massive services -> share boatload (#144)

2025-04-11 12:58:24 +02:00 · 2023-01-04 13:43:37 -05:00 · 2023-01-04 13:43:37 -05:00 · fe89551bfb
commit fe89551bfb
parent 9572ed3c73
92 changed files with 1091 additions and 2220 deletions
--- a/cmd/zrok/accessPrivate.go
+++ b/cmd/zrok/accessPrivate.go
@ -5,7 +5,7 @@ import (
 	httptransport "github.com/go-openapi/runtime/client"
 	"github.com/openziti-test-kitchen/zrok/endpoints/privateFrontend"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/sirupsen/logrus"
@ -38,7 +38,7 @@ func newAccessPrivateCommand() *accessPrivateCommand {
 }
 func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
-	svcToken := args[0]
+	shrToken := args[0]
 	endpointUrl, err := url.Parse("http://" + cmd.bindAddress)
 	if err != nil {
@ -64,12 +64,12 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewAccessParams()
+	req := share.NewAccessParams()
 	req.Body = &rest_model_zrok.AccessRequest{
-		SvcToken: svcToken,
+		ShrToken: shrToken,
 		EnvZID:   env.ZId,
 	}
-	accessResp, err := zrok.Service.Access(req, auth)
+	accessResp, err := zrok.Share.Access(req, auth)
 	if err != nil {
 		if !panicInstead {
 			showError("unable to access", err)
@ -79,14 +79,14 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	logrus.Infof("allocated frontend '%v'", accessResp.Payload.FrontendToken)
 	cfg := privateFrontend.DefaultConfig("backend")
-	cfg.SvcToken = svcToken
+	cfg.SvcToken = shrToken
 	cfg.Address = cmd.bindAddress
 	c := make(chan os.Signal)
 	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
 	go func() {
 		<-c
-		cmd.destroy(accessResp.Payload.FrontendToken, env.ZId, svcToken, zrok, auth)
+		cmd.destroy(accessResp.Payload.FrontendToken, env.ZId, shrToken, zrok, auth)
 		os.Exit(0)
 	}()
@ -109,13 +109,13 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 func (cmd *accessPrivateCommand) destroy(frotendName, envZId, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
 	logrus.Debugf("shutting down '%v'", svcToken)
-	req := service.NewUnaccessParams()
+	req := share.NewUnaccessParams()
 	req.Body = &rest_model_zrok.UnaccessRequest{
 		FrontendToken: frotendName,
-		SvcToken:      svcToken,
+		ShrToken:      svcToken,
 		EnvZID:        envZId,
 	}
-	if _, err := zrok.Service.Unaccess(req, auth); err == nil {
+	if _, err := zrok.Share.Unaccess(req, auth); err == nil {
 		logrus.Debugf("shutdown complete")
 	} else {
 		logrus.Errorf("error shutting down: %v", err)
--- a/cmd/zrok/loop.go
+++ b/cmd/zrok/loop.go
@ -8,7 +8,7 @@ import (
 	httptransport "github.com/go-openapi/runtime/client"
 	"github.com/openziti-test-kitchen/zrok/model"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/util"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
@ -110,7 +110,7 @@ type looper struct {
 	listener      edge.Listener
 	zif           string
 	zrok          *rest_client_zrok.Zrok
-	service       string
+	shrToken      string
 	proxyEndpoint string
 	auth          runtime.ClientAuthInfoWriter
 	mismatches    int
@ -134,7 +134,7 @@ func (l *looper) run() {
 	defer logrus.Infof("stopping #%d", l.id)
 	l.startup()
-	logrus.Infof("looper #%d, service: %v, frontend: %v", l.id, l.service, l.proxyEndpoint)
+	logrus.Infof("looper #%d, shrToken: %v, frontend: %v", l.id, l.shrToken, l.proxyEndpoint)
 	go l.serviceListener()
 	l.dwell()
 	l.iterate()
@ -152,7 +152,7 @@ func (l *looper) serviceListener() {
 		ConnectTimeout: 5 * time.Minute,
 		MaxConnections: 10,
 	}
-	if l.listener, err = ziti.NewContextWithConfig(zcfg).ListenWithOptions(l.service, &opts); err == nil {
+	if l.listener, err = ziti.NewContextWithConfig(zcfg).ListenWithOptions(l.shrToken, &opts); err == nil {
 		if err := http.Serve(l.listener, l); err != nil {
 			logrus.Errorf("looper #%d, error serving: %v", l.id, err)
 		}
@ -184,7 +184,7 @@ func (l *looper) startup() {
 		panic(err)
 	}
 	l.auth = httptransport.APIKeyAuth("x-token", "header", l.env.Token)
-	tunnelReq := service.NewShareParams()
+	tunnelReq := share.NewShareParams()
 	tunnelReq.Body = &rest_model_zrok.ShareRequest{
 		EnvZID:               l.env.ZId,
 		ShareMode:            "public",
@ -194,11 +194,11 @@ func (l *looper) startup() {
 		AuthScheme:           string(model.None),
 	}
 	tunnelReq.SetTimeout(60 * time.Second)
-	tunnelResp, err := l.zrok.Service.Share(tunnelReq, l.auth)
+	tunnelResp, err := l.zrok.Share.Share(tunnelReq, l.auth)
 	if err != nil {
 		panic(err)
 	}
-	l.service = tunnelResp.Payload.SvcToken
+	l.shrToken = tunnelResp.Payload.ShrToken
 	l.proxyEndpoint = tunnelResp.Payload.FrontendProxyEndpoints[0]
 }
@ -260,12 +260,12 @@ func (l *looper) shutdown() {
 		}
 	}
-	untunnelReq := service.NewUnshareParams()
+	untunnelReq := share.NewUnshareParams()
 	untunnelReq.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   l.env.ZId,
-		SvcToken: l.service,
+		ShrToken: l.shrToken,
 	}
-	if _, err := l.zrok.Service.Unshare(untunnelReq, l.auth); err != nil {
+	if _, err := l.zrok.Share.Unshare(untunnelReq, l.auth); err != nil {
 		logrus.Errorf("error shutting down looper #%d: %v", l.id, err)
 	}
 }
--- a/cmd/zrok/release.go
+++ b/cmd/zrok/release.go
@ -3,7 +3,7 @@ package main
 import (
 	ui "github.com/gizak/termui/v3"
 	httptransport "github.com/go-openapi/runtime/client"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/sirupsen/logrus"
@ -49,13 +49,13 @@ func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewUnshareParams()
+	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   env.ZId,
-		SvcToken: svcToken,
+		ShrToken: svcToken,
 		Reserved: true,
 	}
-	if _, err := zrok.Service.Unshare(req, auth); err != nil {
+	if _, err := zrok.Share.Unshare(req, auth); err != nil {
 		if !panicInstead {
 			showError("error releasing service", err)
 		}
--- a/cmd/zrok/reserve.go
+++ b/cmd/zrok/reserve.go
@ -4,7 +4,7 @@ import (
 	ui "github.com/gizak/termui/v3"
 	httptransport "github.com/go-openapi/runtime/client"
 	"github.com/openziti-test-kitchen/zrok/model"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/pkg/errors"
@ -72,7 +72,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewShareParams()
+	req := share.NewShareParams()
 	req.Body = &rest_model_zrok.ShareRequest{
 		EnvZID:               env.ZId,
 		ShareMode:            shareMode,
@ -97,7 +97,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 		}
 	}
-	resp, err := zrok.Service.Share(req, auth)
+	resp, err := zrok.Share.Share(req, auth)
 	if err != nil {
 		if !panicInstead {
 			showError("unable to create tunnel", err)
@ -105,7 +105,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
-	logrus.Infof("your reserved service token is '%v'", resp.Payload.SvcToken)
+	logrus.Infof("your reserved service token is '%v'", resp.Payload.ShrToken)
 	for _, fpe := range resp.Payload.FrontendProxyEndpoints {
 		logrus.Infof("reserved frontend endpoint: %v", fpe)
 	}
--- a/cmd/zrok/sharePrivate.go
+++ b/cmd/zrok/sharePrivate.go
@ -9,7 +9,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/endpoints/webBackend"
 	"github.com/openziti-test-kitchen/zrok/model"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/pkg/errors"
@ -94,7 +94,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewShareParams()
+	req := share.NewShareParams()
 	req.Body = &rest_model_zrok.ShareRequest{
 		EnvZID:               env.ZId,
 		ShareMode:            "private",
@ -114,7 +114,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 			}
 		}
 	}
-	resp, err := zrok.Service.Share(req, auth)
+	resp, err := zrok.Share.Share(req, auth)
 	if err != nil {
 		ui.Close()
 		if !panicInstead {
@ -127,7 +127,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
 	go func() {
 		<-c
-		cmd.destroy(env.ZId, resp.Payload.SvcToken, zrok, auth)
+		cmd.destroy(env.ZId, resp.Payload.ShrToken, zrok, auth)
 		os.Exit(0)
 	}()
@ -136,7 +136,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		cfg := &proxyBackend.Config{
 			IdentityPath:    zif,
 			EndpointAddress: target,
-			Service:         resp.Payload.SvcToken,
+			Service:         resp.Payload.ShrToken,
 		}
 		_, err = cmd.proxyBackendMode(cfg)
 		if err != nil {
@ -151,7 +151,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		cfg := &webBackend.Config{
 			IdentityPath: zif,
 			WebRoot:      target,
-			Service:      resp.Payload.SvcToken,
+			Service:      resp.Payload.ShrToken,
 		}
 		_, err = cmd.webBackendMode(cfg)
 		if err != nil {
@ -167,7 +167,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		showError("invalid backend mode", nil)
 	}
-	logrus.Infof("share your zrok service; use this command for access: 'zrok access private %v'", resp.Payload.SvcToken)
+	logrus.Infof("share your zrok service; use this command for access: 'zrok access private %v'", resp.Payload.ShrToken)
 	for {
 		time.Sleep(30 * time.Second)
@ -206,12 +206,12 @@ func (cmd *sharePrivateCommand) webBackendMode(cfg *webBackend.Config) (backendH
 func (cmd *sharePrivateCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
 	logrus.Debugf("shutting down '%v'", svcToken)
-	req := service.NewUnshareParams()
+	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   id,
-		SvcToken: svcToken,
+		ShrToken: svcToken,
 	}
-	if _, err := zrok.Service.Unshare(req, auth); err == nil {
+	if _, err := zrok.Share.Unshare(req, auth); err == nil {
 		logrus.Debugf("shutdown complete")
 	} else {
 		logrus.Errorf("error shutting down: %v", err)
--- a/cmd/zrok/sharePublic.go
+++ b/cmd/zrok/sharePublic.go
@ -11,7 +11,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/endpoints/webBackend"
 	"github.com/openziti-test-kitchen/zrok/model"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/pkg/errors"
@ -113,7 +113,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewShareParams()
+	req := share.NewShareParams()
 	req.Body = &rest_model_zrok.ShareRequest{
 		EnvZID:               env.ZId,
 		ShareMode:            "public",
@ -134,7 +134,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 			}
 		}
 	}
-	resp, err := zrok.Service.Share(req, auth)
+	resp, err := zrok.Share.Share(req, auth)
 	if err != nil {
 		ui.Close()
 		if !panicInstead {
@ -147,7 +147,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
 	go func() {
 		<-c
-		cmd.destroy(env.ZId, resp.Payload.SvcToken, zrok, auth)
+		cmd.destroy(env.ZId, resp.Payload.ShrToken, zrok, auth)
 		os.Exit(0)
 	}()
@ -157,7 +157,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		cfg := &proxyBackend.Config{
 			IdentityPath:    zif,
 			EndpointAddress: target,
-			Service:         resp.Payload.SvcToken,
+			Service:         resp.Payload.ShrToken,
 		}
 		bh, err = cmd.proxyBackendMode(cfg)
 		if err != nil {
@ -172,7 +172,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		cfg := &webBackend.Config{
 			IdentityPath: zif,
 			WebRoot:      target,
-			Service:      resp.Payload.SvcToken,
+			Service:      resp.Payload.ShrToken,
 		}
 		bh, err = cmd.webBackendMode(cfg)
 		if err != nil {
@ -229,7 +229,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 					switch e.ID {
 					case "q", "<C-c>":
 						ui.Close()
-						cmd.destroy(env.ZId, resp.Payload.SvcToken, zrok, auth)
+						cmd.destroy(env.ZId, resp.Payload.ShrToken, zrok, auth)
 						os.Exit(0)
 					}
 				}
@ -288,12 +288,12 @@ func (cmd *sharePublicCommand) webBackendMode(cfg *webBackend.Config) (backendHa
 func (cmd *sharePublicCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
 	logrus.Debugf("shutting down '%v'", svcToken)
-	req := service.NewUnshareParams()
+	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   id,
-		SvcToken: svcToken,
+		ShrToken: svcToken,
 	}
-	if _, err := zrok.Service.Unshare(req, auth); err == nil {
+	if _, err := zrok.Share.Unshare(req, auth); err == nil {
 		logrus.Debugf("shutdown complete")
 	} else {
 		logrus.Errorf("error shutting down: %v", err)
--- a/cmd/zrok/shareReserved.go
+++ b/cmd/zrok/shareReserved.go
@ -4,7 +4,8 @@ import (
 	ui "github.com/gizak/termui/v3"
 	httptransport "github.com/go-openapi/runtime/client"
 	"github.com/openziti-test-kitchen/zrok/endpoints/proxyBackend"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/metadata"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/zrokdir"
 	"github.com/sirupsen/logrus"
@ -34,7 +35,7 @@ func newShareReservedCommand() *shareReservedCommand {
 }
 func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
-	svcToken := args[0]
+	shrToken := args[0]
 	targetEndpoint := ""
 	if cmd.overrideEndpoint != "" {
 		e, err := url.Parse(cmd.overrideEndpoint)
@ -67,12 +68,9 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
 	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
-	req := service.NewGetServiceParams()
+	req := metadata.NewGetShareDetailParams()
-	req.Body = &rest_model_zrok.ServiceRequest{
+	req.ShrToken = shrToken
-		EnvZID:   env.ZId,
+	resp, err := zrok.Metadata.GetShareDetail(req, auth)
 		SvcToken: svcToken,
 	}
 	resp, err := zrok.Service.GetService(req, auth)
 	if err != nil {
 		if !panicInstead {
 			showError("unable to retrieve reserved service", err)
@ -94,17 +92,17 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 	cfg := &proxyBackend.Config{
 		IdentityPath:    zif,
 		EndpointAddress: targetEndpoint,
-		Service:         svcToken,
+		Service:         shrToken,
 	}
 	logrus.Infof("sharing target endpoint: '%v'", cfg.EndpointAddress)
 	if resp.Payload.BackendProxyEndpoint != targetEndpoint {
-		upReq := service.NewUpdateShareParams()
+		upReq := share.NewUpdateShareParams()
 		upReq.Body = &rest_model_zrok.UpdateShareRequest{
-			ServiceToken:         svcToken,
+			ShrToken:             shrToken,
 			BackendProxyEndpoint: targetEndpoint,
 		}
-		if _, err := zrok.Service.UpdateShare(upReq, auth); err != nil {
+		if _, err := zrok.Share.UpdateShare(upReq, auth); err != nil {
 			if !panicInstead {
 				showError("unable to update backend proxy endpoint", err)
 			}
@ -138,7 +136,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 		logrus.Infof("access your zrok service: %v", resp.Payload.FrontendEndpoint)
 	case "private":
-		logrus.Infof("use this command to access your zrok service: 'zrok access private %v'", svcToken)
+		logrus.Infof("use this command to access your zrok service: 'zrok access private %v'", shrToken)
 	}
 	for {
--- a/controller/access.go
+++ b/controller/access.go
@ -5,7 +5,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/controller/store"
 	"github.com/openziti-test-kitchen/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/sirupsen/logrus"
 )
@ -15,11 +15,11 @@ func newAccessHandler() *accessHandler {
 	return &accessHandler{}
 }
-func (h *accessHandler) Handle(params service.AccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *accessHandler) Handle(params share.AccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
@ -37,39 +37,39 @@ func (h *accessHandler) Handle(params service.AccessParams, principal *rest_mode
 		}
 		if !found {
 			logrus.Errorf("environment '%v' not found for user '%v'", envZId, principal.Email)
-			return service.NewAccessUnauthorized()
+			return share.NewAccessUnauthorized()
 		}
 	} else {
 		logrus.Errorf("error finding environments for account '%v'", principal.Email)
-		return service.NewAccessNotFound()
+		return share.NewAccessNotFound()
 	}
-	svcToken := params.Body.SvcToken
+	svcToken := params.Body.ShrToken
 	sshr, err := str.FindShareWithToken(svcToken, tx)
 	if err != nil {
 		logrus.Errorf("error finding service")
-		return service.NewAccessNotFound()
+		return share.NewAccessNotFound()
 	}
 	if sshr == nil {
 		logrus.Errorf("unable to find service '%v' for user '%v'", svcToken, principal.Email)
-		return service.NewAccessNotFound()
+		return share.NewAccessNotFound()
 	}
 	feToken, err := createToken()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
 	if _, err := str.CreateFrontend(envId, &store.Frontend{Token: feToken, ZId: envZId}, tx); err != nil {
 		logrus.Errorf("error creating frontend record: %v", err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
 	edge, err := edgeClient()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
 	addlTags := map[string]interface{}{
 		"zrokEnvironmentZId": envZId,
@ -78,13 +78,13 @@ func (h *accessHandler) Handle(params service.AccessParams, principal *rest_mode
 	}
 	if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+sshr.ZId+"-dial", sshr.ZId, []string{envZId}, addlTags, edge); err != nil {
 		logrus.Errorf("unable to create dial policy: %v", err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
 	if err := tx.Commit(); err != nil {
 		logrus.Errorf("error committing frontend record: %v", err)
-		return service.NewAccessInternalServerError()
+		return share.NewAccessInternalServerError()
 	}
-	return service.NewAccessCreated().WithPayload(&rest_model_zrok.AccessResponse{FrontendToken: feToken})
+	return share.NewAccessCreated().WithPayload(&rest_model_zrok.AccessResponse{FrontendToken: feToken})
