diff --git a/proto/spaceone/api/identity/v2/api_key.proto b/proto/spaceone/api/identity/v2/api_key.proto
index bdd2df016..ae7b36ab8 100644
--- a/proto/spaceone/api/identity/v2/api_key.proto
+++ b/proto/spaceone/api/identity/v2/api_key.proto
@@ -46,6 +46,13 @@ service APIKey {
         };
     }
 
+    rpc verify (VerifyAPIKeyRequest) returns (APIKeyInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/api-key/verify"
+            body: "*"
+        };
+    }
+
     rpc get (APIKeyRequest) returns (APIKeyInfo) {
         option (google.api.http) = {
             post: "/identity/v2/api-key/get"
@@ -73,6 +80,7 @@ message CreateAPIKeyRequest {
     // +optional
     string name = 2;
     string domain_id = 21;
+    string expired_at = 22;
 }
 
 message UpdateAPIKeyRequest {
@@ -82,6 +90,18 @@ message UpdateAPIKeyRequest {
     string domain_id = 21;
 }
 
+message VerifyAPIKeyRequest {
+    enum API_KEY_TYPE {
+        NONE_API_KEY_TYPE = 0;
+        ACCESS_KEY = 1;
+        SECRET_KEY = 2;
+    }
+    string api_key_id = 1;
+    API_KEY_TYPE api_key_type = 2;
+    string domain_id = 21;
+    string app_id = 22;
+    string user_id = 23;
+}
 message APIKeyRequest {
     string api_key_id = 1;
     string domain_id = 21;
@@ -101,6 +121,7 @@ message APIKeyInfo {
     string user_id = 22;
     string created_at = 31;
     string last_accessed_at = 32;
+    string expired_at = 33;
 }
 
 message APIKeySearchQuery {
diff --git a/proto/spaceone/api/identity/v2/app.proto b/proto/spaceone/api/identity/v2/app.proto
new file mode 100644
index 000000000..76597a193
--- /dev/null
+++ b/proto/spaceone/api/identity/v2/app.proto
@@ -0,0 +1,182 @@
+syntax = "proto3";
+
+package spaceone.api.identity.v2;
+
+option go_package = "github.com/cloudforet-io/api/dist/go/spaceone/api/identity/v2";
+
+import "google/protobuf/empty.proto";
+import "google/protobuf/struct.proto";
+import "google/api/annotations.proto";
+import "spaceone/api/core/v1/query.proto";
+
+
+service App {
+    rpc create (CreateAppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/create"
+            body: "*"
+        };
+    }
+
+    rpc update (UpdateAppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/update"
+            body: "*"
+        };
+    }
+
+    rpc generate_api_key (AppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/generate-api-key"
+            body: "*"
+        };
+    }
+
+    rpc enable (AppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/enable"
+            body: "*"
+        };
+    }
+
+    rpc disable (AppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/disable"
+            body: "*"
+        };
+    }
+
+    rpc delete (AppRequest) returns (google.protobuf.Empty) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/delete"
+            body: "*"
+        };
+    }
+
+    rpc get (AppRequest) returns (AppInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/get"
+            body: "*"
+        };
+    }
+
+    rpc list (AppSearchQuery) returns (AppsInfo) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/list"
+            body: "*"
+        };
+    }
+
+    rpc stat (AppStatQuery) returns (google.protobuf.Struct) {
+        option (google.api.http) = {
+            post: "/identity/v2/app/stat"
+            body: "*"
+        };
+    }
+}
+
+message CreateAppRequest {
+    string name = 1;
+    string role_id = 2;
+    string scope = 3;
+    google.protobuf.Struct tags = 4;
+    string domain_id = 21;
+    string workspace_id = 22;
+    string expired_at = 31;
+}
+
+message UpdateAppRequest {
+    string app_id = 1;
+    // +optional
+    string name = 2;
+    // +optional
+    google.protobuf.Struct tags = 3;
+    string domain_id = 21;
+    // +optional
+    string workspace_id = 22;
+}
+
+message AppRequest {
+    string app_id = 1;
+    string domain_id = 21;
+    // +optional
+    string workspace_id = 22;
+}
+
+message AppInfo {
+    enum State {
+        NONE_STATE = 0;
+        ENABLED = 1;
+        DISABLED = 2;
+    }
+
+    string app_id = 1;
+    string api_key = 2;
+    State state = 3;
+    string domain_id = 21;
+    string user_id = 22;
+    string role_id = 23;
+    string api_key_id = 24;
+    string created_at = 31;
+    string last_accessed_at = 32;
+    string expired_at = 33;
+}
+
+message AppSearchQuery {
+    enum State {
+        NONE_STATE = 0;
+        ENABLED = 1;
+        DISABLED = 2;
+    }
+
+    enum Scope {
+        NONE_SCOPE = 0;
+        DOMAIN = 1;
+        WORKSPACE = 2;
+    }
+
+    // +optional
+    spaceone.api.core.v1.Query query = 1;
+    // +optional
+    string app_id = 2;
+    // +optional
+    string app_key = 3;
+    // +optional
+    string name = 4;
+    // +optional
+    State state = 5;
+    // +optional
+    Scope scope = 6;
+    // +optional
+    string role_type = 7;
+    string domain_id = 21;
+    // +optional
+    string workspace_id = 22;
+    // +optional
+    string role_id = 23;
+}
+
+message AppsInfo {
+    repeated AppInfo results = 1;
+    int32 total_count = 2;
+}
+
+message AppStatQuery {
+    enum State {
+        NONE_STATE = 0;
+        ENABLED = 1;
+        DISABLED = 2;
+    }
+
+    spaceone.api.core.v1.StatisticsQuery query = 1;
+    string app_key = 2;
+    string name = 3;
+    State state = 4;
+    string scope = 5;
+    string role_type = 6;
+    string domain_id = 21;
+    string workspace_id = 22;
+    string app_id = 23;
+    string role_id = 24;
+
+}
\ No newline at end of file
diff --git a/proto/spaceone/api/identity/v2/user.proto b/proto/spaceone/api/identity/v2/user.proto
index 43c537e21..ebaa1d0ca 100644
--- a/proto/spaceone/api/identity/v2/user.proto
+++ b/proto/spaceone/api/identity/v2/user.proto
@@ -129,12 +129,6 @@ enum AuthType {
     EXTERNAL = 2;
 }
 
