034,7 @@ func (x *Settings_Certificate) String() string {
 func (*Settings_Certificate) ProtoMessage() {}
 
 func (x *Settings_Certificate) ProtoReflect() protoreflect.Message {
-	mi := &file_config_proto_msgTypes[5]
+	mi := &file_config_proto_msgTypes[7]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1065,419 +1084,445 @@ var file_config_proto_rawDesc = []byte{
 	0x0a, 0x0c, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0f,
 	0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a,
 	0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
-	0x83, 0x01, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2e,
-	0x0a, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16,
+	0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
+	0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x83, 0x01,
+	0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2e, 0x0a, 0x06,
+	0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x70,
+	0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x52,
+	0x6f, 0x75, 0x74, 0x65, 0x52, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x35, 0x0a, 0x08,
+	0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
 	0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x06, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x35,
-	0x0a, 0x08, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x19, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
-	0x69, 0x67, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x08, 0x73, 0x65, 0x74,
-	0x74, 0x69, 0x6e, 0x67, 0x73, 0x22, 0x9a, 0x0b, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12,
-	0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x66, 0x72, 0x6f, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x04, 0x66, 0x72, 0x6f, 0x6d, 0x12, 0x0e, 0x0a, 0x02, 0x74, 0x6f, 0x18, 0x03, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x02, 0x74, 0x6f, 0x12, 0x27, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
-	0x65, 0x64, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x42, 0x02,
-	0x18, 0x01, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x55, 0x73, 0x65, 0x72, 0x73,
-	0x12, 0x29, 0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x67, 0x72, 0x6f, 0x75,
-	0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0d, 0x61, 0x6c,
-	0x6c, 0x6f, 0x77, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x2b, 0x0a, 0x0f, 0x61,
-	0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x06,
-	0x20, 0x03, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
-	0x64, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66,
-	0x69, 0x78, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78,
-	0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
-	0x70, 0x61, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x09, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x72,
-	0x65, 0x66, 0x69, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x1d, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0d, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74,
-	0x65, 0x12, 0x32, 0x0a, 0x15, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69,
-	0x74, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x13, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x50, 0x61,
-	0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x3c, 0x0a, 0x1a, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72,
-	0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
-	0x69, 0x6f, 0x6e, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x18, 0x72, 0x65, 0x67, 0x65, 0x78,
-	0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
-	0x69, 0x6f, 0x6e, 0x12, 0x30, 0x0a, 0x14, 0x63, 0x6f, 0x72, 0x73, 0x5f, 0x61, 0x6c, 0x6c, 0x6f,
-	0x77, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x6c, 0x69, 0x67, 0x68, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28,
-	0x08, 0x52, 0x12, 0x63, 0x6f, 0x72, 0x73, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x50, 0x72, 0x65, 0x66,
-	0x6c, 0x69, 0x67, 0x68, 0x74, 0x12, 0x4d, 0x0a, 0x23, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x70,
-	0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x75, 0x6e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x18, 0x0b, 0x20, 0x01,
-	0x28, 0x08, 0x52, 0x20, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x55,
-	0x6e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x41, 0x63,
-	0x63, 0x65, 0x73, 0x73, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18,
-	0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
-	0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x61, 0x6c, 0x6c,
-	0x6f, 0x77, 0x5f, 0x77, 0x65, 0x62, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x18, 0x0d, 0x20,
-	0x01, 0x28, 0x08, 0x52, 0x0f, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x57, 0x65, 0x62, 0x73, 0x6f, 0x63,
-	0x6b, 0x65, 0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x6c, 0x73, 0x5f, 0x73, 0x6b, 0x69, 0x70,
-	0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x74,
-	0x6c, 0x73, 0x53, 0x6b, 0x69, 0x70, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x12, 0x26, 0x0a, 0x0f,
-	0x74, 0x6c, 0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18,
-	0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x74, 0x6c, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
-	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x22, 0x0a, 0x0d, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x75, 0x73, 0x74,
-	0x6f, 0x6d, 0x5f, 0x63, 0x61, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x74, 0x6c, 0x73,
-	0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x61, 0x12, 0x2b, 0x0a, 0x12, 0x74, 0x6c, 0x73, 0x5f,
-	0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x61, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x11,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x74, 0x6c, 0x73, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43,
-	0x61, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d,
-	0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x12, 0x24, 0x0a,
-	0x0e, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18,
-	0x13, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x4b, 0x65, 0x79, 0x12, 0x2f, 0x0a, 0x14, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x11, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74,
-	0x46, 0x69, 0x6c, 0x65, 0x12, 0x2d, 0x0a, 0x13, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65,
-	0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x10, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x46,
-	0x69, 0x6c, 0x65, 0x12, 0x5d, 0x0a, 0x13, 0x73, 0x65, 0x74, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x16, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x2d, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
-	0x69, 0x67, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52,
-	0x11, 0x73, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65,
-	0x72, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x5f, 0x72, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x17, 0x20, 0x03,
-	0x28, 0x09, 0x52, 0x14, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x65, 0x73,
-	0x65, 0x72, 0x76, 0x65, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x18, 0x18, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x48, 0x6f, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x15, 0x70, 0x61,
-	0x73, 0x73, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x5f, 0x68, 0x65, 0x61, 0x64,
-	0x65, 0x72, 0x73, 0x18, 0x19, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x70, 0x61, 0x73, 0x73, 0x49,
-	0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x47,
-	0x0a, 0x20, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x6f, 0x6b,
-	0x65, 0x6e, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1d, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e,
-	0x65, 0x74, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75,
-	0x6e, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x33, 0x0a, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63,
-	0x69, 0x65, 0x73, 0x18, 0x1b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6d, 0x65,
-	0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x6c, 0x69,
-	0x63, 0x79, 0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x0e, 0x0a, 0x02,
-	0x69, 0x64, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x1a, 0x44, 0x0a, 0x16,
-	0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02,
-	0x38, 0x01, 0x22, 0xb5, 0x01, 0x0a, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0e, 0x0a,
-	0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x75, 0x73, 0x65,
-	0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
-	0x64, 0x55, 0x73, 0x65, 0x72, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
-	0x64, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d,
-	0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x27, 0x0a,
-	0x0f, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73,
-	0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x44,
-	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x72, 0x65, 0x67, 0x6f, 0x18, 0x06,
-	0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x72, 0x65, 0x67, 0x6f, 0x22, 0x9f, 0x25, 0x0a, 0x08, 0x53,
-	0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x19, 0x0a, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67, 0x88,
-	0x01, 0x01, 0x12, 0x20, 0x0a, 0x09, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18,
-	0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x08, 0x6c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65,
-	0x6c, 0x88, 0x01, 0x01, 0x12, 0x2b, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x6c, 0x6f,
-	0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52,
-	0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x4c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x88, 0x01,
-	0x01, 0x12, 0x28, 0x0a, 0x0d, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x63, 0x72,
-	0x65, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x03, 0x52, 0x0c, 0x73, 0x68, 0x61, 0x72,
-	0x65, 0x64, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x88, 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, 0x73,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x48, 0x04, 0x52,
-	0x08, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x88, 0x01, 0x01, 0x12, 0x1d, 0x0a, 0x07,
-	0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x05, 0x52,
-	0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01, 0x01, 0x12, 0x2c, 0x0a, 0x0f, 0x69,
-	0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x08,
-	0x20, 0x01, 0x28, 0x08, 0x48, 0x06, 0x52, 0x0e, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65,
-	0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x2f, 0x0a, 0x11, 0x64, 0x6e, 0x73,
-	0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x18, 0x3c,
-	0x20, 0x01, 0x28, 0x09, 0x48, 0x07, 0x52, 0x0f, 0x64, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75,
-	0x70, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x88, 0x01, 0x01, 0x12, 0x49, 0x0a, 0x0c, 0x63, 0x65,
-	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x25, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66,
-	0x69, 0x67, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x43, 0x65, 0x72, 0x74,
-	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x31, 0x0a, 0x12, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65,
-	0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28,
-	0x09, 0x48, 0x08, 0x52, 0x10, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63,
-	0x74, 0x41, 0x64, 0x64, 0x72, 0x88, 0x01, 0x01, 0x12, 0x41, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65,
-	0x6f, 0x75, 0x74, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x09, 0x52, 0x0b, 0x74, 0x69, 0x6d,
-	0x65, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x61, 0x64, 0x88, 0x01, 0x01, 0x12, 0x43, 0x0a, 0x0d, 0x74,
-	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x0c, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x0a, 0x52,
-	0x0c, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x57, 0x72, 0x69, 0x74, 0x65, 0x88, 0x01, 0x01,
-	0x12, 0x41, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x69, 0x64, 0x6c, 0x65,
-	0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
-	0x6e, 0x48, 0x0b, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x49, 0x64, 0x6c, 0x65,
-	0x88, 0x01, 0x01, 0x12, 0x3d, 0x0a, 0x18, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63,
-	0x61, 0x74, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18,
-	0x0e, 0x20, 0x01, 0x28, 0x09, 0x48, 0x0c, 0x52, 0x16, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74,
-	0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88,
-	0x01, 0x01, 0x12, 0x41, 0x0a, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61,
-	0x74, 0x65, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70, 0x61, 0x74, 0x68,
-	0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x48, 0x0d, 0x52, 0x18, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e,
-	0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x61,
-	0x74, 0x68, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x48, 0x0e, 0x52, 0x0a, 0x63, 0x6f,
-	0x6f, 0x6b, 0x69, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, 0x63,
-	0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x11, 0x20, 0x01,
-	0x28, 0x09, 0x48, 0x0f, 0x52, 0x0c, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x53, 0x65, 0x63, 0x72,
-	0x65, 0x74, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f,
-	0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x48, 0x10, 0x52, 0x0c,
-	0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x88, 0x01, 0x01, 0x12,
-	0x28, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65,
-	0x18, 0x13, 0x20, 0x01, 0x28, 0x08, 0x48, 0x11, 0x52, 0x0c, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65,
-	0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x2d, 0x0a, 0x10, 0x63, 0x6f, 0x6f,
-	0x6b, 0x69, 0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x18, 0x14, 0x20,
-	0x01, 0x28, 0x08, 0x48, 0x12, 0x52, 0x0e, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x48, 0x74, 0x74,
-	0x70, 0x4f, 0x6e, 0x6c, 0x79, 0x88, 0x01, 0x01, 0x12, 0x43, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b,
-	0x69, 0x65, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x13, 0x52, 0x0c, 0x63, 0x6f,
-	0x6f, 0x6b, 0x69, 0x65, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x27, 0x0a,
-	0x0d, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x16,
-	0x20, 0x01, 0x28, 0x09, 0x48, 0x14, 0x52, 0x0b, 0x69, 0x64, 0x70, 0x43, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x2f, 0x0a, 0x11, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c,
-	0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x17, 0x20, 0x01, 0x28,
-	0x09, 0x48, 0x15, 0x52, 0x0f, 0x69, 0x64, 0x70, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x65,
-	0x63, 0x72, 0x65, 0x74, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, 0x69, 0x64, 0x70, 0x5f, 0x70,
-	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x18, 0x20, 0x01, 0x28, 0x09, 0x48, 0x16, 0x52,
-	0x0b, 0x69, 0x64, 0x70, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12,
-	0x2d, 0x0a, 0x10, 0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f,
-	0x75, 0x72, 0x6c, 0x18, 0x19, 0x20, 0x01, 0x28, 0x09, 0x48, 0x17, 0x52, 0x0e, 0x69, 0x64, 0x70,
-	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x16,
-	0x0a, 0x06, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x18, 0x1a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06,
-	0x73, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x12, 0x33, 0x0a, 0x13, 0x69, 0x64, 0x70, 0x5f, 0x73, 0x65,
-	0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x1b, 0x20,
-	0x01, 0x28, 0x09, 0x48, 0x18, 0x52, 0x11, 0x69, 0x64, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x61, 0x0a, 0x1d, 0x69,
-	0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63,
-	0x74, 0x6f, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x1c, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x19, 0x52,
-	0x1a, 0x69, 0x64, 0x70, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x44, 0x69, 0x72, 0x65, 0x63,
-	0x74, 0x6f, 0x72, 0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x88, 0x01, 0x01, 0x12, 0x63,
-	0x0a, 0x1e, 0x69, 0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69,
-	0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
-	0x18, 0x1d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
-	0x6e, 0x48, 0x1a, 0x52, 0x1b, 0x69, 0x64, 0x70, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x44,
-	0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c,