 }
--- a/controller/controller.go
+++ b/controller/controller.go
@ -8,7 +8,6 @@ import (
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/account"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/metadata"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
 	"github.com/pkg/errors"
 )
@ -39,15 +38,14 @@ func Run(inCfg *Config) error {
 	api.EnvironmentEnableHandler = newEnableHandler()
 	api.EnvironmentDisableHandler = newDisableHandler()
 	api.MetadataGetEnvironmentDetailHandler = newEnvironmentDetailHandler()
-	api.MetadataGetServiceDetailHandler = newServiceDetailHandler()
+	api.MetadataGetShareDetailHandler = newShareDetailHandler()
 	api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler)
 	api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler)
-	api.ServiceAccessHandler = newAccessHandler()
+	api.ShareAccessHandler = newAccessHandler()
-	api.ServiceGetServiceHandler = service.GetServiceHandlerFunc(getServiceHandler)
+	api.ShareShareHandler = newShareHandler()
-	api.ServiceShareHandler = newShareHandler()
+	api.ShareUnaccessHandler = newUnaccessHandler()
-	api.ServiceUnaccessHandler = newUnaccessHandler()
+	api.ShareUnshareHandler = newUnshareHandler()
-	api.ServiceUnshareHandler = newUnshareHandler()
+	api.ShareUpdateShareHandler = newUpdateShareHandler()
 	api.ServiceUpdateShareHandler = newUpdateShareHandler()
 	if err := controllerStartup(); err != nil {
 		return err
--- a/controller/environmentDetail.go
+++ b/controller/environmentDetail.go
@ -25,7 +25,7 @@ func (h *environmentDetailHandler) Handle(params metadata.GetEnvironmentDetailPa
 		logrus.Errorf("environment '%v' not found for account '%v': %v", params.EnvZID, principal.Email, err)
 		return metadata.NewGetEnvironmentDetailNotFound()
 	}
-	es := &rest_model_zrok.EnvironmentServices{
+	es := &rest_model_zrok.EnvironmentShares{
 		Environment: &rest_model_zrok.Environment{
 			Address:     senv.Address,
 			CreatedAt:   senv.CreatedAt.UnixMilli(),
@ -61,7 +61,7 @@ func (h *environmentDetailHandler) Handle(params metadata.GetEnvironmentDetailPa
 		if shr.BackendProxyEndpoint != nil {
 			beProxyEndpoint = *shr.BackendProxyEndpoint
 		}
-		es.Services = append(es.Services, &rest_model_zrok.Service{
+		es.Shares = append(es.Shares, &rest_model_zrok.Share{
 			Token:                shr.Token,
 			ZID:                  shr.ZId,
 			ShareMode:            shr.ShareMode,
--- a/controller/getService.go
+++ b/controller/getService.go
@ -1,63 +0,0 @@
 package controller
 import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
 	"github.com/sirupsen/logrus"
 )
 func getServiceHandler(params service.GetServiceParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	envZId := params.Body.EnvZID
 	svcToken := params.Body.SvcToken
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
 		return service.NewGetServiceInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
 	sshr, err := str.FindShareWithToken(svcToken, tx)
 	if err != nil {
 		logrus.Errorf("error finding service with token '%v': %v", svcToken, err)
 		return service.NewGetServiceNotFound()
 	}
 	senvs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx)
 	if err != nil {
 		logrus.Errorf("error listing environments for account '%v': %v", principal.Email, err)
 		return service.NewGetServiceInternalServerError()
 	}
 	envFound := false
 	for _, senv := range senvs {
 		if senv.Id == sshr.EnvironmentId && senv.ZId == envZId {
 			envFound = true
 			break
 		}
 	}
 	if !envFound {
 		logrus.Errorf("service '%v' not in environment '%v'", svcToken, envZId)
 		return service.NewGetServiceNotFound()
 	}
 	shr := &rest_model_zrok.Service{
 		Token:       sshr.Token,
 		ZID:         sshr.ZId,
 		ShareMode:   sshr.ShareMode,
 		BackendMode: sshr.BackendMode,
 		Reserved:    sshr.Reserved,
 		CreatedAt:   sshr.CreatedAt.UnixMilli(),
 		UpdatedAt:   sshr.UpdatedAt.UnixMilli(),
 	}
 	if sshr.FrontendSelection != nil {
 		shr.FrontendSelection = *sshr.FrontendSelection
 	}
 	if sshr.FrontendEndpoint != nil {
 		shr.FrontendEndpoint = *sshr.FrontendEndpoint
 	}
 	if sshr.BackendProxyEndpoint != nil {
 		shr.BackendProxyEndpoint = *sshr.BackendProxyEndpoint
 	}
 	return service.NewGetServiceOK().WithPayload(shr)
 }
--- a/controller/overview.go
+++ b/controller/overview.go
@ -19,14 +19,14 @@ func overviewHandler(_ metadata.OverviewParams, principal *rest_model_zrok.Princ
 		logrus.Errorf("error finding environments for '%v': %v", principal.Email, err)
 		return metadata.NewOverviewInternalServerError()
 	}
-	var out rest_model_zrok.EnvironmentServicesList
+	var out rest_model_zrok.EnvironmentSharesList
 	for _, env := range envs {
 		shrs, err := str.FindSharesForEnvironment(env.Id, tx)
 		if err != nil {
 			logrus.Errorf("error finding services for environment '%v': %v", env.ZId, err)
 			return metadata.NewOverviewInternalServerError()
 		}
-		es := &rest_model_zrok.EnvironmentServices{
+		es := &rest_model_zrok.EnvironmentShares{
 			Environment: &rest_model_zrok.Environment{
 				Address:     env.Address,
 				CreatedAt:   env.CreatedAt.UnixMilli(),
@ -50,7 +50,7 @@ func overviewHandler(_ metadata.OverviewParams, principal *rest_model_zrok.Princ
 			if shr.BackendProxyEndpoint != nil {
 				beProxyEndpoint = *shr.BackendProxyEndpoint
 			}
-			es.Services = append(es.Services, &rest_model_zrok.Service{
+			es.Shares = append(es.Shares, &rest_model_zrok.Share{
 				Token:                shr.Token,
 				ZID:                  shr.ZId,
 				ShareMode:            shr.ShareMode,
--- a/controller/share.go
+++ b/controller/share.go
@ -4,7 +4,7 @@ import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/openziti-test-kitchen/zrok/controller/store"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/sirupsen/logrus"
 )
@ -14,13 +14,13 @@ func newShareHandler() *shareHandler {
 	return &shareHandler{}
 }
-func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	logrus.Infof("handling")
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
@ -38,22 +38,22 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
 		}
 		if !found {
 			logrus.Errorf("environment '%v' not found for user '%v'", envZId, principal.Email)
-			return service.NewShareUnauthorized()
+			return share.NewShareUnauthorized()
 		}
 	} else {
 		logrus.Errorf("error finding environments for account '%v'", principal.Email)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
 	edge, err := edgeClient()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
-	svcToken, err := createServiceToken()
+	shrToken, err := createShareToken()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
 	var svcZId string
@ -62,7 +62,7 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
 	case "public":
 		if len(params.Body.FrontendSelection) < 1 {
 			logrus.Info("no frontend selection provided")
-			return service.NewShareNotFound()
+			return share.NewShareNotFound()
 		}
 		var frontendZIds []string
@ -71,38 +71,38 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
 			sfe, err := str.FindFrontendPubliclyNamed(frontendSelection, tx)
 			if err != nil {
 				logrus.Error(err)
-				return service.NewShareNotFound()
+				return share.NewShareNotFound()
 			}
 			if sfe != nil && sfe.UrlTemplate != nil {
 				frontendZIds = append(frontendZIds, sfe.ZId)
 				frontendTemplates = append(frontendTemplates, *sfe.UrlTemplate)
-				logrus.Infof("added frontend selection '%v' with ziti identity '%v' for service '%v'", frontendSelection, sfe.ZId, svcToken)
+				logrus.Infof("added frontend selection '%v' with ziti identity '%v' for service '%v'", frontendSelection, sfe.ZId, shrToken)
 			}
 		}
-		svcZId, frontendEndpoints, err = newPublicResourceAllocator().allocate(envZId, svcToken, frontendZIds, frontendTemplates, params, edge)
+		svcZId, frontendEndpoints, err = newPublicResourceAllocator().allocate(envZId, shrToken, frontendZIds, frontendTemplates, params, edge)
 		if err != nil {
 			logrus.Error(err)
-			return service.NewShareInternalServerError()
+			return share.NewShareInternalServerError()
 		}
 	case "private":
-		svcZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, svcToken, params, edge)
+		svcZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, shrToken, params, edge)
 		if err != nil {
 			logrus.Error(err)
-			return service.NewShareInternalServerError()
+			return share.NewShareInternalServerError()
 		}
 	default:
 		logrus.Errorf("unknown share mode '%v", params.Body.ShareMode)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
-	logrus.Debugf("allocated service '%v'", svcToken)
+	logrus.Debugf("allocated service '%v'", shrToken)
 	reserved := params.Body.Reserved
 	sshr := &store.Share{
 		ZId:                  svcZId,
-		Token:                svcToken,
+		Token:                shrToken,
 		ShareMode:            params.Body.ShareMode,
 		BackendMode:          params.Body.BackendMode,
 		BackendProxyEndpoint: &params.Body.BackendProxyEndpoint,
@ -117,17 +117,17 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
 	sid, err := str.CreateShare(envId, sshr, tx)
 	if err != nil {
 		logrus.Errorf("error creating service record: %v", err)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
 	if err := tx.Commit(); err != nil {
 		logrus.Errorf("error committing service record: %v", err)
-		return service.NewShareInternalServerError()
+		return share.NewShareInternalServerError()
 	}
-	logrus.Infof("recorded service '%v' with id '%v' for '%v'", svcToken, sid, principal.Email)
+	logrus.Infof("recorded service '%v' with id '%v' for '%v'", shrToken, sid, principal.Email)
-	return service.NewShareCreated().WithPayload(&rest_model_zrok.ShareResponse{
+	return share.NewShareCreated().WithPayload(&rest_model_zrok.ShareResponse{
 		FrontendProxyEndpoints: frontendEndpoints,
-		SvcToken:               svcToken,
+		ShrToken:               shrToken,
 	})
 }
--- a/controller/serviceDetail.go
+++ b/controller/serviceDetail.go
@ -8,28 +8,28 @@ import (
 	"github.com/sirupsen/logrus"
 )
-type serviceDetailHandler struct{}
+type shareDetailHandler struct{}
-func newServiceDetailHandler() *serviceDetailHandler {
+func newShareDetailHandler() *shareDetailHandler {
-	return &serviceDetailHandler{}
+	return &shareDetailHandler{}
 }
-func (h *serviceDetailHandler) Handle(params metadata.GetServiceDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *shareDetailHandler) Handle(params metadata.GetShareDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return metadata.NewGetServiceDetailInternalServerError()
+		return metadata.NewGetShareDetailInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
-	shr, err := str.FindShareWithToken(params.SvcToken, tx)
+	shr, err := str.FindShareWithToken(params.ShrToken, tx)
 	if err != nil {
-		logrus.Errorf("error finding service '%v': %v", params.SvcToken, err)
+		logrus.Errorf("error finding share '%v': %v", params.ShrToken, err)
-		return metadata.NewGetServiceDetailNotFound()
+		return metadata.NewGetShareDetailNotFound()
 	}
 	envs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx)
 	if err != nil {
 		logrus.Errorf("error finding environments for account '%v': %v", principal.Email, err)
-		return metadata.NewGetServiceDetailInternalServerError()
+		return metadata.NewGetShareDetailInternalServerError()
 	}
 	found := false
 	for _, env := range envs {
@ -39,8 +39,8 @@ func (h *serviceDetailHandler) Handle(params metadata.GetServiceDetailParams, pr
 		}
 	}
 	if !found {
-		logrus.Errorf("environment not matched for service '%v' for account '%v'", params.SvcToken, principal.Email)
+		logrus.Errorf("environment not matched for service '%v' for account '%v'", params.ShrToken, principal.Email)
-		return metadata.NewGetServiceDetailNotFound()
+		return metadata.NewGetShareDetailNotFound()
 	}
 	var sparkData map[string][]int64
 	if cfg.Influx != nil {
@ -62,7 +62,7 @@ func (h *serviceDetailHandler) Handle(params metadata.GetServiceDetailParams, pr
 	if shr.BackendProxyEndpoint != nil {
 		beProxyEndpoint = *shr.BackendProxyEndpoint
 	}
-	return metadata.NewGetServiceDetailOK().WithPayload(&rest_model_zrok.Service{
+	return metadata.NewGetShareDetailOK().WithPayload(&rest_model_zrok.Share{
 		Token:                shr.Token,
 		ZID:                  shr.ZId,
 		ShareMode:            shr.ShareMode,
--- a/controller/sharePrivate.go
+++ b/controller/sharePrivate.go
@ -3,7 +3,7 @@ package controller
 import (
 	"github.com/openziti-test-kitchen/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti-test-kitchen/zrok/model"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/openziti/edge/rest_management_api_client"
 )
@ -13,7 +13,7 @@ func newPrivateResourceAllocator() *privateResourceAllocator {
 	return &privateResourceAllocator{}
 }
-func (a *privateResourceAllocator) allocate(envZId, svcToken string, params service.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
+func (a *privateResourceAllocator) allocate(envZId, svcToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
 	var authUsers []*model.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
 		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
--- a/controller/sharePublic.go
+++ b/controller/sharePublic.go
@ -3,7 +3,7 @@ package controller
 import (
 	"github.com/openziti-test-kitchen/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti-test-kitchen/zrok/model"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/openziti/edge/rest_management_api_client"
 )
@ -13,7 +13,7 @@ func newPublicResourceAllocator() *publicResourceAllocator {
 	return &publicResourceAllocator{}
 }
-func (a *publicResourceAllocator) allocate(envZId, svcToken string, frontendZIds, frontendTemplates []string, params service.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
+func (a *publicResourceAllocator) allocate(envZId, svcToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
 	var authUsers []*model.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
 		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
--- a/controller/unaccess.go
+++ b/controller/unaccess.go
@ -6,7 +6,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/controller/store"
 	"github.com/openziti-test-kitchen/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@ -17,23 +17,23 @@ func newUnaccessHandler() *unaccessHandler {
 	return &unaccessHandler{}
 }
-func (h *unaccessHandler) Handle(params service.UnaccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *unaccessHandler) Handle(params share.UnaccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	feToken := params.Body.FrontendToken
-	svcToken := params.Body.SvcToken
+	shrToken := params.Body.ShrToken
 	envZId := params.Body.EnvZID
-	logrus.Infof("processing unaccess request for frontend '%v' (service '%v', environment '%v')", feToken, svcToken, envZId)
+	logrus.Infof("processing unaccess request for frontend '%v' (share '%v', environment '%v')", feToken, shrToken, envZId)
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
 	edge, err := edgeClient()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
 	var senv *store.Environment
@ -47,38 +47,38 @@ func (h *unaccessHandler) Handle(params service.UnaccessParams, principal *rest_
 		if senv == nil {
 			err := errors.Errorf("environment with id '%v' not found for '%v", envZId, principal.Email)
 			logrus.Error(err)
-			return service.NewUnaccessUnauthorized()
+			return share.NewUnaccessUnauthorized()
 		}
 	} else {
 		logrus.Errorf("error finding environments for account '%v': %v", principal.Email, err)
-		return service.NewUnaccessUnauthorized()
+		return share.NewUnaccessUnauthorized()
 	}
 	sfe, err := str.FindFrontendWithToken(feToken, tx)
 	if err != nil {
 		logrus.Error(err)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
 	if sfe == nil || (sfe.EnvironmentId != nil && *sfe.EnvironmentId != senv.Id) {
 		logrus.Errorf("frontend named '%v' not found", feToken)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
 	if err := str.DeleteFrontend(sfe.Id, tx); err != nil {
 		logrus.Errorf("error deleting frontend named '%v': %v", feToken, err)
-		return service.NewUnaccessNotFound()
+		return share.NewUnaccessNotFound()
 	}
-	if err := zrokEdgeSdk.DeleteServicePolicy(envZId, fmt.Sprintf("tags.zrokServiceToken=\"%v\" and tags.zrokFrontendToken=\"%v\" and type=1", svcToken, feToken), edge); err != nil {
+	if err := zrokEdgeSdk.DeleteServicePolicy(envZId, fmt.Sprintf("tags.zrokServiceToken=\"%v\" and tags.zrokFrontendToken=\"%v\" and type=1", shrToken, feToken), edge); err != nil {
-		logrus.Errorf("error removing access to '%v' for '%v': %v", svcToken, envZId, err)
+		logrus.Errorf("error removing access to '%v' for '%v': %v", shrToken, envZId, err)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
 	if err := tx.Commit(); err != nil {
 		logrus.Errorf("error committing frontend '%v' delete: %v", feToken, err)
