diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs
--- a/services/identity/src/client_service.rs
+++ b/services/identity/src/client_service.rs
@@ -11,14 +11,14 @@
     InboundKeysForUserResponse, OpaqueLoginFinishRequest,
     OpaqueLoginFinishResponse, OpaqueLoginStartRequest,
     OpaqueLoginStartResponse, OutboundKeysForUserRequest,
-    OutboundKeysForUserResponse, OutboundKeyserverResponse,
-    RefreshUserPreKeysRequest, RegistrationFinishRequest,
-    RegistrationFinishResponse, RegistrationStartRequest,
-    RegistrationStartResponse, RemoveReservedUsernameRequest,
-    ReservedRegistrationStartRequest, UpdateUserPasswordFinishRequest,
-    UpdateUserPasswordStartRequest, UpdateUserPasswordStartResponse,
-    UploadOneTimeKeysRequest, VerifyUserAccessTokenRequest,
-    VerifyUserAccessTokenResponse, WalletLoginRequest, WalletLoginResponse,
+    OutboundKeysForUserResponse, RefreshUserPreKeysRequest,
+    RegistrationFinishRequest, RegistrationFinishResponse,
+    RegistrationStartRequest, RegistrationStartResponse,
+    RemoveReservedUsernameRequest, ReservedRegistrationStartRequest,
+    UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest,
+    UpdateUserPasswordStartResponse, UploadOneTimeKeysRequest,
+    VerifyUserAccessTokenRequest, VerifyUserAccessTokenResponse,
+    WalletLoginRequest, WalletLoginResponse,
   },
   config::CONFIG,
   database::{DatabaseClient, Error as DBError, KeyPayload},
@@ -747,13 +747,6 @@
     unimplemented!();
   }
 
-  async fn get_keyserver_keys(
-    &self,
-    _request: tonic::Request<OutboundKeysForUserRequest>,
-  ) -> Result<tonic::Response<OutboundKeyserverResponse>, tonic::Status> {
-    unimplemented!();
-  }
-
   async fn upload_one_time_keys(
     &self,
     request: tonic::Request<UploadOneTimeKeysRequest>,
diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs
--- a/services/identity/src/grpc_services/authenticated.rs
+++ b/services/identity/src/grpc_services/authenticated.rs
@@ -11,8 +11,8 @@
   tonic::include_proto!("identity.authenticated");
 }
 use auth_proto::{
-  identity_client_service_server::IdentityClientService,
-  RefreshUserPreKeysRequest,
+  identity_client_service_server::IdentityClientService, KeyserverKeysResponse,
+  OutboundKeysForUserRequest, RefreshUserPreKeysRequest,
 };
 use client::Empty;
 use tracing::debug;
@@ -105,4 +105,11 @@
     let response = Response::new(Empty {});
     Ok(response)
   }
+
+  async fn get_keyserver_keys(
+    &self,
+    _request: Request<OutboundKeysForUserRequest>,
+  ) -> Result<Response<KeyserverKeysResponse>, Status> {
+    unimplemented!();
+  }
 }
diff --git a/shared/protos/identity_authenticated.proto b/shared/protos/identity_authenticated.proto
--- a/shared/protos/identity_authenticated.proto
+++ b/shared/protos/identity_authenticated.proto
@@ -15,6 +15,11 @@
   // Rotated for deniability of older messages
   rpc RefreshUserPreKeys(RefreshUserPreKeysRequest)
     returns (identity.client.Empty) {}
+
+  // Called by clients to get required keys for opening a connection
+  // to a user's keyserver
+  rpc GetKeyserverKeys(OutboundKeysForUserRequest) returns
+    (KeyserverKeysResponse) {}
 }
 
 // Helper types
@@ -25,3 +30,25 @@
   identity.client.PreKey newContentPreKeys = 1;
   identity.client.PreKey newNotifPreKeys = 2;
 }
+
+// Information needed when establishing communication to someone else's device
+message OutboundKeyInfo {
+  identity.client.IdentityKeyInfo identityInfo = 1;
+  identity.client.PreKey contentPrekey = 2;
+  identity.client.PreKey notifPrekey = 3;
+  optional string onetimeContentPrekey = 4;
+  optional string onetimeNotifPrekey = 5;
+}
+
+message KeyserverKeysResponse {
+  optional OutboundKeyInfo keyserverInfo = 1;
+}
+
+// Information needed by a device to establish communcation when responding
+// to a request.
+// The device receiving a request only needs the content key and prekey.
+message OutboundKeysForUserRequest {
+  string userID = 1;
+}
+
+
diff --git a/shared/protos/identity_client.proto b/shared/protos/identity_client.proto
--- a/shared/protos/identity_client.proto
+++ b/shared/protos/identity_client.proto
@@ -51,10 +51,6 @@
   // device, but will not contain one-time keys.
   rpc GetInboundKeysForUser(InboundKeysForUserRequest) returns
     (InboundKeysForUserResponse) {}
-  // Called by clients to get required keys for opening a connection
-  // to a user's keyserver
-  rpc GetKeyserverKeys(OutboundKeysForUserRequest) returns
-    (OutboundKeyserverResponse) {}
   // Replenish one-time preKeys
   rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {}
   // Rotate a devices preKey and preKey signature
@@ -301,14 +297,6 @@
   map<string, InboundKeyInfo> devices = 1;
 }
 
-// GetKeyserverKeys
-
-// If a user owns a keyserver, return the information needed to initiate a
-// connection.
-message OutboundKeyserverResponse {
-  optional OutboundKeyInfo keyserverInfo = 1;
-}
-
 // UploadOneTimeKeys
 
 // As OPKs get exhausted, they need to be refreshed