diff --git a/.gcp.env b/.gcp.env
index feea70e7..18acbce6 100644
--- a/.gcp.env
+++ b/.gcp.env
@@ -1,4 +1,4 @@
-SENTRIUS_VERSION=1.0.44
+SENTRIUS_VERSION=1.0.45
 SENTRIUS_SSH_VERSION=1.0.4
 SENTRIUS_KEYCLOAK_VERSION=1.0.7
 SENTRIUS_AGENT_VERSION=1.0.18
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 99d81b4d..6c9c6eca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,9 +33,9 @@ replay_pid*
 target/*
 api/target/**
 core/target/**
-analyagents/target/**
+java-agent/target/**
 core/target/
-analyagents/target/
+java-agent/target/
 node/*
 node_modules/*
 api/node_modules/*
diff --git a/api/dynamic.properties b/api/dynamic.properties
index 85368675..1a27b433 100644
--- a/api/dynamic.properties
+++ b/api/dynamic.properties
@@ -7,6 +7,7 @@ sshEnabled=true
 systemLogoName=Sentrius
 AccessTokenAuditor.rule.4=io.sentrius.sso.automation.auditing.rules.OpenAISessionRule;Malicious AI Monitoring
 AccessTokenAuditor.rule.5=io.sentrius.sso.automation.auditing.rules.TwoPartyAIMonitor;AI Second Party Monitor
+AccessTokenAuditor.rule.6=io.sentrius.sso.automation.auditing.rules.SudoApproval;Sudo Approval
 allowProxies=true
 AccessTokenAuditor.rule.2=io.sentrius.sso.automation.auditing.rules.DeletePrevention;Delete Prevention
 AccessTokenAuditor.rule.3=io.sentrius.sso.automation.auditing.rules.TwoPartySessionRule;Require Second Party Monitoring
diff --git a/api/src/main/java/io/sentrius/sso/controllers/api/ChatApiController.java b/api/src/main/java/io/sentrius/sso/controllers/api/ChatApiController.java
new file mode 100644
index 00000000..4e5f849a
--- /dev/null
+++ b/api/src/main/java/io/sentrius/sso/controllers/api/ChatApiController.java
@@ -0,0 +1,93 @@
+package io.sentrius.sso.controllers.api;
+
+import java.security.GeneralSecurityException;
+import java.time.ZoneOffset;
+import java.util.List;
+import java.util.stream.Collectors;
+import io.sentrius.sso.core.utils.AccessUtil;
+import io.sentrius.sso.protobuf.Session.ChatMessage;
+import io.sentrius.sso.core.config.SystemOptions;
+import io.sentrius.sso.core.controllers.BaseController;
+import io.sentrius.sso.core.model.security.enums.SSHAccessEnum;
+import io.sentrius.sso.core.model.sessions.SessionLog;
+import io.sentrius.sso.core.repository.ChatLogRepository;
+import io.sentrius.sso.core.security.service.CryptoService;
+import io.sentrius.sso.core.services.ErrorOutputService;
+import io.sentrius.sso.core.services.UserService;
+import io.sentrius.sso.core.services.auditing.AuditService;
+import io.sentrius.sso.core.services.terminal.SessionTrackingService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+@Slf4j
+@RestController
+@RequestMapping("/api/v1/chat")
+public class ChatApiController extends BaseController {
+    private final AuditService auditService;
+    final CryptoService cryptoService;
+    final SessionTrackingService sessionTrackingService;
+    final ChatLogRepository chatLogRepository;
+
+    public ChatApiController(
+        UserService userService,
+        SystemOptions systemOptions,
+        ErrorOutputService errorOutputService,
+        AuditService auditService,
+        CryptoService cryptoService, SessionTrackingService sessionTrackingService, ChatLogRepository chatLogRepository
+    ) {
+        super(userService, systemOptions, errorOutputService);
+        this.auditService = auditService;
+        this.cryptoService = cryptoService;
+        this.sessionTrackingService = sessionTrackingService;
+        this.chatLogRepository = chatLogRepository;
+    }
+
+    public SessionLog createSession(@RequestParam String username, @RequestParam String ipAddress) {
+        return auditService.createSession(username, ipAddress);
+    }
+
+    @GetMapping("/history")
+    public ResponseEntity<List<ChatMessage>> getChatHistory(
+        HttpServletRequest request,
+        HttpServletResponse response,
+        @RequestParam(name="sessionId") String sessionIdEncrypted,
+                                                                    @RequestParam(name="chatGroupId") String chatGroupIdEncrypted)
+        throws GeneralSecurityException {
+
+        Long sessionId = Long.parseLong(cryptoService.decrypt(sessionIdEncrypted));
+
+        // Check if the user has access to this session
+        var myConnectedSystem = sessionTrackingService.getConnectedSession(sessionId);
+
+        var user = getOperatingUser(request, response);
+
+        if (myConnectedSystem == null ||
+            (
+            !myConnectedSystem.getUser().getId().equals(user.getId()) &&
+            !AccessUtil.canAccess(user, SSHAccessEnum.CAN_MANAGE_SYSTEMS))) {
+            return ResponseEntity.status(403).body(null); // Forbidden access
+        }
+
+
+        String chatGroupId = cryptoService.decrypt(chatGroupIdEncrypted);
+        List<ChatMessage> messages = chatLogRepository.findBySessionIdAndChatGroupId(sessionId, chatGroupId)
+            .stream()
+            .map(chatLog -> ChatMessage.newBuilder()
+                .setSessionId(sessionId)
+                .setChatGroupId(chatGroupId)
+                .setSender(chatLog.getSender())
+                .setMessage(chatLog.getMessage())
+                .setTimestamp(chatLog.getMessageTimestamp().toEpochSecond(ZoneOffset.UTC)).build())
+            .collect(Collectors.toList());
+
+        return ResponseEntity.ok(messages);
+    }
+
+
+}
diff --git a/api/src/main/java/io/sentrius/sso/controllers/view/HostController.java b/api/src/main/java/io/sentrius/sso/controllers/view/HostController.java
index 3099881d..ff61f931 100644
--- a/api/src/main/java/io/sentrius/sso/controllers/view/HostController.java
+++ b/api/src/main/java/io/sentrius/sso/controllers/view/HostController.java
@@ -202,7 +202,7 @@ public String connectSSHServer(
 
         model.addAttribute("enclaveConfiguration", config);
 
-        return "sso/ssh/secure_shell";
+        return "sso/ssh/sso";
 
     }
 
@@ -243,7 +243,7 @@ public String attachSession(
 
         model.addAttribute("enclaveConfiguration", config);
 
-        return "sso/ssh/secure_shell";
+        return "sso/ssh/sso";
 
     }
 
diff --git a/api/src/main/java/io/sentrius/sso/controllers/view/ZeroTrustATController.java b/api/src/main/java/io/sentrius/sso/controllers/view/ZeroTrustATController.java
index fec8c593..a4f5c856 100644
--- a/api/src/main/java/io/sentrius/sso/controllers/view/ZeroTrustATController.java
+++ b/api/src/main/java/io/sentrius/sso/controllers/view/ZeroTrustATController.java
@@ -1,13 +1,17 @@
 package io.sentrius.sso.controllers.view;
 
+import java.util.List;
 import io.sentrius.sso.core.annotations.LimitAccess;
 import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.core.controllers.BaseController;
+import io.sentrius.sso.core.model.dto.JITTrackerDTO;
 import io.sentrius.sso.core.model.security.enums.ZeroTrustAccessTokenEnum;
 import io.sentrius.sso.core.model.users.User;
 import io.sentrius.sso.core.services.ErrorOutputService;
 import io.sentrius.sso.core.services.ZeroTrustRequestService;
 import io.sentrius.sso.core.services.UserService;
+import io.sentrius.sso.core.utils.AccessUtil;
+import io.sentrius.sso.core.utils.ZTATUtils;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.http.ResponseEntity;
@@ -53,13 +57,38 @@ public String viewMyTats(HttpServletRequest request, HttpServletResponse respons
         return "sso/ztats/view_my_ztats";
     }
 
+
+    List<JITTrackerDTO> decorateTats(List<JITTrackerDTO> tats, User operatingUser){
+        boolean canApprove = AccessUtil.canAccess(operatingUser, ZeroTrustAccessTokenEnum.CAN_APPROVE_ZTATS);
+        boolean canDeny = AccessUtil.canAccess(operatingUser, ZeroTrustAccessTokenEnum.CAN_DENY_ZTATS);
+        if (canApprove || canDeny) {
+            for (var tat : tats) {
+
+                if (tat.getUserName().equals(operatingUser.getUsername())) {
+                    tat.setCurrentUser(true);
+                    if (systemOptions.getCanApproveOwnZtat()) {
+                        tat.setCanApprove(canApprove);
+                        tat.setCanDeny(canDeny);
+                    }
+                }
+                else {
+                    tat.setCanApprove(canApprove);
+                    tat.setCanDeny(canDeny);
+                }
+
+            }
+        }
+        return tats;
+    }
+
     private void modelTATs(Model model, User operatingUser){
-        model.addAttribute("openTerminalTats", ztatRequestService.getOpenAccessTokenRequests(operatingUser));
-        model.addAttribute("openOpsTats", ztatRequestService.getOpenOpsRequests(operatingUser));
-        model.addAttribute("approvedTerminalTats", ztatRequestService.getApprovedTerminalAccessTokenRequests(operatingUser));
-        model.addAttribute("approvedOpsTats", ztatRequestService.getApprovedOpsAccessTokenRequests(operatingUser));
-        model.addAttribute("deniedOpsTats", ztatRequestService.getDeniedOpsAccessTokenRequests(operatingUser));
-        model.addAttribute("deniedTerminalTats", ztatRequestService.getDeniedTerminalAccessTokenRequests(operatingUser));
+        model.addAttribute("openTerminalTats",
+            decorateTats(ztatRequestService.getOpenAccessTokenRequests(operatingUser),operatingUser));
+        model.addAttribute("openOpsTats", decorateTats(ztatRequestService.getOpenOpsRequests(operatingUser),operatingUser));
+        model.addAttribute("approvedTerminalTats", decorateTats(ztatRequestService.getApprovedTerminalAccessTokenRequests(operatingUser),operatingUser));
+        model.addAttribute("approvedOpsTats", decorateTats(ztatRequestService.getApprovedOpsAccessTokenRequests(operatingUser),operatingUser));
+        model.addAttribute("deniedOpsTats",decorateTats( ztatRequestService.getDeniedOpsAccessTokenRequests(operatingUser),operatingUser));
+        model.addAttribute("deniedTerminalTats", decorateTats(ztatRequestService.getDeniedTerminalAccessTokenRequests(operatingUser),operatingUser));
     }
 
 }
diff --git a/api/src/main/java/io/sentrius/sso/websocket/ChatListenerService.java b/api/src/main/java/io/sentrius/sso/websocket/ChatListenerService.java
new file mode 100644
index 00000000..5aa21ba3
--- /dev/null
+++ b/api/src/main/java/io/sentrius/sso/websocket/ChatListenerService.java
@@ -0,0 +1,354 @@
+package io.sentrius.sso.websocket;
+
+import java.security.GeneralSecurityException;
+import java.time.LocalDateTime;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.Executor;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import io.sentrius.sso.core.model.ConnectedSystem;
+import io.sentrius.sso.core.model.chat.ChatLog;
+import io.sentrius.sso.core.security.service.CryptoService;
+import io.sentrius.sso.core.services.ChatService;
+import io.sentrius.sso.core.services.IntegrationSecurityTokenService;
+import io.sentrius.sso.core.services.terminal.SessionTrackingService;
+import io.sentrius.sso.core.utils.JsonUtil;
+import io.sentrius.sso.genai.ChatConversation;
+import io.sentrius.sso.genai.GenerativeAPI;
+import io.sentrius.sso.genai.GeneratorConfiguration;
+import io.sentrius.sso.genai.model.ChatResponse;
+import io.sentrius.sso.genai.model.Conversation;
+import io.sentrius.sso.integrations.external.ExternalIntegrationDTO;
+import io.sentrius.sso.protobuf.Session;
+import io.sentrius.sso.security.ApiKey;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.scheduling.annotation.Async;
+import org.springframework.stereotype.Service;
+import org.springframework.web.socket.TextMessage;
+import org.springframework.web.socket.WebSocketSession;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class ChatListenerService {
+
+    private final SessionTrackingService sessionTrackingService;
+    private final CryptoService cryptoService;
+
+    @Qualifier("taskExecutor") // Specify the custom task executor to use
+    private final Executor taskExecutor;
+    private final IntegrationSecurityTokenService integrationSecurityTokenService;
+
+    private final SshListenerService sshListenerService;
+    private final ChatService chatService;
+
+    private final ConcurrentMap<String, WebSocketSession> activeSessions = new ConcurrentHashMap<>();
+
+
+    public void startAuditingSession(String terminalSessionId, WebSocketSession session) throws GeneralSecurityException {
+
+        var sessionIdStr = cryptoService.decrypt(terminalSessionId);
+        var sessionIdLong = Long.parseLong(sessionIdStr);
+        var connectedSystem = sessionTrackingService.getConnectedSession(sessionIdLong);
+        if (null != connectedSystem ) {
+            connectedSystem.setWebsocketListenerSessionId(session.getId());
+        }
+    }
+
+    public void endAuditingSession(String terminalSessionId) throws GeneralSecurityException {
+
+        var sessionIdStr = cryptoService.decrypt(terminalSessionId);
+        var sessionIdLong = Long.parseLong(sessionIdStr);
+        var connectedSystem = sessionTrackingService.getConnectedSession(sessionIdLong);
+        if (null != connectedSystem ) {
+            connectedSystem.setWebsocketListenerSessionId("");
+        }
+    }
+
+    public void startChatListener(String terminalSessionId, WebSocketSession session) throws GeneralSecurityException {
+
+        var sessionIdStr = cryptoService.decrypt(terminalSessionId);
+        var sessionIdLong = Long.parseLong(sessionIdStr);
+
+
+        var connectedSystem = sessionTrackingService.getConnectedSession(sessionIdLong);
+
+        log.info("Starting to listen to SSH server for session: {}", terminalSessionId);
+
+        activeSessions.putIfAbsent(terminalSessionId, session);
+
+        connectedSystem.setWebsocketChatSessionId(session.getId());
+
+
+
+        taskExecutor.execute(() -> {
+            while (!Thread.currentThread().isInterrupted() && activeSessions.get(terminalSessionId) != null &&
+                !connectedSystem.getSession().getClosed()) {
+                try {
+                    // Mock logic for receiving data from SSH server
+                    var sshData = sessionTrackingService.getOutput(connectedSystem, 1L, TimeUnit.SECONDS,
+                        output -> (!connectedSystem.getSession().getClosed() && (null != activeSessions.get(terminalSessionId) && activeSessions.get(terminalSessionId).isOpen())));
+
+                    // Send data to the specific terminal session
+                    if (null != sshData ) {
+
+                    }else {
+                        log.trace("No data to return");
+                    }
+
+
+
+                } catch (Exception e) {
+                    log.error("Error while listening to SSH server: ", e);
+                    Thread.currentThread().interrupt(); // Ensure the thread can exit cleanly on exception
+                }
+            };
+            log.trace("***L:eaving thread");
+        });
+    }
+
+
+    @Async
+    public void sendToTerminalSession(String terminalSessionId, ConnectedSystem connectedSystem,
+                                      Session.ChatMessage sshData) {
+    }
+
+    private ChatResponse toChatMessage(Session.ChatMessage sshData) {
+        return ChatResponse.builder().role("user").content(sshData.getMessage()).build();
+    }
+
+    private ChatResponse toChatMessage(ChatLog chatLog) {
+        return ChatResponse.builder().role(chatLog.getSender().equals("agent") ? "system" : "user").content(chatLog.getMessage()).build();
+    }
+
+    private List<ChatResponse> toChatMessages(List<ChatLog> chatLogs) {
+        return chatLogs.stream().map(this::toChatMessage).collect(Collectors.toList());
+    }
+
+    public void processMessage(
+        String sessionId,
+        WebSocketSession session, ConnectedSystem terminalSessionId, Session.ChatMessage chatMessage) {
+        var openaiService = integrationSecurityTokenService.findByConnectionType("openai").stream().findFirst().orElse(null);
+
+        if (null != openaiService) {
+            log.info("OpenAI service is available");
+            ExternalIntegrationDTO externalIntegrationDTO = null;
+            try {
+                externalIntegrationDTO = JsonUtil.MAPPER.readValue(
+                    openaiService.getConnectionInfo(),
+                    ExternalIntegrationDTO.class
+                );
+            } catch (JsonProcessingException e) {
+                throw new RuntimeException(e);
+            }
+            ApiKey key =
+                ApiKey.builder().apiKey(externalIntegrationDTO.getApiToken())
+                    .principal(externalIntegrationDTO.getUsername()).build();
+
+            var chatConversation = new ChatConversation(key, new GenerativeAPI(key),
+                GeneratorConfiguration.builder().build());
+
+            var previousMessages = chatService.findBySessionIdAndChatGroupId(terminalSessionId.getSession().getId());
+            Conversation convo =
+                Conversation.builder().newUserMessage(toChatMessage(chatMessage)).previousMessages(toChatMessages(previousMessages)).build();
+            convo.setSystemConfines("You are an agent whose responding to chats form a user on an SSH terminal " +
+                "session. The history preceding this message will be included. Please respond with a JSON structure " +
+                "that includes the message you want to send to the user. The message should be in the 'message' field" +
+                ". If the user requests help directly into the terminal, please return a field labeled 'terminal'. " +
+                "Since you have the ability to inject commands into the terminal, always ask if they would like you " +
+                "to place it there before sending the terminal field, but place the question at the end of the " +
+                "message field, not in terminal, which can be empty. If you are unsure of the user's intent, ask for " +
+                "clarification. We " +
+                "will send the " +
+                "history of your chat with the user. We have another AI agent that asks security related questions. " +
+                "If these come they will be sent to you as well along with their response. Ensure that the person " +
+                "answers the question, if they do not or you assess that they are being evasive, send a json field " +
+                "named alert as a boolean value of true." );
+            try {
+                var chatMessageResponse = chatConversation.generate(convo);
+                ChatLog userChat =
+                    ChatLog.builder().messageTimestamp(LocalDateTime.now()).chatGroupId("0")
+                        .session(terminalSessionId.getSession()).message(chatMessage.getMessage()).sender(
+                            "user").build();
+                chatService.save(userChat);
+                Session.ChatMessage userMessage = Session.ChatMessage.newBuilder()
+                    .setSender("user")
+                    .setMessage(chatMessage.getMessage())
+                    .build();
+
+                byte[] messageBytes = userMessage.toByteArray();
+                String base64Message = Base64.getEncoder().encodeToString(messageBytes);
+                log.trace("Sending message to session: {}", userMessage);
+      //          session.sendMessage(new TextMessage(base64Message));
+                if (chatMessageResponse.getTerminalMessage() != null) {
+                    log.info("Sending terminal message to session: {}", chatMessageResponse.getTerminalMessage());
+                    Session.TerminalMessage terminalMessage = Session.TerminalMessage.newBuilder()
+                        .setType(Session.MessageType.USER_DATA)
+                        .setCommand(chatMessageResponse.getTerminalMessage())
+                        .build();
+                    sshListenerService.sendToTerminalSession(sessionId, terminalSessionId,
+                        terminalMessage);
+                    sshListenerService.processTerminalMessage(terminalSessionId, terminalMessage);
+                    if (chatMessageResponse.getContent().isEmpty()) {
+                        Session.ChatMessage chatMessage1 = Session.ChatMessage.newBuilder()
+                            .setSender("agent")
+                            .setMessage("I've added the command to your terminal!")
+                            .build();
+                        messageBytes = chatMessage1.toByteArray();
+                        base64Message = Base64.getEncoder().encodeToString(messageBytes);
+                        log.trace("Sending message to session: {}", chatMessage1);
+                        session.sendMessage(new TextMessage(base64Message));
+                    }
+                }
+                if (chatMessageResponse.isAlert()){
+                    log.info("**** alerttttttt");
+                }
+                if (!chatMessageResponse.getContent().isEmpty()) {
+                    Session.ChatMessage chatMessage1 = Session.ChatMessage.newBuilder()
+                        .setSender("agent")
+                        .setMessage(chatMessageResponse.getContent())
+                        .build();
+
+
+
+
+
+                    ChatLog chatLog =
+                        ChatLog.builder().messageTimestamp(LocalDateTime.now()).chatGroupId("0").session(terminalSessionId.getSession()).message(chatMessage1.getMessage()).sender(
+                            "agent").build();
+                    chatService.save(chatLog);
+
+                    messageBytes = chatMessage1.toByteArray();
+                    base64Message = Base64.getEncoder().encodeToString(messageBytes);
+                    log.trace("Sending message to session: {}", chatMessage1);
+                    session.sendMessage(new TextMessage(base64Message));
+                }
+
+
+
+
+
+
+
+
+
+            } catch (Exception e) {
+                e.printStackTrace();
+                log.error("Error categorizing command", e);
+            }
+
+        } else {
+            log.info("OpenAI service is not available");
+        }
+    }
+
+
+    public void stopListeningToSshServer(ConnectedSystem connectedSystem) {
+        sessionTrackingService.closeSession(connectedSystem);
+    }
+
+    /** Maps key press events to the ascii values */
+    static Map<Integer, byte[]> keyMap = new HashMap<>();
+
+    static {
+        // ESC
+        keyMap.put(27, new byte[] {(byte) 0x1b});
+        // ENTER
+        keyMap.put(13, new byte[] {(byte) 0x0d});
+        // LEFT
+        keyMap.put(37, new byte[] {(byte) 0x1b, (byte) 0x4f, (byte) 0x44});
+        // UP
+        keyMap.put(38, new byte[] {(byte) 0x1b, (byte) 0x4f, (byte) 0x41});
+        // RIGHT
+        keyMap.put(39, new byte[] {(byte) 0x1b, (byte) 0x4f, (byte) 0x43});
+        // DOWN
+        keyMap.put(40, new byte[] {(byte) 0x1b, (byte) 0x4f, (byte) 0x42});
+        // BS
+        keyMap.put(8, new byte[] {(byte) 0x7f});
+        // TAB
+        keyMap.put(9, new byte[] {(byte) 0x09});
+        // CTR
+        keyMap.put(17, new byte[] {});
+        // DEL
+        keyMap.put(46, "\033[3~".getBytes());
+        // CTR-A
+        keyMap.put(65, new byte[] {(byte) 0x01});
+        // CTR-B
+        keyMap.put(66, new byte[] {(byte) 0x02});
+        // CTR-C
+        keyMap.put(67, new byte[] {(byte) 0x03});
+        // CTR-D
+        keyMap.put(68, new byte[] {(byte) 0x04});
+        // CTR-E
+        keyMap.put(69, new byte[] {(byte) 0x05});
+        // CTR-F
+        keyMap.put(70, new byte[] {(byte) 0x06});
+        // CTR-G
+        keyMap.put(71, new byte[] {(byte) 0x07});
+        // CTR-H
+        keyMap.put(72, new byte[] {(byte) 0x08});
+        // CTR-I
+        keyMap.put(73, new byte[] {(byte) 0x09});
+        // CTR-J
+        keyMap.put(74, new byte[] {(byte) 0x0A});
+        // CTR-K
+        keyMap.put(75, new byte[] {(byte) 0x0B});
+        // CTR-L
+        keyMap.put(76, new byte[] {(byte) 0x0C});
+        // CTR-M
+        keyMap.put(77, new byte[] {(byte) 0x0D});
+        // CTR-N
+        keyMap.put(78, new byte[] {(byte) 0x0E});
+        // CTR-O
+        keyMap.put(79, new byte[] {(byte) 0x0F});
+        // CTR-P
+        keyMap.put(80, new byte[] {(byte) 0x10});
+        // CTR-Q
+        keyMap.put(81, new byte[] {(byte) 0x11});
+        // CTR-R
+        keyMap.put(82, new byte[] {(byte) 0x12});
+        // CTR-S
+        keyMap.put(83, new byte[] {(byte) 0x13});
+        // CTR-T
+        keyMap.put(84, new byte[] {(byte) 0x14});
+        // CTR-U
+        keyMap.put(85, new byte[] {(byte) 0x15});
+        // CTR-V
+        keyMap.put(86, new byte[] {(byte) 0x16});
+        // CTR-W
+        keyMap.put(87, new byte[] {(byte) 0x17});
+        // CTR-X
+        keyMap.put(88, new byte[] {(byte) 0x18});
+        // CTR-Y
+        keyMap.put(89, new byte[] {(byte) 0x19});
+        // CTR-Z
+        keyMap.put(90, new byte[] {(byte) 0x1A});
+        // CTR-[
+        keyMap.put(219, new byte[] {(byte) 0x1B});
+        // CTR-]
+        keyMap.put(221, new byte[] {(byte) 0x1D});
+        // INSERT
+        keyMap.put(45, "\033[2~".getBytes());
+        // PG UP
+        keyMap.put(33, "\033[5~".getBytes());
+        // PG DOWN
+        keyMap.put(34, "\033[6~".getBytes());
+        // END
+        keyMap.put(35, "\033[4~".getBytes());
+        // HOME
+        keyMap.put(36, "\033[1~".getBytes());
+    }
+
+    public void removeSession(String sessionId) {
+        log.trace("Removing session: {}", sessionId);
+        activeSessions.remove(sessionId);
+    }
+}
diff --git a/api/src/main/java/io/sentrius/sso/websocket/ChatWSHandler.java b/api/src/main/java/io/sentrius/sso/websocket/ChatWSHandler.java
new file mode 100644
index 00000000..074e73e8
--- /dev/null
+++ b/api/src/main/java/io/sentrius/sso/websocket/ChatWSHandler.java
@@ -0,0 +1,159 @@
+
+package io.sentrius.sso.websocket;
+
+import java.io.IOException;
+import java.net.URI;
+import java.security.GeneralSecurityException;
+import java.util.Base64;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import io.sentrius.sso.core.security.service.CryptoService;
+import io.sentrius.sso.core.services.metadata.TerminalSessionMetadataService;
+import io.sentrius.sso.core.services.terminal.SessionTrackingService;
+import io.sentrius.sso.protobuf.Session;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+import org.springframework.web.socket.TextMessage;
+import org.springframework.web.socket.WebSocketSession;
+import org.springframework.web.socket.handler.TextWebSocketHandler;
+
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class ChatWSHandler extends TextWebSocketHandler {
+
+
+    final SessionTrackingService sessionTrackingService;
+    final ChatListenerService chatListenerService;
+    final CryptoService cryptoService;
+    final TerminalSessionMetadataService terminalSessionMetadataService;
+
+
+
+    // Store active sessions, using session ID or a custom identifier
+    private final ConcurrentHashMap<String, WebSocketSession> sessions = new ConcurrentHashMap<>();
+
+    @Override
+    public void afterConnectionEstablished(WebSocketSession session) throws Exception {
+        // Extract query parameters from the URI
+        URI uri = session.getUri();
+        if (uri != null) {
+            Map<String, String> queryParams = parseQueryParams(uri.getQuery());
+            String sessionId = queryParams.get("sessionId");
+
+
+
+            if (sessionId != null) {
+                // Store the WebSocket session using the session ID from the query parameter
+                sessions.put(sessionId, session);
+                log.info("New connection established, session ID: " + sessionId);
+                // until we have another human on the other side we don't need a thread for this.
+                //chatListenerService.startChatListener(sessionId, session);
+
+            } else {
+                log.info("Session ID not found in query parameters.");
+                session.close(); // Close the session if no valid session ID is provided
+            }
+        } else {
+            log.info("No URI available for this session.");
+            session.close(); // Close the session if URI is unavailable
+        }
+    }
+
+    @Override
+    protected void handleTextMessage(WebSocketSession session, TextMessage message)
+        throws IOException, GeneralSecurityException {
+
+        // Extract query parameters from the URI again if needed
+        URI uri = session.getUri();
+        log.info("got message {}", uri);
+        try {
+            if (uri != null) {
+                Map<String, String> queryParams = parseQueryParams(uri.getQuery());
+                String sessionId = queryParams.get("sessionId");
+
+                if (sessionId != null) {
+                    log.info("Received message from session ID: " + sessionId);
+                    // Handle the message (e.g., process or respond)
+
+
+                    // Deserialize the protobuf message
+                    byte[] messageBytes = Base64.getDecoder().decode(message.getPayload());
+                    Session.ChatMessage auditLog =
+                        Session.ChatMessage.parseFrom(messageBytes);
+                    if (auditLog.getMessage().equals("heartbeat")){
+                        log.info("heartbeat");
+                        return;
+                    }
+                    // Decrypt the session ID
+//                    var sessionIdStr = cryptoService.decrypt(sessionId);
+  //                  var sessionIdLong = Long.parseLong(sessionIdStr);
+                    var lookupId = sessionId + "==";
+                    // Retrieve ConnectedSystem from your persistent map using the session ID
+                    var sys = sessionTrackingService.getEncryptedConnectedSession(lookupId);
+                    if (null != sys ) {
+                        log.info("oh");
+                        // Get the user's session and handle trigger if present
+                        chatListenerService.processMessage(sessionId, session, sys, auditLog);
+                    }
+                } else {
+                    log.info("Session ID not found in query parameters for message handling.");
+                }
+            }
+        }catch (Exception e ){
+            e.printStackTrace();
+            throw new RuntimeException(e);
+        }
+    }
+
+    @Override
+    public void afterConnectionClosed(WebSocketSession session, org.springframework.web.socket.CloseStatus status) throws Exception {
+        URI uri = session.getUri();
+        if (uri != null) {
+            Map<String, String> queryParams = parseQueryParams(uri.getQuery());
+            String sessionId = queryParams.get("sessionId");
+
+            if (sessionId != null) {
+                // Remove the session when connection is closed
+                var lookupId = sessionId + "==";
+
+
+                sessions.remove(sessionId);
+                chatListenerService.removeSession(sessionId);
+
+                log.info("Connection closed, session ID: " + sessionId);
+            }
+        }
+    }
+
+    // Utility method to parse query parameters
+    private Map<String, String> parseQueryParams(String query) {
+        if (query == null || query.isEmpty()) {
+            return Map.of();
+        }
+        return Stream.of(query.split("&"))
+            .map(param -> param.split("="))
+            .collect(Collectors.toMap(
+                param -> param[0],
+                param -> param.length > 1 ? param[1] : ""
+            ));
+    }
+
+    // Utility method to send a message to a specific session
+    public void sendMessageToSession(String sessionId, String message) {
+        WebSocketSession session = sessions.get(sessionId);
+        if (session != null && session.isOpen()) {
+            try {
+                session.sendMessage(new TextMessage(message));
+            } catch (IOException e) {
+                System.err.println("Error sending message to session " + sessionId);
+                e.printStackTrace();
+            }
+        } else {
+            System.err.println("Session not found or already closed: " + sessionId);
+        }
+    }
+}
diff --git a/api/src/main/java/io/sentrius/sso/websocket/SshListenerService.java b/api/src/main/java/io/sentrius/sso/websocket/SshListenerService.java
index da860bd6..29a81d5a 100644
--- a/api/src/main/java/io/sentrius/sso/websocket/SshListenerService.java
+++ b/api/src/main/java/io/sentrius/sso/websocket/SshListenerService.java
@@ -76,7 +76,7 @@ public void startListeningToSshServer(String terminalSessionId, WebSocketSession
             while (!Thread.currentThread().isInterrupted() && activeSessions.get(terminalSessionId) != null &&
                 !connectedSystem.getSession().getClosed()) {
                 try {
-                    // Mock logic for receiving data from SSH server
+                    // logic for receiving data from SSH server
                     var sshData = sessionTrackingService.getOutput(connectedSystem, 1L, TimeUnit.SECONDS,
                         output -> (!connectedSystem.getSession().getClosed() && (null != activeSessions.get(terminalSessionId) && activeSessions.get(terminalSessionId).isOpen())));
 