-		return service.NewUnaccessInternalServerError()
+		return share.NewUnaccessInternalServerError()
 	}
-	return service.NewUnaccessOK()
+	return share.NewUnaccessOK()
 }
--- a/controller/unshare.go
+++ b/controller/unshare.go
@ -7,7 +7,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/controller/store"
 	"github.com/openziti-test-kitchen/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/openziti/edge/rest_management_api_client"
 	edge_service "github.com/openziti/edge/rest_management_api_client/service"
 	"github.com/pkg/errors"
@ -21,24 +21,24 @@ func newUnshareHandler() *unshareHandler {
 	return &unshareHandler{}
 }
-func (h *unshareHandler) Handle(params service.UnshareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return service.NewUnshareInternalServerError()
+		return share.NewUnshareInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
 	edge, err := edgeClient()
 	if err != nil {
 		logrus.Error(err)
-		return service.NewUnshareInternalServerError()
+		return share.NewUnshareInternalServerError()
 	}
-	svcToken := params.Body.SvcToken
+	shrToken := params.Body.ShrToken
-	svcZId, err := h.findServiceZId(svcToken, edge)
+	svcZId, err := h.findServiceZId(shrToken, edge)
 	if err != nil {
 		logrus.Error(err)
-		return service.NewUnshareNotFound()
+		return share.NewUnshareNotFound()
 	}
 	var senv *store.Environment
 	if envs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx); err == nil {
@ -51,11 +51,11 @@ func (h *unshareHandler) Handle(params service.UnshareParams, principal *rest_mo
 		if senv == nil {
 			err := errors.Errorf("environment with id '%v' not found for '%v", params.Body.EnvZID, principal.Email)
 			logrus.Error(err)
-			return service.NewUnshareNotFound()
+			return share.NewUnshareNotFound()
 		}
 	} else {
 		logrus.Errorf("error finding environments for account '%v': %v", principal.Email, err)
-		return service.NewUnshareNotFound()
+		return share.NewUnshareNotFound()
 	}
 	var sshr *store.Share
@ -69,36 +69,36 @@ func (h *unshareHandler) Handle(params service.UnshareParams, principal *rest_mo
 		if sshr == nil {
 			err := errors.Errorf("service with id '%v' not found for '%v'", svcZId, principal.Email)
 			logrus.Error(err)
-			return service.NewUnshareNotFound()
+			return share.NewUnshareNotFound()
 		}
 	} else {
 		logrus.Errorf("error finding services for account '%v': %v", principal.Email, err)
-		return service.NewUnshareInternalServerError()
+		return share.NewUnshareInternalServerError()
 	}
 	if sshr.Reserved == params.Body.Reserved {
 		// single tag-based service deallocator; should work regardless of sharing mode
-		if err := h.deallocateResources(senv, svcToken, svcZId, edge); err != nil {
+		if err := h.deallocateResources(senv, shrToken, svcZId, edge); err != nil {
 			logrus.Errorf("error unsharing ziti resources for '%v': %v", sshr, err)
-			return service.NewUnshareInternalServerError()
+			return share.NewUnshareInternalServerError()
 		}
-		logrus.Debugf("deallocated service '%v'", svcToken)
+		logrus.Debugf("deallocated service '%v'", shrToken)
 		if err := str.DeleteShare(sshr.Id, tx); err != nil {
 			logrus.Errorf("error deactivating service '%v': %v", svcZId, err)
-			return service.NewUnshareInternalServerError()
+			return share.NewUnshareInternalServerError()
 		}
 		if err := tx.Commit(); err != nil {
 			logrus.Errorf("error committing transaction for '%v': %v", svcZId, err)
-			return service.NewUnshareInternalServerError()
+			return share.NewUnshareInternalServerError()
 		}
 	} else {
-		logrus.Infof("service '%v' is reserved, skipping deallocation", svcToken)
+		logrus.Infof("service '%v' is reserved, skipping deallocation", shrToken)
 	}
-	return service.NewUnshareOK()
+	return share.NewUnshareOK()
 }
 func (h *unshareHandler) findServiceZId(svcToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
--- a/controller/updateShare.go
+++ b/controller/updateShare.go
@ -3,7 +3,7 @@ package controller
 import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 	"github.com/sirupsen/logrus"
 )
@ -13,27 +13,27 @@ func newUpdateShareHandler() *updateShareHandler {
 	return &updateShareHandler{}
 }
-func (h *updateShareHandler) Handle(params service.UpdateShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (h *updateShareHandler) Handle(params share.UpdateShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
-	svcToken := params.Body.ServiceToken
+	shrToken := params.Body.ShrToken
 	backendProxyEndpoint := params.Body.BackendProxyEndpoint
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
-		return service.NewUpdateShareInternalServerError()
+		return share.NewUpdateShareInternalServerError()
 	}
 	defer func() { _ = tx.Rollback() }()
-	sshr, err := str.FindShareWithToken(svcToken, tx)
+	sshr, err := str.FindShareWithToken(shrToken, tx)
 	if err != nil {
-		logrus.Errorf("service '%v' not found: %v", svcToken, err)
+		logrus.Errorf("service '%v' not found: %v", shrToken, err)
-		return service.NewUpdateShareNotFound()
+		return share.NewUpdateShareNotFound()
 	}
 	senvs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx)
 	if err != nil {
 		logrus.Errorf("error finding environments for account '%v': %v", principal.Email, err)
-		return service.NewUpdateShareInternalServerError()
+		return share.NewUpdateShareInternalServerError()
 	}
 	envFound := false
@ -44,20 +44,20 @@ func (h *updateShareHandler) Handle(params service.UpdateShareParams, principal
 		}
 	}
 	if !envFound {
-		logrus.Errorf("environment not found for service '%v'", svcToken)
+		logrus.Errorf("environment not found for service '%v'", shrToken)
-		return service.NewUpdateShareNotFound()
+		return share.NewUpdateShareNotFound()
 	}
 	sshr.BackendProxyEndpoint = &backendProxyEndpoint
 	if err := str.UpdateShare(sshr, tx); err != nil {
-		logrus.Errorf("error updating service '%v': %v", svcToken, err)
+		logrus.Errorf("error updating service '%v': %v", shrToken, err)
-		return service.NewUpdateShareInternalServerError()
+		return share.NewUpdateShareInternalServerError()
 	}
 	if err := tx.Commit(); err != nil {
-		logrus.Errorf("error committing transaction for service '%v' update: %v", svcToken, err)
+		logrus.Errorf("error committing transaction for service '%v' update: %v", shrToken, err)
-		return service.NewUpdateShareInternalServerError()
+		return share.NewUpdateShareInternalServerError()
 	}
-	return service.NewUpdateShareOK()
+	return share.NewUpdateShareOK()
 }
--- a/controller/util.go
+++ b/controller/util.go
@ -66,7 +66,7 @@ func edgeClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
 	return rest_util.NewEdgeManagementClientWithUpdb(cfg.Ziti.Username, cfg.Ziti.Password, cfg.Ziti.ApiEndpoint, caPool)
 }
-func createServiceToken() (string, error) {
+func createShareToken() (string, error) {
 	gen, err := nanoid.CustomASCII("abcdefghijklmnopqrstuvwxyz0123456789", 12)
 	if err != nil {
 		return "", err
--- a/rest_client_zrok/metadata/get_environment_detail_responses.go
+++ b/rest_client_zrok/metadata/get_environment_detail_responses.go
@ -63,7 +63,7 @@ GetEnvironmentDetailOK describes a response with status code 200, with default h
 ok
 */
 type GetEnvironmentDetailOK struct {
-	Payload *rest_model_zrok.EnvironmentServices
+	Payload *rest_model_zrok.EnvironmentShares
 }
 // IsSuccess returns true when this get environment detail o k response has a 2xx status code
@ -99,13 +99,13 @@ func (o *GetEnvironmentDetailOK) String() string {
 	return fmt.Sprintf("[GET /detail/environment/{envZId}][%d] getEnvironmentDetailOK  %+v", 200, o.Payload)
 }
-func (o *GetEnvironmentDetailOK) GetPayload() *rest_model_zrok.EnvironmentServices {
+func (o *GetEnvironmentDetailOK) GetPayload() *rest_model_zrok.EnvironmentShares {
 	return o.Payload
 }
 func (o *GetEnvironmentDetailOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
-	o.Payload = new(rest_model_zrok.EnvironmentServices)
+	o.Payload = new(rest_model_zrok.EnvironmentShares)
 	// response payload
 	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
--- a/rest_client_zrok/metadata/get_service_detail_parameters.go
+++ b/rest_client_zrok/metadata/get_service_detail_parameters.go
@ -1,148 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"net/http"
 	"time"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	cr "github.com/go-openapi/runtime/client"
 	"github.com/go-openapi/strfmt"
 )
 // NewGetServiceDetailParams creates a new GetServiceDetailParams object,
 // with the default timeout for this client.
 //
 // Default values are not hydrated, since defaults are normally applied by the API server side.
 //
 // To enforce default values in parameter, use SetDefaults or WithDefaults.
 func NewGetServiceDetailParams() *GetServiceDetailParams {
 	return &GetServiceDetailParams{
 		timeout: cr.DefaultTimeout,
 	}
 }
 // NewGetServiceDetailParamsWithTimeout creates a new GetServiceDetailParams object
 // with the ability to set a timeout on a request.
 func NewGetServiceDetailParamsWithTimeout(timeout time.Duration) *GetServiceDetailParams {
 	return &GetServiceDetailParams{
 		timeout: timeout,
 	}
 }
 // NewGetServiceDetailParamsWithContext creates a new GetServiceDetailParams object
 // with the ability to set a context for a request.
 func NewGetServiceDetailParamsWithContext(ctx context.Context) *GetServiceDetailParams {
 	return &GetServiceDetailParams{
 		Context: ctx,
 	}
 }
 // NewGetServiceDetailParamsWithHTTPClient creates a new GetServiceDetailParams object
 // with the ability to set a custom HTTPClient for a request.
 func NewGetServiceDetailParamsWithHTTPClient(client *http.Client) *GetServiceDetailParams {
 	return &GetServiceDetailParams{
 		HTTPClient: client,
 	}
 }
 /*
 GetServiceDetailParams contains all the parameters to send to the API endpoint
 	for the get service detail operation.
 	Typically these are written to a http.Request.
 */
 type GetServiceDetailParams struct {
 	// SvcToken.
 	SvcToken string
 	timeout    time.Duration
 	Context    context.Context
 	HTTPClient *http.Client
 }
 // WithDefaults hydrates default values in the get service detail params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetServiceDetailParams) WithDefaults() *GetServiceDetailParams {
 	o.SetDefaults()
 	return o
 }
 // SetDefaults hydrates default values in the get service detail params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetServiceDetailParams) SetDefaults() {
 	// no default values defined for this parameter
 }
 // WithTimeout adds the timeout to the get service detail params
 func (o *GetServiceDetailParams) WithTimeout(timeout time.Duration) *GetServiceDetailParams {
 	o.SetTimeout(timeout)
 	return o
 }
 // SetTimeout adds the timeout to the get service detail params
 func (o *GetServiceDetailParams) SetTimeout(timeout time.Duration) {
 	o.timeout = timeout
 }
 // WithContext adds the context to the get service detail params
 func (o *GetServiceDetailParams) WithContext(ctx context.Context) *GetServiceDetailParams {
 	o.SetContext(ctx)
 	return o
 }
 // SetContext adds the context to the get service detail params
 func (o *GetServiceDetailParams) SetContext(ctx context.Context) {
 	o.Context = ctx
 }
 // WithHTTPClient adds the HTTPClient to the get service detail params
 func (o *GetServiceDetailParams) WithHTTPClient(client *http.Client) *GetServiceDetailParams {
 	o.SetHTTPClient(client)
 	return o
 }
 // SetHTTPClient adds the HTTPClient to the get service detail params
 func (o *GetServiceDetailParams) SetHTTPClient(client *http.Client) {
 	o.HTTPClient = client
 }
 // WithSvcToken adds the svcToken to the get service detail params
 func (o *GetServiceDetailParams) WithSvcToken(svcToken string) *GetServiceDetailParams {
 	o.SetSvcToken(svcToken)
 	return o
 }
 // SetSvcToken adds the svcToken to the get service detail params
 func (o *GetServiceDetailParams) SetSvcToken(svcToken string) {
 	o.SvcToken = svcToken
 }
 // WriteToRequest writes these params to a swagger request
 func (o *GetServiceDetailParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
 	if err := r.SetTimeout(o.timeout); err != nil {
 		return err
 	}
 	var res []error
 	// path param svcToken
 	if err := r.SetPathParam("svcToken", o.SvcToken); err != nil {
 		return err
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_client_zrok/metadata/get_service_detail_responses.go
+++ b/rest_client_zrok/metadata/get_service_detail_responses.go
@ -1,269 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"fmt"
 	"io"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetServiceDetailReader is a Reader for the GetServiceDetail structure.
 type GetServiceDetailReader struct {
 	formats strfmt.Registry
 }
 // ReadResponse reads a server response into the received o.
 func (o *GetServiceDetailReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
 	switch response.Code() {
 	case 200:
 		result := NewGetServiceDetailOK()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return result, nil
 	case 401:
 		result := NewGetServiceDetailUnauthorized()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 404:
 		result := NewGetServiceDetailNotFound()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 500:
 		result := NewGetServiceDetailInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	default:
 		return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code())
 	}
 }
 // NewGetServiceDetailOK creates a GetServiceDetailOK with default headers values
 func NewGetServiceDetailOK() *GetServiceDetailOK {
 	return &GetServiceDetailOK{}
 }
 /*
 GetServiceDetailOK describes a response with status code 200, with default header values.
 ok
 */
 type GetServiceDetailOK struct {
 	Payload *rest_model_zrok.Service
 }
 // IsSuccess returns true when this get service detail o k response has a 2xx status code
 func (o *GetServiceDetailOK) IsSuccess() bool {
 	return true
 }
 // IsRedirect returns true when this get service detail o k response has a 3xx status code
 func (o *GetServiceDetailOK) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service detail o k response has a 4xx status code
 func (o *GetServiceDetailOK) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get service detail o k response has a 5xx status code
 func (o *GetServiceDetailOK) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service detail o k response a status code equal to that given
 func (o *GetServiceDetailOK) IsCode(code int) bool {
 	return code == 200
 }
 func (o *GetServiceDetailOK) Error() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailOK  %+v", 200, o.Payload)
 }
 func (o *GetServiceDetailOK) String() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailOK  %+v", 200, o.Payload)
 }
 func (o *GetServiceDetailOK) GetPayload() *rest_model_zrok.Service {
 	return o.Payload
 }
 func (o *GetServiceDetailOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	o.Payload = new(rest_model_zrok.Service)
 	// response payload
 	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
 		return err
 	}
 	return nil
 }
 // NewGetServiceDetailUnauthorized creates a GetServiceDetailUnauthorized with default headers values
 func NewGetServiceDetailUnauthorized() *GetServiceDetailUnauthorized {
 	return &GetServiceDetailUnauthorized{}
 }
 /*
 GetServiceDetailUnauthorized describes a response with status code 401, with default header values.
 unauthorized
 */
 type GetServiceDetailUnauthorized struct {
 }
 // IsSuccess returns true when this get service detail unauthorized response has a 2xx status code
 func (o *GetServiceDetailUnauthorized) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service detail unauthorized response has a 3xx status code
 func (o *GetServiceDetailUnauthorized) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service detail unauthorized response has a 4xx status code
 func (o *GetServiceDetailUnauthorized) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get service detail unauthorized response has a 5xx status code
 func (o *GetServiceDetailUnauthorized) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service detail unauthorized response a status code equal to that given
 func (o *GetServiceDetailUnauthorized) IsCode(code int) bool {
 	return code == 401
 }
 func (o *GetServiceDetailUnauthorized) Error() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailUnauthorized ", 401)
 }
 func (o *GetServiceDetailUnauthorized) String() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailUnauthorized ", 401)
 }
 func (o *GetServiceDetailUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetServiceDetailNotFound creates a GetServiceDetailNotFound with default headers values
 func NewGetServiceDetailNotFound() *GetServiceDetailNotFound {
 	return &GetServiceDetailNotFound{}
 }
 /*
 GetServiceDetailNotFound describes a response with status code 404, with default header values.