-	0x88, 0x01, 0x01, 0x12, 0x53, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x70,
-	0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x70, 0x6f,
-	0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x53, 0x65,
-	0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61,
-	0x72, 0x61, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0d, 0x72, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x64, 0x6d, 0x69,
-	0x6e, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x1f, 0x20, 0x03, 0x28, 0x09,
-	0x52, 0x0e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x73,
-	0x12, 0x3f, 0x0a, 0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x5f,
-	0x69, 0x6d, 0x70, 0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x3d, 0x20,
-	0x01, 0x28, 0x08, 0x48, 0x1b, 0x52, 0x17, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x55, 0x73, 0x65,
-	0x72, 0x49, 0x6d, 0x70, 0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01,
-	0x01, 0x12, 0x37, 0x0a, 0x15, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x5f, 0x73,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x20, 0x20, 0x01, 0x28, 0x09,
-	0x48, 0x1c, 0x52, 0x13, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x53, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x3f, 0x0a, 0x19, 0x6f, 0x76,
-	0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
-	0x74, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x21, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1d, 0x52,
-	0x17, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x38, 0x0a, 0x15, 0x63,
-	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f,
-	0x72, 0x69, 0x74, 0x79, 0x18, 0x22, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1e, 0x52, 0x14, 0x63, 0x65,
-	0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69,
-	0x74, 0x79, 0x88, 0x01, 0x01, 0x12, 0x41, 0x0a, 0x1a, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x66,
-	0x69, 0x6c, 0x65, 0x18, 0x23, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1f, 0x52, 0x18, 0x63, 0x65, 0x72,
-	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
-	0x79, 0x46, 0x69, 0x6c, 0x65, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x73, 0x69, 0x67, 0x6e,
-	0x69, 0x6e, 0x67, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09, 0x48, 0x20, 0x52,
-	0x0a, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x4b, 0x65, 0x79, 0x88, 0x01, 0x01, 0x12, 0x2c,
-	0x0a, 0x12, 0x6a, 0x77, 0x74, 0x5f, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x5f, 0x68, 0x65, 0x61,
-	0x64, 0x65, 0x72, 0x73, 0x18, 0x25, 0x20, 0x03, 0x28, 0x09, 0x52, 0x10, 0x6a, 0x77, 0x74, 0x43,
-	0x6c, 0x61, 0x69, 0x6d, 0x73, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x49, 0x0a, 0x10,
-	0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x63, 0x6f, 0x6f, 0x6c, 0x64, 0x6f, 0x77, 0x6e,
-	0x18, 0x26, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
-	0x6e, 0x48, 0x21, 0x52, 0x0f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x43, 0x6f, 0x6f, 0x6c,
-	0x64, 0x6f, 0x77, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x58, 0x0a, 0x18, 0x64, 0x65, 0x66, 0x61, 0x75,
-	0x6c, 0x74, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65,
-	0x6f, 0x75, 0x74, 0x18, 0x27, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x48, 0x22, 0x52, 0x16, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x55,
-	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x88, 0x01,
-	0x01, 0x12, 0x2c, 0x0a, 0x0f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x5f, 0x61, 0x64, 0x64,
-	0x72, 0x65, 0x73, 0x73, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x48, 0x23, 0x52, 0x0e, 0x6d, 0x65,
-	0x74, 0x72, 0x69, 0x63, 0x73, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01, 0x01, 0x12,
-	0x2e, 0x0a, 0x10, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69,
-	0x64, 0x65, 0x72, 0x18, 0x29, 0x20, 0x01, 0x28, 0x09, 0x48, 0x24, 0x52, 0x0f, 0x74, 0x72, 0x61,
-	0x63, 0x69, 0x6e, 0x67, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12,
-	0x33, 0x0a, 0x13, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c,
-	0x65, 0x5f, 0x72, 0x61, 0x74, 0x65, 0x18, 0x2a, 0x20, 0x01, 0x28, 0x01, 0x48, 0x25, 0x52, 0x11,
-	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x61, 0x74,
-	0x65, 0x88, 0x01, 0x01, 0x12, 0x4e, 0x0a, 0x21, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f,
-	0x6a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72,
-	0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x2b, 0x20, 0x01, 0x28, 0x09, 0x48,
-	0x26, 0x52, 0x1e, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x4a, 0x61, 0x65, 0x67, 0x65, 0x72,
-	0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
-	0x74, 0x88, 0x01, 0x01, 0x12, 0x46, 0x0a, 0x1d, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f,
-	0x6a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x6e, 0x64,
-	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x48, 0x27, 0x52, 0x1a, 0x74,
-	0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x4a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e,
-	0x74, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x3b, 0x0a, 0x17,
-	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x65,
-	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x48, 0x28, 0x52,
-	0x15, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x45, 0x6e,
-	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, 0x67, 0x72, 0x70,
-	0x63, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x2e, 0x20, 0x01, 0x28, 0x09, 0x48,
-	0x29, 0x52, 0x0b, 0x67, 0x72, 0x70, 0x63, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01,
-	0x01, 0x12, 0x28, 0x0a, 0x0d, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75,
-	0x72, 0x65, 0x18, 0x2f, 0x20, 0x01, 0x28, 0x08, 0x48, 0x2a, 0x52, 0x0c, 0x67, 0x72, 0x70, 0x63,
-	0x49, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x5d, 0x0a, 0x1e, 0x67,
-	0x72, 0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x63,
-	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x67, 0x65, 0x18, 0x30, 0x20,
+	0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x08, 0x73, 0x65, 0x74, 0x74, 0x69,
+	0x6e, 0x67, 0x73, 0x22, 0xdb, 0x0c, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x12, 0x0a,
+	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+	0x65, 0x12, 0x12, 0x0a, 0x04, 0x66, 0x72, 0x6f, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x04, 0x66, 0x72, 0x6f, 0x6d, 0x12, 0x0e, 0x0a, 0x02, 0x74, 0x6f, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x02, 0x74, 0x6f, 0x12, 0x27, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64,
+	0x5f, 0x75, 0x73, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01,
+	0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x55, 0x73, 0x65, 0x72, 0x73, 0x12, 0x29,
+	0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73,
+	0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0d, 0x61, 0x6c, 0x6c, 0x6f,
+	0x77, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x2b, 0x0a, 0x0f, 0x61, 0x6c, 0x6c,
+	0x6f, 0x77, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x03,
+	0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x44,
+	0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x5e, 0x0a, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
+	0x64, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x20, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x77,
+	0x65, 0x64, 0x49, 0x64, 0x70, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x42, 0x02, 0x18, 0x01, 0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x64, 0x70,
+	0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x12,
+	0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61,
+	0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x05, 0x72, 0x65, 0x67, 0x65, 0x78, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x72, 0x65, 0x66,
+	0x69, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0d, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12,
+	0x32, 0x0a, 0x15, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65,
+	0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13,
+	0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x50, 0x61, 0x74, 0x74,
+	0x65, 0x72, 0x6e, 0x12, 0x3c, 0x0a, 0x1a, 0x72, 0x65, 0x67, 0x65, 0x78, 0x5f, 0x72, 0x65, 0x77,
+	0x72, 0x69, 0x74, 0x65, 0x5f, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x18, 0x72, 0x65, 0x67, 0x65, 0x78, 0x52, 0x65,
+	0x77, 0x72, 0x69, 0x74, 0x65, 0x53, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x30, 0x0a, 0x14, 0x63, 0x6f, 0x72, 0x73, 0x5f, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f,
+	0x70, 0x72, 0x65, 0x66, 0x6c, 0x69, 0x67, 0x68, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52,
+	0x12, 0x63, 0x6f, 0x72, 0x73, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x50, 0x72, 0x65, 0x66, 0x6c, 0x69,
+	0x67, 0x68, 0x74, 0x12, 0x4d, 0x0a, 0x23, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x70, 0x75, 0x62,
+	0x6c, 0x69, 0x63, 0x5f, 0x75, 0x6e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x20, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x55, 0x6e, 0x61,
+	0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x41, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x0c, 0x20,
 	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x1a,
-	0x67, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4d, 0x61, 0x78, 0x43, 0x6f, 0x6e,
-	0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x67, 0x65, 0x12, 0x68, 0x0a, 0x24, 0x67, 0x72,
-	0x70, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f,
-	0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x67, 0x65, 0x5f, 0x67, 0x72, 0x61,
-	0x63, 0x65, 0x18, 0x31, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x52, 0x1f, 0x67, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4d,
-	0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x67, 0x65, 0x47,
-	0x72, 0x61, 0x63, 0x65, 0x12, 0x2d, 0x0a, 0x10, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x5f,
-	0x61, 0x75, 0x74, 0x68, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x32, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2b,
-	0x52, 0x0e, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x41, 0x75, 0x74, 0x68, 0x55, 0x72, 0x6c,
-	0x88, 0x01, 0x01, 0x12, 0x2f, 0x0a, 0x11, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x33, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2c,
-	0x52, 0x0f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72,
-	0x6c, 0x88, 0x01, 0x01, 0x12, 0x39, 0x0a, 0x16, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72, 0x6f, 0x6b,
-	0x65, 0x72, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x34,
-	0x20, 0x01, 0x28, 0x09, 0x48, 0x2d, 0x52, 0x14, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72, 0x6f, 0x6b,
-	0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12,
-	0x20, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x18, 0x35, 0x20, 0x01,
-	0x28, 0x09, 0x48, 0x2e, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x61, 0x88, 0x01,
-	0x01, 0x12, 0x29, 0x0a, 0x0e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x5f, 0x66,
-	0x69, 0x6c, 0x65, 0x18, 0x36, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2f, 0x52, 0x0c, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x43, 0x61, 0x46, 0x69, 0x6c, 0x65, 0x88, 0x01, 0x01, 0x12, 0x76, 0x0a, 0x36,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x65, 0x72, 0x6c, 0x65, 0x73, 0x73, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69,
-	0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61,
-	0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x37, 0x20, 0x01, 0x28, 0x09, 0x48, 0x30, 0x52, 0x31,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65,
-	0x72, 0x6c, 0x65, 0x73, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e,
-	0x74, 0x88, 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74,
-	0x18, 0x38, 0x20, 0x01, 0x28, 0x08, 0x48, 0x31, 0x52, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65,
-	0x72, 0x74, 0x88, 0x01, 0x01, 0x12, 0x35, 0x0a, 0x14, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72,
-	0x74, 0x5f, 0x75, 0x73, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x18, 0x39, 0x20,
-	0x01, 0x28, 0x08, 0x48, 0x32, 0x52, 0x12, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x55,
-	0x73, 0x65, 0x53, 0x74, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x88, 0x01, 0x01, 0x12, 0x35, 0x0a, 0x14,
-	0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x6d, 0x75, 0x73, 0x74, 0x5f, 0x73, 0x74,
-	0x61, 0x70, 0x6c, 0x65, 0x18, 0x3a, 0x20, 0x01, 0x28, 0x08, 0x48, 0x33, 0x52, 0x12, 0x61, 0x75,
-	0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x4d, 0x75, 0x73, 0x74, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65,
-	0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f,
-	0x64, 0x69, 0x72, 0x18, 0x3b, 0x20, 0x01, 0x28, 0x09, 0x48, 0x34, 0x52, 0x0b, 0x61, 0x75, 0x74,
-	0x6f, 0x63, 0x65, 0x72, 0x74, 0x44, 0x69, 0x72, 0x88, 0x01, 0x01, 0x1a, 0x81, 0x01, 0x0a, 0x0b,
-	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x63,
-	0x65, 0x72, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08,
-	0x63, 0x65, 0x72, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f,
-	0x66, 0x69, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x46,
-	0x69, 0x6c, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65,
-	0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x42, 0x79, 0x74,
-	0x65, 0x73, 0x12, 0x1b, 0x0a, 0x09, 0x6b, 0x65, 0x79, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18,
-	0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x6b, 0x65, 0x79, 0x42, 0x79, 0x74, 0x65, 0x73, 0x1a,
-	0x40, 0x0a, 0x12, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07,
+	0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77,
+	0x5f, 0x77, 0x65, 0x62, 0x73, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x73, 0x18, 0x0d, 0x20, 0x01, 0x28,
+	0x08, 0x52, 0x0f, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x57, 0x65, 0x62, 0x73, 0x6f, 0x63, 0x6b, 0x65,
+	0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x6c, 0x73, 0x5f, 0x73, 0x6b, 0x69, 0x70, 0x5f, 0x76,
+	0x65, 0x72, 0x69, 0x66, 0x79, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x74, 0x6c, 0x73,
+	0x53, 0x6b, 0x69, 0x70, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x6c,
+	0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0f, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0d, 0x74, 0x6c, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61,
+	0x6d, 0x65, 0x12, 0x22, 0x0a, 0x0d, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d,
+	0x5f, 0x63, 0x61, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x74, 0x6c, 0x73, 0x43, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x43, 0x61, 0x12, 0x2b, 0x0a, 0x12, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x75,
+	0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x63, 0x61, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x11, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0f, 0x74, 0x6c, 0x73, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x43, 0x61, 0x46,
+	0x69, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x74, 0x6c,
+	0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x12, 0x24, 0x0a, 0x0e, 0x74,
+	0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x13, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65,
+	0x79, 0x12, 0x2f, 0x0a, 0x14, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f,
+	0x63, 0x65, 0x72, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x11, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x46, 0x69,
+	0x6c, 0x65, 0x12, 0x2d, 0x0a, 0x13, 0x74, 0x6c, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x10, 0x74, 0x6c, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x46, 0x69, 0x6c,
+	0x65, 0x12, 0x5d, 0x0a, 0x13, 0x73, 0x65, 0x74, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+	0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x16, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d,
+	0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
+	0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x11, 0x73,
+	0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
+	0x12, 0x34, 0x0a, 0x16, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x17, 0x20, 0x03, 0x28, 0x09,
+	0x52, 0x14, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72,
+	0x76, 0x65, 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x18,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x70, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x48, 0x6f,
+	0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x15, 0x70, 0x61, 0x73, 0x73,
