diff --git a/aruna/api/notification/services/v2/notification_service.proto b/aruna/api/notification/services/v2/notification_service.proto
index 9b29fbdc..f9840962 100644
--- a/aruna/api/notification/services/v2/notification_service.proto
+++ b/aruna/api/notification/services/v2/notification_service.proto
@@ -16,9 +16,9 @@ import "aruna/api/storage/models/v2/models.proto";
 // A service to receive events in the AOS storage
 service EventNotificationService {
 
-  // CreateEventStreamingGroup
+  // CreateStreamConsumer
   //
-  // Creates a new EventStreamingGroup
+  // Creates a new event stream consumer.
   rpc CreateStreamConsumer(CreateStreamConsumerRequest)
       returns (CreateStreamConsumerResponse) {}
 
@@ -47,9 +47,9 @@ service EventNotificationService {
 
   // DeleteEventStreamingGroup
   //
-  // Deletes a existing EventStreamingGroup by ID
-  rpc DeleteEventStreamingGroup(DeleteEventStreamingGroupRequest)
-      returns (DeleteEventStreamingGroupResponse) {}
+  // Deletes an existing event stream consumer by ID.
+  rpc DeleteStreamConsumer(DeleteStreamConsumerRequest)
+      returns (DeleteStreamConsumerResponse) {}
 }
 
 
@@ -69,7 +69,7 @@ message ResourceTarget {
 message CreateStreamConsumerRequest {
   oneof target {
     ResourceTarget resource = 1;
-    bool user = 2;
+    string user = 2;
     bool anouncements = 3;
     bool all = 4;
   }
@@ -108,11 +108,11 @@ message AcknowledgeMessageBatchRequest {
 message AcknowledgeMessageBatchResponse {}
 
 
-message DeleteEventStreamingGroupRequest {
+message DeleteStreamConsumerRequest {
     string stream_consumer = 1;
 }
 
-message DeleteEventStreamingGroupResponse {}
+message DeleteStreamConsumerResponse {}
 
 message StreamFromSequence { uint64 sequence = 1; }
 
diff --git a/aruna/api/storage/models/v2/models.proto b/aruna/api/storage/models/v2/models.proto
index dcc0b0a2..10719bb9 100644
--- a/aruna/api/storage/models/v2/models.proto
+++ b/aruna/api/storage/models/v2/models.proto
@@ -120,17 +120,11 @@ enum ResourceVariant {
 }
 
 // ------------- USERS & PERMISSIONS -----------------------
-
-message ExternalId {
-  string external_id = 1;
-  string idp = 2;
-}
-
 message User {
   // Internal Aruna UserID
   string id = 1;
   // Oidc subject ID
-  repeated ExternalId external_ids = 2;
+  string external_id = 2;
   // (optional) User display_name
   string display_name = 3;
   // Is the user activated
@@ -154,12 +148,10 @@ message Permission {
 message Token {
   string id = 1;
   string name = 2;
-  string user_id = 3;
-  google.protobuf.Timestamp created_at = 4;
-  google.protobuf.Timestamp expires_at = 5;
+  google.protobuf.Timestamp created_at = 3;
+  google.protobuf.Timestamp expires_at = 4;
   // Tokens can either be personal or resource "specific"
-  Permission permission = 6;
-  google.protobuf.Timestamp used_at = 7;
+  Permission permission = 5;
 }
 
 
@@ -242,6 +234,21 @@ message Endpoint {
   repeated EndpointHostConfig host_configs = 6;
 }
 
+
+message Copy {
+  string resource = 1;
+  string target_endpoint = 2;
+  bool push = 3;
+}
+
+message Context {
+  oneof context {
+    bool s3_credentials = 1;
+    Copy copy = 2;
+  }
+}
+
+
 // ------ Resources ----------
 
 message GenericResource {
diff --git a/aruna/api/storage/services/v2/relations_service.proto b/aruna/api/storage/services/v2/relations_service.proto
index 1133aba7..268a5bff 100644
--- a/aruna/api/storage/services/v2/relations_service.proto
+++ b/aruna/api/storage/services/v2/relations_service.proto
@@ -30,8 +30,8 @@ service RelationsService {
   // Status: BETA
   //
   // Gets all downstream hierarchy relations from a resource
-  rpc GetHierachy(GetHierachyRequest)
-    returns (GetHierachyResponse) {
+  rpc GetHierarchy(GetHierarchyRequest)
+    returns (GetHierarchyResponse) {
       option (google.api.http) = {
         get : "/v2/relation/hierarchy"
     };
@@ -46,7 +46,7 @@ message ModifyRelationsRequest {
 
 message ModifyRelationsResponse {}
 
-message GetHierachyRequest {
+message GetHierarchyRequest {
     string resource_id = 1;
 }
 
@@ -68,7 +68,7 @@ message ProjectRelations {
     repeated string object_children = 4;
 }
 
-message GetHierachyResponse {
+message GetHierarchyResponse {
     oneof graph {
         ProjectRelations project = 1;
         CollectionRelations collection = 2;
diff --git a/aruna/api/storage/services/v2/search_service.proto b/aruna/api/storage/services/v2/search_service.proto
index 9e7b597e..c379d972 100644
--- a/aruna/api/storage/services/v2/search_service.proto
+++ b/aruna/api/storage/services/v2/search_service.proto
@@ -22,12 +22,24 @@ service SearchService {
       };
     }
 