 not found
 */
 type GetServiceDetailNotFound struct {
 }
 // IsSuccess returns true when this get service detail not found response has a 2xx status code
 func (o *GetServiceDetailNotFound) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service detail not found response has a 3xx status code
 func (o *GetServiceDetailNotFound) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service detail not found response has a 4xx status code
 func (o *GetServiceDetailNotFound) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get service detail not found response has a 5xx status code
 func (o *GetServiceDetailNotFound) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service detail not found response a status code equal to that given
 func (o *GetServiceDetailNotFound) IsCode(code int) bool {
 	return code == 404
 }
 func (o *GetServiceDetailNotFound) Error() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailNotFound ", 404)
 }
 func (o *GetServiceDetailNotFound) String() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailNotFound ", 404)
 }
 func (o *GetServiceDetailNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetServiceDetailInternalServerError creates a GetServiceDetailInternalServerError with default headers values
 func NewGetServiceDetailInternalServerError() *GetServiceDetailInternalServerError {
 	return &GetServiceDetailInternalServerError{}
 }
 /*
 GetServiceDetailInternalServerError describes a response with status code 500, with default header values.
 internal server error
 */
 type GetServiceDetailInternalServerError struct {
 }
 // IsSuccess returns true when this get service detail internal server error response has a 2xx status code
 func (o *GetServiceDetailInternalServerError) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service detail internal server error response has a 3xx status code
 func (o *GetServiceDetailInternalServerError) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service detail internal server error response has a 4xx status code
 func (o *GetServiceDetailInternalServerError) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get service detail internal server error response has a 5xx status code
 func (o *GetServiceDetailInternalServerError) IsServerError() bool {
 	return true
 }
 // IsCode returns true when this get service detail internal server error response a status code equal to that given
 func (o *GetServiceDetailInternalServerError) IsCode(code int) bool {
 	return code == 500
 }
 func (o *GetServiceDetailInternalServerError) Error() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailInternalServerError ", 500)
 }
 func (o *GetServiceDetailInternalServerError) String() string {
 	return fmt.Sprintf("[GET /detail/service/{svcToken}][%d] getServiceDetailInternalServerError ", 500)
 }
 func (o *GetServiceDetailInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
--- a/rest_client_zrok/metadata/get_share_detail_parameters.go
+++ b/rest_client_zrok/metadata/get_share_detail_parameters.go
@ -0,0 +1,148 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"net/http"
 	"time"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	cr "github.com/go-openapi/runtime/client"
 	"github.com/go-openapi/strfmt"
 )
 // NewGetShareDetailParams creates a new GetShareDetailParams object,
 // with the default timeout for this client.
 //
 // Default values are not hydrated, since defaults are normally applied by the API server side.
 //
 // To enforce default values in parameter, use SetDefaults or WithDefaults.
 func NewGetShareDetailParams() *GetShareDetailParams {
 	return &GetShareDetailParams{
 		timeout: cr.DefaultTimeout,
 	}
 }
 // NewGetShareDetailParamsWithTimeout creates a new GetShareDetailParams object
 // with the ability to set a timeout on a request.
 func NewGetShareDetailParamsWithTimeout(timeout time.Duration) *GetShareDetailParams {
 	return &GetShareDetailParams{
 		timeout: timeout,
 	}
 }
 // NewGetShareDetailParamsWithContext creates a new GetShareDetailParams object
 // with the ability to set a context for a request.
 func NewGetShareDetailParamsWithContext(ctx context.Context) *GetShareDetailParams {
 	return &GetShareDetailParams{
 		Context: ctx,
 	}
 }
 // NewGetShareDetailParamsWithHTTPClient creates a new GetShareDetailParams object
 // with the ability to set a custom HTTPClient for a request.
 func NewGetShareDetailParamsWithHTTPClient(client *http.Client) *GetShareDetailParams {
 	return &GetShareDetailParams{
 		HTTPClient: client,
 	}
 }
 /*
 GetShareDetailParams contains all the parameters to send to the API endpoint
 	for the get share detail operation.
 	Typically these are written to a http.Request.
 */
 type GetShareDetailParams struct {
 	// ShrToken.
 	ShrToken string
 	timeout    time.Duration
 	Context    context.Context
 	HTTPClient *http.Client
 }
 // WithDefaults hydrates default values in the get share detail params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetShareDetailParams) WithDefaults() *GetShareDetailParams {
 	o.SetDefaults()
 	return o
 }
 // SetDefaults hydrates default values in the get share detail params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetShareDetailParams) SetDefaults() {
 	// no default values defined for this parameter
 }
 // WithTimeout adds the timeout to the get share detail params
 func (o *GetShareDetailParams) WithTimeout(timeout time.Duration) *GetShareDetailParams {
 	o.SetTimeout(timeout)
 	return o
 }
 // SetTimeout adds the timeout to the get share detail params
 func (o *GetShareDetailParams) SetTimeout(timeout time.Duration) {
 	o.timeout = timeout
 }
 // WithContext adds the context to the get share detail params
 func (o *GetShareDetailParams) WithContext(ctx context.Context) *GetShareDetailParams {
 	o.SetContext(ctx)
 	return o
 }
 // SetContext adds the context to the get share detail params
 func (o *GetShareDetailParams) SetContext(ctx context.Context) {
 	o.Context = ctx
 }
 // WithHTTPClient adds the HTTPClient to the get share detail params
 func (o *GetShareDetailParams) WithHTTPClient(client *http.Client) *GetShareDetailParams {
 	o.SetHTTPClient(client)
 	return o
 }
 // SetHTTPClient adds the HTTPClient to the get share detail params
 func (o *GetShareDetailParams) SetHTTPClient(client *http.Client) {
 	o.HTTPClient = client
 }
 // WithShrToken adds the shrToken to the get share detail params
 func (o *GetShareDetailParams) WithShrToken(shrToken string) *GetShareDetailParams {
 	o.SetShrToken(shrToken)
 	return o
 }
 // SetShrToken adds the shrToken to the get share detail params
 func (o *GetShareDetailParams) SetShrToken(shrToken string) {
 	o.ShrToken = shrToken
 }
 // WriteToRequest writes these params to a swagger request
 func (o *GetShareDetailParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
 	if err := r.SetTimeout(o.timeout); err != nil {
 		return err
 	}
 	var res []error
 	// path param shrToken
 	if err := r.SetPathParam("shrToken", o.ShrToken); err != nil {
 		return err
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_client_zrok/metadata/get_share_detail_responses.go
+++ b/rest_client_zrok/metadata/get_share_detail_responses.go
@ -0,0 +1,269 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"fmt"
 	"io"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetShareDetailReader is a Reader for the GetShareDetail structure.
 type GetShareDetailReader struct {
 	formats strfmt.Registry
 }
 // ReadResponse reads a server response into the received o.
 func (o *GetShareDetailReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
 	switch response.Code() {
 	case 200:
 		result := NewGetShareDetailOK()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return result, nil
 	case 401:
 		result := NewGetShareDetailUnauthorized()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 404:
 		result := NewGetShareDetailNotFound()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 500:
 		result := NewGetShareDetailInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	default:
 		return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code())
 	}
 }
 // NewGetShareDetailOK creates a GetShareDetailOK with default headers values
 func NewGetShareDetailOK() *GetShareDetailOK {
 	return &GetShareDetailOK{}
 }
 /*
 GetShareDetailOK describes a response with status code 200, with default header values.
 ok
 */
 type GetShareDetailOK struct {
 	Payload *rest_model_zrok.Share
 }
 // IsSuccess returns true when this get share detail o k response has a 2xx status code
 func (o *GetShareDetailOK) IsSuccess() bool {
 	return true
 }
 // IsRedirect returns true when this get share detail o k response has a 3xx status code
 func (o *GetShareDetailOK) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get share detail o k response has a 4xx status code
 func (o *GetShareDetailOK) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get share detail o k response has a 5xx status code
 func (o *GetShareDetailOK) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get share detail o k response a status code equal to that given
 func (o *GetShareDetailOK) IsCode(code int) bool {
 	return code == 200
 }
 func (o *GetShareDetailOK) Error() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailOK  %+v", 200, o.Payload)
 }
 func (o *GetShareDetailOK) String() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailOK  %+v", 200, o.Payload)
 }
 func (o *GetShareDetailOK) GetPayload() *rest_model_zrok.Share {
 	return o.Payload
 }
 func (o *GetShareDetailOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	o.Payload = new(rest_model_zrok.Share)
 	// response payload
 	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
 		return err
 	}
 	return nil
 }
 // NewGetShareDetailUnauthorized creates a GetShareDetailUnauthorized with default headers values
 func NewGetShareDetailUnauthorized() *GetShareDetailUnauthorized {
 	return &GetShareDetailUnauthorized{}
 }
 /*
 GetShareDetailUnauthorized describes a response with status code 401, with default header values.
 unauthorized
 */
 type GetShareDetailUnauthorized struct {
 }
 // IsSuccess returns true when this get share detail unauthorized response has a 2xx status code
 func (o *GetShareDetailUnauthorized) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get share detail unauthorized response has a 3xx status code
 func (o *GetShareDetailUnauthorized) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get share detail unauthorized response has a 4xx status code
 func (o *GetShareDetailUnauthorized) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get share detail unauthorized response has a 5xx status code
 func (o *GetShareDetailUnauthorized) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get share detail unauthorized response a status code equal to that given
 func (o *GetShareDetailUnauthorized) IsCode(code int) bool {
 	return code == 401
 }
 func (o *GetShareDetailUnauthorized) Error() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailUnauthorized ", 401)
 }
 func (o *GetShareDetailUnauthorized) String() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailUnauthorized ", 401)
 }
 func (o *GetShareDetailUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetShareDetailNotFound creates a GetShareDetailNotFound with default headers values
 func NewGetShareDetailNotFound() *GetShareDetailNotFound {
 	return &GetShareDetailNotFound{}
 }
 /*
 GetShareDetailNotFound describes a response with status code 404, with default header values.
 not found
 */
 type GetShareDetailNotFound struct {
 }
 // IsSuccess returns true when this get share detail not found response has a 2xx status code
 func (o *GetShareDetailNotFound) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get share detail not found response has a 3xx status code
 func (o *GetShareDetailNotFound) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get share detail not found response has a 4xx status code
 func (o *GetShareDetailNotFound) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get share detail not found response has a 5xx status code
 func (o *GetShareDetailNotFound) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get share detail not found response a status code equal to that given
 func (o *GetShareDetailNotFound) IsCode(code int) bool {
 	return code == 404
 }
 func (o *GetShareDetailNotFound) Error() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailNotFound ", 404)
 }
 func (o *GetShareDetailNotFound) String() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailNotFound ", 404)
 }
 func (o *GetShareDetailNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetShareDetailInternalServerError creates a GetShareDetailInternalServerError with default headers values
 func NewGetShareDetailInternalServerError() *GetShareDetailInternalServerError {
 	return &GetShareDetailInternalServerError{}
 }
 /*
 GetShareDetailInternalServerError describes a response with status code 500, with default header values.
 internal server error
 */
 type GetShareDetailInternalServerError struct {
 }
 // IsSuccess returns true when this get share detail internal server error response has a 2xx status code
 func (o *GetShareDetailInternalServerError) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get share detail internal server error response has a 3xx status code
 func (o *GetShareDetailInternalServerError) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get share detail internal server error response has a 4xx status code
 func (o *GetShareDetailInternalServerError) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get share detail internal server error response has a 5xx status code
 func (o *GetShareDetailInternalServerError) IsServerError() bool {
 	return true
 }
 // IsCode returns true when this get share detail internal server error response a status code equal to that given
 func (o *GetShareDetailInternalServerError) IsCode(code int) bool {
 	return code == 500
 }
 func (o *GetShareDetailInternalServerError) Error() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailInternalServerError ", 500)
 }
 func (o *GetShareDetailInternalServerError) String() string {
 	return fmt.Sprintf("[GET /detail/share/{shrToken}][%d] getShareDetailInternalServerError ", 500)
 }
 func (o *GetShareDetailInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
--- a/rest_client_zrok/metadata/metadata_client.go
+++ b/rest_client_zrok/metadata/metadata_client.go
@ -32,7 +32,7 @@ type ClientOption func(*runtime.ClientOperation)
 type ClientService interface {
 	GetEnvironmentDetail(params *GetEnvironmentDetailParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetEnvironmentDetailOK, error)
-	GetServiceDetail(params *GetServiceDetailParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetServiceDetailOK, error)
+	GetShareDetail(params *GetShareDetailParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetShareDetailOK, error)
 	Overview(params *OverviewParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*OverviewOK, error)
@ -81,22 +81,22 @@ func (a *Client) GetEnvironmentDetail(params *GetEnvironmentDetailParams, authIn
 }
 /*
-GetServiceDetail get service detail API
+GetShareDetail get share detail API
 */
-func (a *Client) GetServiceDetail(params *GetServiceDetailParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetServiceDetailOK, error) {
+func (a *Client) GetShareDetail(params *GetShareDetailParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetShareDetailOK, error) {
 	// TODO: Validate the params before sending
 	if params == nil {
-		params = NewGetServiceDetailParams()
+		params = NewGetShareDetailParams()
 	}
 	op := &runtime.ClientOperation{
-		ID:                 "getServiceDetail",
+		ID:                 "getShareDetail",
 		Method:             "GET",
-		PathPattern:        "/detail/service/{svcToken}",
+		PathPattern:        "/detail/share/{shrToken}",
 		ProducesMediaTypes: []string{"application/zrok.v1+json"},
 		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
 		Schemes:            []string{"http"},
 		Params:             params,
-		Reader:             &GetServiceDetailReader{formats: a.formats},
+		Reader:             &GetShareDetailReader{formats: a.formats},
 		AuthInfo:           authInfo,
 		Context:            params.Context,
 		Client:             params.HTTPClient,
@ -109,13 +109,13 @@ func (a *Client) GetServiceDetail(params *GetServiceDetailParams, authInfo runti
 	if err != nil {
 		return nil, err
 	}
-	success, ok := result.(*GetServiceDetailOK)
+	success, ok := result.(*GetShareDetailOK)
 	if ok {
 		return success, nil
 	}
 	// unexpected success response
 	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
-	msg := fmt.Sprintf("unexpected success response for getServiceDetail: API contract not enforced by server. Client expected to get an error, but got: %T", result)
+	msg := fmt.Sprintf("unexpected success response for getShareDetail: API contract not enforced by server. Client expected to get an error, but got: %T", result)
 	panic(msg)
 }
--- a/rest_client_zrok/metadata/overview_responses.go
+++ b/rest_client_zrok/metadata/overview_responses.go
@ -51,7 +51,7 @@ OverviewOK describes a response with status code 200, with default header values
 overview returned
 */
 type OverviewOK struct {
-	Payload rest_model_zrok.EnvironmentServicesList
+	Payload rest_model_zrok.EnvironmentSharesList
 }
 // IsSuccess returns true when this overview o k response has a 2xx status code
@ -87,7 +87,7 @@ func (o *OverviewOK) String() string {
 	return fmt.Sprintf("[GET /overview][%d] overviewOK  %+v", 200, o.Payload)
 }
-func (o *OverviewOK) GetPayload() rest_model_zrok.EnvironmentServicesList {
+func (o *OverviewOK) GetPayload() rest_model_zrok.EnvironmentSharesList {
 	return o.Payload
 }
--- a/rest_client_zrok/service/get_service_parameters.go
+++ b/rest_client_zrok/service/get_service_parameters.go
@ -1,150 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package service
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"net/http"
 	"time"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	cr "github.com/go-openapi/runtime/client"
 	"github.com/go-openapi/strfmt"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // NewGetServiceParams creates a new GetServiceParams object,
 // with the default timeout for this client.
 //
 // Default values are not hydrated, since defaults are normally applied by the API server side.
 //
 // To enforce default values in parameter, use SetDefaults or WithDefaults.
 func NewGetServiceParams() *GetServiceParams {
 	return &GetServiceParams{
 		timeout: cr.DefaultTimeout,
 	}
 }
 // NewGetServiceParamsWithTimeout creates a new GetServiceParams object
 // with the ability to set a timeout on a request.
 func NewGetServiceParamsWithTimeout(timeout time.Duration) *GetServiceParams {
 	return &GetServiceParams{
 		timeout: timeout,
 	}
 }
 // NewGetServiceParamsWithContext creates a new GetServiceParams object
 // with the ability to set a context for a request.
 func NewGetServiceParamsWithContext(ctx context.Context) *GetServiceParams {
 	return &GetServiceParams{
 		Context: ctx,
 	}
 }
 // NewGetServiceParamsWithHTTPClient creates a new GetServiceParams object
 // with the ability to set a custom HTTPClient for a request.
 func NewGetServiceParamsWithHTTPClient(client *http.Client) *GetServiceParams {
 	return &GetServiceParams{
 		HTTPClient: client,
 	}
 }
 /*
 GetServiceParams contains all the parameters to send to the API endpoint
 	for the get service operation.