+	0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x18, 0x19, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x70, 0x61, 0x73, 0x73, 0x49, 0x64, 0x65,
+	0x6e, 0x74, 0x69, 0x74, 0x79, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x47, 0x0a, 0x20,
+	0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
+	0x18, 0x1a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1d, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74,
+	0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x33, 0x0a, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65,
+	0x73, 0x18, 0x1b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69,
+	0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+	0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64,
+	0x18, 0x1c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x1a, 0x5f, 0x0a, 0x15, 0x41, 0x6c,
+	0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x64, 0x70, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e,
+	0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x30, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x44, 0x0a, 0x16, 0x53,
+	0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73,
 	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01,
 	0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
 	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38,
-	0x01, 0x42, 0x08, 0x0a, 0x06, 0x5f, 0x64, 0x65, 0x62, 0x75, 0x67, 0x42, 0x0c, 0x0a, 0x0a, 0x5f,
-	0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x70, 0x72,
-	0x6f, 0x78, 0x79, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x42, 0x10, 0x0a,
-	0x0e, 0x5f, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42,
-	0x0b, 0x0a, 0x09, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x42, 0x0a, 0x0a, 0x08,
-	0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x69, 0x6e, 0x73,
-	0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x12,
-	0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69,
-	0x6c, 0x79, 0x42, 0x15, 0x0a, 0x13, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x64, 0x69,
-	0x72, 0x65, 0x63, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x74, 0x69,
-	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x74,
-	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x77, 0x72, 0x69, 0x74, 0x65, 0x42, 0x0f, 0x0a, 0x0d,
-	0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x69, 0x64, 0x6c, 0x65, 0x42, 0x1b, 0x0a,
-	0x19, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x73,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x1d, 0x0a, 0x1b, 0x5f, 0x61,
-	0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x61, 0x6c, 0x6c,
-	0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x63, 0x6f,
-	0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63, 0x6f,
-	0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x10, 0x0a, 0x0e, 0x5f,
-	0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x42, 0x10, 0x0a,
-	0x0e, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42,
-	0x13, 0x0a, 0x11, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f,
-	0x6f, 0x6e, 0x6c, 0x79, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f,
-	0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x69, 0x64, 0x70,
-	0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x0f,
-	0x0a, 0x0d, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x42,
-	0x13, 0x0a, 0x11, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
-	0x5f, 0x75, 0x72, 0x6c, 0x42, 0x16, 0x0a, 0x14, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x42, 0x20, 0x0a, 0x1e,
-	0x5f, 0x69, 0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72,
-	0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x21,
-	0x0a, 0x1f, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64,
-	0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61,
-	0x6c, 0x42, 0x1c, 0x0a, 0x1a, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x73, 0x65,
-	0x72, 0x5f, 0x69, 0x6d, 0x70, 0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42,
-	0x18, 0x0a, 0x16, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x5f, 0x73, 0x65,
-	0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x1c, 0x0a, 0x1a, 0x5f, 0x6f, 0x76,
-	0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
-	0x74, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x18, 0x0a, 0x16, 0x5f, 0x63, 0x65, 0x72, 0x74,
+	0x01, 0x22, 0xf3, 0x02, 0x0a, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x0e, 0x0a, 0x02,
+	0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x75, 0x73, 0x65, 0x72,
+	0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64,
+	0x55, 0x73, 0x65, 0x72, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64,
+	0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x61,
+	0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x27, 0x0a, 0x0f,
+	0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18,
+	0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x44, 0x6f,
+	0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x5b, 0x0a, 0x12, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64,
+	0x5f, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x2d, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x77,
+	0x65, 0x64, 0x49, 0x64, 0x70, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x52, 0x10, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x64, 0x70, 0x43, 0x6c, 0x61, 0x69,
+	0x6d, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x72, 0x65, 0x67, 0x6f, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09,
+	0x52, 0x04, 0x72, 0x65, 0x67, 0x6f, 0x1a, 0x5f, 0x0a, 0x15, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
+	0x64, 0x49, 0x64, 0x70, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12,
+	0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65,
+	0x79, 0x12, 0x30, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x9f, 0x25, 0x0a, 0x08, 0x53, 0x65, 0x74, 0x74,
+	0x69, 0x6e, 0x67, 0x73, 0x12, 0x19, 0x0a, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x05, 0x64, 0x65, 0x62, 0x75, 0x67, 0x88, 0x01, 0x01, 0x12,
+	0x20, 0x0a, 0x09, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x03, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x01, 0x52, 0x08, 0x6c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x88, 0x01,
+	0x01, 0x12, 0x2b, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x6c,
+	0x65, 0x76, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, 0x0d, 0x70, 0x72,
+	0x6f, 0x78, 0x79, 0x4c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x28,
+	0x0a, 0x0d, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x03, 0x52, 0x0c, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x53,
+	0x65, 0x63, 0x72, 0x65, 0x74, 0x88, 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x48, 0x04, 0x52, 0x08, 0x73, 0x65,
+	0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x88, 0x01, 0x01, 0x12, 0x1d, 0x0a, 0x07, 0x61, 0x64, 0x64,
+	0x72, 0x65, 0x73, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x48, 0x05, 0x52, 0x07, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01, 0x01, 0x12, 0x2c, 0x0a, 0x0f, 0x69, 0x6e, 0x73, 0x65,
+	0x63, 0x75, 0x72, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x08, 0x20, 0x01, 0x28,
+	0x08, 0x48, 0x06, 0x52, 0x0e, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x53, 0x65, 0x72,
+	0x76, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x2f, 0x0a, 0x11, 0x64, 0x6e, 0x73, 0x5f, 0x6c, 0x6f,
+	0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x18, 0x3c, 0x20, 0x01, 0x28,
+	0x09, 0x48, 0x07, 0x52, 0x0f, 0x64, 0x6e, 0x73, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x46, 0x61,
+	0x6d, 0x69, 0x6c, 0x79, 0x88, 0x01, 0x01, 0x12, 0x49, 0x0a, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e,
+	0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x52, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x73, 0x12, 0x31, 0x0a, 0x12, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72,
+	0x65, 0x63, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x48, 0x08,
+	0x52, 0x10, 0x68, 0x74, 0x74, 0x70, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x41, 0x64,
+	0x64, 0x72, 0x88, 0x01, 0x01, 0x12, 0x41, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x5f, 0x72, 0x65, 0x61, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
+	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x09, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75,
+	0x74, 0x52, 0x65, 0x61, 0x64, 0x88, 0x01, 0x01, 0x12, 0x43, 0x0a, 0x0d, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x5f, 0x77, 0x72, 0x69, 0x74, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x0a, 0x52, 0x0c, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x57, 0x72, 0x69, 0x74, 0x65, 0x88, 0x01, 0x01, 0x12, 0x41, 0x0a,
+	0x0c, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x69, 0x64, 0x6c, 0x65, 0x18, 0x0d, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x0b,
+	0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x49, 0x64, 0x6c, 0x65, 0x88, 0x01, 0x01,
+	0x12, 0x3d, 0x0a, 0x18, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x0e, 0x20, 0x01,
+	0x28, 0x09, 0x48, 0x0c, 0x52, 0x16, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61,
+	0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12,
+	0x41, 0x0a, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x63, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0f, 0x20,
+	0x01, 0x28, 0x09, 0x48, 0x0d, 0x52, 0x18, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x50, 0x61, 0x74, 0x68, 0x88,
+	0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x6e, 0x61, 0x6d,
+	0x65, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x48, 0x0e, 0x52, 0x0a, 0x63, 0x6f, 0x6f, 0x6b, 0x69,
+	0x65, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b,
+	0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x09, 0x48,
+	0x0f, 0x52, 0x0c, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x88,
+	0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x64, 0x6f, 0x6d,
+	0x61, 0x69, 0x6e, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x48, 0x10, 0x52, 0x0c, 0x63, 0x6f, 0x6f,
+	0x6b, 0x69, 0x65, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d,
+	0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x18, 0x13, 0x20,
+	0x01, 0x28, 0x08, 0x48, 0x11, 0x52, 0x0c, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x53, 0x65, 0x63,
+	0x75, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x2d, 0x0a, 0x10, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65,
+	0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6f, 0x6e, 0x6c, 0x79, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x12, 0x52, 0x0e, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x48, 0x74, 0x74, 0x70, 0x4f, 0x6e,
+	0x6c, 0x79, 0x88, 0x01, 0x01, 0x12, 0x43, 0x0a, 0x0d, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f,
+	0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x18, 0x15, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
+	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x13, 0x52, 0x0c, 0x63, 0x6f, 0x6f, 0x6b, 0x69,
+	0x65, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x27, 0x0a, 0x0d, 0x69, 0x64,
+	0x70, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x16, 0x20, 0x01, 0x28,
+	0x09, 0x48, 0x14, 0x52, 0x0b, 0x69, 0x64, 0x70, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64,
+	0x88, 0x01, 0x01, 0x12, 0x2f, 0x0a, 0x11, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x17, 0x20, 0x01, 0x28, 0x09, 0x48, 0x15,
+	0x52, 0x0f, 0x69, 0x64, 0x70, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x63, 0x72, 0x65,
+	0x74, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, 0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x18, 0x18, 0x20, 0x01, 0x28, 0x09, 0x48, 0x16, 0x52, 0x0b, 0x69, 0x64,
+	0x70, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x2d, 0x0a, 0x10,
+	0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x75, 0x72, 0x6c,
+	0x18, 0x19, 0x20, 0x01, 0x28, 0x09, 0x48, 0x17, 0x52, 0x0e, 0x69, 0x64, 0x70, 0x50, 0x72, 0x6f,
+	0x76, 0x69, 0x64, 0x65, 0x72, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x16, 0x0a, 0x06, 0x73,
+	0x63, 0x6f, 0x70, 0x65, 0x73, 0x18, 0x1a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x73, 0x63, 0x6f,
+	0x70, 0x65, 0x73, 0x12, 0x33, 0x0a, 0x13, 0x69, 0x64, 0x70, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x09,
+	0x48, 0x18, 0x52, 0x11, 0x69, 0x64, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x61, 0x0a, 0x1d, 0x69, 0x64, 0x70, 0x5f,
+	0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+	0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x19, 0x52, 0x1a, 0x69, 0x64,
+	0x70, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x44, 0x69, 0x72, 0x65, 0x63, 0x74, 0x6f, 0x72,
+	0x79, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x88, 0x01, 0x01, 0x12, 0x63, 0x0a, 0x1e, 0x69,
+	0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63,
+	0x74, 0x6f, 0x72, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x1d, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x1a,
+	0x52, 0x1b, 0x69, 0x64, 0x70, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x44, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x6f, 0x72, 0x79, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x88, 0x01, 0x01,
+	0x12, 0x53, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x70, 0x61, 0x72, 0x61,
+	0x6d, 0x73, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x70, 0x6f, 0x6d, 0x65, 0x72,
+	0x69, 0x75, 0x6d, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69,
+	0x6e, 0x67, 0x73, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d,
+	0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0d, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50,
+	0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x69, 0x73,
+	0x74, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x1f, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0e, 0x61,
+	0x64, 0x6d, 0x69, 0x6e, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x3f, 0x0a,
+	0x19, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x6d, 0x70,
+	0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x3d, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x1b, 0x52, 0x17, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x55, 0x73, 0x65, 0x72, 0x49, 0x6d,
+	0x70, 0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x37,
+	0x0a, 0x15, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x20, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1c, 0x52,
+	0x13, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x3f, 0x0a, 0x19, 0x6f, 0x76, 0x65, 0x72, 0x72,
+	0x69, 0x64, 0x65, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x21, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1d, 0x52, 0x17, 0x6f, 0x76,
+	0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x65, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x38, 0x0a, 0x15, 0x63, 0x65, 0x72, 0x74,
 	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
-	0x79, 0x42, 0x1d, 0x0a, 0x1b, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+	0x79, 0x18, 0x22, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1e, 0x52, 0x14, 0x63, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x88,
+	0x01, 0x01, 0x12, 0x41, 0x0a, 0x1a, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
 	0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x66, 0x69, 0x6c, 0x65,
-	0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x6b, 0x65, 0x79,
-	0x42, 0x13, 0x0a, 0x11, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x63, 0x6f, 0x6f,
-	0x6c, 0x64, 0x6f, 0x77, 0x6e, 0x42, 0x1b, 0x0a, 0x19, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c,
-	0x74, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f,
-	0x75, 0x74, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x5f, 0x61,
-	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x13, 0x0a, 0x11, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x69,
-	0x6e, 0x67, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x42, 0x16, 0x0a, 0x14, 0x5f,
+	0x18, 0x23, 0x20, 0x01, 0x28, 0x09, 0x48, 0x1f, 0x52, 0x18, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x46, 0x69,
+	0x6c, 0x65, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67,
+	0x5f, 0x6b, 0x65, 0x79, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09, 0x48, 0x20, 0x52, 0x0a, 0x73, 0x69,
+	0x67, 0x6e, 0x69, 0x6e, 0x67, 0x4b, 0x65, 0x79, 0x88, 0x01, 0x01, 0x12, 0x2c, 0x0a, 0x12, 0x6a,
+	0x77, 0x74, 0x5f, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
+	0x73, 0x18, 0x25, 0x20, 0x03, 0x28, 0x09, 0x52, 0x10, 0x6a, 0x77, 0x74, 0x43, 0x6c, 0x61, 0x69,