+    // GetPublicResource
+    //
+    // Status: BETA
+    //
+    // Retrieves a public resource by its ID.
+    rpc GetPublicResource(GetPublicResourceRequest) returns (GetPublicResourceResponse){
+      option (google.api.http) = {
+        get : "/v2/public/{resource_id}"
+      };
+    }
+
 }
 
 message SearchResourcesRequest {
     string query = 1;
     string filter = 2;
-    int64 offset = 3;
+    int64 limit = 3;
+    int64 offset = 4;
 }
 
 
@@ -38,4 +50,12 @@ message SearchResourcesResponse {
     int64 estimated_total = 2;
     // The last index returned
     int64 last_index = 3;
+}
+
+message GetPublicResourceRequest {
+  string resource_id = 1;
+}
+
+message GetPublicResourceResponse {
+  storage.models.v2.GenericResource resources = 1;
 }
\ No newline at end of file
diff --git a/aruna/api/storage/services/v2/service_account_service.proto b/aruna/api/storage/services/v2/service_account_service.proto
index 9080b7ce..0e9e90dc 100644
--- a/aruna/api/storage/services/v2/service_account_service.proto
+++ b/aruna/api/storage/services/v2/service_account_service.proto
@@ -113,11 +113,36 @@ service ServiceAccountService {
       delete : "/v2/service_account/{svc_account_id}"
     };
   }
+
+  // GetS3Credentials
+  //
+  // Status: ALPHA
+  //
+  // Gets s3 credentials for a specific user and data_proxy
+  rpc GetS3CredentialsSvcAccount(GetS3CredentialsSvcAccountRequest)
+      returns (GetS3CredentialsSvcAccountResponse) {
+    option (google.api.http) = {
+      get : "/v2/service_account/{svc_account_id}/s3_credentials"
+    };
+  }
+
+
+  // GetDataproxyToken
+  //
+  // Status: ALPHA
+  //
+  // Gets token for a specific user and data_proxy
+  rpc GetDataproxyTokenSvcAccount(GetDataproxyTokenSvcAccountRequest)
+      returns (GetDataproxyTokenSvcAccountResponse) {
+    option (google.api.http) = {
+      get : "/v2/user/{svc_account_id}/proxy_token"
+    };
+  }
 }
 
 message CreateServiceAccountRequest {
     string name = 1;
-    storage.models.v2.Permission permission = 3;
+    storage.models.v2.Permission permission = 2;
 }
 
 message ServiceAccount {
@@ -192,4 +217,27 @@ message DeleteServiceAccountRequest {
     string svc_account_id = 1;
 }
 
-message DeleteServiceAccountResponse {}
\ No newline at end of file
+message DeleteServiceAccountResponse {}
+
+
+message GetS3CredentialsSvcAccountRequest {
+  string svc_account_id = 1;
+  string endpoint_id = 2;
+}
+
+message GetS3CredentialsSvcAccountResponse {
+  string s3_access_key = 1;
+  string s3_secret_key = 2;
+  string s3_endpoint_url = 3;
+}
+
+
+message GetDataproxyTokenSvcAccountRequest {
+  string user_id = 1;
+  string endpoint_id = 2;
+  storage.models.v2.Context context = 3;
+}
+
+message GetDataproxyTokenSvcAccountResponse {
+  string token = 1;
+}
diff --git a/aruna/api/storage/services/v2/user_service.proto b/aruna/api/storage/services/v2/user_service.proto
index 96ca5390..5a1965fc 100644
--- a/aruna/api/storage/services/v2/user_service.proto
+++ b/aruna/api/storage/services/v2/user_service.proto
@@ -186,17 +186,31 @@ service UserService {
     };
   }
 
-  // MergeUserAccount
+  // GetS3Credentials
   //
   // Status: ALPHA
   //
-  // Get all users including permissions (Admin only)
-  rpc MergeUserAccount(MergeUserAccountRequest)
-      returns (MergeUserAccountResponse) {
+  // Gets s3 credentials for a specific user and data_proxy
+  rpc GetS3CredentialsUser(GetS3CredentialsUserRequest)
+      returns (GetS3CredentialsUserResponse) {
+    option (google.api.http) = {
+      get : "/v2/user/{user_id}/s3_credentials"
+    };
+  }
+
+
+  // GetDataproxyToken
+  //
+  // Status: ALPHA
+  //
+  // Gets token for a specific user and data_proxy
+  rpc GetDataproxyTokenUser(GetDataproxyTokenUserRequest)
+      returns (GetDataproxyTokenUserResponse) {
     option (google.api.http) = {
-      get : "/v2/user/{user_id}/merge/{from_user_id}"
+      get : "/v2/user/{user_id}/proxy_token"
     };
   }
+
 }
 
 message RegisterUserRequest {
@@ -336,11 +350,23 @@ message UpdateUserEmailResponse {
   storage.models.v2.User user = 1;
 }
 
-message MergeUserAccountRequest {
+message GetS3CredentialsUserRequest {
   string user_id = 1;
-  string from_user_id = 2;
+  string endpoint_id = 2;
 }
 
-message MergeUserAccountResponse {
-  storage.models.v2.User user = 1;
-}
\ No newline at end of file
+message GetS3CredentialsUserResponse {
+  string s3_access_key = 1;
+  string s3_secret_key = 2;
+  string s3_endpoint_url = 3;
+}
+
+message GetDataproxyTokenUserRequest {
+  string user_id = 1;
+  string endpoint_id = 2;
+  storage.models.v2.Context context = 3;
+}
+
+message GetDataproxyTokenUserResponse {
+  string token = 1;
+}