 	Typically these are written to a http.Request.
 */
 type GetServiceParams struct {
 	// Body.
 	Body *rest_model_zrok.ServiceRequest
 	timeout    time.Duration
 	Context    context.Context
 	HTTPClient *http.Client
 }
 // WithDefaults hydrates default values in the get service params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetServiceParams) WithDefaults() *GetServiceParams {
 	o.SetDefaults()
 	return o
 }
 // SetDefaults hydrates default values in the get service params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *GetServiceParams) SetDefaults() {
 	// no default values defined for this parameter
 }
 // WithTimeout adds the timeout to the get service params
 func (o *GetServiceParams) WithTimeout(timeout time.Duration) *GetServiceParams {
 	o.SetTimeout(timeout)
 	return o
 }
 // SetTimeout adds the timeout to the get service params
 func (o *GetServiceParams) SetTimeout(timeout time.Duration) {
 	o.timeout = timeout
 }
 // WithContext adds the context to the get service params
 func (o *GetServiceParams) WithContext(ctx context.Context) *GetServiceParams {
 	o.SetContext(ctx)
 	return o
 }
 // SetContext adds the context to the get service params
 func (o *GetServiceParams) SetContext(ctx context.Context) {
 	o.Context = ctx
 }
 // WithHTTPClient adds the HTTPClient to the get service params
 func (o *GetServiceParams) WithHTTPClient(client *http.Client) *GetServiceParams {
 	o.SetHTTPClient(client)
 	return o
 }
 // SetHTTPClient adds the HTTPClient to the get service params
 func (o *GetServiceParams) SetHTTPClient(client *http.Client) {
 	o.HTTPClient = client
 }
 // WithBody adds the body to the get service params
 func (o *GetServiceParams) WithBody(body *rest_model_zrok.ServiceRequest) *GetServiceParams {
 	o.SetBody(body)
 	return o
 }
 // SetBody adds the body to the get service params
 func (o *GetServiceParams) SetBody(body *rest_model_zrok.ServiceRequest) {
 	o.Body = body
 }
 // WriteToRequest writes these params to a swagger request
 func (o *GetServiceParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
 	if err := r.SetTimeout(o.timeout); err != nil {
 		return err
 	}
 	var res []error
 	if o.Body != nil {
 		if err := r.SetBodyParam(o.Body); err != nil {
 			return err
 		}
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_client_zrok/service/get_service_responses.go
+++ b/rest_client_zrok/service/get_service_responses.go
@ -1,269 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package service
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"fmt"
 	"io"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetServiceReader is a Reader for the GetService structure.
 type GetServiceReader struct {
 	formats strfmt.Registry
 }
 // ReadResponse reads a server response into the received o.
 func (o *GetServiceReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
 	switch response.Code() {
 	case 200:
 		result := NewGetServiceOK()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return result, nil
 	case 401:
 		result := NewGetServiceUnauthorized()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 404:
 		result := NewGetServiceNotFound()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 500:
 		result := NewGetServiceInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	default:
 		return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code())
 	}
 }
 // NewGetServiceOK creates a GetServiceOK with default headers values
 func NewGetServiceOK() *GetServiceOK {
 	return &GetServiceOK{}
 }
 /*
 GetServiceOK describes a response with status code 200, with default header values.
 ok
 */
 type GetServiceOK struct {
 	Payload *rest_model_zrok.Service
 }
 // IsSuccess returns true when this get service o k response has a 2xx status code
 func (o *GetServiceOK) IsSuccess() bool {
 	return true
 }
 // IsRedirect returns true when this get service o k response has a 3xx status code
 func (o *GetServiceOK) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service o k response has a 4xx status code
 func (o *GetServiceOK) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get service o k response has a 5xx status code
 func (o *GetServiceOK) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service o k response a status code equal to that given
 func (o *GetServiceOK) IsCode(code int) bool {
 	return code == 200
 }
 func (o *GetServiceOK) Error() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceOK  %+v", 200, o.Payload)
 }
 func (o *GetServiceOK) String() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceOK  %+v", 200, o.Payload)
 }
 func (o *GetServiceOK) GetPayload() *rest_model_zrok.Service {
 	return o.Payload
 }
 func (o *GetServiceOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	o.Payload = new(rest_model_zrok.Service)
 	// response payload
 	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
 		return err
 	}
 	return nil
 }
 // NewGetServiceUnauthorized creates a GetServiceUnauthorized with default headers values
 func NewGetServiceUnauthorized() *GetServiceUnauthorized {
 	return &GetServiceUnauthorized{}
 }
 /*
 GetServiceUnauthorized describes a response with status code 401, with default header values.
 unauthorized
 */
 type GetServiceUnauthorized struct {
 }
 // IsSuccess returns true when this get service unauthorized response has a 2xx status code
 func (o *GetServiceUnauthorized) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service unauthorized response has a 3xx status code
 func (o *GetServiceUnauthorized) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service unauthorized response has a 4xx status code
 func (o *GetServiceUnauthorized) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get service unauthorized response has a 5xx status code
 func (o *GetServiceUnauthorized) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service unauthorized response a status code equal to that given
 func (o *GetServiceUnauthorized) IsCode(code int) bool {
 	return code == 401
 }
 func (o *GetServiceUnauthorized) Error() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceUnauthorized ", 401)
 }
 func (o *GetServiceUnauthorized) String() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceUnauthorized ", 401)
 }
 func (o *GetServiceUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetServiceNotFound creates a GetServiceNotFound with default headers values
 func NewGetServiceNotFound() *GetServiceNotFound {
 	return &GetServiceNotFound{}
 }
 /*
 GetServiceNotFound describes a response with status code 404, with default header values.
 not found
 */
 type GetServiceNotFound struct {
 }
 // IsSuccess returns true when this get service not found response has a 2xx status code
 func (o *GetServiceNotFound) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service not found response has a 3xx status code
 func (o *GetServiceNotFound) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service not found response has a 4xx status code
 func (o *GetServiceNotFound) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this get service not found response has a 5xx status code
 func (o *GetServiceNotFound) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this get service not found response a status code equal to that given
 func (o *GetServiceNotFound) IsCode(code int) bool {
 	return code == 404
 }
 func (o *GetServiceNotFound) Error() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceNotFound ", 404)
 }
 func (o *GetServiceNotFound) String() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceNotFound ", 404)
 }
 func (o *GetServiceNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewGetServiceInternalServerError creates a GetServiceInternalServerError with default headers values
 func NewGetServiceInternalServerError() *GetServiceInternalServerError {
 	return &GetServiceInternalServerError{}
 }
 /*
 GetServiceInternalServerError describes a response with status code 500, with default header values.
 internal server error
 */
 type GetServiceInternalServerError struct {
 }
 // IsSuccess returns true when this get service internal server error response has a 2xx status code
 func (o *GetServiceInternalServerError) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this get service internal server error response has a 3xx status code
 func (o *GetServiceInternalServerError) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this get service internal server error response has a 4xx status code
 func (o *GetServiceInternalServerError) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this get service internal server error response has a 5xx status code
 func (o *GetServiceInternalServerError) IsServerError() bool {
 	return true
 }
 // IsCode returns true when this get service internal server error response a status code equal to that given
 func (o *GetServiceInternalServerError) IsCode(code int) bool {
 	return code == 500
 }
 func (o *GetServiceInternalServerError) Error() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceInternalServerError ", 500)
 }
 func (o *GetServiceInternalServerError) String() string {
 	return fmt.Sprintf("[GET /service][%d] getServiceInternalServerError ", 500)
 }
 func (o *GetServiceInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
--- a/rest_client_zrok/service/access_parameters.go
+++ b/rest_client_zrok/service/access_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/access_responses.go
+++ b/rest_client_zrok/service/access_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/service_client.go
+++ b/rest_client_zrok/service/service_client.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -12,13 +12,13 @@ import (
 	"github.com/go-openapi/strfmt"
 )
-// New creates a new service API client.
+// New creates a new share API client.
 func New(transport runtime.ClientTransport, formats strfmt.Registry) ClientService {
 	return &Client{transport: transport, formats: formats}
 }
 /*
-Client for service API
+Client for share API
 */
 type Client struct {
 	transport runtime.ClientTransport
@ -32,8 +32,6 @@ type ClientOption func(*runtime.ClientOperation)
 type ClientService interface {
 	Access(params *AccessParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*AccessCreated, error)
 	GetService(params *GetServiceParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetServiceOK, error)
 	Share(params *ShareParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ShareCreated, error)
 	Unaccess(params *UnaccessParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*UnaccessOK, error)
@ -84,45 +82,6 @@ func (a *Client) Access(params *AccessParams, authInfo runtime.ClientAuthInfoWri
 	panic(msg)
 }
 /*
 GetService get service API
 */
 func (a *Client) GetService(params *GetServiceParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*GetServiceOK, error) {
 	// TODO: Validate the params before sending
 	if params == nil {
 		params = NewGetServiceParams()
 	}
 	op := &runtime.ClientOperation{
 		ID:                 "getService",
 		Method:             "GET",
 		PathPattern:        "/service",
 		ProducesMediaTypes: []string{"application/zrok.v1+json"},
 		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
 		Schemes:            []string{"http"},
 		Params:             params,
 		Reader:             &GetServiceReader{formats: a.formats},
 		AuthInfo:           authInfo,
 		Context:            params.Context,
 		Client:             params.HTTPClient,
 	}
 	for _, opt := range opts {
 		opt(op)
 	}
 	result, err := a.transport.Submit(op)
 	if err != nil {
 		return nil, err
 	}
 	success, ok := result.(*GetServiceOK)
 	if ok {
 		return success, nil
 	}
 	// unexpected success response
 	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
 	msg := fmt.Sprintf("unexpected success response for getService: API contract not enforced by server. Client expected to get an error, but got: %T", result)
 	panic(msg)
 }
 /*
 Share share API
 */
--- a/rest_client_zrok/service/share_parameters.go
+++ b/rest_client_zrok/service/share_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/share_responses.go
+++ b/rest_client_zrok/service/share_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -60,7 +60,7 @@ func NewShareCreated() *ShareCreated {
 /*
 ShareCreated describes a response with status code 201, with default header values.
-service created
+share created
 */
 type ShareCreated struct {
 	Payload *rest_model_zrok.ShareResponse
--- a/rest_client_zrok/service/unaccess_parameters.go
+++ b/rest_client_zrok/service/unaccess_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/unaccess_responses.go
+++ b/rest_client_zrok/service/unaccess_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/unshare_parameters.go
+++ b/rest_client_zrok/service/unshare_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/unshare_responses.go
+++ b/rest_client_zrok/service/unshare_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -60,7 +60,7 @@ func NewUnshareOK() *UnshareOK {
 /*
 UnshareOK describes a response with status code 200, with default header values.
-service removed
+share removed
 */
 type UnshareOK struct {
 }
--- a/rest_client_zrok/service/update_share_parameters.go
+++ b/rest_client_zrok/service/update_share_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_client_zrok/service/update_share_responses.go
+++ b/rest_client_zrok/service/update_share_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -57,7 +57,7 @@ func NewUpdateShareOK() *UpdateShareOK {
 /*
 UpdateShareOK describes a response with status code 200, with default header values.
-service updated
+share updated
 */
 type UpdateShareOK struct {
 }
--- a/rest_client_zrok/zrok_client.go
+++ b/rest_client_zrok/zrok_client.go
@ -14,7 +14,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/admin"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/environment"
 	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/metadata"
-	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
+	"github.com/openziti-test-kitchen/zrok/rest_client_zrok/share"
 )
 // Default zrok HTTP client.
