diff --git a/services/identity/src/service.rs b/services/identity/src/service.rs
--- a/services/identity/src/service.rs
+++ b/services/identity/src/service.rs
@@ -1,7 +1,9 @@
 use futures_core::Stream;
 use opaque_ke::{
-  errors::ProtocolError, RegistrationRequest as PakeRegistrationRequest,
-  RegistrationUpload, ServerRegistration,
+  errors::ProtocolError, CredentialRequest,
+  RegistrationRequest as PakeRegistrationRequest, RegistrationUpload,
+  ServerLogin, ServerLoginStartParameters, ServerLoginStartResult,
+  ServerRegistration,
 };
 use rand::{CryptoRng, Rng};
 use std::pin::Pin;
@@ -107,6 +109,29 @@
       .map_err(Error::Database)?;
     Ok(())
   }
+
+  async fn pake_login_start(
+    &self,
+    user_id: String,
+    pake_credential_request: &Vec<u8>,
+    rng: &mut (impl Rng + CryptoRng),
+  ) -> Result<ServerLoginStartResult<Cipher>, Error> {
+    let server_registration =
+      self.client.get_pake_registration(user_id).await?;
+    let pake_credential_request =
+      CredentialRequest::deserialize(pake_credential_request)?;
+    match server_registration {
+      None => Err(Error::MissingRegistration),
+      Some(registration) => ServerLogin::start(
+        rng,
+        registration,
+        &self.config.server_secret_key,
+        pake_credential_request,
+        ServerLoginStartParameters::default(),
+      )
+      .map_err(Error::Pake),
+    }
+  }
 }
 
 #[derive(
@@ -119,4 +144,6 @@
   Channel(SendError<Result<RegistrationResponse, Status>>),
   #[display(...)]
   Database(DatabaseError),
+  #[display(...)]
+  MissingRegistration,
 }