+	0x6d, 0x73, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x49, 0x0a, 0x10, 0x72, 0x65, 0x66,
+	0x72, 0x65, 0x73, 0x68, 0x5f, 0x63, 0x6f, 0x6f, 0x6c, 0x64, 0x6f, 0x77, 0x6e, 0x18, 0x26, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x21,
+	0x52, 0x0f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x43, 0x6f, 0x6f, 0x6c, 0x64, 0x6f, 0x77,
+	0x6e, 0x88, 0x01, 0x01, 0x12, 0x58, 0x0a, 0x18, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f,
+	0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
+	0x18, 0x27, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x48, 0x22, 0x52, 0x16, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x55, 0x70, 0x73, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x88, 0x01, 0x01, 0x12, 0x2c,
+	0x0a, 0x0f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
+	0x73, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x48, 0x23, 0x52, 0x0e, 0x6d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x73, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01, 0x01, 0x12, 0x2e, 0x0a, 0x10,
+	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x18, 0x29, 0x20, 0x01, 0x28, 0x09, 0x48, 0x24, 0x52, 0x0f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e,
+	0x67, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x33, 0x0a, 0x13,
 	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x72,
-	0x61, 0x74, 0x65, 0x42, 0x24, 0x0a, 0x22, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f,
-	0x6a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72,
-	0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x20, 0x0a, 0x1e, 0x5f, 0x74, 0x72,
-	0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x6a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65,
-	0x6e, 0x74, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x1a, 0x0a, 0x18, 0x5f,
-	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x65,
-	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x67, 0x72, 0x70, 0x63,
-	0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x67, 0x72, 0x70,
-	0x63, 0x5f, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42, 0x13, 0x0a, 0x11, 0x5f, 0x66,
-	0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x75, 0x72, 0x6c, 0x42,
-	0x14, 0x0a, 0x12, 0x5f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x19, 0x0a, 0x17, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72,
-	0x6f, 0x6b, 0x65, 0x72, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c,
-	0x42, 0x0c, 0x0a, 0x0a, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x42, 0x11,
-	0x0a, 0x0f, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x5f, 0x66, 0x69, 0x6c,
-	0x65, 0x42, 0x39, 0x0a, 0x37, 0x5f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x6f,
-	0x75, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x6c, 0x65, 0x73, 0x73, 0x5f, 0x61, 0x75,
-	0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x42, 0x0b, 0x0a, 0x09,
-	0x5f, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x42, 0x17, 0x0a, 0x15, 0x5f, 0x61, 0x75,
-	0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x75, 0x73, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x67, 0x69,
-	0x6e, 0x67, 0x42, 0x17, 0x0a, 0x15, 0x5f, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f,
-	0x6d, 0x75, 0x73, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x42, 0x0f, 0x0a, 0x0d, 0x5f,
-	0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x64, 0x69, 0x72, 0x42, 0x2e, 0x5a, 0x2c,
-	0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72,
-	0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67,
-	0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x62, 0x06, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x33,
+	0x61, 0x74, 0x65, 0x18, 0x2a, 0x20, 0x01, 0x28, 0x01, 0x48, 0x25, 0x52, 0x11, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x52, 0x61, 0x74, 0x65, 0x88, 0x01,
+	0x01, 0x12, 0x4e, 0x0a, 0x21, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x6a, 0x61, 0x65,
+	0x67, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x2b, 0x20, 0x01, 0x28, 0x09, 0x48, 0x26, 0x52, 0x1e,
+	0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x4a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x43, 0x6f, 0x6c,
+	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x88, 0x01,
+	0x01, 0x12, 0x46, 0x0a, 0x1d, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x6a, 0x61, 0x65,
+	0x67, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x48, 0x27, 0x52, 0x1a, 0x74, 0x72, 0x61, 0x63,
+	0x69, 0x6e, 0x67, 0x4a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x3b, 0x0a, 0x17, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x5f, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x48, 0x28, 0x52, 0x15, 0x74, 0x72,
+	0x61, 0x63, 0x69, 0x6e, 0x67, 0x5a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x45, 0x6e, 0x64, 0x70, 0x6f,
+	0x69, 0x6e, 0x74, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x61,
+	0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x2e, 0x20, 0x01, 0x28, 0x09, 0x48, 0x29, 0x52, 0x0b,
+	0x67, 0x72, 0x70, 0x63, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x88, 0x01, 0x01, 0x12, 0x28,
+	0x0a, 0x0d, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x18,
+	0x2f, 0x20, 0x01, 0x28, 0x08, 0x48, 0x2a, 0x52, 0x0c, 0x67, 0x72, 0x70, 0x63, 0x49, 0x6e, 0x73,
+	0x65, 0x63, 0x75, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, 0x5d, 0x0a, 0x1e, 0x67, 0x72, 0x70, 0x63,
+	0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e,
+	0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x67, 0x65, 0x18, 0x30, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x1a, 0x67, 0x72, 0x70,
+	0x63, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4d, 0x61, 0x78, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63,
+	0x74, 0x69, 0x6f, 0x6e, 0x41, 0x67, 0x65, 0x12, 0x68, 0x0a, 0x24, 0x67, 0x72, 0x70, 0x63, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x78, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65,
+	0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x67, 0x65, 0x5f, 0x67, 0x72, 0x61, 0x63, 0x65, 0x18,
+	0x31, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x52, 0x1f, 0x67, 0x72, 0x70, 0x63, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4d, 0x61, 0x78, 0x43,
+	0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x67, 0x65, 0x47, 0x72, 0x61, 0x63,
+	0x65, 0x12, 0x2d, 0x0a, 0x10, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x5f, 0x61, 0x75, 0x74,
+	0x68, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x32, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2b, 0x52, 0x0e, 0x66,
+	0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x41, 0x75, 0x74, 0x68, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01,
+	0x12, 0x2f, 0x0a, 0x11, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x33, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2c, 0x52, 0x0f, 0x63,
+	0x61, 0x63, 0x68, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88, 0x01,
+	0x01, 0x12, 0x39, 0x0a, 0x16, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72, 0x6f, 0x6b, 0x65, 0x72, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x34, 0x20, 0x01, 0x28,
+	0x09, 0x48, 0x2d, 0x52, 0x14, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72, 0x6f, 0x6b, 0x65, 0x72, 0x53,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x55, 0x72, 0x6c, 0x88, 0x01, 0x01, 0x12, 0x20, 0x0a, 0x09,
+	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x18, 0x35, 0x20, 0x01, 0x28, 0x09, 0x48,
+	0x2e, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x61, 0x88, 0x01, 0x01, 0x12, 0x29,
+	0x0a, 0x0e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x5f, 0x66, 0x69, 0x6c, 0x65,
+	0x18, 0x36, 0x20, 0x01, 0x28, 0x09, 0x48, 0x2f, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x43, 0x61, 0x46, 0x69, 0x6c, 0x65, 0x88, 0x01, 0x01, 0x12, 0x76, 0x0a, 0x36, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
+	0x6c, 0x65, 0x73, 0x73, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f,
+	0x75, 0x6e, 0x74, 0x18, 0x37, 0x20, 0x01, 0x28, 0x09, 0x48, 0x30, 0x52, 0x31, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x6c, 0x65,
+	0x73, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x88, 0x01,
+	0x01, 0x12, 0x1f, 0x0a, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x38, 0x20,
+	0x01, 0x28, 0x08, 0x48, 0x31, 0x52, 0x08, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x88,
+	0x01, 0x01, 0x12, 0x35, 0x0a, 0x14, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x75,
+	0x73, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x18, 0x39, 0x20, 0x01, 0x28, 0x08,
+	0x48, 0x32, 0x52, 0x12, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x55, 0x73, 0x65, 0x53,
+	0x74, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x88, 0x01, 0x01, 0x12, 0x35, 0x0a, 0x14, 0x61, 0x75, 0x74,
+	0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x6d, 0x75, 0x73, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c,
+	0x65, 0x18, 0x3a, 0x20, 0x01, 0x28, 0x08, 0x48, 0x33, 0x52, 0x12, 0x61, 0x75, 0x74, 0x6f, 0x63,
+	0x65, 0x72, 0x74, 0x4d, 0x75, 0x73, 0x74, 0x53, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x88, 0x01, 0x01,
+	0x12, 0x26, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x64, 0x69, 0x72,
+	0x18, 0x3b, 0x20, 0x01, 0x28, 0x09, 0x48, 0x34, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65,
+	0x72, 0x74, 0x44, 0x69, 0x72, 0x88, 0x01, 0x01, 0x1a, 0x81, 0x01, 0x0a, 0x0b, 0x43, 0x65, 0x72,
+	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x65, 0x72, 0x74,
+	0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x65, 0x72,
+	0x74, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x66, 0x69, 0x6c,
+	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x46, 0x69, 0x6c, 0x65,
+	0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12,
+	0x1b, 0x0a, 0x09, 0x6b, 0x65, 0x79, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0c, 0x52, 0x08, 0x6b, 0x65, 0x79, 0x42, 0x79, 0x74, 0x65, 0x73, 0x1a, 0x40, 0x0a, 0x12,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x45, 0x6e, 0x74,
+	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x08,
+	0x0a, 0x06, 0x5f, 0x64, 0x65, 0x62, 0x75, 0x67, 0x42, 0x0c, 0x0a, 0x0a, 0x5f, 0x6c, 0x6f, 0x67,
+	0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79,
+	0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x73,
+	0x68, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x0b, 0x0a, 0x09,
+	0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x42, 0x0a, 0x0a, 0x08, 0x5f, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x12, 0x0a, 0x10, 0x5f, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75,
+	0x72, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x64, 0x6e,
+	0x73, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x42,
+	0x15, 0x0a, 0x13, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63,
+	0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f,
+	0x75, 0x74, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x6f, 0x75, 0x74, 0x5f, 0x77, 0x72, 0x69, 0x74, 0x65, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x74, 0x69,
+	0x6d, 0x65, 0x6f, 0x75, 0x74, 0x5f, 0x69, 0x64, 0x6c, 0x65, 0x42, 0x1b, 0x0a, 0x19, 0x5f, 0x61,
+	0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76,
+	0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x1d, 0x0a, 0x1b, 0x5f, 0x61, 0x75, 0x74, 0x68,
+	0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63,
+	0x6b, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69,
+	0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69,
+	0x65, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63, 0x6f, 0x6f,
+	0x6b, 0x69, 0x65, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63,
+	0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42, 0x13, 0x0a, 0x11,
+	0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6f, 0x6e, 0x6c,
+	0x79, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x5f, 0x65, 0x78, 0x70,
+	0x69, 0x72, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x5f, 0x69, 0x64, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x63, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x42, 0x0f, 0x0a, 0x0d, 0x5f,
+	0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x42, 0x13, 0x0a, 0x11,
+	0x5f, 0x69, 0x64, 0x70, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x75, 0x72,
+	0x6c, 0x42, 0x16, 0x0a, 0x14, 0x5f, 0x69, 0x64, 0x70, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x42, 0x20, 0x0a, 0x1e, 0x5f, 0x69, 0x64,
+	0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74,
+	0x6f, 0x72, 0x79, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x21, 0x0a, 0x1f, 0x5f,
+	0x69, 0x64, 0x70, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x64, 0x69, 0x72, 0x65,
+	0x63, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x42, 0x1c,
+	0x0a, 0x1a, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69,
+	0x6d, 0x70, 0x65, 0x72, 0x73, 0x6f, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x18, 0x0a, 0x16,
+	0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x1c, 0x0a, 0x1a, 0x5f, 0x6f, 0x76, 0x65, 0x72, 0x72,
+	0x69, 0x64, 0x65, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x42, 0x18, 0x0a, 0x16, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
+	0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x42, 0x1d,
+	0x0a, 0x1b, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x61,
+	0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x42, 0x0e, 0x0a,
+	0x0c, 0x5f, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x6b, 0x65, 0x79, 0x42, 0x13, 0x0a,
+	0x11, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x63, 0x6f, 0x6f, 0x6c, 0x64, 0x6f,
+	0x77, 0x6e, 0x42, 0x1b, 0x0a, 0x19, 0x5f, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x75,
+	0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42,
+	0x12, 0x0a, 0x10, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x5f, 0x61, 0x64, 0x64, 0x72,
+	0x65, 0x73, 0x73, 0x42, 0x13, 0x0a, 0x11, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f,
+	0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x42, 0x16, 0x0a, 0x14, 0x5f, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x5f, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x72, 0x61, 0x74, 0x65,
+	0x42, 0x24, 0x0a, 0x22, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x69, 0x6e, 0x67, 0x5f, 0x6a, 0x61, 0x65,
+	0x67, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x65, 0x6e,
+	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x20, 0x0a, 0x1e, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x69,
+	0x6e, 0x67, 0x5f, 0x6a, 0x61, 0x65, 0x67, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f,
+	0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x1a, 0x0a, 0x18, 0x5f, 0x74, 0x72, 0x61,
+	0x63, 0x69, 0x6e, 0x67, 0x5f, 0x7a, 0x69, 0x70, 0x6b, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x61, 0x64,
+	0x64, 0x72, 0x65, 0x73, 0x73, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x69,
+	0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42, 0x13, 0x0a, 0x11, 0x5f, 0x66, 0x6f, 0x72, 0x77,
+	0x61, 0x72, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x14, 0x0a, 0x12,
+	0x5f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75,
+	0x72, 0x6c, 0x42, 0x19, 0x0a, 0x17, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x62, 0x72, 0x6f, 0x6b, 0x65,
+	0x72, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x42, 0x0c, 0x0a,
+	0x0a, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x42, 0x11, 0x0a, 0x0f, 0x5f,
+	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x61, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x42, 0x39,
+	0x0a, 0x37, 0x5f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x5f,
+	0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x6c, 0x65, 0x73, 0x73, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65,
+	0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x61, 0x75,
+	0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x42, 0x17, 0x0a, 0x15, 0x5f, 0x61, 0x75, 0x74, 0x6f, 0x63,
+	0x65, 0x72, 0x74, 0x5f, 0x75, 0x73, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x42,
+	0x17, 0x0a, 0x15, 0x5f, 0x61, 0x75, 0x74, 0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x6d, 0x75, 0x73,
+	0x74, 0x5f, 0x73, 0x74, 0x61, 0x70, 0x6c, 0x65, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x61, 0x75, 0x74,
+	0x6f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x64, 0x69, 0x72, 0x42, 0x2e, 0x5a, 0x2c, 0x67, 0x69, 0x74,
+	0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d,
+	0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x67, 0x72,
+	0x70, 0x63, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x33,
 }
 