@ -63,7 +63,7 @@ func New(transport runtime.ClientTransport, formats strfmt.Registry) *Zrok {
 	cli.Admin = admin.New(transport, formats)
 	cli.Environment = environment.New(transport, formats)
 	cli.Metadata = metadata.New(transport, formats)
-	cli.Service = service.New(transport, formats)
+	cli.Share = share.New(transport, formats)
 	return cli
 }
@ -116,7 +116,7 @@ type Zrok struct {
 	Metadata metadata.ClientService
-	Service service.ClientService
+	Share share.ClientService
 	Transport runtime.ClientTransport
 }
@ -128,5 +128,5 @@ func (c *Zrok) SetTransport(transport runtime.ClientTransport) {
 	c.Admin.SetTransport(transport)
 	c.Environment.SetTransport(transport)
 	c.Metadata.SetTransport(transport)
-	c.Service.SetTransport(transport)
+	c.Share.SetTransport(transport)
 }
--- a/rest_model_zrok/access_request.go
+++ b/rest_model_zrok/access_request.go
@ -20,8 +20,8 @@ type AccessRequest struct {
 	// env z Id
 	EnvZID string `json:"envZId,omitempty"`
-	// svc token
+	// shr token
-	SvcToken string `json:"svcToken,omitempty"`
+	ShrToken string `json:"shrToken,omitempty"`
 }
 // Validate validates this access request
--- a/rest_model_zrok/environment_services.go
+++ b/rest_model_zrok/environment_services.go
@ -13,27 +13,27 @@ import (
 	"github.com/go-openapi/swag"
 )
-// EnvironmentServices environment services
+// EnvironmentShares environment shares
 //
-// swagger:model environmentServices
+// swagger:model environmentShares
-type EnvironmentServices struct {
+type EnvironmentShares struct {
 	// environment
 	Environment *Environment `json:"environment,omitempty"`
-	// services
+	// shares
-	Services Services `json:"services,omitempty"`
+	Shares Shares `json:"shares,omitempty"`
 }
-// Validate validates this environment services
+// Validate validates this environment shares
-func (m *EnvironmentServices) Validate(formats strfmt.Registry) error {
+func (m *EnvironmentShares) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateEnvironment(formats); err != nil {
 		res = append(res, err)
 	}
-	if err := m.validateServices(formats); err != nil {
+	if err := m.validateShares(formats); err != nil {
 		res = append(res, err)
 	}
@ -43,7 +43,7 @@ func (m *EnvironmentServices) Validate(formats strfmt.Registry) error {
 	return nil
 }
-func (m *EnvironmentServices) validateEnvironment(formats strfmt.Registry) error {
+func (m *EnvironmentShares) validateEnvironment(formats strfmt.Registry) error {
 	if swag.IsZero(m.Environment) { // not required
 		return nil
 	}
@ -62,16 +62,16 @@ func (m *EnvironmentServices) validateEnvironment(formats strfmt.Registry) error
 	return nil
 }
-func (m *EnvironmentServices) validateServices(formats strfmt.Registry) error {
+func (m *EnvironmentShares) validateShares(formats strfmt.Registry) error {
-	if swag.IsZero(m.Services) { // not required
+	if swag.IsZero(m.Shares) { // not required
 		return nil
 	}
-	if err := m.Services.Validate(formats); err != nil {
+	if err := m.Shares.Validate(formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
-			return ve.ValidateName("services")
+			return ve.ValidateName("shares")
 		} else if ce, ok := err.(*errors.CompositeError); ok {
-			return ce.ValidateName("services")
+			return ce.ValidateName("shares")
 		}
 		return err
 	}
@ -79,15 +79,15 @@ func (m *EnvironmentServices) validateServices(formats strfmt.Registry) error {
 	return nil
 }
-// ContextValidate validate this environment services based on the context it is used
+// ContextValidate validate this environment shares based on the context it is used
-func (m *EnvironmentServices) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+func (m *EnvironmentShares) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateEnvironment(ctx, formats); err != nil {
 		res = append(res, err)
 	}
-	if err := m.contextValidateServices(ctx, formats); err != nil {
+	if err := m.contextValidateShares(ctx, formats); err != nil {
 		res = append(res, err)
 	}
@ -97,7 +97,7 @@ func (m *EnvironmentServices) ContextValidate(ctx context.Context, formats strfm
 	return nil
 }
-func (m *EnvironmentServices) contextValidateEnvironment(ctx context.Context, formats strfmt.Registry) error {
+func (m *EnvironmentShares) contextValidateEnvironment(ctx context.Context, formats strfmt.Registry) error {
 	if m.Environment != nil {
 		if err := m.Environment.ContextValidate(ctx, formats); err != nil {
@ -113,13 +113,13 @@ func (m *EnvironmentServices) contextValidateEnvironment(ctx context.Context, fo
 	return nil
 }
-func (m *EnvironmentServices) contextValidateServices(ctx context.Context, formats strfmt.Registry) error {
+func (m *EnvironmentShares) contextValidateShares(ctx context.Context, formats strfmt.Registry) error {
-	if err := m.Services.ContextValidate(ctx, formats); err != nil {
+	if err := m.Shares.ContextValidate(ctx, formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
-			return ve.ValidateName("services")
+			return ve.ValidateName("shares")
 		} else if ce, ok := err.(*errors.CompositeError); ok {
-			return ce.ValidateName("services")
+			return ce.ValidateName("shares")
 		}
 		return err
 	}
@ -128,7 +128,7 @@ func (m *EnvironmentServices) contextValidateServices(ctx context.Context, forma
 }
 // MarshalBinary interface implementation
-func (m *EnvironmentServices) MarshalBinary() ([]byte, error) {
+func (m *EnvironmentShares) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@ -136,8 +136,8 @@ func (m *EnvironmentServices) MarshalBinary() ([]byte, error) {
 }
 // UnmarshalBinary interface implementation
-func (m *EnvironmentServices) UnmarshalBinary(b []byte) error {
+func (m *EnvironmentShares) UnmarshalBinary(b []byte) error {
-	var res EnvironmentServices
+	var res EnvironmentShares
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/rest_model_zrok/environment_services_list.go
+++ b/rest_model_zrok/environment_services_list.go
@ -14,13 +14,13 @@ import (
 	"github.com/go-openapi/swag"
 )
-// EnvironmentServicesList environment services list
+// EnvironmentSharesList environment shares list
 //
-// swagger:model environmentServicesList
+// swagger:model environmentSharesList
-type EnvironmentServicesList []*EnvironmentServices
+type EnvironmentSharesList []*EnvironmentShares
-// Validate validates this environment services list
+// Validate validates this environment shares list
-func (m EnvironmentServicesList) Validate(formats strfmt.Registry) error {
+func (m EnvironmentSharesList) Validate(formats strfmt.Registry) error {
 	var res []error
 	for i := 0; i < len(m); i++ {
@ -47,8 +47,8 @@ func (m EnvironmentServicesList) Validate(formats strfmt.Registry) error {
 	return nil
 }
-// ContextValidate validate this environment services list based on the context it is used
+// ContextValidate validate this environment shares list based on the context it is used
-func (m EnvironmentServicesList) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+func (m EnvironmentSharesList) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	for i := 0; i < len(m); i++ {
--- a/rest_model_zrok/service_metrics.go
+++ b/rest_model_zrok/service_metrics.go
@ -1,27 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package rest_model_zrok
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 )
 // ServiceMetrics service metrics
 //
 // swagger:model serviceMetrics
 type ServiceMetrics []int64
 // Validate validates this service metrics
 func (m ServiceMetrics) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this service metrics based on context it is used
 func (m ServiceMetrics) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
--- a/rest_model_zrok/service_request.go
+++ b/rest_model_zrok/service_request.go
@ -1,53 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package rest_model_zrok
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // ServiceRequest service request
 //
 // swagger:model serviceRequest
 type ServiceRequest struct {
 	// env z Id
 	EnvZID string `json:"envZId,omitempty"`
 	// svc token
 	SvcToken string `json:"svcToken,omitempty"`
 }
 // Validate validates this service request
 func (m *ServiceRequest) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this service request based on context it is used
 func (m *ServiceRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (m *ServiceRequest) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(m)
 }
 // UnmarshalBinary interface implementation
 func (m *ServiceRequest) UnmarshalBinary(b []byte) error {
 	var res ServiceRequest
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*m = res
 	return nil
 }
--- a/rest_model_zrok/service.go
+++ b/rest_model_zrok/service.go
@ -13,10 +13,10 @@ import (
 	"github.com/go-openapi/swag"
 )
-// Service service
+// Share share
 //
-// swagger:model service
+// swagger:model share
-type Service struct {
+type Share struct {
 	// backend mode
 	BackendMode string `json:"backendMode,omitempty"`
@ -34,7 +34,7 @@ type Service struct {
 	FrontendSelection string `json:"frontendSelection,omitempty"`
 	// metrics
-	Metrics ServiceMetrics `json:"metrics,omitempty"`
+	Metrics ShareMetrics `json:"metrics,omitempty"`
 	// reserved
 	Reserved bool `json:"reserved,omitempty"`
@ -52,8 +52,8 @@ type Service struct {
 	ZID string `json:"zId,omitempty"`
 }
-// Validate validates this service
+// Validate validates this share
-func (m *Service) Validate(formats strfmt.Registry) error {
+func (m *Share) Validate(formats strfmt.Registry) error {
 	var res []error
 	if err := m.validateMetrics(formats); err != nil {
@ -66,7 +66,7 @@ func (m *Service) Validate(formats strfmt.Registry) error {
 	return nil
 }
-func (m *Service) validateMetrics(formats strfmt.Registry) error {
+func (m *Share) validateMetrics(formats strfmt.Registry) error {
 	if swag.IsZero(m.Metrics) { // not required
 		return nil
 	}
@ -83,8 +83,8 @@ func (m *Service) validateMetrics(formats strfmt.Registry) error {
 	return nil
 }
-// ContextValidate validate this service based on the context it is used
+// ContextValidate validate this share based on the context it is used
-func (m *Service) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+func (m *Share) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	if err := m.contextValidateMetrics(ctx, formats); err != nil {
@ -97,7 +97,7 @@ func (m *Service) ContextValidate(ctx context.Context, formats strfmt.Registry)
 	return nil
 }
-func (m *Service) contextValidateMetrics(ctx context.Context, formats strfmt.Registry) error {
+func (m *Share) contextValidateMetrics(ctx context.Context, formats strfmt.Registry) error {
 	if err := m.Metrics.ContextValidate(ctx, formats); err != nil {
 		if ve, ok := err.(*errors.Validation); ok {
@ -112,7 +112,7 @@ func (m *Service) contextValidateMetrics(ctx context.Context, formats strfmt.Reg
 }
 // MarshalBinary interface implementation
-func (m *Service) MarshalBinary() ([]byte, error) {
+func (m *Share) MarshalBinary() ([]byte, error) {
 	if m == nil {
 		return nil, nil
 	}
@ -120,8 +120,8 @@ func (m *Service) MarshalBinary() ([]byte, error) {
 }
 // UnmarshalBinary interface implementation
-func (m *Service) UnmarshalBinary(b []byte) error {
+func (m *Share) UnmarshalBinary(b []byte) error {
-	var res Service
+	var res Share
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
--- a/rest_model_zrok/share_metrics.go
+++ b/rest_model_zrok/share_metrics.go
@ -0,0 +1,27 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package rest_model_zrok
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"github.com/go-openapi/strfmt"
 )
 // ShareMetrics share metrics
 //
 // swagger:model shareMetrics
 type ShareMetrics []int64
 // Validate validates this share metrics
 func (m ShareMetrics) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this share metrics based on context it is used
 func (m ShareMetrics) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
--- a/rest_model_zrok/share_response.go
+++ b/rest_model_zrok/share_response.go
@ -20,8 +20,8 @@ type ShareResponse struct {
 	// frontend proxy endpoints
 	FrontendProxyEndpoints []string `json:"frontendProxyEndpoints"`
-	// svc token
+	// shr token
-	SvcToken string `json:"svcToken,omitempty"`
+	ShrToken string `json:"shrToken,omitempty"`
 }
 // Validate validates this share response
--- a/rest_model_zrok/services.go
+++ b/rest_model_zrok/services.go
@ -14,13 +14,13 @@ import (
 	"github.com/go-openapi/swag"
 )
-// Services services
+// Shares shares
 //
-// swagger:model services
+// swagger:model shares
-type Services []*Service
+type Shares []*Share
-// Validate validates this services
+// Validate validates this shares
-func (m Services) Validate(formats strfmt.Registry) error {
+func (m Shares) Validate(formats strfmt.Registry) error {
 	var res []error
 	for i := 0; i < len(m); i++ {
@ -47,8 +47,8 @@ func (m Services) Validate(formats strfmt.Registry) error {
 	return nil
 }
-// ContextValidate validate this services based on the context it is used
+// ContextValidate validate this shares based on the context it is used
-func (m Services) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+func (m Shares) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	var res []error
 	for i := 0; i < len(m); i++ {
--- a/rest_model_zrok/unaccess_request.go
+++ b/rest_model_zrok/unaccess_request.go
@ -23,8 +23,8 @@ type UnaccessRequest struct {
 	// frontend token
 	FrontendToken string `json:"frontendToken,omitempty"`
-	// svc token
+	// shr token
-	SvcToken string `json:"svcToken,omitempty"`
+	ShrToken string `json:"shrToken,omitempty"`
 }
 // Validate validates this unaccess request
--- a/rest_model_zrok/unshare_request.go
+++ b/rest_model_zrok/unshare_request.go
@ -23,8 +23,8 @@ type UnshareRequest struct {
 	// reserved
 	Reserved bool `json:"reserved,omitempty"`
-	// svc token
+	// shr token
-	SvcToken string `json:"svcToken,omitempty"`
+	ShrToken string `json:"shrToken,omitempty"`
 }
 // Validate validates this unshare request
--- a/rest_model_zrok/update_share_request.go
+++ b/rest_model_zrok/update_share_request.go
@ -20,8 +20,8 @@ type UpdateShareRequest struct {
 	// backend proxy endpoint
 	BackendProxyEndpoint string `json:"backendProxyEndpoint,omitempty"`
-	// service token
+	// shr token
-	ServiceToken string `json:"serviceToken,omitempty"`
+	ShrToken string `json:"shrToken,omitempty"`
 }
 // Validate validates this update share request
--- a/rest_server_zrok/embedded_spec.go
+++ b/rest_server_zrok/embedded_spec.go
@ -43,7 +43,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "access",
        "parameters": [
@ -97,7 +97,7 @@ func init() {
          "200": {
            "description": "ok",
            "schema": {
-              "$ref": "#/definitions/environmentServices"
+              "$ref": "#/definitions/environmentShares"
            }
          },
          "401": {
@ -112,7 +112,7 @@ func init() {
        }
      }
    },
-    "/detail/service/{svcToken}": {
+    "/detail/share/{shrToken}": {
      "get": {
        "security": [
          {
@ -122,11 +122,11 @@ func init() {
        "tags": [
          "metadata"
        ],
-        "operationId": "getServiceDetail",
+        "operationId": "getShareDetail",
        "parameters": [
          {
            "type": "string",
-            "name": "svcToken",
+            "name": "shrToken",
            "in": "path",
            "required": true
          }
@ -135,7 +135,7 @@ func init() {
          "200": {
            "description": "ok",
            "schema": {
-              "$ref": "#/definitions/service"
+              "$ref": "#/definitions/share"
            }
          },
          "401": {
@ -474,7 +474,7 @@ func init() {
          "200": {
            "description": "overview returned",
            "schema": {
-              "$ref": "#/definitions/environmentServicesList"
+              "$ref": "#/definitions/environmentSharesList"
            }
          },
          "500": {
@ -517,45 +517,6 @@ func init() {
        }
      }
    },
    "/service": {
      "get": {
        "security": [
          {
            "key": []
          }
        ],
        "tags": [
          "service"
        ],
        "operationId": "getService",
        "parameters": [
          {
            "name": "body",
            "in": "body",
            "schema": {
              "$ref": "#/definitions/serviceRequest"
            }
          }
        ],
        "responses": {
          "200": {
            "description": "ok",
            "schema": {
              "$ref": "#/definitions/service"
            }
          },
          "401": {
            "description": "unauthorized"
          },
          "404": {
            "description": "not found"
          },
          "500": {
            "description": "internal server error"
          }
        }
      }
    },
    "/share": {
      "post": {
        "security": [
@ -564,7 +525,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "share",
        "parameters": [
@ -578,7 +539,7 @@ func init() {
        ],
        "responses": {
          "201": {
-            "description": "service created",
+            "description": "share created",
            "schema": {
              "$ref": "#/definitions/shareResponse"
            }
@ -604,7 +565,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "updateShare",
        "parameters": [
@ -618,7 +579,7 @@ func init() {
        ],
        "responses": {
          "200": {
-            "description": "service updated"
+            "description": "share updated"
          },
          "401": {
            "description": "unauthorized"
@ -640,7 +601,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "unaccess",
        "parameters": [
@ -676,7 +637,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "unshare",
        "parameters": [
@ -690,7 +651,7 @@ func init() {
        ],
        "responses": {
          "200": {
-            "description": "service removed"
+            "description": "share removed"
          },
          "401": {
            "description": "unauthorized"
@ -762,7 +723,7 @@ func init() {
        "envZId": {
          "type": "string"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -872,21 +833,21 @@ func init() {
        }
      }
    },
-    "environmentServices": {
+    "environmentShares": {
      "type": "object",
      "properties": {
        "environment": {
          "$ref": "#/definitions/environment"
        },
-        "services": {
+        "shares": {
-          "$ref": "#/definitions/services"
+          "$ref": "#/definitions/shares"
        }
      }
    },
-    "environmentServicesList": {
+    "environmentSharesList": {
      "type": "array",
      "items": {
-        "$ref": "#/definitions/environmentServices"
+        "$ref": "#/definitions/environmentShares"
      }
    },
    "environments": {
@ -985,7 +946,7 @@ func init() {
        }
      }
    },
-    "service": {
+    "share": {
      "type": "object",
      "properties": {
        "backendMode": {
@ -1004,7 +965,7 @@ func init() {
          "type": "string"
        },
        "metrics": {
-          "$ref": "#/definitions/serviceMetrics"
+          "$ref": "#/definitions/shareMetrics"
        },
        "reserved": {
          "type": "boolean"
@ -1023,29 +984,12 @@ func init() {