@@ -174,7 +174,7 @@ public void processTerminalMessage(
             try {
                 String command = terminalMessage.getCommand();
 
-                log.trace("Got " + command);
+                log.info("Got " + command);
 
                 Integer keyCode = null;
                 Double keyCodeDbl = terminalMessage.getKeycode();
@@ -196,7 +196,7 @@ public void processTerminalMessage(
                         sessionTrackingService.addTrigger(terminalSessionId, terminalSessionId.getTerminalAuditor().getCurrentTrigger());
                     }
                     if (keyCode != null && keyCode != -1) {
-                        log.trace("key code isn't null " + keyCode );
+                        log.info("key code isn't null " + keyCode );
                         if (keyMap.containsKey(keyCode)) {
 
                             if (keyCode == 13
@@ -230,7 +230,7 @@ public void processTerminalMessage(
                         }
 
                     } else {
-                        log.trace("Appending");
+                        log.info("Appending");
 
                             terminalSessionId.getTerminalAuditor().append(command);
                             terminalSessionId.getCommander().print(command);
diff --git a/api/src/main/java/io/sentrius/sso/websocket/TerminalWSHandler.java b/api/src/main/java/io/sentrius/sso/websocket/TerminalWSHandler.java
index 3134df09..cd313333 100644
--- a/api/src/main/java/io/sentrius/sso/websocket/TerminalWSHandler.java
+++ b/api/src/main/java/io/sentrius/sso/websocket/TerminalWSHandler.java
@@ -3,8 +3,11 @@
 
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.model.chat.ChatLog;
 import io.sentrius.sso.core.model.metadata.TerminalSessionMetadata;
+import io.sentrius.sso.core.services.ChatService;
 import io.sentrius.sso.core.services.metadata.TerminalSessionMetadataService;
+import io.sentrius.sso.core.utils.StringUtils;
 import io.sentrius.sso.protobuf.Session;
 import io.sentrius.sso.core.security.service.CryptoService;
 import io.sentrius.sso.core.services.terminal.SessionTrackingService;
@@ -36,7 +39,7 @@ public class TerminalWSHandler extends TextWebSocketHandler {
     final SshListenerService sshListenerService;
     final CryptoService cryptoService;
     final TerminalSessionMetadataService terminalSessionMetadataService;
-
+    private final ChatService chatService;
 
     // Store active sessions, using session ID or a custom identifier
     private final ConcurrentHashMap<String, WebSocketSession> sessions = new ConcurrentHashMap<>();
@@ -113,6 +116,10 @@ protected void handleTextMessage(WebSocketSession session, TextMessage message)
                                 sys.getTerminalAuditor().setSessionTrigger(trigger.get());
                                 sessionTrackingService.addSystemTrigger(sys, trigger.get());
                             } else if (trigger.get().getAction() == TriggerAction.PROMPT_ACTION) {
+                                if (!StringUtils.isBlank( trigger.get().getAsk())){
+                                    // send the question into the log
+                                    chatService.save(ChatLog.builder().sender("agent").message(trigger.get().getAsk()).build());
+                                }
                                 sessionTrackingService.addTrigger(sys, trigger.get());
                                 return;
                             }
diff --git a/api/src/main/java/io/sentrius/sso/websocket/WebSocketConfig.java b/api/src/main/java/io/sentrius/sso/websocket/WebSocketConfig.java
index e2aeca86..031f4a89 100644
--- a/api/src/main/java/io/sentrius/sso/websocket/WebSocketConfig.java
+++ b/api/src/main/java/io/sentrius/sso/websocket/WebSocketConfig.java
@@ -13,6 +13,7 @@ public class WebSocketConfig implements WebSocketConfigurer {
 
     private final TerminalWSHandler customWebSocketHandler;
     private final AuditSocketHandler auditSocketHandler;
+    private final ChatWSHandler chatWSHandler;
     @Override
     public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
         registry.addHandler(customWebSocketHandler, "/api/v1/ssh/terminal/subscribe")
@@ -21,6 +22,9 @@ public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
         registry.addHandler(auditSocketHandler, "/api/v1/audit/attach/subscribe")
             .setAllowedOriginPatterns("*")
             .withSockJS();  // SockJS fallback if needed
+        registry.addHandler(chatWSHandler, "/api/v1/chat/attach/subscribe")
+            .setAllowedOriginPatterns("*")
+            .withSockJS();  // SockJS fallback if needed
 
     }
 }
\ No newline at end of file
diff --git a/api/src/main/resources/db/migration/V17__chat_logs.sql b/api/src/main/resources/db/migration/V17__chat_logs.sql
new file mode 100644
index 00000000..bcd96e81
--- /dev/null
+++ b/api/src/main/resources/db/migration/V17__chat_logs.sql
@@ -0,0 +1,10 @@
+CREATE TABLE IF NOT EXISTS chat_log (
+        id BIGSERIAL PRIMARY KEY,
+        session_id BIGINT NOT NULL,
+        chat_group_id VARCHAR NOT NULL, -- Unique identifier for different chat dialogs within the session
+        instance_id INTEGER,
+        sender VARCHAR NOT NULL, -- username or system (e.g., AI agent)
+        message TEXT NOT NULL,
+        message_tm TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (session_id) REFERENCES session_log(id) ON DELETE CASCADE
+    );
diff --git a/api/src/main/resources/db/migration/V18_approval_history.sql b/api/src/main/resources/db/migration/V18_approval_history.sql
new file mode 100644
index 00000000..be35a79c
--- /dev/null
+++ b/api/src/main/resources/db/migration/V18_approval_history.sql
@@ -0,0 +1,21 @@
+ALTER TABLE ztat_approvals ADD COLUMN rationale TEXT;
+ALTER TABLE ops_approvals ADD COLUMN rationale TEXT;
+
+CREATE TABLE IF NOT EXISTS ztat_uses (
+                                         id BIGSERIAL PRIMARY KEY,
+                                         ztat_approval_id BIGINT NOT NULL,
+                                         user_id BIGINT NOT NULL,
+                                         used_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                                         FOREIGN KEY (ztat_approval_id) REFERENCES ztat_approvals(id),
+    FOREIGN KEY (user_id) REFERENCES users(id)
+    );
+
+
+CREATE TABLE IF NOT EXISTS ops_uses (
+                                         id BIGSERIAL PRIMARY KEY,
+                                         ops_approval_id BIGINT NOT NULL,
+                                         user_id BIGINT NOT NULL,
+                                         used_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                                         FOREIGN KEY (ops_approval_id) REFERENCES ops_approvals(id),
+    FOREIGN KEY (user_id) REFERENCES users(id)
+    );
diff --git a/api/src/main/resources/static/js/bundled_session_pb.js b/api/src/main/resources/static/js/bundled_session_pb.js
index 660cff58..47069fc7 100644
--- a/api/src/main/resources/static/js/bundled_session_pb.js
+++ b/api/src/main/resources/static/js/bundled_session_pb.js
@@ -1,4 +1,4 @@
-(function(){function p(o,i,f){var a="function"==typeof require&&require;function c(n,r){if(!i[n]){if(!o[n]){var u="function"==typeof require&&require,u;if(!r&&u)return u(n,!0);if(a)return a(n,!0);throw(u=new Error("Cannot find module '"+n+"'")).code="MODULE_NOT_FOUND",u}var u=i[n]={exports:{}};o[n][0].call(u.exports,function(r){var e;return c(o[n][1][r]||r)},u,u.exports,p,o,i,f)}return i[n].exports}for(var r=0;r<f.length;r++)c(f[r]);return c}return p})()({1:[function(require,module,exports){
+(function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){
 (function (global){(function (){
 /*
 
@@ -166,6 +166,7 @@ var jspb = require('google-protobuf');
 var goog = jspb;
 var global = Function('return this')();
 
+goog.exportSymbol('proto.io.sentrius.protobuf.ChatMessage', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.MessageType', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.TerminalMessage', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.Trigger', null, global);
@@ -212,6 +213,27 @@ if (goog.DEBUG && !COMPILED) {
    */
   proto.io.sentrius.protobuf.TerminalMessage.displayName = 'proto.io.sentrius.protobuf.TerminalMessage';
 }
+/**
+ * Generated by JsPbCodeGenerator.
+ * @param {Array=} opt_data Optional initial data array, typically from a
+ * server response, or constructed directly in Javascript. The array is used
+ * in place and becomes part of the constructed object. It is not cloned.
+ * If no data is provided, the constructed object will be empty, but still
+ * valid.
+ * @extends {jspb.Message}
+ * @constructor
+ */
+proto.io.sentrius.protobuf.ChatMessage = function(opt_data) {
+  jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+};
+goog.inherits(proto.io.sentrius.protobuf.ChatMessage, jspb.Message);
+if (goog.DEBUG && !COMPILED) {
+  /**
+   * @public
+   * @override
+   */
+  proto.io.sentrius.protobuf.ChatMessage.displayName = 'proto.io.sentrius.protobuf.ChatMessage';
+}
 
 
 
@@ -673,6 +695,256 @@ proto.io.sentrius.protobuf.TerminalMessage.prototype.setPrompt = function(value)
 };
 
 
+
+
+
+if (jspb.Message.GENERATE_TO_OBJECT) {
+/**
+ * Creates an object representation of this proto.
+ * Field names that are reserved in JavaScript and will be renamed to pb_name.
+ * Optional fields that are not set will be set to undefined.
+ * To access a reserved field use, foo.pb_<name>, eg, foo.pb_default.
+ * For the list of reserved names please see:
+ *     net/proto2/compiler/js/internal/generator.cc#kKeyword.
+ * @param {boolean=} opt_includeInstance Deprecated. whether to include the
+ *     JSPB instance for transitional soy proto support:
+ *     http://goto/soy-param-migration
+ * @return {!Object}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.toObject = function(opt_includeInstance) {
+  return proto.io.sentrius.protobuf.ChatMessage.toObject(opt_includeInstance, this);
+};
+
+
+/**
+ * Static version of the {@see toObject} method.
+ * @param {boolean|undefined} includeInstance Deprecated. Whether to include
+ *     the JSPB instance for transitional soy proto support:
+ *     http://goto/soy-param-migration
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} msg The msg instance to transform.
+ * @return {!Object}
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.io.sentrius.protobuf.ChatMessage.toObject = function(includeInstance, msg) {
+  var f, obj = {
+    sessionId: jspb.Message.getFieldWithDefault(msg, 1, 0),
+    chatGroupId: jspb.Message.getFieldWithDefault(msg, 2, ""),
+    sender: jspb.Message.getFieldWithDefault(msg, 3, ""),
+    message: jspb.Message.getFieldWithDefault(msg, 4, ""),
+    timestamp: jspb.Message.getFieldWithDefault(msg, 5, 0)
+  };
+
+  if (includeInstance) {
+    obj.$jspbMessageInstance = msg;
+  }
+  return obj;
+};
+}
+
+
+/**
+ * Deserializes binary data (in protobuf wire format).
+ * @param {jspb.ByteSource} bytes The bytes to deserialize.
+ * @return {!proto.io.sentrius.protobuf.ChatMessage}
+ */
+proto.io.sentrius.protobuf.ChatMessage.deserializeBinary = function(bytes) {
+  var reader = new jspb.BinaryReader(bytes);
+  var msg = new proto.io.sentrius.protobuf.ChatMessage;
+  return proto.io.sentrius.protobuf.ChatMessage.deserializeBinaryFromReader(msg, reader);
+};
+
+
+/**
+ * Deserializes binary data (in protobuf wire format) from the
+ * given reader into the given message object.
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} msg The message object to deserialize into.
+ * @param {!jspb.BinaryReader} reader The BinaryReader to use.
+ * @return {!proto.io.sentrius.protobuf.ChatMessage}
+ */
+proto.io.sentrius.protobuf.ChatMessage.deserializeBinaryFromReader = function(msg, reader) {
+  while (reader.nextField()) {
+    if (reader.isEndGroup()) {
+      break;
+    }
+    var field = reader.getFieldNumber();
+    switch (field) {
+    case 1:
+      var value = /** @type {number} */ (reader.readInt64());
+      msg.setSessionId(value);
+      break;
+    case 2:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setChatGroupId(value);
+      break;
+    case 3:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setSender(value);
+      break;
+    case 4:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setMessage(value);
+      break;
+    case 5:
+      var value = /** @type {number} */ (reader.readInt64());
+      msg.setTimestamp(value);
+      break;
+    default:
+      reader.skipField();
+      break;
+    }
+  }
+  return msg;
+};
+
+
+/**
+ * Serializes the message to binary data (in protobuf wire format).
+ * @return {!Uint8Array}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.serializeBinary = function() {
+  var writer = new jspb.BinaryWriter();
+  proto.io.sentrius.protobuf.ChatMessage.serializeBinaryToWriter(this, writer);
+  return writer.getResultBuffer();
+};
+
+
+/**
+ * Serializes the given message to binary data (in protobuf wire
+ * format), writing to the given BinaryWriter.
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} message
+ * @param {!jspb.BinaryWriter} writer
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.io.sentrius.protobuf.ChatMessage.serializeBinaryToWriter = function(message, writer) {
+  var f = undefined;
+  f = message.getSessionId();
+  if (f !== 0) {
+    writer.writeInt64(
+      1,
+      f
+    );
+  }
+  f = message.getChatGroupId();
+  if (f.length > 0) {
+    writer.writeString(
+      2,
+      f
+    );
+  }
+  f = message.getSender();
+  if (f.length > 0) {
+    writer.writeString(
+      3,
+      f
+    );
+  }
+  f = message.getMessage();
+  if (f.length > 0) {
+    writer.writeString(
+      4,
+      f
+    );
+  }
+  f = message.getTimestamp();
+  if (f !== 0) {
+    writer.writeInt64(
+      5,
+      f
+    );
+  }
+};
+
+
+/**
+ * optional int64 session_id = 1;
+ * @return {number}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getSessionId = function() {
+  return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 1, 0));
+};
+
+
+/**
+ * @param {number} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setSessionId = function(value) {
+  return jspb.Message.setProto3IntField(this, 1, value);
+};
+
+
+/**
+ * optional string chat_group_id = 2;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getChatGroupId = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 2, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setChatGroupId = function(value) {
+  return jspb.Message.setProto3StringField(this, 2, value);
+};
+
+
+/**
+ * optional string sender = 3;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getSender = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 3, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setSender = function(value) {
+  return jspb.Message.setProto3StringField(this, 3, value);
+};
+
+
+/**
+ * optional string message = 4;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getMessage = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 4, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setMessage = function(value) {
+  return jspb.Message.setProto3StringField(this, 4, value);
+};
+
+
+/**
+ * optional int64 timestamp = 5;
+ * @return {number}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getTimestamp = function() {
+  return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 5, 0));
+};
+
+
+/**
+ * @param {number} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setTimestamp = function(value) {
+  return jspb.Message.setProto3IntField(this, 5, value);
+};
+
+
 /**
  * @enum {number}
  */
diff --git a/api/src/main/resources/static/js/session_pb.js b/api/src/main/resources/static/js/session_pb.js
index 7fd41804..8e273368 100644
--- a/api/src/main/resources/static/js/session_pb.js
+++ b/api/src/main/resources/static/js/session_pb.js
@@ -12,6 +12,7 @@ var jspb = require('google-protobuf');
 var goog = jspb;
 var global = Function('return this')();
 
+goog.exportSymbol('proto.io.sentrius.protobuf.ChatMessage', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.MessageType', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.TerminalMessage', null, global);
 goog.exportSymbol('proto.io.sentrius.protobuf.Trigger', null, global);
@@ -58,6 +59,27 @@ if (goog.DEBUG && !COMPILED) {
    */
   proto.io.sentrius.protobuf.TerminalMessage.displayName = 'proto.io.sentrius.protobuf.TerminalMessage';
 }
+/**
+ * Generated by JsPbCodeGenerator.
+ * @param {Array=} opt_data Optional initial data array, typically from a
+ * server response, or constructed directly in Javascript. The array is used
+ * in place and becomes part of the constructed object. It is not cloned.
+ * If no data is provided, the constructed object will be empty, but still
+ * valid.
+ * @extends {jspb.Message}
+ * @constructor
+ */
+proto.io.sentrius.protobuf.ChatMessage = function(opt_data) {
+  jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+};
+goog.inherits(proto.io.sentrius.protobuf.ChatMessage, jspb.Message);
+if (goog.DEBUG && !COMPILED) {
+  /**
+   * @public
+   * @override
+   */
+  proto.io.sentrius.protobuf.ChatMessage.displayName = 'proto.io.sentrius.protobuf.ChatMessage';
+}
 
 
 
@@ -519,6 +541,256 @@ proto.io.sentrius.protobuf.TerminalMessage.prototype.setPrompt = function(value)
 };
 
