diff --git a/Cargo.lock b/Cargo.lock
index f69e9229e..ccc1985bd 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1150,7 +1150,7 @@ checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
 [[package]]
 name = "beacon"
 version = "0.1.0"
-source = "git+https://github.com/helium/gateway-rs.git?branch=jg/temp-proto-upgrade#c65db8cdce335b6ddc763075c30b55f55a6da6a3"
+source = "git+https://github.com/helium/gateway-rs.git?branch=jg/temp-proto-upgrade#f82996162cedcc6768e2a1713aaa7d9e05e8b50c"
 dependencies = [
  "base64 0.21.0",
  "byteorder",
@@ -3003,7 +3003,7 @@ dependencies = [
 [[package]]
 name = "helium-proto"
 version = "0.1.0"
-source = "git+https://github.com/helium/proto?branch=jg/oracle-admin-keys#fce7335b18a0f837062ea1408c7fbac7c09b0a5a"
+source = "git+https://github.com/helium/proto?branch=jg/oracle-admin-keys#e6175e628530f3b3b44bbab2b7345a47e4e9b568"
 dependencies = [
  "bytes",
  "prost",
diff --git a/iot_config/src/admin_service.rs b/iot_config/src/admin_service.rs
index 4abf6b1a9..933640fb2 100644
--- a/iot_config/src/admin_service.rs
+++ b/iot_config/src/admin_service.rs
@@ -49,7 +49,11 @@ impl AdminService {
         })
     }
 
-    fn verify_request_signature<R>(&self, signer: &PublicKey, request: &R) -> Result<(), Status>
+    fn verify_admin_request_signature<R>(
+        &self,
+        signer: &PublicKey,
+        request: &R,
+    ) -> Result<(), Status>
     where
         R: MsgVerify,
     {
@@ -59,6 +63,16 @@ impl AdminService {
         Ok(())
     }
 
+    fn verify_request_signature<R>(&self, signer: &PublicKey, request: &R) -> Result<(), Status>
+    where
+        R: MsgVerify,
+    {
+        self.auth_cache
+            .verify_signature(signer, request)
+            .map_err(|_| Status::permission_denied("invalid request signature"))?;
+        Ok(())
+    }
+
     fn verify_network(&self, public_key: PublicKey) -> Result<PublicKey, Status> {
         if self.required_network == public_key.network {
             Ok(public_key)
@@ -91,7 +105,7 @@ impl iot_config::Admin for AdminService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request)?;
+        self.verify_admin_request_signature(&signer, &request)?;
 
         let key_type = request.key_type().into();
         let pubkey = self
@@ -137,7 +151,7 @@ impl iot_config::Admin for AdminService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request)?;
+        self.verify_admin_request_signature(&signer, &request)?;
 
         admin::remove_key(request.pubkey.clone().into(), &self.pool)
             .and_then(|deleted| async move {
@@ -177,7 +191,7 @@ impl iot_config::Admin for AdminService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request)?;
+        self.verify_admin_request_signature(&signer, &request)?;
 
         let region = request.region();
 
diff --git a/iot_config/src/org_service.rs b/iot_config/src/org_service.rs
index 64ff478f7..2aba3bb9c 100644
--- a/iot_config/src/org_service.rs
+++ b/iot_config/src/org_service.rs
@@ -60,7 +60,7 @@ impl OrgService {
             .map_err(|_| Status::invalid_argument(format!("invalid public key: {bytes:?}")))
     }
 
-    async fn verify_request_signature<R>(
+    fn verify_admin_request_signature<R>(
         &self,
         signer: &PublicKey,
         request: &R,
@@ -74,6 +74,16 @@ impl OrgService {
         Ok(())
     }
 
+    fn verify_request_signature<R>(&self, signer: &PublicKey, request: &R) -> Result<(), Status>
+    where
+        R: MsgVerify,
+    {
+        self.auth_cache
+            .verify_signature(signer, request)
+            .map_err(|_| Status::permission_denied("invalid request signature"))?;
+        Ok(())
+    }
+
     fn sign_response<R>(&self, response: &R) -> Result<Vec<u8>, Status>
     where
         R: Message,
@@ -147,7 +157,7 @@ impl iot_config::Org for OrgService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request).await?;
+        self.verify_admin_request_signature(&signer, &request)?;
 
         let mut verify_keys: Vec<&[u8]> = vec![request.owner.as_ref(), request.payer.as_ref()];
         let mut verify_delegates: Vec<&[u8]> = request
@@ -219,7 +229,7 @@ impl iot_config::Org for OrgService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request).await?;
+        self.verify_admin_request_signature(&signer, &request)?;
 
         let mut verify_keys: Vec<&[u8]> = vec![request.owner.as_ref(), request.payer.as_ref()];
         let mut verify_delegates: Vec<&[u8]> = request
@@ -286,7 +296,7 @@ impl iot_config::Org for OrgService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request).await?;
+        self.verify_request_signature(&signer, &request)?;
 
         if !org::is_locked(request.oui, &self.pool)
             .await
@@ -351,7 +361,7 @@ impl iot_config::Org for OrgService {
         let request = request.into_inner();
 
         let signer = self.verify_public_key(&request.signer)?;
-        self.verify_request_signature(&signer, &request).await?;
+        self.verify_request_signature(&signer, &request)?;
 
         if org::is_locked(request.oui, &self.pool)
             .await