        }
      }
    },
-    "serviceMetrics": {
+    "shareMetrics": {
      "type": "array",
      "items": {
        "type": "integer"
      }
    },
    "serviceRequest": {
      "type": "object",
      "properties": {
        "envZId": {
          "type": "string"
        },
        "svcToken": {
          "type": "string"
        }
      }
    },
    "services": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/service"
      }
    },
    "shareRequest": {
      "type": "object",
      "properties": {
@ -1099,11 +1043,17 @@ func init() {
            "type": "string"
          }
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
    },
    "shares": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/share"
      }
    },
    "unaccessRequest": {
      "type": "object",
      "properties": {
@ -1113,7 +1063,7 @@ func init() {
        "frontendToken": {
          "type": "string"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -1127,7 +1077,7 @@ func init() {
        "reserved": {
          "type": "boolean"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -1152,7 +1102,7 @@ func init() {
        "backendProxyEndpoint": {
          "type": "string"
        },
-        "serviceToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -1211,7 +1161,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "access",
        "parameters": [
@ -1265,7 +1215,7 @@ func init() {
          "200": {
            "description": "ok",
            "schema": {
-              "$ref": "#/definitions/environmentServices"
+              "$ref": "#/definitions/environmentShares"
            }
          },
          "401": {
@ -1280,7 +1230,7 @@ func init() {
        }
      }
    },
-    "/detail/service/{svcToken}": {
+    "/detail/share/{shrToken}": {
      "get": {
        "security": [
          {
@ -1290,11 +1240,11 @@ func init() {
        "tags": [
          "metadata"
        ],
-        "operationId": "getServiceDetail",
+        "operationId": "getShareDetail",
        "parameters": [
          {
            "type": "string",
-            "name": "svcToken",
+            "name": "shrToken",
            "in": "path",
            "required": true
          }
@ -1303,7 +1253,7 @@ func init() {
          "200": {
            "description": "ok",
            "schema": {
-              "$ref": "#/definitions/service"
+              "$ref": "#/definitions/share"
            }
          },
          "401": {
@ -1642,7 +1592,7 @@ func init() {
          "200": {
            "description": "overview returned",
            "schema": {
-              "$ref": "#/definitions/environmentServicesList"
+              "$ref": "#/definitions/environmentSharesList"
            }
          },
          "500": {
@ -1685,45 +1635,6 @@ func init() {
        }
      }
    },
    "/service": {
      "get": {
        "security": [
          {
            "key": []
          }
        ],
        "tags": [
          "service"
        ],
        "operationId": "getService",
        "parameters": [
          {
            "name": "body",
            "in": "body",
            "schema": {
              "$ref": "#/definitions/serviceRequest"
            }
          }
        ],
        "responses": {
          "200": {
            "description": "ok",
            "schema": {
              "$ref": "#/definitions/service"
            }
          },
          "401": {
            "description": "unauthorized"
          },
          "404": {
            "description": "not found"
          },
          "500": {
            "description": "internal server error"
          }
        }
      }
    },
    "/share": {
      "post": {
        "security": [
@ -1732,7 +1643,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "share",
        "parameters": [
@ -1746,7 +1657,7 @@ func init() {
        ],
        "responses": {
          "201": {
-            "description": "service created",
+            "description": "share created",
            "schema": {
              "$ref": "#/definitions/shareResponse"
            }
@ -1772,7 +1683,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "updateShare",
        "parameters": [
@ -1786,7 +1697,7 @@ func init() {
        ],
        "responses": {
          "200": {
-            "description": "service updated"
+            "description": "share updated"
          },
          "401": {
            "description": "unauthorized"
@ -1808,7 +1719,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "unaccess",
        "parameters": [
@ -1844,7 +1755,7 @@ func init() {
          }
        ],
        "tags": [
-          "service"
+          "share"
        ],
        "operationId": "unshare",
        "parameters": [
@ -1858,7 +1769,7 @@ func init() {
        ],
        "responses": {
          "200": {
-            "description": "service removed"
+            "description": "share removed"
          },
          "401": {
            "description": "unauthorized"
@ -1930,7 +1841,7 @@ func init() {
        "envZId": {
          "type": "string"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -2040,21 +1951,21 @@ func init() {
        }
      }
    },
-    "environmentServices": {
+    "environmentShares": {
      "type": "object",
      "properties": {
        "environment": {
          "$ref": "#/definitions/environment"
        },
-        "services": {
+        "shares": {
-          "$ref": "#/definitions/services"
+          "$ref": "#/definitions/shares"
        }
      }
    },
-    "environmentServicesList": {
+    "environmentSharesList": {
      "type": "array",
      "items": {
-        "$ref": "#/definitions/environmentServices"
+        "$ref": "#/definitions/environmentShares"
      }
    },
    "environments": {
@ -2153,7 +2064,7 @@ func init() {
        }
      }
    },
-    "service": {
+    "share": {
      "type": "object",
      "properties": {
        "backendMode": {
@ -2172,7 +2083,7 @@ func init() {
          "type": "string"
        },
        "metrics": {
-          "$ref": "#/definitions/serviceMetrics"
+          "$ref": "#/definitions/shareMetrics"
        },
        "reserved": {
          "type": "boolean"
@ -2191,29 +2102,12 @@ func init() {
        }
      }
    },
-    "serviceMetrics": {
+    "shareMetrics": {
      "type": "array",
      "items": {
        "type": "integer"
      }
    },
    "serviceRequest": {
      "type": "object",
      "properties": {
        "envZId": {
          "type": "string"
        },
        "svcToken": {
          "type": "string"
        }
      }
    },
    "services": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/service"
      }
    },
    "shareRequest": {
      "type": "object",
      "properties": {
@ -2267,11 +2161,17 @@ func init() {
            "type": "string"
          }
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
    },
    "shares": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/share"
      }
    },
    "unaccessRequest": {
      "type": "object",
      "properties": {
@ -2281,7 +2181,7 @@ func init() {
        "frontendToken": {
          "type": "string"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -2295,7 +2195,7 @@ func init() {
        "reserved": {
          "type": "boolean"
        },
-        "svcToken": {
+        "shrToken": {
          "type": "string"
        }
      }
@ -2320,7 +2220,7 @@ func init() {
        "backendProxyEndpoint": {
          "type": "string"
        },
-        "serviceToken": {
+        "shrToken": {
          "type": "string"
        }
      }
--- a/rest_server_zrok/operations/metadata/get_environment_detail_responses.go
+++ b/rest_server_zrok/operations/metadata/get_environment_detail_responses.go
@ -26,7 +26,7 @@ type GetEnvironmentDetailOK struct {
 	/*
 	  In: Body
 	*/
-	Payload *rest_model_zrok.EnvironmentServices `json:"body,omitempty"`
+	Payload *rest_model_zrok.EnvironmentShares `json:"body,omitempty"`
 }
 // NewGetEnvironmentDetailOK creates GetEnvironmentDetailOK with default headers values
@ -36,13 +36,13 @@ func NewGetEnvironmentDetailOK() *GetEnvironmentDetailOK {
 }
 // WithPayload adds the payload to the get environment detail o k response
-func (o *GetEnvironmentDetailOK) WithPayload(payload *rest_model_zrok.EnvironmentServices) *GetEnvironmentDetailOK {
+func (o *GetEnvironmentDetailOK) WithPayload(payload *rest_model_zrok.EnvironmentShares) *GetEnvironmentDetailOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the get environment detail o k response
-func (o *GetEnvironmentDetailOK) SetPayload(payload *rest_model_zrok.EnvironmentServices) {
+func (o *GetEnvironmentDetailOK) SetPayload(payload *rest_model_zrok.EnvironmentShares) {
 	o.Payload = payload
 }
--- a/rest_server_zrok/operations/metadata/get_service_detail.go
+++ b/rest_server_zrok/operations/metadata/get_service_detail.go
@ -1,71 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
 import (
 	"net/http"
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetServiceDetailHandlerFunc turns a function with the right signature into a get service detail handler
 type GetServiceDetailHandlerFunc func(GetServiceDetailParams, *rest_model_zrok.Principal) middleware.Responder
 // Handle executing the request and returning a response
 func (fn GetServiceDetailHandlerFunc) Handle(params GetServiceDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	return fn(params, principal)
 }
 // GetServiceDetailHandler interface for that can handle valid get service detail params
 type GetServiceDetailHandler interface {
 	Handle(GetServiceDetailParams, *rest_model_zrok.Principal) middleware.Responder
 }
 // NewGetServiceDetail creates a new http.Handler for the get service detail operation
 func NewGetServiceDetail(ctx *middleware.Context, handler GetServiceDetailHandler) *GetServiceDetail {
 	return &GetServiceDetail{Context: ctx, Handler: handler}
 }
 /*
 	GetServiceDetail swagger:route GET /detail/service/{svcToken} metadata getServiceDetail
 GetServiceDetail get service detail API
 */
 type GetServiceDetail struct {
 	Context *middleware.Context
 	Handler GetServiceDetailHandler
 }
 func (o *GetServiceDetail) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
 	route, rCtx, _ := o.Context.RouteInfo(r)
 	if rCtx != nil {
 		*r = *rCtx
 	}
 	var Params = NewGetServiceDetailParams()
 	uprinc, aCtx, err := o.Context.Authorize(r, route)
 	if err != nil {
 		o.Context.Respond(rw, r, route.Produces, route, err)
 		return
 	}
 	if aCtx != nil {
 		*r = *aCtx
 	}
 	var principal *rest_model_zrok.Principal
 	if uprinc != nil {
 		principal = uprinc.(*rest_model_zrok.Principal) // this is really a rest_model_zrok.Principal, I promise
 	}
 	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
 		o.Context.Respond(rw, r, route.Produces, route, err)
 		return
 	}
 	res := o.Handler.Handle(Params, principal) // actually handle the request
 	o.Context.Respond(rw, r, route.Produces, route, res)
 }
--- a/rest_server_zrok/operations/metadata/get_service_detail_responses.go
+++ b/rest_server_zrok/operations/metadata/get_service_detail_responses.go
@ -1,134 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/runtime"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetServiceDetailOKCode is the HTTP code returned for type GetServiceDetailOK
 const GetServiceDetailOKCode int = 200
 /*
 GetServiceDetailOK ok
 swagger:response getServiceDetailOK
 */
 type GetServiceDetailOK struct {
 	/*
 	  In: Body
 	*/
 	Payload *rest_model_zrok.Service `json:"body,omitempty"`
 }
 // NewGetServiceDetailOK creates GetServiceDetailOK with default headers values
 func NewGetServiceDetailOK() *GetServiceDetailOK {
 	return &GetServiceDetailOK{}
 }
 // WithPayload adds the payload to the get service detail o k response
 func (o *GetServiceDetailOK) WithPayload(payload *rest_model_zrok.Service) *GetServiceDetailOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the get service detail o k response
 func (o *GetServiceDetailOK) SetPayload(payload *rest_model_zrok.Service) {
 	o.Payload = payload
 }
 // WriteResponse to the client
 func (o *GetServiceDetailOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.WriteHeader(200)
 	if o.Payload != nil {
 		payload := o.Payload
 		if err := producer.Produce(rw, payload); err != nil {
 			panic(err) // let the recovery middleware deal with this
 		}
 	}
 }
 // GetServiceDetailUnauthorizedCode is the HTTP code returned for type GetServiceDetailUnauthorized
 const GetServiceDetailUnauthorizedCode int = 401
 /*
 GetServiceDetailUnauthorized unauthorized
 swagger:response getServiceDetailUnauthorized
 */
 type GetServiceDetailUnauthorized struct {
 }
 // NewGetServiceDetailUnauthorized creates GetServiceDetailUnauthorized with default headers values
 func NewGetServiceDetailUnauthorized() *GetServiceDetailUnauthorized {
 	return &GetServiceDetailUnauthorized{}
 }
 // WriteResponse to the client
 func (o *GetServiceDetailUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(401)
 }
 // GetServiceDetailNotFoundCode is the HTTP code returned for type GetServiceDetailNotFound
 const GetServiceDetailNotFoundCode int = 404
 /*
 GetServiceDetailNotFound not found
 swagger:response getServiceDetailNotFound
 */
 type GetServiceDetailNotFound struct {
 }
 // NewGetServiceDetailNotFound creates GetServiceDetailNotFound with default headers values
 func NewGetServiceDetailNotFound() *GetServiceDetailNotFound {
 	return &GetServiceDetailNotFound{}
 }
 // WriteResponse to the client
 func (o *GetServiceDetailNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(404)
 }
 // GetServiceDetailInternalServerErrorCode is the HTTP code returned for type GetServiceDetailInternalServerError
 const GetServiceDetailInternalServerErrorCode int = 500
 /*
 GetServiceDetailInternalServerError internal server error
 swagger:response getServiceDetailInternalServerError
 */
 type GetServiceDetailInternalServerError struct {
 }
 // NewGetServiceDetailInternalServerError creates GetServiceDetailInternalServerError with default headers values
 func NewGetServiceDetailInternalServerError() *GetServiceDetailInternalServerError {
 	return &GetServiceDetailInternalServerError{}
 }
 // WriteResponse to the client
 func (o *GetServiceDetailInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(500)
 }
--- a/rest_server_zrok/operations/metadata/get_share_detail.go
+++ b/rest_server_zrok/operations/metadata/get_share_detail.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -13,40 +13,40 @@ import (
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
-// GetServiceHandlerFunc turns a function with the right signature into a get service handler
+// GetShareDetailHandlerFunc turns a function with the right signature into a get share detail handler
-type GetServiceHandlerFunc func(GetServiceParams, *rest_model_zrok.Principal) middleware.Responder
+type GetShareDetailHandlerFunc func(GetShareDetailParams, *rest_model_zrok.Principal) middleware.Responder
 // Handle executing the request and returning a response
-func (fn GetServiceHandlerFunc) Handle(params GetServiceParams, principal *rest_model_zrok.Principal) middleware.Responder {
+func (fn GetShareDetailHandlerFunc) Handle(params GetShareDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
 	return fn(params, principal)
 }
-// GetServiceHandler interface for that can handle valid get service params
+// GetShareDetailHandler interface for that can handle valid get share detail params
-type GetServiceHandler interface {
+type GetShareDetailHandler interface {
-	Handle(GetServiceParams, *rest_model_zrok.Principal) middleware.Responder
+	Handle(GetShareDetailParams, *rest_model_zrok.Principal) middleware.Responder
 }
-// NewGetService creates a new http.Handler for the get service operation
+// NewGetShareDetail creates a new http.Handler for the get share detail operation
-func NewGetService(ctx *middleware.Context, handler GetServiceHandler) *GetService {
+func NewGetShareDetail(ctx *middleware.Context, handler GetShareDetailHandler) *GetShareDetail {
-	return &GetService{Context: ctx, Handler: handler}
+	return &GetShareDetail{Context: ctx, Handler: handler}
 }
 /*
-	GetService swagger:route GET /service service getService
+	GetShareDetail swagger:route GET /detail/share/{shrToken} metadata getShareDetail
-GetService get service API
+GetShareDetail get share detail API
 */
-type GetService struct {
+type GetShareDetail struct {
 	Context *middleware.Context
-	Handler GetServiceHandler
+	Handler GetShareDetailHandler
 }
-func (o *GetService) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+func (o *GetShareDetail) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
 	route, rCtx, _ := o.Context.RouteInfo(r)
 	if rCtx != nil {
 		*r = *rCtx
 	}
-	var Params = NewGetServiceParams()
+	var Params = NewGetShareDetailParams()
 	uprinc, aCtx, err := o.Context.Authorize(r, route)
 	if err != nil {
 		o.Context.Respond(rw, r, route.Produces, route, err)
--- a/rest_server_zrok/operations/metadata/get_service_detail_parameters.go
+++ b/rest_server_zrok/operations/metadata/get_service_detail_parameters.go
@ -13,19 +13,19 @@ import (
 	"github.com/go-openapi/strfmt"
 )
-// NewGetServiceDetailParams creates a new GetServiceDetailParams object
+// NewGetShareDetailParams creates a new GetShareDetailParams object
 //
 // There are no default values defined in the spec.
-func NewGetServiceDetailParams() GetServiceDetailParams {
+func NewGetShareDetailParams() GetShareDetailParams {
-	return GetServiceDetailParams{}
+	return GetShareDetailParams{}
 }
-// GetServiceDetailParams contains all the bound params for the get service detail operation
+// GetShareDetailParams contains all the bound params for the get share detail operation
 // typically these are obtained from a http.Request
 //
-// swagger:parameters getServiceDetail
+// swagger:parameters getShareDetail
-type GetServiceDetailParams struct {
+type GetShareDetailParams struct {
 	// HTTP Request Object
 	HTTPRequest *http.Request `json:"-"`
@ -34,20 +34,20 @@ type GetServiceDetailParams struct {
 	  Required: true
 	  In: path
 	*/
-	SvcToken string
+	ShrToken string
 }
 // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
 // for simple values it will use straight method calls.
 //
-// To ensure default values, the struct must have been initialized with NewGetServiceDetailParams() beforehand.
+// To ensure default values, the struct must have been initialized with NewGetShareDetailParams() beforehand.
-func (o *GetServiceDetailParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+func (o *GetShareDetailParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
 	var res []error
 	o.HTTPRequest = r
-	rSvcToken, rhkSvcToken, _ := route.Params.GetOK("svcToken")
+	rShrToken, rhkShrToken, _ := route.Params.GetOK("shrToken")
-	if err := o.bindSvcToken(rSvcToken, rhkSvcToken, route.Formats); err != nil {
+	if err := o.bindShrToken(rShrToken, rhkShrToken, route.Formats); err != nil {
 		res = append(res, err)
 	}
 	if len(res) > 0 {
@ -56,8 +56,8 @@ func (o *GetServiceDetailParams) BindRequest(r *http.Request, route *middleware.
 	return nil
 }
-// bindSvcToken binds and validates parameter SvcToken from path.
+// bindShrToken binds and validates parameter ShrToken from path.