 var (
@@ -1492,40 +1537,47 @@ func file_config_proto_rawDescGZIP() []byte {
 	return file_config_proto_rawDescData
 }
 
-var file_config_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
+var file_config_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
 var file_config_proto_goTypes = []interface{}{
 	(*Config)(nil),               // 0: pomerium.config.Config
 	(*Route)(nil),                // 1: pomerium.config.Route
 	(*Policy)(nil),               // 2: pomerium.config.Policy
 	(*Settings)(nil),             // 3: pomerium.config.Settings
-	nil,                          // 4: pomerium.config.Route.SetRequestHeadersEntry
-	(*Settings_Certificate)(nil), // 5: pomerium.config.Settings.Certificate
-	nil,                          // 6: pomerium.config.Settings.RequestParamsEntry
-	(*duration.Duration)(nil),    // 7: google.protobuf.Duration
+	nil,                          // 4: pomerium.config.Route.AllowedIdpClaimsEntry
+	nil,                          // 5: pomerium.config.Route.SetRequestHeadersEntry
+	nil,                          // 6: pomerium.config.Policy.AllowedIdpClaimsEntry
+	(*Settings_Certificate)(nil), // 7: pomerium.config.Settings.Certificate
+	nil,                          // 8: pomerium.config.Settings.RequestParamsEntry
+	(*duration.Duration)(nil),    // 9: google.protobuf.Duration
+	(*_struct.ListValue)(nil),    // 10: google.protobuf.ListValue
 }
 var file_config_proto_depIdxs = []int32{
 	1,  // 0: pomerium.config.Config.routes:type_name -> pomerium.config.Route
 	3,  // 1: pomerium.config.Config.settings:type_name -> pomerium.config.Settings
-	7,  // 2: pomerium.config.Route.timeout:type_name -> google.protobuf.Duration
-	4,  // 3: pomerium.config.Route.set_request_headers:type_name -> pomerium.config.Route.SetRequestHeadersEntry
-	2,  // 4: pomerium.config.Route.policies:type_name -> pomerium.config.Policy
-	5,  // 5: pomerium.config.Settings.certificates:type_name -> pomerium.config.Settings.Certificate
-	7,  // 6: pomerium.config.Settings.timeout_read:type_name -> google.protobuf.Duration
-	7,  // 7: pomerium.config.Settings.timeout_write:type_name -> google.protobuf.Duration
-	7,  // 8: pomerium.config.Settings.timeout_idle:type_name -> google.protobuf.Duration
-	7,  // 9: pomerium.config.Settings.cookie_expire:type_name -> google.protobuf.Duration
-	7,  // 10: pomerium.config.Settings.idp_refresh_directory_timeout:type_name -> google.protobuf.Duration
-	7,  // 11: pomerium.config.Settings.idp_refresh_directory_interval:type_name -> google.protobuf.Duration
-	6,  // 12: pomerium.config.Settings.request_params:type_name -> pomerium.config.Settings.RequestParamsEntry
-	7,  // 13: pomerium.config.Settings.refresh_cooldown:type_name -> google.protobuf.Duration
-	7,  // 14: pomerium.config.Settings.default_upstream_timeout:type_name -> google.protobuf.Duration
-	7,  // 15: pomerium.config.Settings.grpc_server_max_connection_age:type_name -> google.protobuf.Duration
-	7,  // 16: pomerium.config.Settings.grpc_server_max_connection_age_grace:type_name -> google.protobuf.Duration
-	17, // [17:17] is the sub-list for method output_type
-	17, // [17:17] is the sub-list for method input_type
-	17, // [17:17] is the sub-list for extension type_name
-	17, // [17:17] is the sub-list for extension extendee
-	0,  // [0:17] is the sub-list for field type_name
+	4,  // 2: pomerium.config.Route.allowed_idp_claims:type_name -> pomerium.config.Route.AllowedIdpClaimsEntry
+	9,  // 3: pomerium.config.Route.timeout:type_name -> google.protobuf.Duration
+	5,  // 4: pomerium.config.Route.set_request_headers:type_name -> pomerium.config.Route.SetRequestHeadersEntry
+	2,  // 5: pomerium.config.Route.policies:type_name -> pomerium.config.Policy
+	6,  // 6: pomerium.config.Policy.allowed_idp_claims:type_name -> pomerium.config.Policy.AllowedIdpClaimsEntry
+	7,  // 7: pomerium.config.Settings.certificates:type_name -> pomerium.config.Settings.Certificate
+	9,  // 8: pomerium.config.Settings.timeout_read:type_name -> google.protobuf.Duration
+	9,  // 9: pomerium.config.Settings.timeout_write:type_name -> google.protobuf.Duration
+	9,  // 10: pomerium.config.Settings.timeout_idle:type_name -> google.protobuf.Duration
+	9,  // 11: pomerium.config.Settings.cookie_expire:type_name -> google.protobuf.Duration
+	9,  // 12: pomerium.config.Settings.idp_refresh_directory_timeout:type_name -> google.protobuf.Duration
+	9,  // 13: pomerium.config.Settings.idp_refresh_directory_interval:type_name -> google.protobuf.Duration
+	8,  // 14: pomerium.config.Settings.request_params:type_name -> pomerium.config.Settings.RequestParamsEntry
+	9,  // 15: pomerium.config.Settings.refresh_cooldown:type_name -> google.protobuf.Duration
+	9,  // 16: pomerium.config.Settings.default_upstream_timeout:type_name -> google.protobuf.Duration
+	9,  // 17: pomerium.config.Settings.grpc_server_max_connection_age:type_name -> google.protobuf.Duration
+	9,  // 18: pomerium.config.Settings.grpc_server_max_connection_age_grace:type_name -> google.protobuf.Duration
+	10, // 19: pomerium.config.Route.AllowedIdpClaimsEntry.value:type_name -> google.protobuf.ListValue
+	10, // 20: pomerium.config.Policy.AllowedIdpClaimsEntry.value:type_name -> google.protobuf.ListValue
+	21, // [21:21] is the sub-list for method output_type
+	21, // [21:21] is the sub-list for method input_type
+	21, // [21:21] is the sub-list for extension type_name
+	21, // [21:21] is the sub-list for extension extendee
+	0,  // [0:21] is the sub-list for field type_name
 }
 