 
+
+
+
+if (jspb.Message.GENERATE_TO_OBJECT) {
+/**
+ * Creates an object representation of this proto.
+ * Field names that are reserved in JavaScript and will be renamed to pb_name.
+ * Optional fields that are not set will be set to undefined.
+ * To access a reserved field use, foo.pb_<name>, eg, foo.pb_default.
+ * For the list of reserved names please see:
+ *     net/proto2/compiler/js/internal/generator.cc#kKeyword.
+ * @param {boolean=} opt_includeInstance Deprecated. whether to include the
+ *     JSPB instance for transitional soy proto support:
+ *     http://goto/soy-param-migration
+ * @return {!Object}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.toObject = function(opt_includeInstance) {
+  return proto.io.sentrius.protobuf.ChatMessage.toObject(opt_includeInstance, this);
+};
+
+
+/**
+ * Static version of the {@see toObject} method.
+ * @param {boolean|undefined} includeInstance Deprecated. Whether to include
+ *     the JSPB instance for transitional soy proto support:
+ *     http://goto/soy-param-migration
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} msg The msg instance to transform.
+ * @return {!Object}
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.io.sentrius.protobuf.ChatMessage.toObject = function(includeInstance, msg) {
+  var f, obj = {
+    sessionId: jspb.Message.getFieldWithDefault(msg, 1, 0),
+    chatGroupId: jspb.Message.getFieldWithDefault(msg, 2, ""),
+    sender: jspb.Message.getFieldWithDefault(msg, 3, ""),
+    message: jspb.Message.getFieldWithDefault(msg, 4, ""),
+    timestamp: jspb.Message.getFieldWithDefault(msg, 5, 0)
+  };
+
+  if (includeInstance) {
+    obj.$jspbMessageInstance = msg;
+  }
+  return obj;
+};
+}
+
+
+/**
+ * Deserializes binary data (in protobuf wire format).
+ * @param {jspb.ByteSource} bytes The bytes to deserialize.
+ * @return {!proto.io.sentrius.protobuf.ChatMessage}
+ */
+proto.io.sentrius.protobuf.ChatMessage.deserializeBinary = function(bytes) {
+  var reader = new jspb.BinaryReader(bytes);
+  var msg = new proto.io.sentrius.protobuf.ChatMessage;
+  return proto.io.sentrius.protobuf.ChatMessage.deserializeBinaryFromReader(msg, reader);
+};
+
+
+/**
+ * Deserializes binary data (in protobuf wire format) from the
+ * given reader into the given message object.
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} msg The message object to deserialize into.
+ * @param {!jspb.BinaryReader} reader The BinaryReader to use.
+ * @return {!proto.io.sentrius.protobuf.ChatMessage}
+ */
+proto.io.sentrius.protobuf.ChatMessage.deserializeBinaryFromReader = function(msg, reader) {
+  while (reader.nextField()) {
+    if (reader.isEndGroup()) {
+      break;
+    }
+    var field = reader.getFieldNumber();
+    switch (field) {
+    case 1:
+      var value = /** @type {number} */ (reader.readInt64());
+      msg.setSessionId(value);
+      break;
+    case 2:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setChatGroupId(value);
+      break;
+    case 3:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setSender(value);
+      break;
+    case 4:
+      var value = /** @type {string} */ (reader.readString());
+      msg.setMessage(value);
+      break;
+    case 5:
+      var value = /** @type {number} */ (reader.readInt64());
+      msg.setTimestamp(value);
+      break;
+    default:
+      reader.skipField();
+      break;
+    }
+  }
+  return msg;
+};
+
+
+/**
+ * Serializes the message to binary data (in protobuf wire format).
+ * @return {!Uint8Array}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.serializeBinary = function() {
+  var writer = new jspb.BinaryWriter();
+  proto.io.sentrius.protobuf.ChatMessage.serializeBinaryToWriter(this, writer);
+  return writer.getResultBuffer();
+};
+
+
+/**
+ * Serializes the given message to binary data (in protobuf wire
+ * format), writing to the given BinaryWriter.
+ * @param {!proto.io.sentrius.protobuf.ChatMessage} message
+ * @param {!jspb.BinaryWriter} writer
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.io.sentrius.protobuf.ChatMessage.serializeBinaryToWriter = function(message, writer) {
+  var f = undefined;
+  f = message.getSessionId();
+  if (f !== 0) {
+    writer.writeInt64(
+      1,
+      f
+    );
+  }
+  f = message.getChatGroupId();
+  if (f.length > 0) {
+    writer.writeString(
+      2,
+      f
+    );
+  }
+  f = message.getSender();
+  if (f.length > 0) {
+    writer.writeString(
+      3,
+      f
+    );
+  }
+  f = message.getMessage();
+  if (f.length > 0) {
+    writer.writeString(
+      4,
+      f
+    );
+  }
+  f = message.getTimestamp();
+  if (f !== 0) {
+    writer.writeInt64(
+      5,
+      f
+    );
+  }
+};
+
+
+/**
+ * optional int64 session_id = 1;
+ * @return {number}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getSessionId = function() {
+  return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 1, 0));
+};
+
+
+/**
+ * @param {number} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setSessionId = function(value) {
+  return jspb.Message.setProto3IntField(this, 1, value);
+};
+
+
+/**
+ * optional string chat_group_id = 2;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getChatGroupId = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 2, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setChatGroupId = function(value) {
+  return jspb.Message.setProto3StringField(this, 2, value);
+};
+
+
+/**
+ * optional string sender = 3;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getSender = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 3, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setSender = function(value) {
+  return jspb.Message.setProto3StringField(this, 3, value);
+};
+
+
+/**
+ * optional string message = 4;
+ * @return {string}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getMessage = function() {
+  return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 4, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setMessage = function(value) {
+  return jspb.Message.setProto3StringField(this, 4, value);
+};
+
+
+/**
+ * optional int64 timestamp = 5;
+ * @return {number}
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.getTimestamp = function() {
+  return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 5, 0));
+};
+
+
+/**
+ * @param {number} value
+ * @return {!proto.io.sentrius.protobuf.ChatMessage} returns this
+ */
+proto.io.sentrius.protobuf.ChatMessage.prototype.setTimestamp = function(value) {
+  return jspb.Message.setProto3IntField(this, 5, value);
+};
+
+
 /**
  * @enum {number}
  */
diff --git a/api/src/main/resources/templates/sso/enclaves/edit_enclave.html b/api/src/main/resources/templates/sso/enclaves/edit_enclave.html
index 44da6077..15bad99c 100755
--- a/api/src/main/resources/templates/sso/enclaves/edit_enclave.html
+++ b/api/src/main/resources/templates/sso/enclaves/edit_enclave.html
@@ -141,6 +141,17 @@ <h2>Edit Enclave Configuration</h2>
                    placeholder="Enter Max Concurrent Sessions" th:value="${hostGroup.configuration.maxConcurrentSessions}" />
         </div>
 
+        <div class="form-group">
+            <label for="allowAiChat">Allow AI Chat</label>
+            <input type="checkbox" id="allowAiChat" name="allowAiChat" class="form-check-input"
+                   th:checked="${hostGroup.configuration.allowAiChat}" />
+        </div>
+
+        <div class="form-group">
+            <label for="allowAiApproveZtat">Allow AI to approve Access Requests</label>
+            <input type="checkbox" id="allowAiApproveZtat" name="allowAiApproveZtat" class="form-check-input"
+                   th:checked="${hostGroup.configuration.allowAiApproveZtat}" />
+        </div>
         <div class="form-group">
             <label for="allowSudo">Allow sudo</label>
             <input type="checkbox" id="allowSudo" name="allowSudo" class="form-check-input"
diff --git a/api/src/main/resources/templates/sso/lock.html b/api/src/main/resources/templates/sso/lock.html
new file mode 100755
index 00000000..61070661
--- /dev/null
+++ b/api/src/main/resources/templates/sso/lock.html
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+
+<head>
+    <meta th:replace="~{fragments/header}">
+    <title>[[${systemOptions.systemLogoName}]] - Your account is locked</title>
+    <style>
+        body {
+            display: flex;
+            justify-content: center; /* Center horizontally */
+            align-items: center; /* Center vertically */
+            min-height: 100vh; /* Full viewport height */
+            margin: 0;
+            background-color: #f8f9fa; /* Light background */
+        }
+
+        .login-container {
+            background: #ffffff;
+            padding: 2rem;
+            border-radius: 8px;
+            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
+            width: 100%;
+            max-width: 400px;
+        }
+
+        .navbar {
+            position: fixed;
+            top: 0;
+            left: 0;
+            width: 100%;
+            background: #343a40;
+            padding: 0.5rem 1rem;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+            z-index: 1000;
+        }
+
+        .navbar-brand {
+            color: #ffffff;
+            text-decoration: none;
+        }
+
+        .error {
+            color: red;
+            font-size: 0.875rem;
+        }
+    </style>
+</head>
+
+<body>
+<!-- Navbar -->
+<div class="navbar">
+    <a class="navbar-brand" href="#">
+        <img th:src="${systemOptions.systemLogoPathSmall}" alt="Logo" class="me-2" style="height: 24px;">
+        [[${systemOptions.systemLogoName}]]
+    </a>
+</div>
+
+<!-- Login Container -->
+<div th:replace="fragments/topbar"></div>
+<div class="container">
+    <h2>Your account is locked</h2>
+</div>
+
+</body>
+
+</html>
diff --git a/api/src/main/resources/templates/sso/logout.html b/api/src/main/resources/templates/sso/logout.html
deleted file mode 100755
index 6d948c3f..00000000
--- a/api/src/main/resources/templates/sso/logout.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!--/**
- *    Copyright (C) 2013 Loophole, LLC
- *
- *    Licensed under The Prosperity Public License 3.0.0
- */-->
-<!DOCTYPE html>
-<html xmlns:th="http://www.thymeleaf.org">
-
-<head>
-    <meta th:replace="_res/inc/header">
-    <title>[[${systemOptions.systemLogoName}]] - You have been logged out</title>
-</head>
-
-<body>
-<div class="navbar navbar-light bg-light fixed-top navbar-expand-md" role="navigation">
-    <div class="container">
-        <div class="navbar-brand">
-            <div class="nav-img">
-                <img src="/img/bastillion_40x40.png" th:src="@{/img/bastillion_40x40.png}"
-                     alt="bastillion">
-            </div>
-            [[${systemOptions.systemLogoName}]]
-        </div>
-        <!--/.nav-collapse -->
-    </div>
-</div>
-<div class="container">
-    <h3></h3>
-    <div th:replace="_res/inc/errors"></div>
-    You have been logged out! Please click <a href="/login.ktrl">login</a> to enter the system again. <br>
-    If you are using a shared computer, you should close the browser to ensure that you are logged out. <br>
-    Please note that if your system is using cert based auth you will be logged back in automatically when clicking the login link.
-</div>
-</body>
-
-</html>
\ No newline at end of file
diff --git a/api/src/main/resources/templates/sso/ssh/secure_shell.html b/api/src/main/resources/templates/sso/ssh/sso.html
similarity index 82%
rename from api/src/main/resources/templates/sso/ssh/secure_shell.html
rename to api/src/main/resources/templates/sso/ssh/sso.html
index b82b6e36..9b2e28f4 100755
--- a/api/src/main/resources/templates/sso/ssh/secure_shell.html
+++ b/api/src/main/resources/templates/sso/ssh/sso.html
@@ -3,12 +3,95 @@
 
 <head>
     <meta th:replace="~{fragments/header}">
+    <style>
+        /* Chat Button */
+        #chat-button {
+            position: fixed;
+            bottom: 20px;
+            right: 20px;
+            background: #007bff;
+            color: white;
+            padding: 10px 15px;
+            border-radius: 20px;
+            cursor: pointer;
+            font-size: 14px;
+            box-shadow: 2px 2px 5px rgba(0, 0, 0, 0.2);
+        }
+
+        /* Chat Container */
+        #chat-container {
+            position: fixed;
+            bottom: 10px;
+            right: 20px;
+            width: 300px;
+            height: 350px;
+            background: #222;
+            color: white;
+            border-radius: 10px;
+            display: none;
+            flex-direction: column;
+            box-shadow: 2px 2px 10px rgba(0, 0, 0, 0.3);
+        }
+
+        /* Chat Header */
+        #chat-header {
+            background: #444;
+            padding: 10px;
+            cursor: pointer;
+            text-align: center;
+            font-weight: bold;
+            position: relative;
+        }
+
+        #close-chat {
+            position: absolute;
+            right: 10px;
+            cursor: pointer;
+        }
+
+        /* Chat Messages */
+        #chat-messages {
+            flex: 1;
+            padding: 10px;
+            overflow-y: auto;
+            max-height: 250px;
+            font-size: 14px;
+        }
+
+        /* Chat Input */
+        #chat-input {
+            width: 100%;
+            padding: 8px;
+            border: none;
+            background: #333;
+            color: white;
+            font-size: 14px;
+            border-top: 1px solid #666;
+        }
+    </style>
     <script th:src="@{/node/js/google-protobuf/google-protobuf.js}"></script>
     <script th:src="@{/node/js/sockjs-client/sockjs.js}"></script>
     <script th:src="@{/js/bundled_session_pb.js}"></script>
 
     <script th:inline="javascript">
         let persistentMessage = "";
+        let termFocus = true;
+        let chatFocus = false;
+        let chatConnection = null;
+
+        function toggleChat() {
+            let chatContainer = document.getElementById("chat-container");
+            if (chatContainer.style.display === "none" || chatContainer.style.display === "") {
+                chatContainer.style.display = "flex";
+                document.getElementById("chat-input").focus();
+                termFocus = false;
+                chatFocus = true;
+                enableSessionChat();
+            } else {
+
+            }
+            //chatContainer.style.display = (chatContainer.style.display === "none" || chatContainer.style.display === "") ? "flex" : "none";
+        }
 
         function showStatusBar(message) {
             const notification = document.getElementById('notification');
@@ -144,7 +227,7 @@
 
             var keys = {};
 
-            var termFocus = true;
+
             $(document).keypress(function (e) {
                 const isModalVisible = $('#assignIncidentModal').is(':visible');
                 if (isModalVisible) {
@@ -171,6 +254,10 @@
                     }
 
                 }
+                else if (chatFocus) {
+                    console.log("Chat going to focus");
+                    $("#chat-input").focus();
+                }
             });
 
             // Function to hide the popup
@@ -266,8 +353,25 @@
                         e.stopImmediatePropagation();
                     }
 
+                } else {
+                    if (chatFocus){
+                        var keyCode = (e.keyCode) ? e.keyCode : e.charCode;
+                        keys[keyCode] = true;
+                        if (keyCode === 13) {
+                            var cmdStr = $('#chat-input').val();
+
+
+                            const message = new proto.io.sentrius.protobuf.ChatMessage();
+                            message.setMessage(cmdStr);
+                            message.setSender("User");
+                            const base64Message = btoa(String.fromCharCode(...message.serializeBinary()));
+                            chatConnection.send(base64Message);
+                            $('#chat-input').val('');
+                            appendToChatWindow("user", cmdStr);
+                        }
+                    }
                 }
-
+b
             });
 
             $(document).keyup(function (e) {
@@ -280,13 +384,23 @@
             });
 
             $(document).click(function (e) {
-                if (termFocus && !$('body').hasClass('modal-open')) {
-                    //$("#sentrius_term_0").focus();
-                    console.log("click");
-                    document.activeElement.blur(); // Remove focus from terminal
-                    document.body.focus();
-                    //$('#dummy').focus();
-                    // $("#sentrius_term_0").focus();
+                console.log("click");
+
+                // Check if the clicked element is inside chat container, chat input, or chat messages
+                if ($(e.target).closest("#chat-container, #chat-input, #chat-messages").length > 0) {
+                    console.log("Chat going to focus");
+                    chatFocus = true;
+                    termFocus = false;
+                    return; // Stop further execution to keep chat focused
+                } else {
+                    termFocus = true;
+                    chatFocus = false;
+                    // Clicked outside chat → focus terminal
+                    if (termFocus && !$('body').hasClass('modal-open')) {
+                        console.log("clicking outside chat, focusing terminal");
+                        document.activeElement.blur(); // Remove focus from other elements
+                        document.getElementById("sentrius_term_0").focus(); // Ensure terminal gets focus
+                    }
                 }
             });
 
@@ -395,9 +509,11 @@
 
             // Example function to display a new question from the LLM
             function promptQuestion(question) {
-                questionText.textContent = question;
-                responseInput.value = ''; // Clear the input for a new response
-                modalInstance.show();
+                //questionText.textContent = question;
+                //responseInput.value = ''; // Clear the input for a new response
+                //modalInstance.show();
+                toggleChat();
+                appendToChatWindow("system", question);
             }
 
             function resize(element, width, height) {
@@ -902,6 +1018,11 @@ <h5 class="modal-title" id="llmModalLabel">Question</h5>
                     <span id="badge_ztats" class="badge text-bg-dark">0 Pending Access Tokens</span>
                     </a>
                 </li>
+                <li class="nav-item">
+                    <a href="#" class="nav-link" data-bs-toggle="modal" data-bs-target="#sessionChatModal" onclick="toggleChat()">
+                        <span id="session_chat" class="badge text-bg-dark">Session Chat</span>
+                    </a>
+                </li>
 
             </ul>
 
@@ -928,12 +1049,18 @@ <h5 class="modal-title" id="llmModalLabel">Question</h5>
 
 <div class="termwrapper">
 </div>
+<!-- Chat Container -->
+<div id="chat-container">
+    <div id="chat-header" onclick="toggleChat()">Chat <span id="close-chat">✖</span></div>
+    <div id="chat-messages"></div>
+    <input type="text" id="chat-input" placeholder="Type a message..." onkeypress="sendMessage(event)">
+</div>
 <div id="csrf-token" style="display: none;" th:text="${_csrf.token}"></div>
 <div class="modal fade" id="ztatModal" tabindex="-1" aria-labelledby="ztatModalLabel" aria-hidden="true">
     <div class="modal-dialog modal-lg">
         <div class="modal-content">
             <div class="modal-header">
-                <h5 class="modal-title" id="ztatModalLabel">My JIT Requests</h5>
+                <h5 class="modal-title" id="ztatModalLabel">My Access Requests</h5>
                 <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
             </div>
             <div class="modal-body">
@@ -991,8 +1118,123 @@ <h5 class="modal-title" id="assignIncidentModalLabel">Assign Incident</h5>
 
 <script>
     var loaded = false;
+
+
     let timeout = null;
     const csrfToken = document.getElementById("csrf-token").textContent;
+
+    var loc = window.location, chat_ws_uri;
+    if (loc.protocol === "https:") {
+        chat_ws_uri = "https:";
+    } else {
+        chat_ws_uri = "http:";
+    }
+
+    const urlObj = new URL(window.location.href);
+
+    const params = new URLSearchParams(urlObj.search);
+
+    sessionId = params.get('sessionId');
+
+    const path = window.location.pathname;
+
+
+    let encodedSessionId = encodeURIComponent(sessionId);
+
+
+
+    // Function to append chat messages to the UI
+    function appendToChatWindow(sender, message) {
+        let chatBox = document.getElementById("chat-messages");
+
+        // Create message container
+        let messageDiv = document.createElement("div");
+        messageDiv.classList.add("chat-message");
+
+        // Format message
+        messageDiv.innerHTML = `<strong>${sender}:</strong> ${message}`;
+
+        // Append message
+        chatBox.appendChild(messageDiv);
+
+        // Auto-scroll to the latest message
+        chatBox.scrollTop = chatBox.scrollHeight;
+    }
+
+    chat_ws_uri += "//" + loc.host + "/api/v1/chat/attach/subscribe?sessionId="  + encodedSessionId + "&chatGroupId=0" ;
+
+    function heartbeatChat() {
+
+        if (!chatConnection) return;
+
+        if (chatConnection.readyState !== 1) return;
+
+
+        const auditLog = new proto.io.sentrius.protobuf.ChatMessage();
+        auditLog.setSender("system");
+        auditLog.setMessage("heartbeat");
+
+        // Serialize the message to binary
+        const binaryData = auditLog.serializeBinary();
+        const base64Message = btoa(String.fromCharCode(...binaryData));
+        connection.send(base64Message);
+
+        // Set heartbeat interval 10,000 ms
+        setTimeout(heartbeatChat, 5000);
+    };
+
+    function connectChat() {
+        if (null !== chatConnection) {
+            return;
+        }
+        chatConnection = new SockJS(chat_ws_uri);
+        // Register websocket heartbeat
+        chatConnection.onopen = function (e) {
+            heartbeatChat();
+        };
+
+        chatConnection.onclose = function (e) {
+            console.trace();
+            console.log("Repopening");
+        };
+
+        // Log errors
+        chatConnection.onerror = function (error) {
+            console.trace();
+        };
+
+
+        chatConnection.onmessage = function (e) {
+            try {
+                console.log("got message");
+                const binaryMessage = Uint8Array.from(atob(e.data), c => c.charCodeAt(0));
+                try {
+                    const deserializedAuditLog = proto.io.sentrius.protobuf.ChatMessage.deserializeBinary(binaryMessage);
+                    if (!deserializedAuditLog) {
+                        console.log("Malformed message received");
+                        return;
+                    }
+
+                    console.log("appending");
+                    appendToChatWindow(deserializedAuditLog.getSender(), deserializedAuditLog.getMessage());
+
+                    // Proceed with normal processing...
+                } catch (error) {
+                    console.log("Failed to deserialize message:", error);
+                }
+
+
+            } catch (error) {
+                console.log("Failed to deserialize Protocol Buffer message:", error);
+
+                return; // Exit if decoding failed
+            }
+        };
+
+    }
+
+    connectChat();
+
     function autocompleteIncident(query) {
 
         const suggestionsList = document.getElementById('incidentSuggestions');
@@ -1107,6 +1349,11 @@ <h5 class="modal-title" id="assignIncidentModalLabel">Assign Incident</h5>
         const assignIncidentModal = new bootstrap.Modal(document.getElementById('assignIncidentModal'));
         assignIncidentModal.show();
     }
+    function enableSessionChat() {
+        connectChat();
+
+    }
+
     function refreshAccessTokenTable() {
         const ztatTable = $('#ztat-table').DataTable();
         const allowTicket = `[[${enclaveConfiguration.approveViaTicket}]]`;
diff --git a/api/src/main/resources/templates/sso/ztats/view_ztats.html b/api/src/main/resources/templates/sso/ztats/view_ztats.html
index b58c8552..67df0f88 100755
--- a/api/src/main/resources/templates/sso/ztats/view_ztats.html
+++ b/api/src/main/resources/templates/sso/ztats/view_ztats.html
@@ -27,7 +27,7 @@
             color: #eaeaea;
         }
 
-        .btn-primary, .btn-secondary, .btn-danger {
+        .btn-secondary, .btn-secondary, .btn-danger {
             transition: background-color 0.3s ease;
         }
 
@@ -91,9 +91,12 @@ <h2 class="toast-header">Trust AT (TAT) Management</h2>
                                             <td th:text="${s.userName}"></td>
                                             <td th:text="${s.hostName}"></td>
                                             <td>
-                                                <button th:id="'app_btn_' + ${s.id}" class="icon-btn app_btn" th:if="${canApprove}">✅</button>
-                                                <button th:id="'den_btn_' + ${s.id}" class="icon-btn den_btn" th:if="${canDeny}">❌</button>
-                                                <button th:id="'rev_btn_' + ${s.id}" class="icon-btn rev_btn" th:if="${s.isCurrentUser}">🔄</button>
+                                                <button th:id="'app_btn_' + ${s.id}" class="btn-secondary app_btn"
+                                                        th:if="${s.canApprove}">Approve</button>
+                                                <button th:id="'den_btn_' + ${s.id}" class="btn-secondary den_btn"
+                                                        th:if="${s.canDeny}">Deny</button>
+                                                <button th:id="'rev_btn_' + ${s.id}" class="btn-secondary rev_btn"
+                                                        th:if="${s.isCurrentUser}">Revoke</button>
                                             </td>
                                         </tr>
                                         </tbody>
@@ -111,9 +114,16 @@ <h2 class="toast-header">Trust AT (TAT) Management</h2>
                                             <td th:text="${s.summary}"></td>
                                             <td th:text="${s.userName}"></td>
                                             <td>
-                                                <button th:id="'ops_app_btn_' + ${s.id}" class="icon-btn ops_app_btn" th:if="${canApprove}">✅</button>
-                                                <button th:id="'ops_den_btn_' + ${s.id}" class="icon-btn ops_den_btn" th:if="${canDeny}">❌</button>
-                                                <button th:id="'ops_rev_btn_' + ${s.id}" class="icon-btn ops_rev_btn" th:if="${s.isCurrentUser}">🔄</button>
+                                                <button th:id="'ops_app_btn_' + ${s.id}"
+                                                        class="btn-secondary ops_app_btn" th:if="${s.canApprove}">Approve
+                                                </button>
+                                                <button th:id="'ops_den_btn_' + ${s.id}"
+                                                        class="btn-secondary ops_den_btn" th:if="${s.canDeny}">Deny
+                                                </button>
+                                                <button th:id="'ops_rev_btn_' + ${s.id}"
+                                                        class="btn-secondary ops_rev_btn"
+                                                        th:if="${s.isCurrentUser}">Revoke
+                                                </button>
                                             </td>
                                         </tr>
                                         </tbody>
@@ -124,38 +134,117 @@ <h2 class="toast-header">Trust AT (TAT) Management</h2>
 