-enum UserType {
-    NONE_USER_TYPE = 0;
-    USER = 1;
-    API_USER = 2;
-}
-
 enum UserRequiredAction {
     UPDATE_PASSWORD = 0;
 }
@@ -179,21 +173,19 @@ message CreateUserRequest {
     string name = 3;
     // +optional
     string email = 4;
-    // +optional
-    UserType user_type = 5;
-    AuthType auth_type = 6;
+    AuthType auth_type = 5;
     // en,ko
     // +optional
-    string language = 7;
+    string language = 6;
     // UTC, Asia/Seoul
     // +optional
-    string timezone = 8;
+    string timezone = 7;
     // +optional
-    google.protobuf.Struct tags = 9;
+    google.protobuf.Struct tags = 8;
     // If reset_password is true, send email
-    bool reset_password = 10;
+    bool reset_password = 9;
     // +optional
-    UserRoleBinding role_binding = 11;
+    UserRoleBinding role_binding = 10;
     string domain_id = 21;
 }
 
@@ -298,9 +290,7 @@ message UserSearchQuery {
     // +optional
     string email = 5;
     // +optional
-    UserType user_type = 6;
-    // +optional
-    AuthType auth_type = 7;
+    AuthType auth_type = 6;
     // +optional
     string domain_id = 21;
     string workspace_id = 22;
@@ -328,10 +318,9 @@ message UserInfo {
     State state = 3;
     string email = 4;
     bool email_verified = 5;
-    UserType user_type = 6;
-    AuthType auth_type = 7;
-    RoleType role_type = 8;
-    MFA mfa = 9;
+    AuthType auth_type = 6;
+    RoleType role_type = 7;
+    MFA mfa = 8;
     string language = 10;
     string timezone = 11;
     repeated UserRequiredAction required_actions = 12;