 func init() { file_config_proto_init() }
@@ -1582,7 +1634,7 @@ func file_config_proto_init() {
 				return nil
 			}
 		}
-		file_config_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+		file_config_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Settings_Certificate); i {
 			case 0:
 				return &v.state
@@ -1602,7 +1654,7 @@ func file_config_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_config_proto_rawDesc,
 			NumEnums:      0,
-			NumMessages:   7,
+			NumMessages:   9,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
diff --git a/pkg/grpc/config/config.proto b/pkg/grpc/config/config.proto
index c60eb8d15..5b00a498f 100644
--- a/pkg/grpc/config/config.proto
+++ b/pkg/grpc/config/config.proto
@@ -4,6 +4,7 @@ package pomerium.config;
 option go_package = "github.com/pomerium/pomerium/pkg/grpc/config";
 
 import "google/protobuf/duration.proto";
+import "google/protobuf/struct.proto";
 
 message Config {
   string name = 1;
@@ -20,6 +21,7 @@ message Route {
   repeated string allowed_users = 4 [ deprecated = true ];
   repeated string allowed_groups = 5 [ deprecated = true ];
   repeated string allowed_domains = 6 [ deprecated = true ];
+  map<string, google.protobuf.ListValue> allowed_idp_claims = 32 [ deprecated = true ];
 
   string prefix = 7;
   string path = 8;
@@ -62,6 +64,7 @@ message Policy {
   repeated string allowed_users = 3;
   repeated string allowed_groups = 4;
   repeated string allowed_domains = 5;
+  map<string, google.protobuf.ListValue> allowed_idp_claims = 7;
   repeated string rego = 6;
 }
 
diff --git a/pkg/grpc/session/session.go b/pkg/grpc/session/session.go
index 8459ec2d6..6fe126d7e 100644
--- a/pkg/grpc/session/session.go
+++ b/pkg/grpc/session/session.go
@@ -7,7 +7,9 @@ import (
 
 	"github.com/golang/protobuf/ptypes"
 	"google.golang.org/protobuf/types/known/anypb"
+	"google.golang.org/protobuf/types/known/structpb"
 
+	"github.com/pomerium/pomerium/internal/identity"
 	"github.com/pomerium/pomerium/pkg/grpc/databroker"
 )
 
@@ -57,3 +59,13 @@ func Set(ctx context.Context, client databroker.DataBrokerServiceClient, s *Sess
 	}
 	return res, nil
 }
+
+// AddClaims adds the flattened claims to the session.
+func (x *Session) AddClaims(claims identity.FlattenedClaims) {
+	if x.Claims == nil {
+		x.Claims = make(map[string]*structpb.ListValue)
+	}
+	for k, svs := range claims.ToPB() {
+		x.Claims[k] = svs
+	}
+}
diff --git a/pkg/grpc/session/session.pb.go b/pkg/grpc/session/session.pb.go
index 7074066dc..70036e597 100644
--- a/pkg/grpc/session/session.pb.go
+++ b/pkg/grpc/session/session.pb.go
@@ -8,7 +8,7 @@ package session
 
 import (
 	proto "github.com/golang/protobuf/proto"
-	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
 	timestamp "github.com/golang/protobuf/ptypes/timestamp"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
@@ -174,13 +174,13 @@ type Session struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 
-	Version    string               `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
-	Id         string               `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
-	UserId     string               `protobuf:"bytes,3,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
-	ExpiresAt  *timestamp.Timestamp `protobuf:"bytes,4,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
-	IdToken    *IDToken             `protobuf:"bytes,6,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"`
-	OauthToken *OAuthToken          `protobuf:"bytes,7,opt,name=oauth_token,json=oauthToken,proto3" json:"oauth_token,omitempty"`
-	Claims     map[string]*any.Any  `protobuf:"bytes,8,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	Version    string                        `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	Id         string                        `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
+	UserId     string                        `protobuf:"bytes,3,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
+	ExpiresAt  *timestamp.Timestamp          `protobuf:"bytes,4,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
+	IdToken    *IDToken                      `protobuf:"bytes,6,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"`
+	OauthToken *OAuthToken                   `protobuf:"bytes,7,opt,name=oauth_token,json=oauthToken,proto3" json:"oauth_token,omitempty"`
+	Claims     map[string]*_struct.ListValue `protobuf:"bytes,9,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
 }
 
 func (x *Session) Reset() {
@@ -257,7 +257,7 @@ func (x *Session) GetOauthToken() *OAuthToken {
 	return nil
 }
 
-func (x *Session) GetClaims() map[string]*any.Any {
+func (x *Session) GetClaims() map[string]*_struct.ListValue {
 	if x != nil {
 		return x.Claims
 	}
@@ -268,60 +268,60 @@ var File_session_proto protoreflect.FileDescriptor
 
 var file_session_proto_rawDesc = []byte{
 	0x0a, 0x0d, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
-	0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xaf, 0x01, 0x0a, 0x07, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
-	0x12, 0x16, 0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a,
-	0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65,
-	0x63, 0x74, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x37, 0x0a,
-	0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
-	0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x08, 0x69, 0x73,
-	0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x22, 0xae, 0x01, 0x0a, 0x0a, 0x4f, 0x41, 0x75, 0x74, 0x68,
-	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f,
-	0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63,
-	0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x74, 0x6f, 0x6b, 0x65,
-	0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x74, 0x6f,
-	0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72,
-	0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
-	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73,
-	0x41, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f,
-	0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65,
-	0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xf1, 0x02, 0x0a, 0x07, 0x53, 0x65, 0x73, 0x73,
-	0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a,
-	0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x17, 0x0a,
-	0x07, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
-	0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
-	0x73, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
-	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41,
-	0x74, 0x12, 0x2b, 0x0a, 0x08, 0x69, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x06, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x49, 0x44,
-	0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x07, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34,
-	0x0a, 0x0b, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x07, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x4f, 0x41,
-	0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x0a, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x54,
-	0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x08,
-	0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53,
-	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74,
-	0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43, 0x6c,
-	0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05, 0x76,
-	0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79,
-	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x2f, 0x5a, 0x2d, 0x67,
-	0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69,
-	0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f,
-	0x67, 0x72, 0x70, 0x63, 0x2f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x33,
+	0x07, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63,
+	0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xaf, 0x01, 0x0a, 0x07, 0x49, 0x44, 0x54, 0x6f,
+	0x6b, 0x65, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x73,
+	0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75,
+	0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73,
+	0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74,
+	0x12, 0x37, 0x0a, 0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
+	0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x22, 0xae, 0x01, 0x0a, 0x0a, 0x4f, 0x41,
+	0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
+	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x74,
+	0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x09, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78,
+	0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
+	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
+	0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69,
+	0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68,
+	0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65,
+	0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xf7, 0x02, 0x0a, 0x07, 0x53,
+	0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+	0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e,
+	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
+	0x12, 0x17, 0x0a, 0x07, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70,
+	0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72,
+	0x65, 0x73, 0x41, 0x74, 0x12, 0x2b, 0x0a, 0x08, 0x69, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x49, 0x44, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x07, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65,
+	0x6e, 0x12, 0x34, 0x0a, 0x0b, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
+	0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e,
+	0x2e, 0x4f, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x0a, 0x6f, 0x61, 0x75,
+	0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, 0x0a, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d,
+	0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f,
+	0x6e, 0x2e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73,
+	0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x55, 0x0a,
+	0x0b, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03,
+	0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x30,
+	0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x3a, 0x02, 0x38, 0x01, 0x42, 0x2f, 0x5a, 0x2d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65,
+	0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x73, 0x65,
+	0x73, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -343,7 +343,7 @@ var file_session_proto_goTypes = []interface{}{
 	(*Session)(nil),             // 2: session.Session
 	nil,                         // 3: session.Session.ClaimsEntry
 	(*timestamp.Timestamp)(nil), // 4: google.protobuf.Timestamp
-	(*any.Any)(nil),             // 5: google.protobuf.Any
+	(*_struct.ListValue)(nil),   // 5: google.protobuf.ListValue
 }
 var file_session_proto_depIdxs = []int32{
 	4, // 0: session.IDToken.expires_at:type_name -> google.protobuf.Timestamp
@@ -353,7 +353,7 @@ var file_session_proto_depIdxs = []int32{
 	0, // 4: session.Session.id_token:type_name -> session.IDToken
 	1, // 5: session.Session.oauth_token:type_name -> session.OAuthToken
 	3, // 6: session.Session.claims:type_name -> session.Session.ClaimsEntry
-	5, // 7: session.Session.ClaimsEntry.value:type_name -> google.protobuf.Any
+	5, // 7: session.Session.ClaimsEntry.value:type_name -> google.protobuf.ListValue
 	8, // [8:8] is the sub-list for method output_type
 	8, // [8:8] is the sub-list for method input_type
 	8, // [8:8] is the sub-list for extension type_name
diff --git a/pkg/grpc/session/session.proto b/pkg/grpc/session/session.proto
index 578f683ef..88b8547d2 100644
--- a/pkg/grpc/session/session.proto
+++ b/pkg/grpc/session/session.proto
@@ -3,8 +3,9 @@ syntax = "proto3";
 package session;
 option go_package = "github.com/pomerium/pomerium/pkg/grpc/session";
 
-import "google/protobuf/any.proto";
 import "google/protobuf/timestamp.proto";
+import "google/protobuf/struct.proto";
+
 
 message IDToken {
   string issuer = 1;
@@ -27,5 +28,5 @@ message Session {
   google.protobuf.Timestamp expires_at = 4;
   IDToken id_token = 6;
   OAuthToken oauth_token = 7;
-  map<string, google.protobuf.Any> claims = 8;
+  map<string, google.protobuf.ListValue> claims = 9;
 }
diff --git a/pkg/grpc/user/user.go b/pkg/grpc/user/user.go
index bb7f97716..84aebfe05 100644
--- a/pkg/grpc/user/user.go
+++ b/pkg/grpc/user/user.go
@@ -5,16 +5,16 @@ import (
 	context "context"
 	"fmt"
 
-	"github.com/golang/protobuf/ptypes"
 	"google.golang.org/protobuf/types/known/anypb"
+	"google.golang.org/protobuf/types/known/structpb"
 