                         <!-- Approved & Denied TATs - Same Structure -->
                         <div id="approvedTats" class="tab-pane fade">
-                            <table id="approved-tats-table" class="display">
-                                <thead>
-                                <tr><th>Operation</th><th>User</th><th>Uses Remaining</th></tr>
-                                </thead>
-                                <tbody>
-                                <tr th:each="s : ${approvedTats}">
-                                    <td th:text="${s.command}"></td>
-                                    <td th:text="${s.userName}"></td>
-                                    <td th:text="${s.usesRemaining}"></td>
-                                </tr>
-                                </tbody>
-                            </table>
-                        </div>
+                            <div id="approvedtats-table" class="tab-pane fade show active">
+                                <ul class="nav nav-pills mb-3">
+                                    <li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#open-terminal">Terminal TATs</a></li>
+                                    <li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#open-ops">Operational TATs</a></li>
+                                </ul>
+                                <div class="tab-content">
+                                    <!-- Terminal TATs -->
+                                    <div id="approved-terminal" class="tab-pane fade show active">
+                                        <table id="approved-terminal-table" class="display">
+                                            <thead>
+                                            <tr><th>Operation</th><th>User</th><th>System</th><th>Uses
+                                                Remaining</th><th>Actions</th></tr>
+                                            </thead>
+                                            <tbody>
+                                            <tr th:each="s : ${approvedTerminalTats}">
+                                                <td th:text="${s.command}"></td>
+                                                <td th:text="${s.userName}"></td>
+                                                <td th:text="${s.hostName}"></td>
+                                                <td th:text="${s.usesRemaining}"></td>
+                                                <td>
+                                                    <button th:id="'den_btn_' + ${s.id}" class="btn-secondary den_btn"
+                                                            th:if="${s.canDeny}">Deny</button>
+                                                </td>
+                                            </tr>
+                                            </tbody>
+                                        </table>
+                                    </div>
+
+                                    <!-- Operational TATs -->
+                                    <div id="approved-ops" class="tab-pane fade">
+                                        <table id="approved-ops-table" class="display">
+                                            <thead>
+                                            <tr><th>Operation</th><th>User</th><th>Uses Remaining</th><th>Actions
+                                            </th></tr>
+                                            </thead>
+                                            <tbody>
+                                            <tr th:each="s : ${approvedOpsTats}">
+                                                <td th:text="${s.summary}"></td>
+                                                <td th:text="${s.userName}"></td>
+                                                <td th:text="${s.usesRemaining}"></td>
+                                                <td>
+                                                    <button th:id="'ops_den_btn_' + ${s.id}"
+                                                            class="btn-secondary ops_den_btn" th:if="${s.canDeny}">Deny
+                                                    </button>
+                                                </td>
+                                            </tr>
+                                            </tbody>
+                                        </table>
+                                    </div>
+
+                                </div>
 
-                        <div id="deniedTats" class="tab-pane fade">
-                            <table id="denied-tats-table" class="display">
-                                <thead>
-                                <tr><th>Operation</th><th>User</th><th>System</th></tr>
-                                </thead>
-                                <tbody>
-                                <tr th:each="s : ${deniedTats}">
-                                    <td th:text="${s.command}"></td>
-                                    <td th:text="${s.userName}"></td>
-                                    <td th:text="${s.hostName}"></td>
-                                </tr>
-                                </tbody>
-                            </table>
-                        </div>
 
                     </div>
                 </div>
 
+                        <!-- Denied TATs -->
+                        <div id="deniedTats" class="tab-pane fade">
+                            <div id="denied-table" class="tab-pane fade show active">
+                                <ul class="nav nav-pills mb-3">
+                                    <li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#open-terminal">Terminal TATs</a></li>
+                                    <li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#open-ops">Operational TATs</a></li>
+                                </ul>
+                                <div class="tab-content">
+                                    <!-- Terminal TATs -->
+                                    <div id="denied-terminal" class="tab-pane fade show active">
+                                        <table id="denied-terminal-table" class="display">
+                                            <thead>
+                                            <tr><th>Operation</th><th>User</th><th>System</th><th>Actions</th></tr>
+                                            </thead>
+                                            <tbody>
+                                            <tr th:each="s : ${deniedTerminalTats}">
+                                                <td th:text="${s.command}"></td>
+                                                <td th:text="${s.userName}"></td>
+                                                <td th:text="${s.hostName}"></td>
+                                                <td>
+                                                    <button th:id="'den_app_' + ${s.id}" class="btn-secondary app_btn"
+                                                            th:if="${s.canApprove}">Approve</button>
+                                                </td>
+                                            </tr>
+                                            </tbody>
+                                        </table>
+                                    </div>
+
+                                    <!-- Operational TATs -->
+                                    <div id="denied-ops" class="tab-pane fade">
+                                        <table id="denied-ops-table" class="display">
+                                            <thead>
+                                            <tr><th>Operation</th><th>User</th><th>Actions</th></tr>
+                                            </thead>
+                                            <tbody>
+                                            <tr th:each="s : ${deniedOpsTats}">
+                                                <td th:text="${s.summary}"></td>
+                                                <td th:text="${s.userName}"></td>
+                                                <td>
+                                                    <button th:id="'ops_app_btn_' + ${s.id}"
+                                                            class="btn-secondary ops_app_btn"
+                                                            th:if="${s.canApprove}">Deny
+                                                    </button>
+                                                </td>
+                                            </tr>
+                                            </tbody>
+                                        </table>
+                                    </div>
+
+                                </div>
+
+
+                            </div>
+                        </div>
+
             </div>
         </div>
     </div>
@@ -164,7 +253,7 @@ <h2 class="toast-header">Trust AT (TAT) Management</h2>
 <!-- DataTables Initialization -->
 <script>
     $(document).ready(function () {
-        $('#open-terminal-table, #open-ops-table, #approved-tats-table, #denied-tats-table').DataTable();
+        $('#open-terminal-table, #open-ops-table, #approved-terminal-table, #approved-ops-table, #denied-terminal-table, #denied-ops-table').DataTable();
 
         $(".app_btn").click(function () {
             let id = this.id.split("_").pop();
diff --git a/build-images-gcp.sh b/build-images-gcp.sh
index 78b02480..50525fc1 100755
--- a/build-images-gcp.sh
+++ b/build-images-gcp.sh
@@ -87,7 +87,7 @@ if $update_sentrius_keycloak; then
 fi
 
 if $update_sentrius_agent; then
-    cp analyagents/target/analyagents-*.jar docker/sentrius-agent/agent.jar
+    cp java-agents/target/java-agents-*.jar docker/sentrius-agent/agent.jar
     SENTRIUS_AGENT_VERSION=$(increment_patch_version $SENTRIUS_AGENT_VERSION)
     build_and_push_image "sentrius-agent" "$SENTRIUS_AGENT_VERSION" "./docker/sentrius-agent"
     rm docker/sentrius-agent/agent.jar
diff --git a/build-images-local.sh b/build-images-local.sh
index 8817086b..b837791c 100755
--- a/build-images-local.sh
+++ b/build-images-local.sh
@@ -87,7 +87,7 @@ if $update_sentrius_keycloak; then
 fi
 
 if $update_sentrius_agent; then
-    cp analyagents/target/analyagents-*.jar docker/sentrius-agent/agent.jar
+    cp java-agents/target/java-agents-*.jar docker/sentrius-agent/agent.jar
     SENTRIUS_AGENT_VERSION=$(increment_patch_version $SENTRIUS_AGENT_VERSION)
     build_image "sentrius-agent" "$SENTRIUS_AGENT_VERSION" "./docker/sentrius-agent"
     rm docker/sentrius-agent/agent.jar
diff --git a/core/make.sh b/core/make.sh
index 60aad413..b4adc493 100755
--- a/core/make.sh
+++ b/core/make.sh
@@ -1,7 +1,7 @@
 protoc -I=./ --java_out=./ src/main/proto/session.proto 
 protoc --js_out=import_style=commonjs,binary:. src/main/proto/session.proto
 mv src/main/proto/session_pb.js ../api/src/main/resources/static/js/
-mv io/sentrius/protobuf/Session.java src/main/java/io/sentrius/protobuf
+mv io/sentrius/protobuf/Session.java src/main/java/io/sentrius/sso/protobuf/
 pushd ../api/
 browserify ./src/main/resources/static/js/session_pb.js -o ./src/main/resources/static/js/bundled_session_pb.js
 popd
diff --git a/core/src/main/java/io/sentrius/sso/core/config/SystemOptions.java b/core/src/main/java/io/sentrius/sso/core/config/SystemOptions.java
index cc8ce607..125df071 100644
--- a/core/src/main/java/io/sentrius/sso/core/config/SystemOptions.java
+++ b/core/src/main/java/io/sentrius/sso/core/config/SystemOptions.java
@@ -134,8 +134,8 @@ public class SystemOptions {
   /**
    * Purely for testing mode
    */
-  @Updatable(description = "Allows admins to view and approve their own JIT requests.")
-  public Boolean canApproveOwnJITs = false;
+  @Updatable(description = "Allows admins to view and approve their own ZTAT ( Zero Trust Access Token) requests.")
+  public Boolean canApproveOwnZtat = false;
 
 
   // the default path may be sufficient
diff --git a/core/src/main/java/io/sentrius/sso/core/model/ConnectedSystem.java b/core/src/main/java/io/sentrius/sso/core/model/ConnectedSystem.java
index 9a845634..51fa4761 100644
--- a/core/src/main/java/io/sentrius/sso/core/model/ConnectedSystem.java
+++ b/core/src/main/java/io/sentrius/sso/core/model/ConnectedSystem.java
@@ -50,6 +50,9 @@ public class ConnectedSystem {
     @Builder.Default
     private volatile String websocketSessionId = "";
 
+    @Builder.Default
+    private volatile String websocketChatSessionId = "";
+
     // websocket for a listener
     @Builder.Default
     private volatile String websocketListenerSessionId = "";
diff --git a/core/src/main/java/io/sentrius/sso/core/model/chat/ChatLog.java b/core/src/main/java/io/sentrius/sso/core/model/chat/ChatLog.java
new file mode 100644
index 00000000..c87becd6
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/model/chat/ChatLog.java
@@ -0,0 +1,51 @@
+package io.sentrius.sso.core.model.chat;
+
+import io.sentrius.sso.core.model.sessions.SessionLog;
+import java.time.LocalDateTime;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Entity
+@Getter
+@Data
+@Builder
+@AllArgsConstructor
+@RequiredArgsConstructor
+@Table(name = "chat_log")
+public class ChatLog {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @ManyToOne
+    @JoinColumn(name = "session_id", nullable = false)
+    private SessionLog session;
+
+    @Column(nullable = false)
+    private String chatGroupId;  // Unique chat dialog within the session
+
+    private Integer instanceId;
+
+    @Column(nullable = false)
+    private String sender;
+
+    @Column(nullable = false, columnDefinition = "TEXT")
+    private String message;
+
+    @Column(name = "message_tm", nullable = false)
+    private LocalDateTime messageTimestamp = LocalDateTime.now();
+
+    // Getters and Setters
+}
\ No newline at end of file
diff --git a/core/src/main/java/io/sentrius/sso/core/model/dto/JITTrackerDTO.java b/core/src/main/java/io/sentrius/sso/core/model/dto/JITTrackerDTO.java
index 5e452acd..a7a03362 100644
--- a/core/src/main/java/io/sentrius/sso/core/model/dto/JITTrackerDTO.java
+++ b/core/src/main/java/io/sentrius/sso/core/model/dto/JITTrackerDTO.java
@@ -24,4 +24,8 @@ public class JITTrackerDTO {
     private Date lastUpdated;
     @Builder.Default
     private boolean currentUser = false;
+    @Builder.Default
+    private boolean canApprove = false;
+    @Builder.Default
+    private boolean canDeny = false;
 }
diff --git a/core/src/main/java/io/sentrius/sso/core/model/hostgroup/ProfileConfiguration.java b/core/src/main/java/io/sentrius/sso/core/model/hostgroup/ProfileConfiguration.java
index 1bfa2333..8318942a 100755
--- a/core/src/main/java/io/sentrius/sso/core/model/hostgroup/ProfileConfiguration.java
+++ b/core/src/main/java/io/sentrius/sso/core/model/hostgroup/ProfileConfiguration.java
@@ -67,6 +67,12 @@ public class ProfileConfiguration {
   @Builder.Default
   private List<SessionRule> sessionRules = new ArrayList<>();
 
+  @Builder.Default
+  private Boolean allowAiChat = true;
+
+  @Builder.Default
+  private Boolean allowAiApproveZtat = false;
+
   @Builder.Default
   private Map<Long, Long> userOverrideTypeMap = new HashMap<>();
 
diff --git a/core/src/main/java/io/sentrius/sso/core/model/zt/OpsUse.java b/core/src/main/java/io/sentrius/sso/core/model/zt/OpsUse.java
new file mode 100644
index 00000000..06dc5fa9
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/model/zt/OpsUse.java
@@ -0,0 +1,39 @@
+package io.sentrius.sso.core.model.zt;
+
+import java.time.LocalDateTime;
+import io.sentrius.sso.core.model.users.User;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import lombok.Getter;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+
+@Entity
+@Setter
+@Getter
+@Table(name = "ops_uses")
+public class OpsUse {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "ztat_approval_id", nullable = false)
+    private ZeroTrustAccessTokenApproval ztatApproval;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "user_id", nullable = false)
+    private User user;
+
+    @CreationTimestamp
+    @Column(name = "used_at", nullable = false, updatable = false)
+    private LocalDateTime usedAt;
+}
diff --git a/core/src/main/java/io/sentrius/sso/core/model/zt/ZeroTrustApprovalHistory.java b/core/src/main/java/io/sentrius/sso/core/model/zt/ZeroTrustApprovalHistory.java
new file mode 100644
index 00000000..0aba3129
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/model/zt/ZeroTrustApprovalHistory.java
@@ -0,0 +1,46 @@
+package io.sentrius.sso.core.model.zt;
+
+
+import java.time.LocalDateTime;
+import io.sentrius.sso.core.model.users.User;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import lombok.Getter;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+
+@Entity
+@Setter
+@Getter
+@Table(name = "ztat_approval_history")
+public class ZeroTrustApprovalHistory {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "ztat_request_id", nullable = false)
+    private ZeroTrustAccessTokenRequest ztatRequest;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "approver_id", nullable = false)
+    private User approver;
+
+    @Column(name = "approved", nullable = false)
+    private boolean approved;
+
+    @Column(name = "rationale", columnDefinition = "TEXT")
+    private String rationale;
+
+    @CreationTimestamp
+    @Column(name = "decision_timestamp", nullable = false, updatable = false)
+    private LocalDateTime decisionTimestamp;
+}
diff --git a/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatApprovalHistory.java b/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatApprovalHistory.java
new file mode 100644
index 00000000..681f4bd9
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatApprovalHistory.java
@@ -0,0 +1,46 @@
+package io.sentrius.sso.core.model.zt;
+
+import io.sentrius.sso.core.model.users.User;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import lombok.Getter;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+
+import java.time.LocalDateTime;
+
+@Entity
+@Setter
+@Getter
+@Table(name = "ztat_approval_history")
+public class ZtatApprovalHistory {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "ztat_request_id", nullable = false)
+    private ZeroTrustAccessTokenRequest ztatRequest;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "approver_id", nullable = false)
+    private User approver;
+
+    @Column(name = "approved", nullable = false)
+    private boolean approved;
+
+    @Column(name = "rationale", columnDefinition = "TEXT")
+    private String rationale;
+
+    @CreationTimestamp
+    @Column(name = "decision_timestamp", nullable = false, updatable = false)
+    private LocalDateTime decisionTimestamp;
+}
diff --git a/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatUse.java b/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatUse.java
new file mode 100644
index 00000000..46de032d
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/model/zt/ZtatUse.java
@@ -0,0 +1,45 @@
+package io.sentrius.sso.core.model.zt;
+
+import java.time.LocalDateTime;
+import io.sentrius.sso.core.model.users.User;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+
+@Entity
+@Setter
+@Builder
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "ztat_uses")
+public class ZtatUse {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "ztat_approval_id", nullable = false)
+    private ZeroTrustAccessTokenApproval ztatApproval;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "user_id", nullable = false)
+    private User user;
+
+    @CreationTimestamp
+    @Column(name = "used_at", nullable = false, updatable = false)
+    private LocalDateTime usedAt;
+}
diff --git a/core/src/main/java/io/sentrius/sso/core/repository/ChatLogRepository.java b/core/src/main/java/io/sentrius/sso/core/repository/ChatLogRepository.java
new file mode 100644
index 00000000..48e4845b
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/repository/ChatLogRepository.java
@@ -0,0 +1,11 @@
+package io.sentrius.sso.core.repository;
+
+import io.sentrius.sso.core.model.chat.ChatLog;
+import org.springframework.data.jpa.repository.JpaRepository;
+import java.util.List;
+
+public interface ChatLogRepository extends JpaRepository<ChatLog, Long> {
+    List<ChatLog> findBySessionIdAndChatGroupId(Long sessionId, String chatGroupId);
+
+    List<ChatLog> findBySessionId(Long sessionId);
+}
\ No newline at end of file
diff --git a/core/src/main/java/io/sentrius/sso/core/repository/OpsUseRepository.java b/core/src/main/java/io/sentrius/sso/core/repository/OpsUseRepository.java
new file mode 100644
index 00000000..1553d27f
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/repository/OpsUseRepository.java
@@ -0,0 +1,9 @@
+package io.sentrius.sso.core.repository;
+
+import io.sentrius.sso.core.model.zt.OpsUse;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface OpsUseRepository extends JpaRepository<OpsUse, Long> {
+}
\ No newline at end of file
diff --git a/core/src/main/java/io/sentrius/sso/core/repository/ZtatUseRepository.java b/core/src/main/java/io/sentrius/sso/core/repository/ZtatUseRepository.java
new file mode 100644
index 00000000..78332a46
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/repository/ZtatUseRepository.java
@@ -0,0 +1,16 @@
+package io.sentrius.sso.core.repository;
+
+import java.util.List;
+import io.sentrius.sso.core.model.zt.ZeroTrustAccessTokenApproval;
+import io.sentrius.sso.core.model.zt.ZtatUse;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface ZtatUseRepository extends JpaRepository<ZtatUse, Long> {
+
+
+    @Query("SELECT ztu FROM ZtatUse ztu WHERE ztu.ztatApproval = :ztatApproval")
+    List<ZtatUse> getUses(ZeroTrustAccessTokenApproval ztatApproval);
+}
\ No newline at end of file
diff --git a/core/src/main/java/io/sentrius/sso/core/services/ChatService.java b/core/src/main/java/io/sentrius/sso/core/services/ChatService.java
new file mode 100644
index 00000000..a0f3083b
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/core/services/ChatService.java
@@ -0,0 +1,27 @@
+package io.sentrius.sso.core.services;
+
+import java.util.List;
+import io.sentrius.sso.core.model.chat.ChatLog;
+import io.sentrius.sso.core.repository.ChatLogRepository;
+import jakarta.transaction.Transactional;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class ChatService {
+
+    private final ChatLogRepository chatLogRepository;
+
+    @Transactional
+    public void save(ChatLog chatLog) {
+        chatLogRepository.save(chatLog);
+    }
+
+    @Transactional
+    public List<ChatLog> findBySessionIdAndChatGroupId(Long sessionId) {
+        return chatLogRepository.findBySessionId(sessionId);
+    }
+
+
+}
diff --git a/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustAccessTokenService.java b/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustAccessTokenService.java
index 6bb1f574..c73714b4 100644
--- a/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustAccessTokenService.java
+++ b/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustAccessTokenService.java
@@ -16,6 +16,7 @@
 import io.sentrius.sso.core.model.zt.ZeroTrustAccessTokenRequest;
 import io.sentrius.sso.core.model.zt.OpsZeroTrustAcessTokenRequest;
 import io.sentrius.sso.core.utils.ZTATUtils;
+import jakarta.transaction.Transactional;
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -191,11 +192,13 @@ public void approveOpsAccessToken(@NonNull OpsZeroTrustAcessTokenRequest request
     ztatRequestService.setOpsAccessTokenStatus(request, user, true);
   }
 
+  @Transactional
   public void denyAccessToken(@NonNull ZeroTrustAccessTokenRequest request, @NonNull User user)
       throws SQLException, GeneralSecurityException {
     ztatRequestService.getAccessTokenStatus(request, user, false);
   }
 
+  @Transactional
   public void denyOpsAccessToken(@NonNull OpsZeroTrustAcessTokenRequest request, @NonNull User user)
       throws SQLException, GeneralSecurityException {
     ztatRequestService.setOpsAccessTokenStatus(request, user, false);
diff --git a/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustRequestService.java b/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustRequestService.java
index b1e56595..84ec576b 100644
--- a/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustRequestService.java
+++ b/core/src/main/java/io/sentrius/sso/core/services/ZeroTrustRequestService.java
@@ -8,11 +8,13 @@
 import io.sentrius.sso.core.model.zt.ZeroTrustAccessTokenRequest;
 import io.sentrius.sso.core.model.zt.OpsApproval;
 import io.sentrius.sso.core.model.zt.OpsZeroTrustAcessTokenRequest;
+import io.sentrius.sso.core.model.zt.ZtatUse;
 import io.sentrius.sso.core.repository.ZeroTrustAccessTokenApprovalRepository;
 import io.sentrius.sso.core.repository.JITReasonRepository;
 import io.sentrius.sso.core.repository.ZeroTrustAccessTokenRequestRepository;
 import io.sentrius.sso.core.repository.OpsApprovalRepository;
 import io.sentrius.sso.core.repository.OpsJITRequestRepository;
+import io.sentrius.sso.core.repository.ZtatUseRepository;
 import io.sentrius.sso.core.utils.ZTATUtils;
 import lombok.NonNull;
 import lombok.extern.slf4j.Slf4j;
@@ -45,6 +47,9 @@ public class ZeroTrustRequestService {
     @Autowired
     private SystemOptions systemOptions;
 
+    @Autowired
+    private ZtatUseRepository ztatUseRepository;
+
 
     @Transactional(readOnly = true)
     public List<ZeroTrustAccessTokenRequest> getAllJITRequests() {
@@ -168,6 +173,7 @@ public Optional<ZeroTrustAccessTokenApproval> getAccessTokenStatus(ZeroTrustAcce
         return Optional.empty(); // Placeholder for actual implementation.
     }
 
+    @Transactional
     public void setOpsAccessTokenStatus(OpsZeroTrustAcessTokenRequest reqeust, User user, boolean approval) {
         opsApprovalRepository.deleteByZtatRequestId(reqeust.getId());
 
@@ -179,6 +185,7 @@ public void setOpsAccessTokenStatus(OpsZeroTrustAcessTokenRequest reqeust, User
         opsApprovalRepository.save(opsApproval);
     }
 
+    @Transactional
     public void getAccessTokenStatus(ZeroTrustAccessTokenRequest request, User user, boolean approval) {
         ztatApprovalRepository.deleteByztatRequestId(request.getId());
 
@@ -190,6 +197,7 @@ public void getAccessTokenStatus(ZeroTrustAccessTokenRequest request, User user,
         ztatApprovalRepository.save(ztatApproval);
     }
 
+    @Transactional
     public void incrementAccessTokenUses(ZeroTrustAccessTokenRequest request) {
         if (request.getSystem().getId().equals(-1L)) {
             log.info("Incrementing uses for JITRequest: {}", ztatApprovalRepository.findByZtatRequestId(request.getId()).isPresent());
@@ -207,7 +215,8 @@ public void incrementAccessTokenUses(ZeroTrustAccessTokenRequest request) {
                 if (approval.getUses() >= systemOptions.maxJitUses) {
                     throw new RuntimeException("JIT uses exceeded");
                 }
-                approval.setUses(approval.getUses() + 1);
+                ;
+                ztatUseRepository.save(ZtatUse.builder().ztatApproval(approval).user(request.getUser()).build());
                 log.info("Incrementing uses for JITRequest: {}", request.getId());
                 ztatApprovalRepository.save(approval);
             });
@@ -336,7 +345,8 @@ private Integer getUsesRemaining(ZeroTrustAccessTokenRequest request) {
              // get the latest approval
             List<ZeroTrustAccessTokenApproval> approval = request.getApprovals();
             if (!approval.isEmpty()) {
-                return systemOptions.maxJitUses - approval.get(0).getUses();
+                var uses = ztatUseRepository.getUses(approval.get(0));
+                return systemOptions.maxJitUses - uses.size();
             }
 
         return systemOptions.maxJitUses; // Update as needed based on your logic
@@ -346,6 +356,7 @@ private Integer getUsesRemaining(OpsZeroTrustAcessTokenRequest request) {
 