-	"github.com/pomerium/pomerium/internal/protoutil"
+	"github.com/pomerium/pomerium/internal/identity"
 	"github.com/pomerium/pomerium/pkg/grpc/databroker"
 )
 
 // Get gets a user from the databroker.
 func Get(ctx context.Context, client databroker.DataBrokerServiceClient, userID string) (*User, error) {
-	any, _ := ptypes.MarshalAny(new(User))
+	any, _ := anypb.New(new(User))
 
 	res, err := client.Get(ctx, &databroker.GetRequest{
 		Type: any.GetTypeUrl(),
@@ -25,18 +25,13 @@ func Get(ctx context.Context, client databroker.DataBrokerServiceClient, userID
 	}
 
 	var u User
-	err = ptypes.UnmarshalAny(res.GetRecord().GetData(), &u)
+	err = res.GetRecord().GetData().UnmarshalTo(&u)
 	if err != nil {
 		return nil, fmt.Errorf("error unmarshaling user from databroker: %w", err)
 	}
 	return &u, nil
 }
 
-// GetClaim gets a claim.
-func (user *User) GetClaim(claim string) interface{} {
-	return protoutil.AnyToInterface(user.GetClaims()[claim])
-}
-
 // Set sets a user in the databroker.
 func Set(ctx context.Context, client databroker.DataBrokerServiceClient, u *User) (*databroker.Record, error) {
 	any, _ := anypb.New(u)
@@ -64,3 +59,13 @@ func SetServiceAccount(ctx context.Context, client databroker.DataBrokerServiceC
 	}
 	return res.GetRecord(), nil
 }
+
+// AddClaims adds the flattened claims to the user.
+func (x *User) AddClaims(claims identity.FlattenedClaims) {
+	if x.Claims == nil {
+		x.Claims = make(map[string]*structpb.ListValue)
+	}
+	for k, svs := range claims.ToPB() {
+		x.Claims[k] = svs
+	}
+}
diff --git a/pkg/grpc/user/user.pb.go b/pkg/grpc/user/user.pb.go
index e5d63e8ea..e7e5874c3 100644
--- a/pkg/grpc/user/user.pb.go
+++ b/pkg/grpc/user/user.pb.go
@@ -8,7 +8,7 @@ package user
 
 import (
 	proto "github.com/golang/protobuf/proto"
-	any "github.com/golang/protobuf/ptypes/any"
+	_struct "github.com/golang/protobuf/ptypes/struct"
 	timestamp "github.com/golang/protobuf/ptypes/timestamp"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
@@ -27,22 +27,77 @@ const (
 // of the legacy proto package is being used.
 const _ = proto.ProtoPackageIsVersion4
 
+type Claim struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Key    string   `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+	Values []string `protobuf:"bytes,2,rep,name=values,proto3" json:"values,omitempty"`
+}
+
+func (x *Claim) Reset() {
+	*x = Claim{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_user_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Claim) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Claim) ProtoMessage() {}
+
+func (x *Claim) ProtoReflect() protoreflect.Message {
+	mi := &file_user_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Claim.ProtoReflect.Descriptor instead.
+func (*Claim) Descriptor() ([]byte, []int) {
+	return file_user_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Claim) GetKey() string {
+	if x != nil {
+		return x.Key
+	}
+	return ""
+}
+
+func (x *Claim) GetValues() []string {
+	if x != nil {
+		return x.Values
+	}
+	return nil
+}
+
 type User struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 
-	Version string              `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
-	Id      string              `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
-	Name    string              `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
-	Email   string              `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"`
-	Claims  map[string]*any.Any `protobuf:"bytes,8,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
+	Version string                        `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	Id      string                        `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
+	Name    string                        `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+	Email   string                        `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"`
+	Claims  map[string]*_struct.ListValue `protobuf:"bytes,9,rep,name=claims,proto3" json:"claims,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
 }
 
 func (x *User) Reset() {
 	*x = User{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_user_proto_msgTypes[0]
+		mi := &file_user_proto_msgTypes[1]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -55,7 +110,7 @@ func (x *User) String() string {
 func (*User) ProtoMessage() {}
 
 func (x *User) ProtoReflect() protoreflect.Message {
-	mi := &file_user_proto_msgTypes[0]
+	mi := &file_user_proto_msgTypes[1]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -68,7 +123,7 @@ func (x *User) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use User.ProtoReflect.Descriptor instead.
 func (*User) Descriptor() ([]byte, []int) {
-	return file_user_proto_rawDescGZIP(), []int{0}
+	return file_user_proto_rawDescGZIP(), []int{1}
 }
 
 func (x *User) GetVersion() string {
@@ -99,7 +154,7 @@ func (x *User) GetEmail() string {
 	return ""
 }
 
-func (x *User) GetClaims() map[string]*any.Any {
+func (x *User) GetClaims() map[string]*_struct.ListValue {
 	if x != nil {
 		return x.Claims
 	}
@@ -120,7 +175,7 @@ type ServiceAccount struct {
 func (x *ServiceAccount) Reset() {
 	*x = ServiceAccount{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_user_proto_msgTypes[1]
+		mi := &file_user_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -133,7 +188,7 @@ func (x *ServiceAccount) String() string {
 func (*ServiceAccount) ProtoMessage() {}
 
 func (x *ServiceAccount) ProtoReflect() protoreflect.Message {
-	mi := &file_user_proto_msgTypes[1]
+	mi := &file_user_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -146,7 +201,7 @@ func (x *ServiceAccount) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use ServiceAccount.ProtoReflect.Descriptor instead.
 func (*ServiceAccount) Descriptor() ([]byte, []int) {
-	return file_user_proto_rawDescGZIP(), []int{1}
+	return file_user_proto_rawDescGZIP(), []int{2}
 }
 
 func (x *ServiceAccount) GetId() string {
@@ -181,39 +236,42 @@ var File_user_proto protoreflect.FileDescriptor
 
 var file_user_proto_rawDesc = []byte{
 	0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x04, 0x75, 0x73,
-	0x65, 0x72, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74,
-	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xdb,
-	0x01, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69,
-	0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
-	0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
-	0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2e, 0x0a, 0x06, 0x63,
-	0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x75, 0x73,
-	0x65, 0x72, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x2e, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e,
-	0x74, 0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x1a, 0x4f, 0x0a, 0x0b, 0x43,
-	0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65,
-	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x2a, 0x0a, 0x05,
-	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e,
-	0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xad, 0x01, 0x0a,
-	0x0e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12,
-	0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12,
-	0x17, 0x0a, 0x07, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69,
-	0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
-	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
-	0x73, 0x41, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74,
-	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x52, 0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x42, 0x2c, 0x5a, 0x2a,
-	0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72,
-	0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67,
-	0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x33,
+	0x65, 0x72, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x22, 0x31, 0x0a, 0x05, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65,
+	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x16, 0x0a, 0x06,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x73, 0x22, 0xe1, 0x01, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, 0x18, 0x0a,
+	0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07,
+	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65,
+	0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69,
+	0x6c, 0x12, 0x2e, 0x0a, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x16, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x2e, 0x43, 0x6c,
+	0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d,
+	0x73, 0x1a, 0x55, 0x0a, 0x0b, 0x43, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79,
+	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
+	0x65, 0x79, 0x12, 0x30, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x05, 0x76,
+	0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xad, 0x01, 0x0a, 0x0e, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69,
+	0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x17, 0x0a, 0x07, 0x75,
+	0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, 0x73,
+	0x65, 0x72, 0x49, 0x64, 0x12, 0x39, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f,
+	0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12,
+	0x37, 0x0a, 0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01,
+	0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x08,
+	0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x42, 0x2c, 0x5a, 0x2a, 0x67, 0x69, 0x74, 0x68,
+	0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f,
+	0x70, 0x6f, 0x6d, 0x65, 0x72, 0x69, 0x75, 0x6d, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x67, 0x72, 0x70,
+	0x63, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -228,19 +286,20 @@ func file_user_proto_rawDescGZIP() []byte {
 	return file_user_proto_rawDescData
 }
 
-var file_user_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
+var file_user_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
 var file_user_proto_goTypes = []interface{}{
-	(*User)(nil),                // 0: user.User
-	(*ServiceAccount)(nil),      // 1: user.ServiceAccount
-	nil,                         // 2: user.User.ClaimsEntry
-	(*timestamp.Timestamp)(nil), // 3: google.protobuf.Timestamp
-	(*any.Any)(nil),             // 4: google.protobuf.Any
+	(*Claim)(nil),               // 0: user.Claim
+	(*User)(nil),                // 1: user.User
+	(*ServiceAccount)(nil),      // 2: user.ServiceAccount
+	nil,                         // 3: user.User.ClaimsEntry
+	(*timestamp.Timestamp)(nil), // 4: google.protobuf.Timestamp
+	(*_struct.ListValue)(nil),   // 5: google.protobuf.ListValue
 }
 var file_user_proto_depIdxs = []int32{
-	2, // 0: user.User.claims:type_name -> user.User.ClaimsEntry
-	3, // 1: user.ServiceAccount.expires_at:type_name -> google.protobuf.Timestamp
-	3, // 2: user.ServiceAccount.issued_at:type_name -> google.protobuf.Timestamp
-	4, // 3: user.User.ClaimsEntry.value:type_name -> google.protobuf.Any
+	3, // 0: user.User.claims:type_name -> user.User.ClaimsEntry
+	4, // 1: user.ServiceAccount.expires_at:type_name -> google.protobuf.Timestamp
+	4, // 2: user.ServiceAccount.issued_at:type_name -> google.protobuf.Timestamp
+	5, // 3: user.User.ClaimsEntry.value:type_name -> google.protobuf.ListValue
 	4, // [4:4] is the sub-list for method output_type
 	4, // [4:4] is the sub-list for method input_type
 	4, // [4:4] is the sub-list for extension type_name
@@ -255,7 +314,7 @@ func file_user_proto_init() {
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_user_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*User); i {
+			switch v := v.(*Claim); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -267,6 +326,18 @@ func file_user_proto_init() {
 			}
 		}
 		file_user_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*User); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_user_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*ServiceAccount); i {
 			case 0:
 				return &v.state
@@ -285,7 +356,7 @@ func file_user_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_user_proto_rawDesc,
 			NumEnums:      0,
-			NumMessages:   3,
+			NumMessages:   4,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
diff --git a/pkg/grpc/user/user.proto b/pkg/grpc/user/user.proto
index 6a7823f68..9693ad666 100644
--- a/pkg/grpc/user/user.proto
+++ b/pkg/grpc/user/user.proto
@@ -3,15 +3,20 @@ syntax = "proto3";
 package user;
 option go_package = "github.com/pomerium/pomerium/pkg/grpc/user";
 
-import "google/protobuf/any.proto";
 import "google/protobuf/timestamp.proto";
+import "google/protobuf/struct.proto";
+
+message Claim {
+  string key = 1;
+  repeated string values = 2;
+}
 
 message User {
   string version = 1;
   string id = 2;
   string name = 3;
   string email = 4;
-  map<string, google.protobuf.Any> claims = 8;
+  map<string, google.protobuf.ListValue> claims = 9;
 }
 
 message ServiceAccount {
diff --git a/pkg/logutil/scrub_test.go b/pkg/logutil/scrub_test.go
index bd96dbd94..2382702d1 100644
--- a/pkg/logutil/scrub_test.go
+++ b/pkg/logutil/scrub_test.go
@@ -4,28 +4,21 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"google.golang.org/protobuf/types/known/anypb"
-	"google.golang.org/protobuf/types/known/wrapperspb"
 