             List<OpsApproval> approval = request.getApprovals();
             if (!approval.isEmpty()) {
+
                 return systemOptions.maxJitUses - approval.get(0).getUses();
             }
 
diff --git a/core/src/main/java/io/sentrius/sso/core/utils/StringUtils.java b/core/src/main/java/io/sentrius/sso/core/utils/StringUtils.java
index d762dec8..90418496 100644
--- a/core/src/main/java/io/sentrius/sso/core/utils/StringUtils.java
+++ b/core/src/main/java/io/sentrius/sso/core/utils/StringUtils.java
@@ -6,6 +6,10 @@
 public class StringUtils {
   private static final int MAX_STRING_LENGTH = 100;
 
+  public static boolean isBlank(String string) {
+    return string == null || string.trim().isEmpty();
+  }
+
   public static String truncateString(
       String originalString, String truncateBegin, String truncateEnd, int limit) {
     String leftTruncated = truncateLeft(originalString, truncateBegin, limit);
diff --git a/core/src/main/java/io/sentrius/sso/genai/ChatConversation.java b/core/src/main/java/io/sentrius/sso/genai/ChatConversation.java
new file mode 100644
index 00000000..cb9b565c
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/genai/ChatConversation.java
@@ -0,0 +1,57 @@
+package io.sentrius.sso.genai;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+import io.sentrius.sso.core.utils.JsonUtil;
+import io.sentrius.sso.genai.model.ChatResponse;
+import io.sentrius.sso.genai.model.Conversation;
+import io.sentrius.sso.genai.model.endpoints.ConversationRequest;
+import io.sentrius.sso.integrations.exceptions.HttpException;
+import io.sentrius.sso.security.TokenProvider;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Query compliance scorer with user defined rules to be provided to OpenAI
+ */
+@Slf4j
+public class ChatConversation extends DataGenerator<Conversation, ChatResponse> {
+
+    public ChatConversation(
+        TokenProvider token, GenerativeAPI generator, GeneratorConfiguration config) {
+        super(token, generator, config);
+    }
+
+    @Override
+    protected String generateInput(Conversation on) {
+        return on.getSystemConfines();
+    }
+
+
+    @Override
+    public ChatResponse generate(Conversation on) throws HttpException, JsonProcessingException {
+
+        ConversationRequest request =
+            ConversationRequest.builder().systemInput(generateInput(on)).newMessage(
+                on.getNewUserMessage()).user(
+                "user").chatWithHistory(on.getPreviousMessages()).build();
+        log.info("Generating compliance score for: " + on);
+        request.setTemperature(0.8f);
+        Response hello = api.sample(request, Response.class);
+        try{
+            var resp = hello.concatenateResponses();
+            var objectNode = JsonUtil.MAPPER.readValue(resp, ObjectNode.class);
+            var message = objectNode.get("message") != null ? objectNode.get("message").asText() : "";
+            var alert = objectNode.get("alert") != null ? objectNode.get("alert").asBoolean() : false;
+
+            var terminalMessage = objectNode.get("terminal");
+            if (null != terminalMessage) {
+                return ChatResponse.builder().role("system").content(message).terminalMessage(terminalMessage.asText()).alert(alert).build();
+            }
+            return ChatResponse.builder().role("system").content(message).alert(alert).build();
+        } catch (Exception e) {
+            log.info("Error parsing compliance score: " + hello.concatenateResponses());
+            return ChatResponse.builder().role("system").content("Error parsing response").build();
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/core/src/main/java/io/sentrius/sso/genai/model/ChatResponse.java b/core/src/main/java/io/sentrius/sso/genai/model/ChatResponse.java
new file mode 100644
index 00000000..cd473973
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/genai/model/ChatResponse.java
@@ -0,0 +1,22 @@
+package io.sentrius.sso.genai.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import lombok.Setter;
+
+@Getter
+@Data
+@Setter
+@Builder
+@AllArgsConstructor
+@RequiredArgsConstructor
+public class ChatResponse {
+    private String role;
+    private String content;
+    private String terminalMessage;
+    @Builder.Default
+    private boolean alert = false;
+}
diff --git a/core/src/main/java/io/sentrius/sso/genai/model/Conversation.java b/core/src/main/java/io/sentrius/sso/genai/model/Conversation.java
new file mode 100644
index 00000000..a46c25d5
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/genai/model/Conversation.java
@@ -0,0 +1,24 @@
+package io.sentrius.sso.genai.model;
+
+import java.util.ArrayList;
+import java.util.List;
+import lombok.Builder;
+import lombok.Data;
+import lombok.Getter;
+import lombok.Setter;
+
+
+@Builder
+@Data
+@Getter
+@Setter
+public class Conversation {
+
+    List<ChatResponse> previousMessages;
+    ChatResponse newUserMessage;
+
+    @Builder.Default
+    List<String> terminalMessages = new ArrayList<>();
+
+    String systemConfines;
+}
diff --git a/core/src/main/java/io/sentrius/sso/genai/model/endpoints/ConversationRequest.java b/core/src/main/java/io/sentrius/sso/genai/model/endpoints/ConversationRequest.java
new file mode 100644
index 00000000..45f2feb1
--- /dev/null
+++ b/core/src/main/java/io/sentrius/sso/genai/model/endpoints/ConversationRequest.java
@@ -0,0 +1,93 @@
+package io.sentrius.sso.genai.model.endpoints;
+
+import java.util.ArrayList;
+import java.util.List;
+import io.sentrius.sso.genai.Message;
+import io.sentrius.sso.genai.model.ApiEndPointRequest;
+import io.sentrius.sso.genai.model.ChatResponse;
+import io.sentrius.sso.genai.model.ChatRequest;
+import lombok.Builder;
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Represents a request to the OpenAI Chat API endpoint.
+ *
+ * This class provides a convenient way to build a request to the OpenAI Chat API. It includes methods to set the input
+ * text, the model to use, and the parameters for the request, among others. Once the request is built, it can be sent
+ * using the {@link ChatApiEndpoint#send(ConversationRequest)} method.
+ *
+ * Example usage:
+ *
+ * <pre>{@code
+ * ChatApiEndpointRequest request = new ChatApiEndpointRequest.builder().model("davinci").input("Hello, world!")
+ *         .build();
+ *
+ * ChatApiEndpoint endpoint = new ChatApiEndpoint(apiKey);
+ * ChatApiResponse response = endpoint.send(request);
+ * }</pre>
+ *
+ */
+@Data
+@SuperBuilder
+public class ConversationRequest extends ApiEndPointRequest {
+
+    public static final String API_ENDPOINT = "https://api.openai.com/v1/chat/completions";
+
+    @Builder.Default
+    private Float temperature = 1.0F;
+
+    @Override
+    public String getEndpoint() {
+        return API_ENDPOINT;
+    }
+
+    @Builder.Default
+    private List<ChatResponse> chatWithHistory = new ArrayList<>();
+
+    @Builder.Default
+    private ChatResponse newMessage = ChatResponse.builder().role("user").content("").build();
+
+
+    /**
+     * Creates a new instance of the ChatApiEndpoint with the specified API key.
+     *
+     * This method is used to create a new instance of the ChatApiEndpoint with the specified API key. The API key is
+     * required to send requests to the OpenAI Chat API endpoint. If the API key is invalid or not provided, an
+     * IllegalArgumentException will be thrown.
+     *
+     * Example usage:
+     *
+     * <pre>{@code
+     * ChatApiEndpoint endpoint = ChatApiEndpoint.create("my-api-key");
+     * }</pre>
+     *
+     * @param apiKey
+     *            The API key to use for requests to the OpenAI Chat API endpoint.
+     *
+     * @return A new instance of the ChatApiEndpoint.
+     *
+     * @throws IllegalArgumentException
+     *             If the API key is null or empty.
+     */
+    @Override
+    public Object create() {
+        List<Message> messages = new ArrayList<>();
+        messages.add(Message.builder().role("system").content(systemInput).build());
+        for (ChatResponse chatMessage : chatWithHistory) {
+            messages.add(Message.builder().role(chatMessage.getRole()).content(chatMessage.getContent()).build());
+        }
+        messages.add(Message.builder().role(newMessage.getRole()).content(newMessage.getContent()).build());
+        String role = StringUtils.isBlank(user) ? "user" : user;
+        var requestBody = ChatRequest.builder().model("gpt-3.5-turbo").user(role).messages(messages);
+        if (temperature != 1.0F) {
+            requestBody.temperature(temperature);
+        }
+        if (maxTokens != 4096) {
+            requestBody.maxTokens(maxTokens);
+        }
+        return requestBody.build();
+    }
+
+}
diff --git a/core/src/main/java/io/sentrius/sso/protobuf/Session.java b/core/src/main/java/io/sentrius/sso/protobuf/Session.java
index 4a73f820..73e8bcb3 100644
--- a/core/src/main/java/io/sentrius/sso/protobuf/Session.java
+++ b/core/src/main/java/io/sentrius/sso/protobuf/Session.java
@@ -15,7 +15,7 @@ public static void registerAllExtensions(
         (com.google.protobuf.ExtensionRegistryLite) registry);
   }
   /**
-   * Protobuf enum {@code io.sentrius.protobuf.TriggerAction}
+   * Protobuf enum {@code io.sentrius.sso.protobuf.TriggerAction}
    */
   public enum TriggerAction
       implements com.google.protobuf.ProtocolMessageEnum {
@@ -152,19 +152,19 @@ public static TriggerAction forNumber(int value) {
     }
 
     public static com.google.protobuf.Internal.EnumLiteMap<TriggerAction>
-        internalGetValueMap() {
+    internalGetValueMap() {
       return internalValueMap;
     }
     private static final com.google.protobuf.Internal.EnumLiteMap<
         TriggerAction> internalValueMap =
-          new com.google.protobuf.Internal.EnumLiteMap<TriggerAction>() {
-            public TriggerAction findValueByNumber(int number) {
-              return TriggerAction.forNumber(number);
-            }
-          };
+        new com.google.protobuf.Internal.EnumLiteMap<TriggerAction>() {
+          public TriggerAction findValueByNumber(int number) {
+            return TriggerAction.forNumber(number);
+          }
+        };
 
     public final com.google.protobuf.Descriptors.EnumValueDescriptor
-        getValueDescriptor() {
+    getValueDescriptor() {
       if (this == UNRECOGNIZED) {
         throw new java.lang.IllegalStateException(
             "Can't get the descriptor of an unrecognized enum value.");
@@ -172,12 +172,12 @@ public TriggerAction findValueByNumber(int number) {
       return getDescriptor().getValues().get(ordinal());
     }
     public final com.google.protobuf.Descriptors.EnumDescriptor
-        getDescriptorForType() {
+    getDescriptorForType() {
       return getDescriptor();
     }
     public static final com.google.protobuf.Descriptors.EnumDescriptor
-        getDescriptor() {
-      return Session.getDescriptor().getEnumTypes().get(0);
+    getDescriptor() {
+      return io.sentrius.sso.protobuf.Session.getDescriptor().getEnumTypes().get(0);
     }
 
     private static final TriggerAction[] VALUES = values();
@@ -186,7 +186,7 @@ public static TriggerAction valueOf(
         com.google.protobuf.Descriptors.EnumValueDescriptor desc) {
       if (desc.getType() != getDescriptor()) {
         throw new java.lang.IllegalArgumentException(
-          "EnumValueDescriptor is not for this type.");
+            "EnumValueDescriptor is not for this type.");
       }
       if (desc.getIndex() == -1) {
         return UNRECOGNIZED;
@@ -200,11 +200,11 @@ private TriggerAction(int value) {
       this.value = value;
     }
 
-    // @@protoc_insertion_point(enum_scope:io.sentrius.protobuf.TriggerAction)
+    // @@protoc_insertion_point(enum_scope:io.sentrius.sso.protobuf.TriggerAction)
   }
 
   /**
-   * Protobuf enum {@code io.sentrius.protobuf.MessageType}
+   * Protobuf enum {@code io.sentrius.sso.protobuf.MessageType}
    */
   public enum MessageType
       implements com.google.protobuf.ProtocolMessageEnum {
@@ -287,19 +287,19 @@ public static MessageType forNumber(int value) {
     }
 
     public static com.google.protobuf.Internal.EnumLiteMap<MessageType>
-        internalGetValueMap() {
+    internalGetValueMap() {
       return internalValueMap;
     }
     private static final com.google.protobuf.Internal.EnumLiteMap<
         MessageType> internalValueMap =
-          new com.google.protobuf.Internal.EnumLiteMap<MessageType>() {
-            public MessageType findValueByNumber(int number) {
-              return MessageType.forNumber(number);
-            }
-          };
+        new com.google.protobuf.Internal.EnumLiteMap<MessageType>() {
+          public MessageType findValueByNumber(int number) {
+            return MessageType.forNumber(number);
+          }
+        };
 
     public final com.google.protobuf.Descriptors.EnumValueDescriptor
-        getValueDescriptor() {
+    getValueDescriptor() {
       if (this == UNRECOGNIZED) {
         throw new java.lang.IllegalStateException(
             "Can't get the descriptor of an unrecognized enum value.");
@@ -307,12 +307,12 @@ public MessageType findValueByNumber(int number) {
       return getDescriptor().getValues().get(ordinal());
     }
     public final com.google.protobuf.Descriptors.EnumDescriptor
-        getDescriptorForType() {
+    getDescriptorForType() {
       return getDescriptor();
     }
     public static final com.google.protobuf.Descriptors.EnumDescriptor
-        getDescriptor() {
-      return Session.getDescriptor().getEnumTypes().get(1);
+    getDescriptor() {
+      return io.sentrius.sso.protobuf.Session.getDescriptor().getEnumTypes().get(1);
     }
 
     private static final MessageType[] VALUES = values();
@@ -321,7 +321,7 @@ public static MessageType valueOf(
         com.google.protobuf.Descriptors.EnumValueDescriptor desc) {
       if (desc.getType() != getDescriptor()) {
         throw new java.lang.IllegalArgumentException(
-          "EnumValueDescriptor is not for this type.");
+            "EnumValueDescriptor is not for this type.");
       }
       if (desc.getIndex() == -1) {
         return UNRECOGNIZED;
@@ -335,23 +335,23 @@ private MessageType(int value) {
       this.value = value;
     }
 
-    // @@protoc_insertion_point(enum_scope:io.sentrius.protobuf.MessageType)
+    // @@protoc_insertion_point(enum_scope:io.sentrius.sso.protobuf.MessageType)
   }
 
   public interface TriggerOrBuilder extends
-      // @@protoc_insertion_point(interface_extends:io.sentrius.protobuf.Trigger)
+      // @@protoc_insertion_point(interface_extends:io.sentrius.sso.protobuf.Trigger)
       com.google.protobuf.MessageOrBuilder {
 
     /**
-     * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+     * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
      * @return The enum numeric value on the wire for action.
      */
     int getActionValue();
     /**
-     * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+     * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
      * @return The action.
      */
-    Session.TriggerAction getAction();
+    io.sentrius.sso.protobuf.Session.TriggerAction getAction();
 
     /**
      * <code>string description = 2;</code>
@@ -363,16 +363,16 @@ public interface TriggerOrBuilder extends
      * @return The bytes for description.
      */
     com.google.protobuf.ByteString
-        getDescriptionBytes();
+    getDescriptionBytes();
   }
   /**
-   * Protobuf type {@code io.sentrius.protobuf.Trigger}
+   * Protobuf type {@code io.sentrius.sso.protobuf.Trigger}
    */
   public static final class Trigger extends
       com.google.protobuf.GeneratedMessageV3 implements
-      // @@protoc_insertion_point(message_implements:io.sentrius.protobuf.Trigger)
+      // @@protoc_insertion_point(message_implements:io.sentrius.sso.protobuf.Trigger)
       TriggerOrBuilder {
-  private static final long serialVersionUID = 0L;
+    private static final long serialVersionUID = 0L;
     // Use Trigger.newBuilder() to construct.
     private Trigger(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
       super(builder);
@@ -444,35 +444,35 @@ private Trigger(
       }
     }
     public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return Session.internal_static_io_dataguardians_protobuf_Trigger_descriptor;
+    getDescriptor() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_Trigger_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return Session.internal_static_io_dataguardians_protobuf_Trigger_fieldAccessorTable
+    internalGetFieldAccessorTable() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_Trigger_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              Session.Trigger.class, Session.Trigger.Builder.class);
+              io.sentrius.sso.protobuf.Session.Trigger.class, io.sentrius.sso.protobuf.Session.Trigger.Builder.class);
     }
 
     public static final int ACTION_FIELD_NUMBER = 1;
     private int action_;
     /**
-     * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+     * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
      * @return The enum numeric value on the wire for action.
      */
     @java.lang.Override public int getActionValue() {
       return action_;
     }
     /**
-     * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+     * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
      * @return The action.
      */
-    @java.lang.Override public Session.TriggerAction getAction() {
+    @java.lang.Override public io.sentrius.sso.protobuf.Session.TriggerAction getAction() {
       @SuppressWarnings("deprecation")
-      Session.TriggerAction result = Session.TriggerAction.valueOf(action_);
-      return result == null ? Session.TriggerAction.UNRECOGNIZED : result;
+      io.sentrius.sso.protobuf.Session.TriggerAction result = io.sentrius.sso.protobuf.Session.TriggerAction.valueOf(action_);
+      return result == null ? io.sentrius.sso.protobuf.Session.TriggerAction.UNRECOGNIZED : result;
     }
 
     public static final int DESCRIPTION_FIELD_NUMBER = 2;
@@ -487,7 +487,7 @@ public java.lang.String getDescription() {
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
-        com.google.protobuf.ByteString bs = 
+        com.google.protobuf.ByteString bs =
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         description_ = s;
@@ -500,10 +500,10 @@ public java.lang.String getDescription() {
      */
     @java.lang.Override
     public com.google.protobuf.ByteString
-        getDescriptionBytes() {
+    getDescriptionBytes() {
       java.lang.Object ref = description_;
       if (ref instanceof java.lang.String) {
-        com.google.protobuf.ByteString b = 
+        com.google.protobuf.ByteString b =
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
         description_ = b;
@@ -526,8 +526,8 @@ public final boolean isInitialized() {
 
     @java.lang.Override
     public void writeTo(com.google.protobuf.CodedOutputStream output)
-                        throws java.io.IOException {
-      if (action_ != Session.TriggerAction.NO_ACTION.getNumber()) {
+        throws java.io.IOException {
+      if (action_ != io.sentrius.sso.protobuf.Session.TriggerAction.NO_ACTION.getNumber()) {
         output.writeEnum(1, action_);
       }
       if (!getDescriptionBytes().isEmpty()) {
@@ -542,9 +542,9 @@ public int getSerializedSize() {
       if (size != -1) return size;
 
       size = 0;
-      if (action_ != Session.TriggerAction.NO_ACTION.getNumber()) {
+      if (action_ != io.sentrius.sso.protobuf.Session.TriggerAction.NO_ACTION.getNumber()) {
         size += com.google.protobuf.CodedOutputStream
-          .computeEnumSize(1, action_);
+            .computeEnumSize(1, action_);
       }
       if (!getDescriptionBytes().isEmpty()) {
         size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, description_);
@@ -557,12 +557,12 @@ public int getSerializedSize() {
     @java.lang.Override
     public boolean equals(final java.lang.Object obj) {
       if (obj == this) {
-       return true;
+        return true;
       }
-      if (!(obj instanceof Session.Trigger)) {
+      if (!(obj instanceof io.sentrius.sso.protobuf.Session.Trigger)) {
         return super.equals(obj);
       }
-      Session.Trigger other = (Session.Trigger) obj;
+      io.sentrius.sso.protobuf.Session.Trigger other = (io.sentrius.sso.protobuf.Session.Trigger) obj;
 
       if (action_ != other.action_) return false;
       if (!getDescription()
@@ -587,69 +587,69 @@ public int hashCode() {
       return hash;
     }
 
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         java.nio.ByteBuffer data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         java.nio.ByteBuffer data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         com.google.protobuf.ByteString data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         com.google.protobuf.ByteString data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.Trigger parseFrom(byte[] data)
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(byte[] data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         byte[] data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.Trigger parseFrom(java.io.InputStream input)
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(java.io.InputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         java.io.InputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input, extensionRegistry);
     }
-    public static Session.Trigger parseDelimitedFrom(java.io.InputStream input)
+    public static io.sentrius.sso.protobuf.Session.Trigger parseDelimitedFrom(java.io.InputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseDelimitedWithIOException(PARSER, input);
     }
-    public static Session.Trigger parseDelimitedFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseDelimitedFrom(
         java.io.InputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         com.google.protobuf.CodedInputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input);
     }
-    public static Session.Trigger parseFrom(
+    public static io.sentrius.sso.protobuf.Session.Trigger parseFrom(
         com.google.protobuf.CodedInputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
@@ -662,7 +662,7 @@ public static Session.Trigger parseFrom(
     public static Builder newBuilder() {
       return DEFAULT_INSTANCE.toBuilder();
     }
-    public static Builder newBuilder(Session.Trigger prototype) {
+    public static Builder newBuilder(io.sentrius.sso.protobuf.Session.Trigger prototype) {
       return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
     }
     @java.lang.Override
@@ -678,26 +678,26 @@ protected Builder newBuilderForType(
       return builder;
     }
     /**
-     * Protobuf type {@code io.sentrius.protobuf.Trigger}
+     * Protobuf type {@code io.sentrius.sso.protobuf.Trigger}
      */
     public static final class Builder extends
         com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-        // @@protoc_insertion_point(builder_implements:io.sentrius.protobuf.Trigger)
-        Session.TriggerOrBuilder {
+        // @@protoc_insertion_point(builder_implements:io.sentrius.sso.protobuf.Trigger)
+        io.sentrius.sso.protobuf.Session.TriggerOrBuilder {
       public static final com.google.protobuf.Descriptors.Descriptor
-          getDescriptor() {
-        return Session.internal_static_io_dataguardians_protobuf_Trigger_descriptor;
+      getDescriptor() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_Trigger_descriptor;
       }
 
       @java.lang.Override
       protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-          internalGetFieldAccessorTable() {
-        return Session.internal_static_io_dataguardians_protobuf_Trigger_fieldAccessorTable
+      internalGetFieldAccessorTable() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_Trigger_fieldAccessorTable
             .ensureFieldAccessorsInitialized(
-                Session.Trigger.class, Session.Trigger.Builder.class);
+                io.sentrius.sso.protobuf.Session.Trigger.class, io.sentrius.sso.protobuf.Session.Trigger.Builder.class);
       }
 
-      // Construct using io.sentrius.protobuf.Session.Trigger.newBuilder()
+      // Construct using io.sentrius.sso.protobuf.Session.Trigger.newBuilder()
       private Builder() {
         maybeForceBuilderInitialization();
       }
@@ -709,7 +709,7 @@ private Builder(
       }
       private void maybeForceBuilderInitialization() {
         if (com.google.protobuf.GeneratedMessageV3
-                .alwaysUseFieldBuilders) {
+            .alwaysUseFieldBuilders) {
         }
       }
       @java.lang.Override
@@ -724,18 +724,18 @@ public Builder clear() {
 
       @java.lang.Override
       public com.google.protobuf.Descriptors.Descriptor
-          getDescriptorForType() {
-        return Session.internal_static_io_dataguardians_protobuf_Trigger_descriptor;
+      getDescriptorForType() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_Trigger_descriptor;
       }
 
       @java.lang.Override
-      public Session.Trigger getDefaultInstanceForType() {
-        return Session.Trigger.getDefaultInstance();
+      public io.sentrius.sso.protobuf.Session.Trigger getDefaultInstanceForType() {
+        return io.sentrius.sso.protobuf.Session.Trigger.getDefaultInstance();
       }
 
       @java.lang.Override
-      public Session.Trigger build() {
-        Session.Trigger result = buildPartial();
+      public io.sentrius.sso.protobuf.Session.Trigger build() {
+        io.sentrius.sso.protobuf.Session.Trigger result = buildPartial();
         if (!result.isInitialized()) {
           throw newUninitializedMessageException(result);
         }
@@ -743,8 +743,8 @@ public Session.Trigger build() {
       }
 
       @java.lang.Override
-      public Session.Trigger buildPartial() {
-        Session.Trigger result = new Session.Trigger(this);
+      public io.sentrius.sso.protobuf.Session.Trigger buildPartial() {
+        io.sentrius.sso.protobuf.Session.Trigger result = new io.sentrius.sso.protobuf.Session.Trigger(this);
         result.action_ = action_;
         result.description_ = description_;
         onBuilt();
@@ -785,16 +785,16 @@ public Builder addRepeatedField(
       }
       @java.lang.Override
       public Builder mergeFrom(com.google.protobuf.Message other) {
-        if (other instanceof Session.Trigger) {
-          return mergeFrom((Session.Trigger)other);
+        if (other instanceof io.sentrius.sso.protobuf.Session.Trigger) {
+          return mergeFrom((io.sentrius.sso.protobuf.Session.Trigger)other);
         } else {
           super.mergeFrom(other);
           return this;
         }
       }
 
-      public Builder mergeFrom(Session.Trigger other) {
-        if (other == Session.Trigger.getDefaultInstance()) return this;
+      public Builder mergeFrom(io.sentrius.sso.protobuf.Session.Trigger other) {
+        if (other == io.sentrius.sso.protobuf.Session.Trigger.getDefaultInstance()) return this;
         if (other.action_ != 0) {
           setActionValue(other.getActionValue());
         }
@@ -817,11 +817,11 @@ public Builder mergeFrom(
           com.google.protobuf.CodedInputStream input,
           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
           throws java.io.IOException {
-        Session.Trigger parsedMessage = null;
+        io.sentrius.sso.protobuf.Session.Trigger parsedMessage = null;
         try {
           parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
         } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-          parsedMessage = (Session.Trigger) e.getUnfinishedMessage();
+          parsedMessage = (io.sentrius.sso.protobuf.Session.Trigger) e.getUnfinishedMessage();
           throw e.unwrapIOException();
         } finally {
           if (parsedMessage != null) {
@@ -833,53 +833,53 @@ public Builder mergeFrom(
 
       private int action_ = 0;
       /**
-       * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+       * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
        * @return The enum numeric value on the wire for action.
        */
       @java.lang.Override public int getActionValue() {
         return action_;
       }
       /**
-       * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+       * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
        * @param value The enum numeric value on the wire for action to set.
        * @return This builder for chaining.
        */
       public Builder setActionValue(int value) {
-        
+
         action_ = value;
         onChanged();
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+       * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
        * @return The action.
        */
       @java.lang.Override
-      public Session.TriggerAction getAction() {
+      public io.sentrius.sso.protobuf.Session.TriggerAction getAction() {
         @SuppressWarnings("deprecation")
-        Session.TriggerAction result = Session.TriggerAction.valueOf(action_);
-        return result == null ? Session.TriggerAction.UNRECOGNIZED : result;
+        io.sentrius.sso.protobuf.Session.TriggerAction result = io.sentrius.sso.protobuf.Session.TriggerAction.valueOf(action_);
+        return result == null ? io.sentrius.sso.protobuf.Session.TriggerAction.UNRECOGNIZED : result;
       }
       /**
-       * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+       * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
        * @param value The action to set.
        * @return This builder for chaining.
        */
-      public Builder setAction(Session.TriggerAction value) {
+      public Builder setAction(io.sentrius.sso.protobuf.Session.TriggerAction value) {
         if (value == null) {
           throw new NullPointerException();
         }
-        
+
         action_ = value.getNumber();
         onChanged();
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.TriggerAction action = 1;</code>
+       * <code>.io.sentrius.sso.protobuf.TriggerAction action = 1;</code>
        * @return This builder for chaining.
        */
       public Builder clearAction() {
-        
+
         action_ = 0;
         onChanged();
         return this;
@@ -907,10 +907,10 @@ public java.lang.String getDescription() {
        * @return The bytes for description.
        */
       public com.google.protobuf.ByteString
-          getDescriptionBytes() {
+      getDescriptionBytes() {
         java.lang.Object ref = description_;
         if (ref instanceof String) {
-          com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString b =
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
           description_ = b;
@@ -927,9 +927,9 @@ public java.lang.String getDescription() {
       public Builder setDescription(
           java.lang.String value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  
+          throw new NullPointerException();
+        }
+
         description_ = value;
         onChanged();
         return this;
@@ -939,7 +939,7 @@ public Builder setDescription(
        * @return This builder for chaining.
        */
       public Builder clearDescription() {
-        
+
         description_ = getDefaultInstance().getDescription();
         onChanged();
         return this;
@@ -952,10 +952,10 @@ public Builder clearDescription() {
       public Builder setDescriptionBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-        
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
         description_ = value;
         onChanged();
         return this;
@@ -973,16 +973,16 @@ public final Builder mergeUnknownFields(
       }
 
 
-      // @@protoc_insertion_point(builder_scope:io.sentrius.protobuf.Trigger)
+      // @@protoc_insertion_point(builder_scope:io.sentrius.sso.protobuf.Trigger)
     }
 
-    // @@protoc_insertion_point(class_scope:io.sentrius.protobuf.Trigger)
-    private static final Session.Trigger DEFAULT_INSTANCE;
+    // @@protoc_insertion_point(class_scope:io.sentrius.sso.protobuf.Trigger)
+    private static final io.sentrius.sso.protobuf.Session.Trigger DEFAULT_INSTANCE;
     static {
-      DEFAULT_INSTANCE = new Session.Trigger();
+      DEFAULT_INSTANCE = new io.sentrius.sso.protobuf.Session.Trigger();
     }
 
-    public static Session.Trigger getDefaultInstance() {
+    public static io.sentrius.sso.protobuf.Session.Trigger getDefaultInstance() {
       return DEFAULT_INSTANCE;
     }
 
@@ -1007,14 +1007,14 @@ public com.google.protobuf.Parser<Trigger> getParserForType() {
     }
 
     @java.lang.Override
-    public Session.Trigger getDefaultInstanceForType() {
+    public io.sentrius.sso.protobuf.Session.Trigger getDefaultInstanceForType() {
       return DEFAULT_INSTANCE;
     }
 
   }
 
   public interface TerminalMessageOrBuilder extends
-      // @@protoc_insertion_point(interface_extends:io.sentrius.protobuf.TerminalMessage)
+      // @@protoc_insertion_point(interface_extends:io.sentrius.sso.protobuf.TerminalMessage)
       com.google.protobuf.MessageOrBuilder {
 
     /**
@@ -1027,33 +1027,33 @@ public interface TerminalMessageOrBuilder extends
      * @return The bytes for sessionId.
      */
     com.google.protobuf.ByteString
-        getSessionIdBytes();
+    getSessionIdBytes();
 
     /**
-     * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+     * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
      * @return The enum numeric value on the wire for type.
      */
     int getTypeValue();
     /**
-     * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+     * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
      * @return The type.
      */
-    Session.MessageType getType();
+    io.sentrius.sso.protobuf.Session.MessageType getType();
 
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      * @return Whether the trigger field is set.
      */
     boolean hasTrigger();
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      * @return The trigger.
      */
-    Session.Trigger getTrigger();
+    io.sentrius.sso.protobuf.Session.Trigger getTrigger();
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      */
-    Session.TriggerOrBuilder getTriggerOrBuilder();
+    io.sentrius.sso.protobuf.Session.TriggerOrBuilder getTriggerOrBuilder();
 
     /**
      * <code>double keycode = 4;</code>
@@ -1071,7 +1071,7 @@ public interface TerminalMessageOrBuilder extends
      * @return The bytes for command.
      */
     com.google.protobuf.ByteString
-        getCommandBytes();
+    getCommandBytes();
 
     /**
      * <code>string prompt = 6;</code>
@@ -1083,16 +1083,16 @@ public interface TerminalMessageOrBuilder extends
      * @return The bytes for prompt.
      */
     com.google.protobuf.ByteString
-        getPromptBytes();
+    getPromptBytes();
   }
   /**
-   * Protobuf type {@code io.sentrius.protobuf.TerminalMessage}
+   * Protobuf type {@code io.sentrius.sso.protobuf.TerminalMessage}
    */
   public static final class TerminalMessage extends
       com.google.protobuf.GeneratedMessageV3 implements
-      // @@protoc_insertion_point(message_implements:io.sentrius.protobuf.TerminalMessage)
+      // @@protoc_insertion_point(message_implements:io.sentrius.sso.protobuf.TerminalMessage)
       TerminalMessageOrBuilder {
-  private static final long serialVersionUID = 0L;
+    private static final long serialVersionUID = 0L;
     // Use TerminalMessage.newBuilder() to construct.
     private TerminalMessage(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
       super(builder);
@@ -1147,11 +1147,11 @@ private TerminalMessage(
               break;
             }
             case 26: {
-              Session.Trigger.Builder subBuilder = null;
+              io.sentrius.sso.protobuf.Session.Trigger.Builder subBuilder = null;
               if (trigger_ != null) {
                 subBuilder = trigger_.toBuilder();
               }
-              trigger_ = input.readMessage(Session.Trigger.parser(), extensionRegistry);
+              trigger_ = input.readMessage(io.sentrius.sso.protobuf.Session.Trigger.parser(), extensionRegistry);
               if (subBuilder != null) {
                 subBuilder.mergeFrom(trigger_);
                 trigger_ = subBuilder.buildPartial();
@@ -1196,16 +1196,16 @@ private TerminalMessage(
       }
     }
     public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return Session.internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor;
+    getDescriptor() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_TerminalMessage_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return Session.internal_static_io_dataguardians_protobuf_TerminalMessage_fieldAccessorTable
+    internalGetFieldAccessorTable() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_TerminalMessage_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              Session.TerminalMessage.class, Session.TerminalMessage.Builder.class);
+              io.sentrius.sso.protobuf.Session.TerminalMessage.class, io.sentrius.sso.protobuf.Session.TerminalMessage.Builder.class);
     }
 
     public static final int SESSIONID_FIELD_NUMBER = 1;
@@ -1220,7 +1220,7 @@ public java.lang.String getSessionId() {
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
-        com.google.protobuf.ByteString bs = 
+        com.google.protobuf.ByteString bs =
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         sessionId_ = s;
@@ -1233,10 +1233,10 @@ public java.lang.String getSessionId() {
      */
     @java.lang.Override
     public com.google.protobuf.ByteString
-        getSessionIdBytes() {
+    getSessionIdBytes() {
       java.lang.Object ref = sessionId_;
       if (ref instanceof java.lang.String) {
-        com.google.protobuf.ByteString b = 
+        com.google.protobuf.ByteString b =
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
         sessionId_ = b;
@@ -1249,26 +1249,26 @@ public java.lang.String getSessionId() {
     public static final int TYPE_FIELD_NUMBER = 2;
     private int type_;
     /**
-     * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+     * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
      * @return The enum numeric value on the wire for type.
      */
     @java.lang.Override public int getTypeValue() {
       return type_;
     }
     /**
-     * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+     * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
      * @return The type.
      */
-    @java.lang.Override public Session.MessageType getType() {
+    @java.lang.Override public io.sentrius.sso.protobuf.Session.MessageType getType() {
       @SuppressWarnings("deprecation")
-      Session.MessageType result = Session.MessageType.valueOf(type_);
-      return result == null ? Session.MessageType.UNRECOGNIZED : result;
+      io.sentrius.sso.protobuf.Session.MessageType result = io.sentrius.sso.protobuf.Session.MessageType.valueOf(type_);
+      return result == null ? io.sentrius.sso.protobuf.Session.MessageType.UNRECOGNIZED : result;
     }
 
     public static final int TRIGGER_FIELD_NUMBER = 3;
-    private Session.Trigger trigger_;
+    private io.sentrius.sso.protobuf.Session.Trigger trigger_;
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      * @return Whether the trigger field is set.
      */
     @java.lang.Override
@@ -1276,18 +1276,18 @@ public boolean hasTrigger() {
       return trigger_ != null;
     }
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      * @return The trigger.
      */
     @java.lang.Override
-    public Session.Trigger getTrigger() {
-      return trigger_ == null ? Session.Trigger.getDefaultInstance() : trigger_;
+    public io.sentrius.sso.protobuf.Session.Trigger getTrigger() {
+      return trigger_ == null ? io.sentrius.sso.protobuf.Session.Trigger.getDefaultInstance() : trigger_;
     }
     /**
-     * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+     * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
      */
     @java.lang.Override
-    public Session.TriggerOrBuilder getTriggerOrBuilder() {
+    public io.sentrius.sso.protobuf.Session.TriggerOrBuilder getTriggerOrBuilder() {
       return getTrigger();
     }
 
@@ -1314,7 +1314,7 @@ public java.lang.String getCommand() {
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
-        com.google.protobuf.ByteString bs = 
+        com.google.protobuf.ByteString bs =
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         command_ = s;
@@ -1327,10 +1327,10 @@ public java.lang.String getCommand() {
      */
     @java.lang.Override
     public com.google.protobuf.ByteString
-        getCommandBytes() {
+    getCommandBytes() {
       java.lang.Object ref = command_;
       if (ref instanceof java.lang.String) {
-        com.google.protobuf.ByteString b = 
+        com.google.protobuf.ByteString b =
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
         command_ = b;
@@ -1352,7 +1352,7 @@ public java.lang.String getPrompt() {
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
-        com.google.protobuf.ByteString bs = 
+        com.google.protobuf.ByteString bs =
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         prompt_ = s;
@@ -1365,10 +1365,10 @@ public java.lang.String getPrompt() {
      */
     @java.lang.Override
     public com.google.protobuf.ByteString
-        getPromptBytes() {
+    getPromptBytes() {
       java.lang.Object ref = prompt_;
       if (ref instanceof java.lang.String) {
-        com.google.protobuf.ByteString b = 
+        com.google.protobuf.ByteString b =
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
         prompt_ = b;
@@ -1391,11 +1391,11 @@ public final boolean isInitialized() {
 
     @java.lang.Override
     public void writeTo(com.google.protobuf.CodedOutputStream output)
-                        throws java.io.IOException {
+        throws java.io.IOException {
       if (!getSessionIdBytes().isEmpty()) {
         com.google.protobuf.GeneratedMessageV3.writeString(output, 1, sessionId_);
       }
-      if (type_ != Session.MessageType.HEARTBEAT.getNumber()) {
+      if (type_ != io.sentrius.sso.protobuf.Session.MessageType.HEARTBEAT.getNumber()) {
         output.writeEnum(2, type_);
       }
       if (trigger_ != null) {
@@ -1422,17 +1422,17 @@ public int getSerializedSize() {
       if (!getSessionIdBytes().isEmpty()) {
         size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, sessionId_);
       }
-      if (type_ != Session.MessageType.HEARTBEAT.getNumber()) {
+      if (type_ != io.sentrius.sso.protobuf.Session.MessageType.HEARTBEAT.getNumber()) {
         size += com.google.protobuf.CodedOutputStream
-          .computeEnumSize(2, type_);
+            .computeEnumSize(2, type_);
       }
       if (trigger_ != null) {
         size += com.google.protobuf.CodedOutputStream
-          .computeMessageSize(3, getTrigger());
+            .computeMessageSize(3, getTrigger());
       }
       if (keycode_ != 0D) {
         size += com.google.protobuf.CodedOutputStream
-          .computeDoubleSize(4, keycode_);
+            .computeDoubleSize(4, keycode_);
       }
       if (!getCommandBytes().isEmpty()) {
         size += com.google.protobuf.GeneratedMessageV3.computeStringSize(5, command_);
@@ -1448,12 +1448,12 @@ public int getSerializedSize() {
     @java.lang.Override
     public boolean equals(final java.lang.Object obj) {
       if (obj == this) {
-       return true;
+        return true;
       }
-      if (!(obj instanceof Session.TerminalMessage)) {
+      if (!(obj instanceof io.sentrius.sso.protobuf.Session.TerminalMessage)) {
         return super.equals(obj);
       }
-      Session.TerminalMessage other = (Session.TerminalMessage) obj;
+      io.sentrius.sso.protobuf.Session.TerminalMessage other = (io.sentrius.sso.protobuf.Session.TerminalMessage) obj;
 
       if (!getSessionId()
           .equals(other.getSessionId())) return false;
@@ -1465,7 +1465,7 @@ public boolean equals(final java.lang.Object obj) {
       }
       if (java.lang.Double.doubleToLongBits(getKeycode())
           != java.lang.Double.doubleToLongBits(
-              other.getKeycode())) return false;
+          other.getKeycode())) return false;
       if (!getCommand()
           .equals(other.getCommand())) return false;
       if (!getPrompt()
@@ -1501,69 +1501,69 @@ public int hashCode() {
       return hash;
     }
 
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         java.nio.ByteBuffer data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         java.nio.ByteBuffer data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         com.google.protobuf.ByteString data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         com.google.protobuf.ByteString data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.TerminalMessage parseFrom(byte[] data)
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(byte[] data)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         byte[] data,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws com.google.protobuf.InvalidProtocolBufferException {
       return PARSER.parseFrom(data, extensionRegistry);
     }
-    public static Session.TerminalMessage parseFrom(java.io.InputStream input)
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(java.io.InputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         java.io.InputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input, extensionRegistry);
     }
-    public static Session.TerminalMessage parseDelimitedFrom(java.io.InputStream input)
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseDelimitedFrom(java.io.InputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseDelimitedWithIOException(PARSER, input);
     }
-    public static Session.TerminalMessage parseDelimitedFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseDelimitedFrom(
         java.io.InputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         com.google.protobuf.CodedInputStream input)
         throws java.io.IOException {
       return com.google.protobuf.GeneratedMessageV3
           .parseWithIOException(PARSER, input);
     }
-    public static Session.TerminalMessage parseFrom(
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage parseFrom(
         com.google.protobuf.CodedInputStream input,
         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
         throws java.io.IOException {
@@ -1576,7 +1576,7 @@ public static Session.TerminalMessage parseFrom(
     public static Builder newBuilder() {
       return DEFAULT_INSTANCE.toBuilder();
     }
-    public static Builder newBuilder(Session.TerminalMessage prototype) {
+    public static Builder newBuilder(io.sentrius.sso.protobuf.Session.TerminalMessage prototype) {
       return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
     }
     @java.lang.Override
@@ -1592,26 +1592,26 @@ protected Builder newBuilderForType(
       return builder;
     }
     /**
-     * Protobuf type {@code io.sentrius.protobuf.TerminalMessage}
+     * Protobuf type {@code io.sentrius.sso.protobuf.TerminalMessage}
      */
     public static final class Builder extends
         com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-        // @@protoc_insertion_point(builder_implements:io.sentrius.protobuf.TerminalMessage)
-        Session.TerminalMessageOrBuilder {
+        // @@protoc_insertion_point(builder_implements:io.sentrius.sso.protobuf.TerminalMessage)
+        io.sentrius.sso.protobuf.Session.TerminalMessageOrBuilder {
       public static final com.google.protobuf.Descriptors.Descriptor
-          getDescriptor() {
-        return Session.internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor;
+      getDescriptor() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_TerminalMessage_descriptor;
       }
 
       @java.lang.Override
       protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-          internalGetFieldAccessorTable() {
-        return Session.internal_static_io_dataguardians_protobuf_TerminalMessage_fieldAccessorTable
+      internalGetFieldAccessorTable() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_TerminalMessage_fieldAccessorTable
             .ensureFieldAccessorsInitialized(
-                Session.TerminalMessage.class, Session.TerminalMessage.Builder.class);
+                io.sentrius.sso.protobuf.Session.TerminalMessage.class, io.sentrius.sso.protobuf.Session.TerminalMessage.Builder.class);
       }
 
-      // Construct using io.sentrius.protobuf.Session.TerminalMessage.newBuilder()
+      // Construct using io.sentrius.sso.protobuf.Session.TerminalMessage.newBuilder()
       private Builder() {
         maybeForceBuilderInitialization();
       }
@@ -1623,7 +1623,7 @@ private Builder(
       }
       private void maybeForceBuilderInitialization() {
         if (com.google.protobuf.GeneratedMessageV3
-                .alwaysUseFieldBuilders) {
+            .alwaysUseFieldBuilders) {
         }
       }
       @java.lang.Override
@@ -1650,18 +1650,18 @@ public Builder clear() {
 
       @java.lang.Override
       public com.google.protobuf.Descriptors.Descriptor
-          getDescriptorForType() {
-        return Session.internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor;
+      getDescriptorForType() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_TerminalMessage_descriptor;
       }
 
       @java.lang.Override
-      public Session.TerminalMessage getDefaultInstanceForType() {
-        return Session.TerminalMessage.getDefaultInstance();
+      public io.sentrius.sso.protobuf.Session.TerminalMessage getDefaultInstanceForType() {
+        return io.sentrius.sso.protobuf.Session.TerminalMessage.getDefaultInstance();
       }
 
       @java.lang.Override
-      public Session.TerminalMessage build() {
-        Session.TerminalMessage result = buildPartial();
+      public io.sentrius.sso.protobuf.Session.TerminalMessage build() {
+        io.sentrius.sso.protobuf.Session.TerminalMessage result = buildPartial();
         if (!result.isInitialized()) {
           throw newUninitializedMessageException(result);
         }
@@ -1669,8 +1669,8 @@ public Session.TerminalMessage build() {
       }
 
       @java.lang.Override
-      public Session.TerminalMessage buildPartial() {
-        Session.TerminalMessage result = new Session.TerminalMessage(this);
+      public io.sentrius.sso.protobuf.Session.TerminalMessage buildPartial() {
+        io.sentrius.sso.protobuf.Session.TerminalMessage result = new io.sentrius.sso.protobuf.Session.TerminalMessage(this);
         result.sessionId_ = sessionId_;
         result.type_ = type_;
         if (triggerBuilder_ == null) {
@@ -1719,16 +1719,16 @@ public Builder addRepeatedField(
       }
       @java.lang.Override
       public Builder mergeFrom(com.google.protobuf.Message other) {
-        if (other instanceof Session.TerminalMessage) {
-          return mergeFrom((Session.TerminalMessage)other);
+        if (other instanceof io.sentrius.sso.protobuf.Session.TerminalMessage) {
+          return mergeFrom((io.sentrius.sso.protobuf.Session.TerminalMessage)other);
         } else {
           super.mergeFrom(other);
           return this;
         }
       }
 
-      public Builder mergeFrom(Session.TerminalMessage other) {
-        if (other == Session.TerminalMessage.getDefaultInstance()) return this;
+      public Builder mergeFrom(io.sentrius.sso.protobuf.Session.TerminalMessage other) {
+        if (other == io.sentrius.sso.protobuf.Session.TerminalMessage.getDefaultInstance()) return this;
         if (!other.getSessionId().isEmpty()) {
           sessionId_ = other.sessionId_;
           onChanged();
@@ -1765,11 +1765,11 @@ public Builder mergeFrom(
           com.google.protobuf.CodedInputStream input,
           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
           throws java.io.IOException {
-        Session.TerminalMessage parsedMessage = null;
+        io.sentrius.sso.protobuf.Session.TerminalMessage parsedMessage = null;
         try {
           parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
         } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-          parsedMessage = (Session.TerminalMessage) e.getUnfinishedMessage();
+          parsedMessage = (io.sentrius.sso.protobuf.Session.TerminalMessage) e.getUnfinishedMessage();
           throw e.unwrapIOException();
         } finally {
           if (parsedMessage != null) {
@@ -1801,10 +1801,10 @@ public java.lang.String getSessionId() {
        * @return The bytes for sessionId.
        */
       public com.google.protobuf.ByteString
-          getSessionIdBytes() {
+      getSessionIdBytes() {
         java.lang.Object ref = sessionId_;
         if (ref instanceof String) {
-          com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString b =
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
           sessionId_ = b;
@@ -1821,9 +1821,9 @@ public java.lang.String getSessionId() {
       public Builder setSessionId(
           java.lang.String value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  
+          throw new NullPointerException();
+        }
+
         sessionId_ = value;
         onChanged();
         return this;
@@ -1833,7 +1833,7 @@ public Builder setSessionId(
        * @return This builder for chaining.
        */
       public Builder clearSessionId() {
-        
+
         sessionId_ = getDefaultInstance().getSessionId();
         onChanged();
         return this;
@@ -1846,10 +1846,10 @@ public Builder clearSessionId() {
       public Builder setSessionIdBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-        
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
         sessionId_ = value;
         onChanged();
         return this;
@@ -1857,83 +1857,83 @@ public Builder setSessionIdBytes(
 
       private int type_ = 0;
       /**
-       * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+       * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
        * @return The enum numeric value on the wire for type.
        */
       @java.lang.Override public int getTypeValue() {
         return type_;
       }
       /**
-       * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+       * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
        * @param value The enum numeric value on the wire for type to set.
        * @return This builder for chaining.
        */
       public Builder setTypeValue(int value) {
-        
+
         type_ = value;
         onChanged();
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+       * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
        * @return The type.
        */
       @java.lang.Override
-      public Session.MessageType getType() {
+      public io.sentrius.sso.protobuf.Session.MessageType getType() {
         @SuppressWarnings("deprecation")
-        Session.MessageType result = Session.MessageType.valueOf(type_);
-        return result == null ? Session.MessageType.UNRECOGNIZED : result;
+        io.sentrius.sso.protobuf.Session.MessageType result = io.sentrius.sso.protobuf.Session.MessageType.valueOf(type_);
+        return result == null ? io.sentrius.sso.protobuf.Session.MessageType.UNRECOGNIZED : result;
       }
       /**
-       * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+       * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
        * @param value The type to set.
        * @return This builder for chaining.
        */
-      public Builder setType(Session.MessageType value) {
+      public Builder setType(io.sentrius.sso.protobuf.Session.MessageType value) {
         if (value == null) {
           throw new NullPointerException();
         }
-        
+
         type_ = value.getNumber();
         onChanged();
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.MessageType type = 2;</code>
+       * <code>.io.sentrius.sso.protobuf.MessageType type = 2;</code>
        * @return This builder for chaining.
        */
       public Builder clearType() {
-        
+
         type_ = 0;
         onChanged();
         return this;
       }
 