 	"github.com/pomerium/pomerium/pkg/grpc/user"
 )
 
 func TestScrubber(t *testing.T) {
 	s := NewScrubber("pomerium").Whitelist("user.User", "version", "id")
-	c1, _ := anypb.New(wrapperspb.String("claim1"))
 	u := s.ScrubProto(&user.User{
 		Version: "v1",
 		Id:      "u1",
 		Name:    "name1",
 		Email:   "user@example.com",
-		Claims: map[string]*anypb.Any{
-			"key1": c1,
-		},
 	}).(*user.User)
 
 	assert.Equal(t, "v1", u.Version)
 	assert.Equal(t, "u1", u.Id)
 	assert.Equal(t, s.hmacString("name1"), u.Name)
 	assert.Equal(t, s.hmacString("user@example.com"), u.Email)
-	assert.Equal(t, s.hmacString("claim1"), u.GetClaim("key1"))
 }
diff --git a/pkg/protoutil/any.go b/pkg/protoutil/any.go
new file mode 100644
index 000000000..5df881e42
--- /dev/null
+++ b/pkg/protoutil/any.go
@@ -0,0 +1,108 @@
+package protoutil
+
+import (
+	"google.golang.org/protobuf/types/known/anypb"
+	"google.golang.org/protobuf/types/known/wrapperspb"
+)
+
+// ToAny converts any type into an any value.
+func ToAny(value interface{}) *anypb.Any {
+	switch v := value.(type) {
+	case bool:
+		return NewAnyBool(v)
+	case []byte:
+		return NewAnyBytes(v)
+	case float32:
+		return NewAnyFloat(v)
+	case float64:
+		return NewAnyDouble(v)
+	case int:
+		return NewAnyInt64(int64(v))
+	case int8:
+		return NewAnyInt32(int32(v))
+	case int16:
+		return NewAnyInt32(int32(v))
+	case int32:
+		return NewAnyInt32(v)
+	case int64:
+		return NewAnyInt64(v)
+	case string:
+		return NewAnyString(v)
+	case uint:
+		return NewAnyUInt64(uint64(v))
+	case uint8:
+		return NewAnyUInt32(uint32(v))
+	case uint16:
+		return NewAnyUInt32(uint32(v))
+	case uint32:
+		return NewAnyUInt32(v)
+	case uint64:
+		return NewAnyUInt64(v)
+	default:
+		a, err := anypb.New(ToStruct(value))
+		if err != nil {
+			return NewAnyNull()
+		}
+		return a
+	}
+}
+
+// NewAnyBool creates a new any type from a bool.
+func NewAnyBool(v bool) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Bool(v))
+	return a
+}
+
+// NewAnyBytes creates a new any type from bytes.
+func NewAnyBytes(v []byte) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Bytes(v))
+	return a
+}
+
+// NewAnyDouble creates a new any type from a float64.
+func NewAnyDouble(v float64) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Double(v))
+	return a
+}
+
+// NewAnyFloat creates a new any type from a float32.
+func NewAnyFloat(v float32) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Float(v))
+	return a
+}
+
+// NewAnyInt64 creates a new any type from an int64.
+func NewAnyInt64(v int64) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Int64(v))
+	return a
+}
+
+// NewAnyInt32 creates a new any type from an int32.
+func NewAnyInt32(v int32) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.Int32(v))
+	return a
+}
+
+// NewAnyNull creates a new any type from a null struct.
+func NewAnyNull() *anypb.Any {
+	a, _ := anypb.New(NewStructNull())
+	return a
+}
+
+// NewAnyString creates a new any type from a string.
+func NewAnyString(v string) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.String(v))
+	return a
+}
+
+// NewAnyUInt64 creates a new any type from an uint64.
+func NewAnyUInt64(v uint64) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.UInt64(v))
+	return a
+}
+
+// NewAnyUInt32 creates a new any type from an uint32.
+func NewAnyUInt32(v uint32) *anypb.Any {
+	a, _ := anypb.New(wrapperspb.UInt32(v))
+	return a
+}
diff --git a/pkg/protoutil/any_test.go b/pkg/protoutil/any_test.go
new file mode 100644
index 000000000..0cceea953
--- /dev/null
+++ b/pkg/protoutil/any_test.go
@@ -0,0 +1,87 @@
+package protoutil
+
+import (
+	"testing"
+
+	"github.com/pomerium/pomerium/internal/testutil"
+)
+
+func TestToAny(t *testing.T) {
+	testCases := []struct {
+		name   string
+		value  interface{}
+		expect string
+	}{
+		{"bool", true, `{
+			"@type": "type.googleapis.com/google.protobuf.BoolValue",
+			"value": true
+		}`},
+		{"float64", 1.2345, `{
+			"@type": "type.googleapis.com/google.protobuf.DoubleValue",
+			"value": 1.2345
+		}`},
+		{"float32", float32(0.4000000059604645), `{
+			"@type": "type.googleapis.com/google.protobuf.FloatValue",
+			"value": 0.4
+		}`},
+		{"int", int(1), `{
+			"@type": "type.googleapis.com/google.protobuf.Int64Value",
+			"value": "1"
+		}`},
+		{"int8", int8(1), `{
+			"@type": "type.googleapis.com/google.protobuf.Int32Value",
+			"value": 1
+		}`},
+		{"int16", int16(1), `{
+			"@type": "type.googleapis.com/google.protobuf.Int32Value",
+			"value": 1
+		}`},
+		{"int32", int32(1), `{
+			"@type": "type.googleapis.com/google.protobuf.Int32Value",
+			"value": 1
+		}`},
+		{"int64", int64(1), `{
+			"@type": "type.googleapis.com/google.protobuf.Int64Value",
+			"value": "1"
+		}`},
+		{"string", "test", `{
+			"@type": "type.googleapis.com/google.protobuf.StringValue",
+			"value": "test"
+		}`},
+		{"uint", uint(1), `{
+			"@type": "type.googleapis.com/google.protobuf.UInt64Value",
+			"value": "1"
+		}`},
+		{"uint8", uint8(1), `{
+			"@type": "type.googleapis.com/google.protobuf.UInt32Value",
+			"value": 1
+		}`},
+		{"uint16", uint16(1), `{
+			"@type": "type.googleapis.com/google.protobuf.UInt32Value",
+			"value": 1
+		}`},
+		{"uint32", uint32(1), `{
+			"@type": "type.googleapis.com/google.protobuf.UInt32Value",
+			"value": 1
+		}`},
+		{"uint64", uint64(1), `{
+			"@type": "type.googleapis.com/google.protobuf.UInt64Value",
+			"value": "1"
+		}`},
+		{"[]interface{}", []interface{}{1, 2, 3, 4}, `{
+			"@type": "type.googleapis.com/google.protobuf.Value",
+			"value": [1,2,3,4]
+		}`},
+		{"map[string]interface{}", map[string]interface{}{"k1": "v1", "k2": "v2"}, `{
+			"@type": "type.googleapis.com/google.protobuf.Value",
+			"value": {"k1": "v1", "k2": "v2"}
+		}`},
+	}
+	for _, tc := range testCases {
+		tc := tc
+		t.Run(tc.name, func(t *testing.T) {
+			actual := ToAny(tc.value)
+			testutil.AssertProtoJSONEqual(t, tc.expect, actual)
+		})
+	}
+}
diff --git a/pkg/protoutil/struct.go b/pkg/protoutil/struct.go
new file mode 100644
index 000000000..6d7a5f620
--- /dev/null
+++ b/pkg/protoutil/struct.go
@@ -0,0 +1,108 @@
+// Package protoutil contains functions for working with protobuf types.
+package protoutil
+
+import (
+	"fmt"
+	"reflect"
+
+	"google.golang.org/protobuf/types/known/structpb"
+)
+
+// ToStruct converts any value into a structpb Value.
+func ToStruct(value interface{}) *structpb.Value {
+	if value == nil {
+		return NewStructNull()
+	}
+
+	switch v := value.(type) {
+	case bool:
+		return NewStructBool(v)
+	case float64:
+		return NewStructNumber(v)
+	case float32:
+		return NewStructNumber(float64(v))
+	case int:
+		return NewStructNumber(float64(v))
+	case int8:
+		return NewStructNumber(float64(v))
+	case int16:
+		return NewStructNumber(float64(v))
+	case int32:
+		return NewStructNumber(float64(v))
+	case int64:
+		return NewStructNumber(float64(v))
+	case string:
+		return NewStructString(v)
+	case uint:
+		return NewStructNumber(float64(v))
+	case uint8:
+		return NewStructNumber(float64(v))
+	case uint16:
+		return NewStructNumber(float64(v))
+	case uint32:
+		return NewStructNumber(float64(v))
+	case uint64:
+		return NewStructNumber(float64(v))
+	}
+
+	rv := reflect.ValueOf(value)
+	switch rv.Kind() {
+	case reflect.Slice:
+		svs := make([]*structpb.Value, rv.Len())
+		for i := range svs {
+			svs[i] = ToStruct(rv.Index(i).Interface())
+		}
+		return NewStructList(svs...)
+	case reflect.Map:
+		svm := make(map[string]*structpb.Value)
+		iter := rv.MapRange()
+		for iter.Next() {
+			svm[fmt.Sprint(iter.Key().Interface())] = ToStruct(iter.Value().Interface())
+		}
+		return NewStructMap(svm)
+	}
+
+	return NewStructNull()
+}
+
+// NewStructBool creates a new bool struct value.
+func NewStructBool(v bool) *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_BoolValue{BoolValue: v},
+	}
+}
+
+// NewStructMap creates a new map struct value.
+func NewStructMap(v map[string]*structpb.Value) *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_StructValue{StructValue: &structpb.Struct{Fields: v}},
+	}
+}
+
+// NewStructNull creates a new null struct value.
+func NewStructNull() *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_NullValue{},
+	}
+}
+
+// NewStructNumber creates a new number struct value.
+func NewStructNumber(v float64) *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_NumberValue{NumberValue: v},
+	}
+}
+
+// NewStructList creates a new list struct value.
+func NewStructList(vs ...*structpb.Value) *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_ListValue{ListValue: &structpb.ListValue{Values: vs}},
+	}
+}
+
+// NewStructString creates a new string struct value.
+func NewStructString(v string) *structpb.Value {
+	return &structpb.Value{
+		Kind: &structpb.Value_StringValue{StringValue: v},
+	}
+}
diff --git a/pkg/protoutil/struct_test.go b/pkg/protoutil/struct_test.go
new file mode 100644
index 000000000..0844f0c72
--- /dev/null
+++ b/pkg/protoutil/struct_test.go
@@ -0,0 +1,39 @@
+package protoutil
+
+import (
+	"testing"
+
+	"github.com/pomerium/pomerium/internal/testutil"
+)
+
+func TestToValue(t *testing.T) {
+	testCases := []struct {
+		name   string
+		value  interface{}
+		expect string
+	}{
+		{"bool", true, "true"},
+		{"float64", 1.2345, "1.2345"},
+		{"float32", float32(0.4000000059604645), "0.4000000059604645"},
+		{"int", int(1), "1"},
+		{"int8", int8(1), "1"},
+		{"int16", int16(1), "1"},
+		{"int32", int32(1), "1"},
+		{"int64", int64(1), "1"},
+		{"string", "test", `"test"`},
+		{"uint", uint(1), "1"},
+		{"uint8", uint8(1), "1"},
+		{"uint16", uint16(1), "1"},
+		{"uint32", uint32(1), "1"},
+		{"uint64", uint64(1), "1"},
+		{"[]interface{}", []interface{}{1, 2, 3, 4}, `[1,2,3,4]`},
+		{"map[string]interface{}", map[string]interface{}{"k1": "v1", "k2": "v2"}, `{"k1":"v1","k2":"v2"}`},
+	}
+	for _, tc := range testCases {
+		tc := tc
+		t.Run(tc.name, func(t *testing.T) {
+			actual := ToStruct(tc.value)
+			testutil.AssertProtoJSONEqual(t, tc.expect, actual)
+		})
+	}
+}