-      private Session.Trigger trigger_;
+      private io.sentrius.sso.protobuf.Session.Trigger trigger_;
       private com.google.protobuf.SingleFieldBuilderV3<
-          Session.Trigger, Session.Trigger.Builder, Session.TriggerOrBuilder> triggerBuilder_;
+          io.sentrius.sso.protobuf.Session.Trigger, io.sentrius.sso.protobuf.Session.Trigger.Builder, io.sentrius.sso.protobuf.Session.TriggerOrBuilder> triggerBuilder_;
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        * @return Whether the trigger field is set.
        */
       public boolean hasTrigger() {
         return triggerBuilder_ != null || trigger_ != null;
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        * @return The trigger.
        */
-      public Session.Trigger getTrigger() {
+      public io.sentrius.sso.protobuf.Session.Trigger getTrigger() {
         if (triggerBuilder_ == null) {
-          return trigger_ == null ? Session.Trigger.getDefaultInstance() : trigger_;
+          return trigger_ == null ? io.sentrius.sso.protobuf.Session.Trigger.getDefaultInstance() : trigger_;
         } else {
           return triggerBuilder_.getMessage();
         }
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
-      public Builder setTrigger(Session.Trigger value) {
+      public Builder setTrigger(io.sentrius.sso.protobuf.Session.Trigger value) {
         if (triggerBuilder_ == null) {
           if (value == null) {
             throw new NullPointerException();
@@ -1947,10 +1947,10 @@ public Builder setTrigger(Session.Trigger value) {
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
       public Builder setTrigger(
-          Session.Trigger.Builder builderForValue) {
+          io.sentrius.sso.protobuf.Session.Trigger.Builder builderForValue) {
         if (triggerBuilder_ == null) {
           trigger_ = builderForValue.build();
           onChanged();
@@ -1961,13 +1961,13 @@ public Builder setTrigger(
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
-      public Builder mergeTrigger(Session.Trigger value) {
+      public Builder mergeTrigger(io.sentrius.sso.protobuf.Session.Trigger value) {
         if (triggerBuilder_ == null) {
           if (trigger_ != null) {
             trigger_ =
-              Session.Trigger.newBuilder(trigger_).mergeFrom(value).buildPartial();
+                io.sentrius.sso.protobuf.Session.Trigger.newBuilder(trigger_).mergeFrom(value).buildPartial();
           } else {
             trigger_ = value;
           }
@@ -1979,7 +1979,7 @@ public Builder mergeTrigger(Session.Trigger value) {
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
       public Builder clearTrigger() {
         if (triggerBuilder_ == null) {
@@ -1993,36 +1993,36 @@ public Builder clearTrigger() {
         return this;
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
-      public Session.Trigger.Builder getTriggerBuilder() {
-        
+      public io.sentrius.sso.protobuf.Session.Trigger.Builder getTriggerBuilder() {
+
         onChanged();
         return getTriggerFieldBuilder().getBuilder();
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
-      public Session.TriggerOrBuilder getTriggerOrBuilder() {
+      public io.sentrius.sso.protobuf.Session.TriggerOrBuilder getTriggerOrBuilder() {
         if (triggerBuilder_ != null) {
           return triggerBuilder_.getMessageOrBuilder();
         } else {
           return trigger_ == null ?
-              Session.Trigger.getDefaultInstance() : trigger_;
+              io.sentrius.sso.protobuf.Session.Trigger.getDefaultInstance() : trigger_;
         }
       }
       /**
-       * <code>.io.sentrius.protobuf.Trigger trigger = 3;</code>
+       * <code>.io.sentrius.sso.protobuf.Trigger trigger = 3;</code>
        */
       private com.google.protobuf.SingleFieldBuilderV3<
-          Session.Trigger, Session.Trigger.Builder, Session.TriggerOrBuilder>
-          getTriggerFieldBuilder() {
+          io.sentrius.sso.protobuf.Session.Trigger, io.sentrius.sso.protobuf.Session.Trigger.Builder, io.sentrius.sso.protobuf.Session.TriggerOrBuilder>
+      getTriggerFieldBuilder() {
         if (triggerBuilder_ == null) {
           triggerBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-              Session.Trigger, Session.Trigger.Builder, Session.TriggerOrBuilder>(
-                  getTrigger(),
-                  getParentForChildren(),
-                  isClean());
+              io.sentrius.sso.protobuf.Session.Trigger, io.sentrius.sso.protobuf.Session.Trigger.Builder, io.sentrius.sso.protobuf.Session.TriggerOrBuilder>(
+              getTrigger(),
+              getParentForChildren(),
+              isClean());
           trigger_ = null;
         }
         return triggerBuilder_;
@@ -2043,7 +2043,7 @@ public double getKeycode() {
        * @return This builder for chaining.
        */
       public Builder setKeycode(double value) {
-        
+
         keycode_ = value;
         onChanged();
         return this;
@@ -2053,7 +2053,7 @@ public Builder setKeycode(double value) {
        * @return This builder for chaining.
        */
       public Builder clearKeycode() {
-        
+
         keycode_ = 0D;
         onChanged();
         return this;
@@ -2081,10 +2081,10 @@ public java.lang.String getCommand() {
        * @return The bytes for command.
        */
       public com.google.protobuf.ByteString
-          getCommandBytes() {
+      getCommandBytes() {
         java.lang.Object ref = command_;
         if (ref instanceof String) {
-          com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString b =
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
           command_ = b;
@@ -2101,9 +2101,9 @@ public java.lang.String getCommand() {
       public Builder setCommand(
           java.lang.String value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  
+          throw new NullPointerException();
+        }
+
         command_ = value;
         onChanged();
         return this;
@@ -2113,7 +2113,7 @@ public Builder setCommand(
        * @return This builder for chaining.
        */
       public Builder clearCommand() {
-        
+
         command_ = getDefaultInstance().getCommand();
         onChanged();
         return this;
@@ -2126,10 +2126,10 @@ public Builder clearCommand() {
       public Builder setCommandBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-        
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
         command_ = value;
         onChanged();
         return this;
@@ -2157,10 +2157,10 @@ public java.lang.String getPrompt() {
        * @return The bytes for prompt.
        */
       public com.google.protobuf.ByteString
-          getPromptBytes() {
+      getPromptBytes() {
         java.lang.Object ref = prompt_;
         if (ref instanceof String) {
-          com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString b =
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
           prompt_ = b;
@@ -2177,9 +2177,9 @@ public java.lang.String getPrompt() {
       public Builder setPrompt(
           java.lang.String value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  
+          throw new NullPointerException();
+        }
+
         prompt_ = value;
         onChanged();
         return this;
@@ -2189,7 +2189,7 @@ public Builder setPrompt(
        * @return This builder for chaining.
        */
       public Builder clearPrompt() {
-        
+
         prompt_ = getDefaultInstance().getPrompt();
         onChanged();
         return this;
@@ -2202,10 +2202,10 @@ public Builder clearPrompt() {
       public Builder setPromptBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-        
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
         prompt_ = value;
         onChanged();
         return this;
@@ -2223,16 +2223,16 @@ public final Builder mergeUnknownFields(
       }
 
 
-      // @@protoc_insertion_point(builder_scope:io.sentrius.protobuf.TerminalMessage)
+      // @@protoc_insertion_point(builder_scope:io.sentrius.sso.protobuf.TerminalMessage)
     }
 
-    // @@protoc_insertion_point(class_scope:io.sentrius.protobuf.TerminalMessage)
-    private static final Session.TerminalMessage DEFAULT_INSTANCE;
+    // @@protoc_insertion_point(class_scope:io.sentrius.sso.protobuf.TerminalMessage)
+    private static final io.sentrius.sso.protobuf.Session.TerminalMessage DEFAULT_INSTANCE;
     static {
-      DEFAULT_INSTANCE = new Session.TerminalMessage();
+      DEFAULT_INSTANCE = new io.sentrius.sso.protobuf.Session.TerminalMessage();
     }
 
-    public static Session.TerminalMessage getDefaultInstance() {
+    public static io.sentrius.sso.protobuf.Session.TerminalMessage getDefaultInstance() {
       return DEFAULT_INSTANCE;
     }
 
@@ -2257,65 +2257,1144 @@ public com.google.protobuf.Parser<TerminalMessage> getParserForType() {
     }
 
     @java.lang.Override
-    public Session.TerminalMessage getDefaultInstanceForType() {
+    public io.sentrius.sso.protobuf.Session.TerminalMessage getDefaultInstanceForType() {
       return DEFAULT_INSTANCE;
     }
 
   }
 
-  private static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_io_dataguardians_protobuf_Trigger_descriptor;
-  private static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_io_dataguardians_protobuf_Trigger_fieldAccessorTable;
-  private static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor;
-  private static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_io_dataguardians_protobuf_TerminalMessage_fieldAccessorTable;
+  public interface ChatMessageOrBuilder extends
+      // @@protoc_insertion_point(interface_extends:io.sentrius.sso.protobuf.ChatMessage)
+      com.google.protobuf.MessageOrBuilder {
 
-  public static com.google.protobuf.Descriptors.FileDescriptor
-      getDescriptor() {
+    /**
+     * <code>int64 session_id = 1;</code>
+     * @return The sessionId.
+     */
+    long getSessionId();
+
+    /**
+     * <pre>
+     * Separate chat groups for a session
+     * </pre>
+     *
+     * <code>string chat_group_id = 2;</code>
+     * @return The chatGroupId.
+     */
+    java.lang.String getChatGroupId();
+    /**
+     * <pre>
+     * Separate chat groups for a session
+     * </pre>
+     *
+     * <code>string chat_group_id = 2;</code>
+     * @return The bytes for chatGroupId.
+     */
+    com.google.protobuf.ByteString
+    getChatGroupIdBytes();
+
+    /**
+     * <code>string sender = 3;</code>
+     * @return The sender.
+     */
+    java.lang.String getSender();
+    /**
+     * <code>string sender = 3;</code>
+     * @return The bytes for sender.
+     */
+    com.google.protobuf.ByteString
+    getSenderBytes();
+
+    /**
+     * <code>string message = 4;</code>
+     * @return The message.
+     */
+    java.lang.String getMessage();
+    /**
+     * <code>string message = 4;</code>
+     * @return The bytes for message.
+     */
+    com.google.protobuf.ByteString
+    getMessageBytes();
+
+    /**
+     * <pre>
+     * Store as epoch time (milliseconds)
+     * </pre>
+     *
+     * <code>int64 timestamp = 5;</code>
+     * @return The timestamp.
+     */
+    long getTimestamp();
+  }
+  /**
+   * Protobuf type {@code io.sentrius.sso.protobuf.ChatMessage}
+   */
+  public static final class ChatMessage extends
+      com.google.protobuf.GeneratedMessageV3 implements
+      // @@protoc_insertion_point(message_implements:io.sentrius.sso.protobuf.ChatMessage)
+      ChatMessageOrBuilder {
+    private static final long serialVersionUID = 0L;
+    // Use ChatMessage.newBuilder() to construct.
+    private ChatMessage(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+      super(builder);
+    }
+    private ChatMessage() {
+      chatGroupId_ = "";
+      sender_ = "";
+      message_ = "";
+    }
+
+    @java.lang.Override
+    @SuppressWarnings({"unused"})
+    protected java.lang.Object newInstance(
+        UnusedPrivateParameter unused) {
+      return new ChatMessage();
+    }
+
+    @java.lang.Override
+    public final com.google.protobuf.UnknownFieldSet
+    getUnknownFields() {
+      return this.unknownFields;
+    }
+    private ChatMessage(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      this();
+      if (extensionRegistry == null) {
+        throw new java.lang.NullPointerException();
+      }
+      com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+          com.google.protobuf.UnknownFieldSet.newBuilder();
+      try {
+        boolean done = false;
+        while (!done) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              done = true;
+              break;
+            case 8: {
+
+              sessionId_ = input.readInt64();
+              break;
+            }
+            case 18: {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              chatGroupId_ = s;
+              break;
+            }
+            case 26: {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              sender_ = s;
+              break;
+            }
+            case 34: {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              message_ = s;
+              break;
+            }
+            case 40: {
+
+              timestamp_ = input.readInt64();
+              break;
+            }
+            default: {
+              if (!parseUnknownField(
+                  input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+          }
+        }
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        throw e.setUnfinishedMessage(this);
+      } catch (java.io.IOException e) {
+        throw new com.google.protobuf.InvalidProtocolBufferException(
+            e).setUnfinishedMessage(this);
+      } finally {
+        this.unknownFields = unknownFields.build();
+        makeExtensionsImmutable();
+      }
+    }
+    public static final com.google.protobuf.Descriptors.Descriptor
+    getDescriptor() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_ChatMessage_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+    internalGetFieldAccessorTable() {
+      return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_ChatMessage_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              io.sentrius.sso.protobuf.Session.ChatMessage.class, io.sentrius.sso.protobuf.Session.ChatMessage.Builder.class);
+    }
+
+    public static final int SESSION_ID_FIELD_NUMBER = 1;
+    private long sessionId_;
+    /**
+     * <code>int64 session_id = 1;</code>
+     * @return The sessionId.
+     */
+    @java.lang.Override
+    public long getSessionId() {
+      return sessionId_;
+    }
+
+    public static final int CHAT_GROUP_ID_FIELD_NUMBER = 2;
+    private volatile java.lang.Object chatGroupId_;
+    /**
+     * <pre>
+     * Separate chat groups for a session
+     * </pre>
+     *
+     * <code>string chat_group_id = 2;</code>
+     * @return The chatGroupId.
+     */
+    @java.lang.Override
+    public java.lang.String getChatGroupId() {
+      java.lang.Object ref = chatGroupId_;
+      if (ref instanceof java.lang.String) {
+        return (java.lang.String) ref;
+      } else {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        chatGroupId_ = s;
+        return s;
+      }
+    }
+    /**
+     * <pre>
+     * Separate chat groups for a session
+     * </pre>
+     *
+     * <code>string chat_group_id = 2;</code>
+     * @return The bytes for chatGroupId.
+     */
+    @java.lang.Override
+    public com.google.protobuf.ByteString
+    getChatGroupIdBytes() {
+      java.lang.Object ref = chatGroupId_;
+      if (ref instanceof java.lang.String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        chatGroupId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+
+    public static final int SENDER_FIELD_NUMBER = 3;
+    private volatile java.lang.Object sender_;
+    /**
+     * <code>string sender = 3;</code>
+     * @return The sender.
+     */
+    @java.lang.Override
+    public java.lang.String getSender() {
+      java.lang.Object ref = sender_;
+      if (ref instanceof java.lang.String) {
+        return (java.lang.String) ref;
+      } else {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        sender_ = s;
+        return s;
+      }
+    }
+    /**
+     * <code>string sender = 3;</code>
+     * @return The bytes for sender.
+     */
+    @java.lang.Override
+    public com.google.protobuf.ByteString
+    getSenderBytes() {
+      java.lang.Object ref = sender_;
+      if (ref instanceof java.lang.String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        sender_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+
+    public static final int MESSAGE_FIELD_NUMBER = 4;
+    private volatile java.lang.Object message_;
+    /**
+     * <code>string message = 4;</code>
+     * @return The message.
+     */
+    @java.lang.Override
+    public java.lang.String getMessage() {
+      java.lang.Object ref = message_;
+      if (ref instanceof java.lang.String) {
+        return (java.lang.String) ref;
+      } else {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        message_ = s;
+        return s;
+      }
+    }
+    /**
+     * <code>string message = 4;</code>
+     * @return The bytes for message.
+     */
+    @java.lang.Override
+    public com.google.protobuf.ByteString
+    getMessageBytes() {
+      java.lang.Object ref = message_;
+      if (ref instanceof java.lang.String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        message_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+
+    public static final int TIMESTAMP_FIELD_NUMBER = 5;
+    private long timestamp_;
+    /**
+     * <pre>
+     * Store as epoch time (milliseconds)
+     * </pre>
+     *
+     * <code>int64 timestamp = 5;</code>
+     * @return The timestamp.
+     */
+    @java.lang.Override
+    public long getTimestamp() {
+      return timestamp_;
+    }
+
+    private byte memoizedIsInitialized = -1;
+    @java.lang.Override
+    public final boolean isInitialized() {
+      byte isInitialized = memoizedIsInitialized;
+      if (isInitialized == 1) return true;
+      if (isInitialized == 0) return false;
+
+      memoizedIsInitialized = 1;
+      return true;
+    }
+
+    @java.lang.Override
+    public void writeTo(com.google.protobuf.CodedOutputStream output)
+        throws java.io.IOException {
+      if (sessionId_ != 0L) {
+        output.writeInt64(1, sessionId_);
+      }
+      if (!getChatGroupIdBytes().isEmpty()) {
+        com.google.protobuf.GeneratedMessageV3.writeString(output, 2, chatGroupId_);
+      }
+      if (!getSenderBytes().isEmpty()) {
+        com.google.protobuf.GeneratedMessageV3.writeString(output, 3, sender_);
+      }
+      if (!getMessageBytes().isEmpty()) {
+        com.google.protobuf.GeneratedMessageV3.writeString(output, 4, message_);
+      }
+      if (timestamp_ != 0L) {
+        output.writeInt64(5, timestamp_);
+      }
+      unknownFields.writeTo(output);
+    }
+
+    @java.lang.Override
+    public int getSerializedSize() {
+      int size = memoizedSize;
+      if (size != -1) return size;
+
+      size = 0;
+      if (sessionId_ != 0L) {
+        size += com.google.protobuf.CodedOutputStream
+            .computeInt64Size(1, sessionId_);
+      }
+      if (!getChatGroupIdBytes().isEmpty()) {
+        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, chatGroupId_);
+      }
+      if (!getSenderBytes().isEmpty()) {
+        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, sender_);
+      }
+      if (!getMessageBytes().isEmpty()) {
+        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(4, message_);
+      }
+      if (timestamp_ != 0L) {
+        size += com.google.protobuf.CodedOutputStream
+            .computeInt64Size(5, timestamp_);
+      }
+      size += unknownFields.getSerializedSize();
+      memoizedSize = size;
+      return size;
+    }
+
+    @java.lang.Override
+    public boolean equals(final java.lang.Object obj) {
+      if (obj == this) {
+        return true;
+      }
+      if (!(obj instanceof io.sentrius.sso.protobuf.Session.ChatMessage)) {
+        return super.equals(obj);
+      }
+      io.sentrius.sso.protobuf.Session.ChatMessage other = (io.sentrius.sso.protobuf.Session.ChatMessage) obj;
+
+      if (getSessionId()
+          != other.getSessionId()) return false;
+      if (!getChatGroupId()
+          .equals(other.getChatGroupId())) return false;
+      if (!getSender()
+          .equals(other.getSender())) return false;
+      if (!getMessage()
+          .equals(other.getMessage())) return false;
+      if (getTimestamp()
+          != other.getTimestamp()) return false;
+      if (!unknownFields.equals(other.unknownFields)) return false;
+      return true;
+    }
+
+    @java.lang.Override
+    public int hashCode() {
+      if (memoizedHashCode != 0) {
+        return memoizedHashCode;
+      }
+      int hash = 41;
+      hash = (19 * hash) + getDescriptor().hashCode();
+      hash = (37 * hash) + SESSION_ID_FIELD_NUMBER;
+      hash = (53 * hash) + com.google.protobuf.Internal.hashLong(
+          getSessionId());
+      hash = (37 * hash) + CHAT_GROUP_ID_FIELD_NUMBER;
+      hash = (53 * hash) + getChatGroupId().hashCode();
+      hash = (37 * hash) + SENDER_FIELD_NUMBER;
+      hash = (53 * hash) + getSender().hashCode();
+      hash = (37 * hash) + MESSAGE_FIELD_NUMBER;
+      hash = (53 * hash) + getMessage().hashCode();
+      hash = (37 * hash) + TIMESTAMP_FIELD_NUMBER;
+      hash = (53 * hash) + com.google.protobuf.Internal.hashLong(
+          getTimestamp());
+      hash = (29 * hash) + unknownFields.hashCode();
+      memoizedHashCode = hash;
+      return hash;
+    }
+
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        java.nio.ByteBuffer data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        java.nio.ByteBuffer data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        com.google.protobuf.ByteString data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        com.google.protobuf.ByteString data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(byte[] data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        byte[] data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(java.io.InputStream input)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseWithIOException(PARSER, input);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        java.io.InputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseWithIOException(PARSER, input, extensionRegistry);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseDelimitedFrom(java.io.InputStream input)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseDelimitedWithIOException(PARSER, input);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseDelimitedFrom(
+        java.io.InputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        com.google.protobuf.CodedInputStream input)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseWithIOException(PARSER, input);
+    }
+    public static io.sentrius.sso.protobuf.Session.ChatMessage parseFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3
+          .parseWithIOException(PARSER, input, extensionRegistry);
+    }
+
+    @java.lang.Override
+    public Builder newBuilderForType() { return newBuilder(); }
+    public static Builder newBuilder() {
+      return DEFAULT_INSTANCE.toBuilder();
+    }
+    public static Builder newBuilder(io.sentrius.sso.protobuf.Session.ChatMessage prototype) {
+      return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+    }
+    @java.lang.Override
+    public Builder toBuilder() {
+      return this == DEFAULT_INSTANCE
+          ? new Builder() : new Builder().mergeFrom(this);
+    }
+
+    @java.lang.Override
+    protected Builder newBuilderForType(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      Builder builder = new Builder(parent);
+      return builder;
+    }
+    /**
+     * Protobuf type {@code io.sentrius.sso.protobuf.ChatMessage}
+     */
+    public static final class Builder extends
+        com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+        // @@protoc_insertion_point(builder_implements:io.sentrius.sso.protobuf.ChatMessage)
+        io.sentrius.sso.protobuf.Session.ChatMessageOrBuilder {
+      public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_ChatMessage_descriptor;
+      }
+
+      @java.lang.Override
+      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_ChatMessage_fieldAccessorTable
+            .ensureFieldAccessorsInitialized(
+                io.sentrius.sso.protobuf.Session.ChatMessage.class, io.sentrius.sso.protobuf.Session.ChatMessage.Builder.class);
+      }
+
+      // Construct using io.sentrius.sso.protobuf.Session.ChatMessage.newBuilder()
+      private Builder() {
+        maybeForceBuilderInitialization();
+      }
+
+      private Builder(
+          com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+        super(parent);
+        maybeForceBuilderInitialization();
+      }
+      private void maybeForceBuilderInitialization() {
+        if (com.google.protobuf.GeneratedMessageV3
+            .alwaysUseFieldBuilders) {
+        }
+      }
+      @java.lang.Override
+      public Builder clear() {
+        super.clear();
+        sessionId_ = 0L;
+
+        chatGroupId_ = "";
+
+        sender_ = "";
+
+        message_ = "";
+
+        timestamp_ = 0L;
+
+        return this;
+      }
+
+      @java.lang.Override
+      public com.google.protobuf.Descriptors.Descriptor
+      getDescriptorForType() {
+        return io.sentrius.sso.protobuf.Session.internal_static_io_sentrius_protobuf_ChatMessage_descriptor;
+      }
+
+      @java.lang.Override
+      public io.sentrius.sso.protobuf.Session.ChatMessage getDefaultInstanceForType() {
+        return io.sentrius.sso.protobuf.Session.ChatMessage.getDefaultInstance();
+      }
+
+      @java.lang.Override
+      public io.sentrius.sso.protobuf.Session.ChatMessage build() {
+        io.sentrius.sso.protobuf.Session.ChatMessage result = buildPartial();
+        if (!result.isInitialized()) {
+          throw newUninitializedMessageException(result);
+        }
+        return result;
+      }
+
+      @java.lang.Override
+      public io.sentrius.sso.protobuf.Session.ChatMessage buildPartial() {
+        io.sentrius.sso.protobuf.Session.ChatMessage result = new io.sentrius.sso.protobuf.Session.ChatMessage(this);
+        result.sessionId_ = sessionId_;
+        result.chatGroupId_ = chatGroupId_;
+        result.sender_ = sender_;
+        result.message_ = message_;
+        result.timestamp_ = timestamp_;
+        onBuilt();
+        return result;
+      }
+
+      @java.lang.Override
+      public Builder clone() {
+        return super.clone();
+      }
+      @java.lang.Override
+      public Builder setField(
+          com.google.protobuf.Descriptors.FieldDescriptor field,
+          java.lang.Object value) {
+        return super.setField(field, value);
+      }
+      @java.lang.Override
+      public Builder clearField(
+          com.google.protobuf.Descriptors.FieldDescriptor field) {
+        return super.clearField(field);
+      }
+      @java.lang.Override
+      public Builder clearOneof(
+          com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+        return super.clearOneof(oneof);
+      }
+      @java.lang.Override
+      public Builder setRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field,
+          int index, java.lang.Object value) {
+        return super.setRepeatedField(field, index, value);
+      }
+      @java.lang.Override
+      public Builder addRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field,
+          java.lang.Object value) {
+        return super.addRepeatedField(field, value);
+      }
+      @java.lang.Override
+      public Builder mergeFrom(com.google.protobuf.Message other) {
+        if (other instanceof io.sentrius.sso.protobuf.Session.ChatMessage) {
+          return mergeFrom((io.sentrius.sso.protobuf.Session.ChatMessage)other);
+        } else {
+          super.mergeFrom(other);
+          return this;
+        }
+      }
+
+      public Builder mergeFrom(io.sentrius.sso.protobuf.Session.ChatMessage other) {
+        if (other == io.sentrius.sso.protobuf.Session.ChatMessage.getDefaultInstance()) return this;
+        if (other.getSessionId() != 0L) {
+          setSessionId(other.getSessionId());
+        }
+        if (!other.getChatGroupId().isEmpty()) {
+          chatGroupId_ = other.chatGroupId_;
+          onChanged();
+        }
+        if (!other.getSender().isEmpty()) {
+          sender_ = other.sender_;
+          onChanged();
+        }
+        if (!other.getMessage().isEmpty()) {
+          message_ = other.message_;
+          onChanged();
+        }
+        if (other.getTimestamp() != 0L) {
+          setTimestamp(other.getTimestamp());
+        }
+        this.mergeUnknownFields(other.unknownFields);
+        onChanged();
+        return this;
+      }
+
+      @java.lang.Override
+      public final boolean isInitialized() {
+        return true;
+      }
+
+      @java.lang.Override
+      public Builder mergeFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        io.sentrius.sso.protobuf.Session.ChatMessage parsedMessage = null;
+        try {
+          parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+        } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+          parsedMessage = (io.sentrius.sso.protobuf.Session.ChatMessage) e.getUnfinishedMessage();
+          throw e.unwrapIOException();
+        } finally {
+          if (parsedMessage != null) {
+            mergeFrom(parsedMessage);
+          }
+        }
+        return this;
+      }
+
+      private long sessionId_ ;
+      /**
+       * <code>int64 session_id = 1;</code>
+       * @return The sessionId.
+       */
+      @java.lang.Override
+      public long getSessionId() {
+        return sessionId_;
+      }
+      /**
+       * <code>int64 session_id = 1;</code>
+       * @param value The sessionId to set.
+       * @return This builder for chaining.
+       */
+      public Builder setSessionId(long value) {
+
+        sessionId_ = value;
+        onChanged();
+        return this;
+      }
+      /**
+       * <code>int64 session_id = 1;</code>
+       * @return This builder for chaining.
+       */
+      public Builder clearSessionId() {
+
+        sessionId_ = 0L;
+        onChanged();
+        return this;
+      }
+
+      private java.lang.Object chatGroupId_ = "";
+      /**
+       * <pre>
+       * Separate chat groups for a session
+       * </pre>
+       *
+       * <code>string chat_group_id = 2;</code>
+       * @return The chatGroupId.
+       */
+      public java.lang.String getChatGroupId() {
+        java.lang.Object ref = chatGroupId_;
+        if (!(ref instanceof java.lang.String)) {
+          com.google.protobuf.ByteString bs =
+              (com.google.protobuf.ByteString) ref;
+          java.lang.String s = bs.toStringUtf8();
+          chatGroupId_ = s;
+          return s;
+        } else {
+          return (java.lang.String) ref;
+        }
+      }
+      /**
+       * <pre>
+       * Separate chat groups for a session
+       * </pre>
+       *
+       * <code>string chat_group_id = 2;</code>
+       * @return The bytes for chatGroupId.
+       */
+      public com.google.protobuf.ByteString
+      getChatGroupIdBytes() {
+        java.lang.Object ref = chatGroupId_;
+        if (ref instanceof String) {
+          com.google.protobuf.ByteString b =
+              com.google.protobuf.ByteString.copyFromUtf8(
+                  (java.lang.String) ref);
+          chatGroupId_ = b;
+          return b;
+        } else {
+          return (com.google.protobuf.ByteString) ref;
+        }
+      }
+      /**
+       * <pre>
+       * Separate chat groups for a session
+       * </pre>
+       *
+       * <code>string chat_group_id = 2;</code>
+       * @param value The chatGroupId to set.
+       * @return This builder for chaining.
+       */
+      public Builder setChatGroupId(
+          java.lang.String value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+
+        chatGroupId_ = value;
+        onChanged();
+        return this;
+      }
+      /**
+       * <pre>
+       * Separate chat groups for a session
+       * </pre>
+       *
+       * <code>string chat_group_id = 2;</code>
+       * @return This builder for chaining.
+       */
+      public Builder clearChatGroupId() {
+
+        chatGroupId_ = getDefaultInstance().getChatGroupId();
+        onChanged();
+        return this;
+      }
+      /**
+       * <pre>
+       * Separate chat groups for a session
+       * </pre>
+       *
+       * <code>string chat_group_id = 2;</code>
+       * @param value The bytes for chatGroupId to set.
+       * @return This builder for chaining.
+       */
+      public Builder setChatGroupIdBytes(
+          com.google.protobuf.ByteString value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
+        chatGroupId_ = value;
+        onChanged();
+        return this;
+      }
+
+      private java.lang.Object sender_ = "";
+      /**
+       * <code>string sender = 3;</code>
+       * @return The sender.
+       */
+      public java.lang.String getSender() {
+        java.lang.Object ref = sender_;
+        if (!(ref instanceof java.lang.String)) {
+          com.google.protobuf.ByteString bs =
+              (com.google.protobuf.ByteString) ref;
+          java.lang.String s = bs.toStringUtf8();
+          sender_ = s;
+          return s;
+        } else {
+          return (java.lang.String) ref;
+        }
+      }
+      /**
+       * <code>string sender = 3;</code>
+       * @return The bytes for sender.
+       */
+      public com.google.protobuf.ByteString
+      getSenderBytes() {
+        java.lang.Object ref = sender_;
+        if (ref instanceof String) {
+          com.google.protobuf.ByteString b =
+              com.google.protobuf.ByteString.copyFromUtf8(
+                  (java.lang.String) ref);
+          sender_ = b;
+          return b;
+        } else {
+          return (com.google.protobuf.ByteString) ref;
+        }
+      }
+      /**
+       * <code>string sender = 3;</code>
+       * @param value The sender to set.
+       * @return This builder for chaining.
+       */
+      public Builder setSender(
+          java.lang.String value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+
+        sender_ = value;
+        onChanged();
+        return this;
+      }
+      /**
+       * <code>string sender = 3;</code>
+       * @return This builder for chaining.
+       */
+      public Builder clearSender() {
+
+        sender_ = getDefaultInstance().getSender();
+        onChanged();
+        return this;
+      }
+      /**
+       * <code>string sender = 3;</code>
+       * @param value The bytes for sender to set.
+       * @return This builder for chaining.
+       */
+      public Builder setSenderBytes(
+          com.google.protobuf.ByteString value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
+        sender_ = value;
+        onChanged();
+        return this;
+      }
+
+      private java.lang.Object message_ = "";
+      /**
+       * <code>string message = 4;</code>
+       * @return The message.
+       */
+      public java.lang.String getMessage() {
+        java.lang.Object ref = message_;
+        if (!(ref instanceof java.lang.String)) {
+          com.google.protobuf.ByteString bs =
+              (com.google.protobuf.ByteString) ref;
+          java.lang.String s = bs.toStringUtf8();
+          message_ = s;
+          return s;
+        } else {
+          return (java.lang.String) ref;
+        }
+      }
+      /**
+       * <code>string message = 4;</code>
+       * @return The bytes for message.
+       */
+      public com.google.protobuf.ByteString
+      getMessageBytes() {
+        java.lang.Object ref = message_;
+        if (ref instanceof String) {
+          com.google.protobuf.ByteString b =
+              com.google.protobuf.ByteString.copyFromUtf8(
+                  (java.lang.String) ref);
+          message_ = b;
+          return b;
+        } else {
+          return (com.google.protobuf.ByteString) ref;
+        }
+      }
+      /**
+       * <code>string message = 4;</code>
+       * @param value The message to set.
+       * @return This builder for chaining.
+       */
+      public Builder setMessage(
+          java.lang.String value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+
+        message_ = value;
+        onChanged();
+        return this;
+      }
+      /**
+       * <code>string message = 4;</code>
+       * @return This builder for chaining.
+       */
+      public Builder clearMessage() {
+
+        message_ = getDefaultInstance().getMessage();
+        onChanged();
+        return this;
+      }
+      /**
+       * <code>string message = 4;</code>
+       * @param value The bytes for message to set.
+       * @return This builder for chaining.
+       */
+      public Builder setMessageBytes(
+          com.google.protobuf.ByteString value) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        checkByteStringIsUtf8(value);
+
+        message_ = value;
+        onChanged();
+        return this;
+      }
+
+      private long timestamp_ ;
+      /**
+       * <pre>
+       * Store as epoch time (milliseconds)
+       * </pre>
+       *
+       * <code>int64 timestamp = 5;</code>
+       * @return The timestamp.
+       */
+      @java.lang.Override
+      public long getTimestamp() {
+        return timestamp_;
+      }
+      /**
+       * <pre>
+       * Store as epoch time (milliseconds)
+       * </pre>
+       *
+       * <code>int64 timestamp = 5;</code>
+       * @param value The timestamp to set.
+       * @return This builder for chaining.
+       */
+      public Builder setTimestamp(long value) {
+
+        timestamp_ = value;
+        onChanged();
+        return this;
+      }
+      /**
+       * <pre>
+       * Store as epoch time (milliseconds)
+       * </pre>
+       *
+       * <code>int64 timestamp = 5;</code>
+       * @return This builder for chaining.
+       */
+      public Builder clearTimestamp() {
+
+        timestamp_ = 0L;
+        onChanged();
+        return this;
+      }
+      @java.lang.Override
+      public final Builder setUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.setUnknownFields(unknownFields);
+      }
+
+      @java.lang.Override
+      public final Builder mergeUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.mergeUnknownFields(unknownFields);
+      }
+
+
+      // @@protoc_insertion_point(builder_scope:io.sentrius.sso.protobuf.ChatMessage)
+    }
+
+    // @@protoc_insertion_point(class_scope:io.sentrius.sso.protobuf.ChatMessage)
+    private static final io.sentrius.sso.protobuf.Session.ChatMessage DEFAULT_INSTANCE;
+    static {
+      DEFAULT_INSTANCE = new io.sentrius.sso.protobuf.Session.ChatMessage();
+    }
+
+    public static io.sentrius.sso.protobuf.Session.ChatMessage getDefaultInstance() {
+      return DEFAULT_INSTANCE;
+    }
+
+    private static final com.google.protobuf.Parser<ChatMessage>
+        PARSER = new com.google.protobuf.AbstractParser<ChatMessage>() {
+      @java.lang.Override
+      public ChatMessage parsePartialFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        return new ChatMessage(input, extensionRegistry);
+      }
+    };
+
+    public static com.google.protobuf.Parser<ChatMessage> parser() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Parser<ChatMessage> getParserForType() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public io.sentrius.sso.protobuf.Session.ChatMessage getDefaultInstanceForType() {
+      return DEFAULT_INSTANCE;
+    }
+
+  }
+
+  private static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_io_sentrius_protobuf_Trigger_descriptor;
+  private static final
+  com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_io_sentrius_protobuf_Trigger_fieldAccessorTable;
+  private static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_io_sentrius_protobuf_TerminalMessage_descriptor;
+  private static final
+  com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_io_sentrius_protobuf_TerminalMessage_fieldAccessorTable;
+  private static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_io_sentrius_protobuf_ChatMessage_descriptor;
+  private static final
+  com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_io_sentrius_protobuf_ChatMessage_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+  getDescriptor() {
     return descriptor;
   }
   private static  com.google.protobuf.Descriptors.FileDescriptor
       descriptor;
   static {
     java.lang.String[] descriptorData = {
-      "\n\034src/main/proto/session.proto\022\031io.datag" +
-      "uardians.protobuf\"X\n\007Trigger\0228\n\006action\030\001" +
-      " \001(\0162(.io.sentrius.protobuf.Trigger" +
-      "Action\022\023\n\013description\030\002 \001(\t\"\301\001\n\017Terminal" +
-      "Message\022\021\n\tsessionId\030\001 \001(\t\0224\n\004type\030\002 \001(\016" +
-      "2&.io.sentrius.protobuf.MessageType" +
-      "\0223\n\007trigger\030\003 \001(\0132\".io.sentrius.pro" +
-      "tobuf.Trigger\022\017\n\007keycode\030\004 \001(\001\022\017\n\007comman" +
-      "d\030\005 \001(\t\022\016\n\006prompt\030\006 \001(\t*\330\001\n\rTriggerActio" +
-      "n\022\r\n\tNO_ACTION\020\000\022\016\n\nLOG_ACTION\020\001\022\020\n\014ALER" +
-      "T_ACTION\020\002\022\017\n\013WARN_ACTION\020\003\022\017\n\013DENY_ACTI" +
-      "ON\020\004\022\016\n\nJIT_ACTION\020\005\022\021\n\rRECORD_ACTION\020\006\022" +
-      "\022\n\016APPROVE_ACTION\020\007\022\026\n\022PERSISTENT_MESSAG" +
-      "E\020\010\022\022\n\016CONVERT_ACTION\020\t\022\021\n\rPROMPT_ACTION" +
-      "\020\n*_\n\013MessageType\022\r\n\tHEARTBEAT\020\000\022\r\n\tUSER" +
-      "_DATA\020\001\022\020\n\014SESSION_DATA\020\003\022\017\n\013PROMPT_DATA" +
-      "\020\004\022\017\n\013USER_PROMPT\020\005b\006proto3"
+        "\n\034src/main/proto/session.proto\022\024io.sentr" +
+            "ius.protobuf\"S\n\007Trigger\0223\n\006action\030\001 \001(\0162" +
+            "#.io.sentrius.sso.protobuf.TriggerAction\022\023\n\013" +
+            "description\030\002 \001(\t\"\267\001\n\017TerminalMessage\022\021\n" +
+            "\tsessionId\030\001 \001(\t\022/\n\004type\030\002 \001(\0162!.io.sent" +
+            "rius.protobuf.MessageType\022.\n\007trigger\030\003 \001" +
+            "(\0132\035.io.sentrius.sso.protobuf.Trigger\022\017\n\007key" +
+            "code\030\004 \001(\001\022\017\n\007command\030\005 \001(\t\022\016\n\006prompt\030\006 " +
+            "\001(\t\"l\n\013ChatMessage\022\022\n\nsession_id\030\001 \001(\003\022\025" +
+            "\n\rchat_group_id\030\002 \001(\t\022\016\n\006sender\030\003 \001(\t\022\017\n" +
+            "\007message\030\004 \001(\t\022\021\n\ttimestamp\030\005 \001(\003*\330\001\n\rTr" +
+            "iggerAction\022\r\n\tNO_ACTION\020\000\022\016\n\nLOG_ACTION" +
+            "\020\001\022\020\n\014ALERT_ACTION\020\002\022\017\n\013WARN_ACTION\020\003\022\017\n" +
+            "\013DENY_ACTION\020\004\022\016\n\nJIT_ACTION\020\005\022\021\n\rRECORD" +
+            "_ACTION\020\006\022\022\n\016APPROVE_ACTION\020\007\022\026\n\022PERSIST" +
+            "ENT_MESSAGE\020\010\022\022\n\016CONVERT_ACTION\020\t\022\021\n\rPRO" +
+            "MPT_ACTION\020\n*_\n\013MessageType\022\r\n\tHEARTBEAT" +
+            "\020\000\022\r\n\tUSER_DATA\020\001\022\020\n\014SESSION_DATA\020\003\022\017\n\013P" +
+            "ROMPT_DATA\020\004\022\017\n\013USER_PROMPT\020\005b\006proto3"
     };
     descriptor = com.google.protobuf.Descriptors.FileDescriptor
-      .internalBuildGeneratedFileFrom(descriptorData,
-        new com.google.protobuf.Descriptors.FileDescriptor[] {
-        });
-    internal_static_io_dataguardians_protobuf_Trigger_descriptor =
-      getDescriptor().getMessageTypes().get(0);
-    internal_static_io_dataguardians_protobuf_Trigger_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_io_dataguardians_protobuf_Trigger_descriptor,
+        .internalBuildGeneratedFileFrom(descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+            });
+    internal_static_io_sentrius_protobuf_Trigger_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_io_sentrius_protobuf_Trigger_fieldAccessorTable = new
+        com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_io_sentrius_protobuf_Trigger_descriptor,
         new java.lang.String[] { "Action", "Description", });
-    internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor =
-      getDescriptor().getMessageTypes().get(1);
-    internal_static_io_dataguardians_protobuf_TerminalMessage_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_io_dataguardians_protobuf_TerminalMessage_descriptor,
+    internal_static_io_sentrius_protobuf_TerminalMessage_descriptor =
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_io_sentrius_protobuf_TerminalMessage_fieldAccessorTable = new
+        com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_io_sentrius_protobuf_TerminalMessage_descriptor,
         new java.lang.String[] { "SessionId", "Type", "Trigger", "Keycode", "Command", "Prompt", });
+    internal_static_io_sentrius_protobuf_ChatMessage_descriptor =
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_io_sentrius_protobuf_ChatMessage_fieldAccessorTable = new
+        com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_io_sentrius_protobuf_ChatMessage_descriptor,
+        new java.lang.String[] { "SessionId", "ChatGroupId", "Sender", "Message", "Timestamp", });
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/core/src/main/proto/session.proto b/core/src/main/proto/session.proto
index 0327db0b..58b62d6b 100644
--- a/core/src/main/proto/session.proto
+++ b/core/src/main/proto/session.proto
@@ -1,6 +1,6 @@
 syntax = "proto3";
 
-package io.sentrius.protobuf;
+package io.sentrius.sso.protobuf;
 
 enum TriggerAction {
   NO_ACTION = 0;
@@ -37,3 +37,11 @@ message TerminalMessage {
   string command = 5;
   string prompt = 6;
 }
+
+message ChatMessage {
+  int64 session_id = 1;
+  string chat_group_id = 2; // Separate chat groups for a session
+  string sender = 3;
+  string message = 4;
+  int64 timestamp = 5; // Store as epoch time (milliseconds)
+}
diff --git a/analyagents/.mvn/jvm.config b/java-agent/.mvn/jvm.config
similarity index 100%
rename from analyagents/.mvn/jvm.config
rename to java-agent/.mvn/jvm.config
diff --git a/analyagents/.mvn/maven.config b/java-agent/.mvn/maven.config
similarity index 100%
rename from analyagents/.mvn/maven.config
rename to java-agent/.mvn/maven.config
diff --git a/analyagents/pom.xml b/java-agent/pom.xml
similarity index 98%
rename from analyagents/pom.xml
rename to java-agent/pom.xml
index 26ad89b3..bc3e9d94 100644
--- a/analyagents/pom.xml
+++ b/java-agent/pom.xml
@@ -8,10 +8,10 @@
   </parent>
 
   <groupId>analysis</groupId>
-  <artifactId>analyagents</artifactId>
+  <artifactId>java-agent</artifactId>
   <version>1.0-SNAPSHOT</version>
 
-  <name>analyagents</name>
+  <name>java-agent</name>
   <url>http://www.sentrius.io</url>
 
   <properties>
diff --git a/analyagents/src/main/java/io/sentrius/agent/analysis/Agent.java b/java-agent/src/main/java/io/sentrius/agent/analysis/Agent.java
similarity index 100%
rename from analyagents/src/main/java/io/sentrius/agent/analysis/Agent.java
rename to java-agent/src/main/java/io/sentrius/agent/analysis/Agent.java
diff --git a/analyagents/src/main/java/io/sentrius/agent/analysis/agents/sessions/SessionAnalyticsAgent.java b/java-agent/src/main/java/io/sentrius/agent/analysis/agents/sessions/SessionAnalyticsAgent.java
similarity index 100%
rename from analyagents/src/main/java/io/sentrius/agent/analysis/agents/sessions/SessionAnalyticsAgent.java
rename to java-agent/src/main/java/io/sentrius/agent/analysis/agents/sessions/SessionAnalyticsAgent.java
diff --git a/analyagents/src/main/java/io/sentrius/agent/analysis/api/AgentController.java b/java-agent/src/main/java/io/sentrius/agent/analysis/api/AgentController.java
similarity index 100%
rename from analyagents/src/main/java/io/sentrius/agent/analysis/api/AgentController.java
rename to java-agent/src/main/java/io/sentrius/agent/analysis/api/AgentController.java
diff --git a/analyagents/src/main/java/io/sentrius/agent/analysis/model/AgentStatus.java b/java-agent/src/main/java/io/sentrius/agent/analysis/model/AgentStatus.java
similarity index 100%
rename from analyagents/src/main/java/io/sentrius/agent/analysis/model/AgentStatus.java
rename to java-agent/src/main/java/io/sentrius/agent/analysis/model/AgentStatus.java
diff --git a/analyagents/src/main/java/io/sentrius/agent/analysis/sinks/log/LogSink.java b/java-agent/src/main/java/io/sentrius/agent/analysis/sinks/log/LogSink.java
similarity index 100%
rename from analyagents/src/main/java/io/sentrius/agent/analysis/sinks/log/LogSink.java
rename to java-agent/src/main/java/io/sentrius/agent/analysis/sinks/log/LogSink.java
diff --git a/analyagents/src/main/resources/application.properties b/java-agent/src/main/resources/application.properties
similarity index 100%
rename from analyagents/src/main/resources/application.properties
rename to java-agent/src/main/resources/application.properties
diff --git a/analyagents/src/test/java/io/sentrius/sentrius/analysis/AppTest.java b/java-agent/src/test/java/io/sentrius/sentrius/analysis/AppTest.java
similarity index 100%
rename from analyagents/src/test/java/io/sentrius/sentrius/analysis/AppTest.java
rename to java-agent/src/test/java/io/sentrius/sentrius/analysis/AppTest.java
diff --git a/analyagents/sso.jceks b/java-agent/sso.jceks
similarity index 100%
rename from analyagents/sso.jceks
rename to java-agent/sso.jceks
diff --git a/pom.xml b/pom.xml
index 3b081889..796676c5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
   <modules>
     <module>core</module>
     <module>api</module>
-    <module>analyagents</module>
+    <module>java-agent</module>
   </modules>
   <properties>
     <java.version>17</java.version>