-func (o *GetServiceDetailParams) bindSvcToken(rawData []string, hasKey bool, formats strfmt.Registry) error {
+func (o *GetShareDetailParams) bindShrToken(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
@ -65,7 +65,7 @@ func (o *GetServiceDetailParams) bindSvcToken(rawData []string, hasKey bool, for
 	// Required: true
 	// Parameter is provided by construction from the route
-	o.SvcToken = raw
+	o.ShrToken = raw
 	return nil
 }
--- a/rest_server_zrok/operations/metadata/get_share_detail_responses.go
+++ b/rest_server_zrok/operations/metadata/get_share_detail_responses.go
@ -0,0 +1,134 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package metadata
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/runtime"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetShareDetailOKCode is the HTTP code returned for type GetShareDetailOK
 const GetShareDetailOKCode int = 200
 /*
 GetShareDetailOK ok
 swagger:response getShareDetailOK
 */
 type GetShareDetailOK struct {
 	/*
 	  In: Body
 	*/
 	Payload *rest_model_zrok.Share `json:"body,omitempty"`
 }
 // NewGetShareDetailOK creates GetShareDetailOK with default headers values
 func NewGetShareDetailOK() *GetShareDetailOK {
 	return &GetShareDetailOK{}
 }
 // WithPayload adds the payload to the get share detail o k response
 func (o *GetShareDetailOK) WithPayload(payload *rest_model_zrok.Share) *GetShareDetailOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the get share detail o k response
 func (o *GetShareDetailOK) SetPayload(payload *rest_model_zrok.Share) {
 	o.Payload = payload
 }
 // WriteResponse to the client
 func (o *GetShareDetailOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.WriteHeader(200)
 	if o.Payload != nil {
 		payload := o.Payload
 		if err := producer.Produce(rw, payload); err != nil {
 			panic(err) // let the recovery middleware deal with this
 		}
 	}
 }
 // GetShareDetailUnauthorizedCode is the HTTP code returned for type GetShareDetailUnauthorized
 const GetShareDetailUnauthorizedCode int = 401
 /*
 GetShareDetailUnauthorized unauthorized
 swagger:response getShareDetailUnauthorized
 */
 type GetShareDetailUnauthorized struct {
 }
 // NewGetShareDetailUnauthorized creates GetShareDetailUnauthorized with default headers values
 func NewGetShareDetailUnauthorized() *GetShareDetailUnauthorized {
 	return &GetShareDetailUnauthorized{}
 }
 // WriteResponse to the client
 func (o *GetShareDetailUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(401)
 }
 // GetShareDetailNotFoundCode is the HTTP code returned for type GetShareDetailNotFound
 const GetShareDetailNotFoundCode int = 404
 /*
 GetShareDetailNotFound not found
 swagger:response getShareDetailNotFound
 */
 type GetShareDetailNotFound struct {
 }
 // NewGetShareDetailNotFound creates GetShareDetailNotFound with default headers values
 func NewGetShareDetailNotFound() *GetShareDetailNotFound {
 	return &GetShareDetailNotFound{}
 }
 // WriteResponse to the client
 func (o *GetShareDetailNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(404)
 }
 // GetShareDetailInternalServerErrorCode is the HTTP code returned for type GetShareDetailInternalServerError
 const GetShareDetailInternalServerErrorCode int = 500
 /*
 GetShareDetailInternalServerError internal server error
 swagger:response getShareDetailInternalServerError
 */
 type GetShareDetailInternalServerError struct {
 }
 // NewGetShareDetailInternalServerError creates GetShareDetailInternalServerError with default headers values
 func NewGetShareDetailInternalServerError() *GetShareDetailInternalServerError {
 	return &GetShareDetailInternalServerError{}
 }
 // WriteResponse to the client
 func (o *GetShareDetailInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(500)
 }
--- a/rest_server_zrok/operations/metadata/get_service_detail_urlbuilder.go
+++ b/rest_server_zrok/operations/metadata/get_service_detail_urlbuilder.go
@ -12,9 +12,9 @@ import (
 	"strings"
 )
-// GetServiceDetailURL generates an URL for the get service detail operation
+// GetShareDetailURL generates an URL for the get share detail operation
-type GetServiceDetailURL struct {
+type GetShareDetailURL struct {
-	SvcToken string
+	ShrToken string
 	_basePath string
 	// avoid unkeyed usage
@ -24,7 +24,7 @@ type GetServiceDetailURL struct {
 // WithBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
-func (o *GetServiceDetailURL) WithBasePath(bp string) *GetServiceDetailURL {
+func (o *GetShareDetailURL) WithBasePath(bp string) *GetShareDetailURL {
 	o.SetBasePath(bp)
 	return o
 }
@ -32,21 +32,21 @@ func (o *GetServiceDetailURL) WithBasePath(bp string) *GetServiceDetailURL {
 // SetBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
-func (o *GetServiceDetailURL) SetBasePath(bp string) {
+func (o *GetShareDetailURL) SetBasePath(bp string) {
 	o._basePath = bp
 }
 // Build a url path and query string
-func (o *GetServiceDetailURL) Build() (*url.URL, error) {
+func (o *GetShareDetailURL) Build() (*url.URL, error) {
 	var _result url.URL
-	var _path = "/detail/service/{svcToken}"
+	var _path = "/detail/share/{shrToken}"
-	svcToken := o.SvcToken
+	shrToken := o.ShrToken
-	if svcToken != "" {
+	if shrToken != "" {
-		_path = strings.Replace(_path, "{svcToken}", svcToken, -1)
+		_path = strings.Replace(_path, "{shrToken}", shrToken, -1)
 	} else {
-		return nil, errors.New("svcToken is required on GetServiceDetailURL")
+		return nil, errors.New("shrToken is required on GetShareDetailURL")
 	}
 	_basePath := o._basePath
@ -59,7 +59,7 @@ func (o *GetServiceDetailURL) Build() (*url.URL, error) {
 }
 // Must is a helper function to panic when the url builder returns an error
-func (o *GetServiceDetailURL) Must(u *url.URL, err error) *url.URL {
+func (o *GetShareDetailURL) Must(u *url.URL, err error) *url.URL {
 	if err != nil {
 		panic(err)
 	}
@ -70,17 +70,17 @@ func (o *GetServiceDetailURL) Must(u *url.URL, err error) *url.URL {
 }
 // String returns the string representation of the path with query string
-func (o *GetServiceDetailURL) String() string {
+func (o *GetShareDetailURL) String() string {
 	return o.Must(o.Build()).String()
 }
 // BuildFull builds a full url with scheme, host, path and query string
-func (o *GetServiceDetailURL) BuildFull(scheme, host string) (*url.URL, error) {
+func (o *GetShareDetailURL) BuildFull(scheme, host string) (*url.URL, error) {
 	if scheme == "" {
-		return nil, errors.New("scheme is required for a full url on GetServiceDetailURL")
+		return nil, errors.New("scheme is required for a full url on GetShareDetailURL")
 	}
 	if host == "" {
-		return nil, errors.New("host is required for a full url on GetServiceDetailURL")
+		return nil, errors.New("host is required for a full url on GetShareDetailURL")
 	}
 	base, err := o.Build()
@ -94,6 +94,6 @@ func (o *GetServiceDetailURL) BuildFull(scheme, host string) (*url.URL, error) {
 }
 // StringFull returns the string representation of a complete url
-func (o *GetServiceDetailURL) StringFull(scheme, host string) string {
+func (o *GetShareDetailURL) StringFull(scheme, host string) string {
 	return o.Must(o.BuildFull(scheme, host)).String()
 }
--- a/rest_server_zrok/operations/metadata/overview_responses.go
+++ b/rest_server_zrok/operations/metadata/overview_responses.go
@ -26,7 +26,7 @@ type OverviewOK struct {
 	/*
 	  In: Body
 	*/
-	Payload rest_model_zrok.EnvironmentServicesList `json:"body,omitempty"`
+	Payload rest_model_zrok.EnvironmentSharesList `json:"body,omitempty"`
 }
 // NewOverviewOK creates OverviewOK with default headers values
@ -36,13 +36,13 @@ func NewOverviewOK() *OverviewOK {
 }
 // WithPayload adds the payload to the overview o k response
-func (o *OverviewOK) WithPayload(payload rest_model_zrok.EnvironmentServicesList) *OverviewOK {
+func (o *OverviewOK) WithPayload(payload rest_model_zrok.EnvironmentSharesList) *OverviewOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the overview o k response
-func (o *OverviewOK) SetPayload(payload rest_model_zrok.EnvironmentServicesList) {
+func (o *OverviewOK) SetPayload(payload rest_model_zrok.EnvironmentSharesList) {
 	o.Payload = payload
 }
@ -53,7 +53,7 @@ func (o *OverviewOK) WriteResponse(rw http.ResponseWriter, producer runtime.Prod
 	payload := o.Payload
 	if payload == nil {
 		// return empty array
-		payload = rest_model_zrok.EnvironmentServicesList{}
+		payload = rest_model_zrok.EnvironmentSharesList{}
 	}
 	if err := producer.Produce(rw, payload); err != nil {
--- a/rest_server_zrok/operations/service/get_service_parameters.go
+++ b/rest_server_zrok/operations/service/get_service_parameters.go
@ -1,76 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package service
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/validate"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // NewGetServiceParams creates a new GetServiceParams object
 //
 // There are no default values defined in the spec.
 func NewGetServiceParams() GetServiceParams {
 	return GetServiceParams{}
 }
 // GetServiceParams contains all the bound params for the get service operation
 // typically these are obtained from a http.Request
 //
 // swagger:parameters getService
 type GetServiceParams struct {
 	// HTTP Request Object
 	HTTPRequest *http.Request `json:"-"`
 	/*
 	  In: body
 	*/
 	Body *rest_model_zrok.ServiceRequest
 }
 // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
 // for simple values it will use straight method calls.
 //
 // To ensure default values, the struct must have been initialized with NewGetServiceParams() beforehand.
 func (o *GetServiceParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
 	var res []error
 	o.HTTPRequest = r
 	if runtime.HasBody(r) {
 		defer r.Body.Close()
 		var body rest_model_zrok.ServiceRequest
 		if err := route.Consumer.Consume(r.Body, &body); err != nil {
 			res = append(res, errors.NewParseError("body", "body", "", err))
 		} else {
 			// validate body object
 			if err := body.Validate(route.Formats); err != nil {
 				res = append(res, err)
 			}
 			ctx := validate.WithOperationRequest(r.Context())
 			if err := body.ContextValidate(ctx, route.Formats); err != nil {
 				res = append(res, err)
 			}
 			if len(res) == 0 {
 				o.Body = &body
 			}
 		}
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_server_zrok/operations/service/get_service_responses.go
+++ b/rest_server_zrok/operations/service/get_service_responses.go
@ -1,134 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package service
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/runtime"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 )
 // GetServiceOKCode is the HTTP code returned for type GetServiceOK
 const GetServiceOKCode int = 200
 /*
 GetServiceOK ok
 swagger:response getServiceOK
 */
 type GetServiceOK struct {
 	/*
 	  In: Body
 	*/
 	Payload *rest_model_zrok.Service `json:"body,omitempty"`
 }
 // NewGetServiceOK creates GetServiceOK with default headers values
 func NewGetServiceOK() *GetServiceOK {
 	return &GetServiceOK{}
 }
 // WithPayload adds the payload to the get service o k response
 func (o *GetServiceOK) WithPayload(payload *rest_model_zrok.Service) *GetServiceOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the get service o k response
 func (o *GetServiceOK) SetPayload(payload *rest_model_zrok.Service) {
 	o.Payload = payload
 }
 // WriteResponse to the client
 func (o *GetServiceOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.WriteHeader(200)
 	if o.Payload != nil {
 		payload := o.Payload
 		if err := producer.Produce(rw, payload); err != nil {
 			panic(err) // let the recovery middleware deal with this
 		}
 	}
 }
 // GetServiceUnauthorizedCode is the HTTP code returned for type GetServiceUnauthorized
 const GetServiceUnauthorizedCode int = 401
 /*
 GetServiceUnauthorized unauthorized
 swagger:response getServiceUnauthorized
 */
 type GetServiceUnauthorized struct {
 }
 // NewGetServiceUnauthorized creates GetServiceUnauthorized with default headers values
 func NewGetServiceUnauthorized() *GetServiceUnauthorized {
 	return &GetServiceUnauthorized{}
 }
 // WriteResponse to the client
 func (o *GetServiceUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(401)
 }
 // GetServiceNotFoundCode is the HTTP code returned for type GetServiceNotFound
 const GetServiceNotFoundCode int = 404
 /*
 GetServiceNotFound not found
 swagger:response getServiceNotFound
 */
 type GetServiceNotFound struct {
 }
 // NewGetServiceNotFound creates GetServiceNotFound with default headers values
 func NewGetServiceNotFound() *GetServiceNotFound {
 	return &GetServiceNotFound{}
 }
 // WriteResponse to the client
 func (o *GetServiceNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(404)
 }
 // GetServiceInternalServerErrorCode is the HTTP code returned for type GetServiceInternalServerError
 const GetServiceInternalServerErrorCode int = 500
 /*
 GetServiceInternalServerError internal server error
 swagger:response getServiceInternalServerError
 */
 type GetServiceInternalServerError struct {
 }
 // NewGetServiceInternalServerError creates GetServiceInternalServerError with default headers values
 func NewGetServiceInternalServerError() *GetServiceInternalServerError {
 	return &GetServiceInternalServerError{}
 }
 // WriteResponse to the client
 func (o *GetServiceInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(500)
 }
--- a/rest_server_zrok/operations/service/get_service_urlbuilder.go
+++ b/rest_server_zrok/operations/service/get_service_urlbuilder.go
@ -1,87 +0,0 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package service
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
 import (
 	"errors"
 	"net/url"
 	golangswaggerpaths "path"
 )
 // GetServiceURL generates an URL for the get service operation
 type GetServiceURL struct {
 	_basePath string
 }
 // WithBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
 func (o *GetServiceURL) WithBasePath(bp string) *GetServiceURL {
 	o.SetBasePath(bp)
 	return o
 }
 // SetBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
 func (o *GetServiceURL) SetBasePath(bp string) {
 	o._basePath = bp
 }
 // Build a url path and query string
 func (o *GetServiceURL) Build() (*url.URL, error) {
 	var _result url.URL
 	var _path = "/service"
 	_basePath := o._basePath
 	if _basePath == "" {
 		_basePath = "/api/v1"
 	}
 	_result.Path = golangswaggerpaths.Join(_basePath, _path)
 	return &_result, nil
 }
 // Must is a helper function to panic when the url builder returns an error
 func (o *GetServiceURL) Must(u *url.URL, err error) *url.URL {
 	if err != nil {
 		panic(err)
 	}
 	if u == nil {
 		panic("url can't be nil")
 	}
 	return u
 }
 // String returns the string representation of the path with query string
 func (o *GetServiceURL) String() string {
 	return o.Must(o.Build()).String()
 }
 // BuildFull builds a full url with scheme, host, path and query string
 func (o *GetServiceURL) BuildFull(scheme, host string) (*url.URL, error) {
 	if scheme == "" {
 		return nil, errors.New("scheme is required for a full url on GetServiceURL")
 	}
 	if host == "" {
 		return nil, errors.New("host is required for a full url on GetServiceURL")
 	}
 	base, err := o.Build()
 	if err != nil {
 		return nil, err
 	}
 	base.Scheme = scheme
 	base.Host = host
 	return base, nil
 }
 // StringFull returns the string representation of a complete url
 func (o *GetServiceURL) StringFull(scheme, host string) string {
 	return o.Must(o.BuildFull(scheme, host)).String()
 }
--- a/rest_server_zrok/operations/service/access.go
+++ b/rest_server_zrok/operations/service/access.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -32,7 +32,7 @@ func NewAccess(ctx *middleware.Context, handler AccessHandler) *Access {
 }
 /*
-	Access swagger:route POST /access service access
+	Access swagger:route POST /access share access
 Access access API
 */
--- a/rest_server_zrok/operations/service/access_parameters.go
+++ b/rest_server_zrok/operations/service/access_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/access_responses.go
+++ b/rest_server_zrok/operations/service/access_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/access_urlbuilder.go
+++ b/rest_server_zrok/operations/service/access_urlbuilder.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
--- a/rest_server_zrok/operations/service/share.go
+++ b/rest_server_zrok/operations/service/share.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -32,7 +32,7 @@ func NewShare(ctx *middleware.Context, handler ShareHandler) *Share {
 }
 /*
-	Share swagger:route POST /share service share
+	Share swagger:route POST /share share share
 Share share API
 */
--- a/rest_server_zrok/operations/service/share_parameters.go
+++ b/rest_server_zrok/operations/service/share_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/share_responses.go
+++ b/rest_server_zrok/operations/service/share_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -17,7 +17,7 @@ import (
 const ShareCreatedCode int = 201
 /*
-ShareCreated service created
+ShareCreated share created
 swagger:response shareCreated
 */
--- a/rest_server_zrok/operations/service/share_urlbuilder.go
+++ b/rest_server_zrok/operations/service/share_urlbuilder.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
--- a/rest_server_zrok/operations/service/unaccess.go
+++ b/rest_server_zrok/operations/service/unaccess.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -32,7 +32,7 @@ func NewUnaccess(ctx *middleware.Context, handler UnaccessHandler) *Unaccess {
 }
 /*
-	Unaccess swagger:route DELETE /unaccess service unaccess
+	Unaccess swagger:route DELETE /unaccess share unaccess
 Unaccess unaccess API
 */
--- a/rest_server_zrok/operations/service/unaccess_parameters.go
+++ b/rest_server_zrok/operations/service/unaccess_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/unaccess_responses.go
+++ b/rest_server_zrok/operations/service/unaccess_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/unaccess_urlbuilder.go
+++ b/rest_server_zrok/operations/service/unaccess_urlbuilder.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
--- a/rest_server_zrok/operations/service/unshare.go
+++ b/rest_server_zrok/operations/service/unshare.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -32,7 +32,7 @@ func NewUnshare(ctx *middleware.Context, handler UnshareHandler) *Unshare {
 }
 /*
-	Unshare swagger:route DELETE /unshare service unshare
+	Unshare swagger:route DELETE /unshare share unshare
 Unshare unshare API
 */
--- a/rest_server_zrok/operations/service/unshare_parameters.go
+++ b/rest_server_zrok/operations/service/unshare_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/unshare_responses.go
+++ b/rest_server_zrok/operations/service/unshare_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -17,7 +17,7 @@ import (
 const UnshareOKCode int = 200
 /*
-UnshareOK service removed
+UnshareOK share removed
 swagger:response unshareOK
 */
--- a/rest_server_zrok/operations/service/unshare_urlbuilder.go
+++ b/rest_server_zrok/operations/service/unshare_urlbuilder.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
--- a/rest_server_zrok/operations/service/update_share.go
+++ b/rest_server_zrok/operations/service/update_share.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
@ -32,7 +32,7 @@ func NewUpdateShare(ctx *middleware.Context, handler UpdateShareHandler) *Update
 }
 /*
-	UpdateShare swagger:route PATCH /share service updateShare
+	UpdateShare swagger:route PATCH /share share updateShare
 UpdateShare update share API
 */
--- a/rest_server_zrok/operations/service/update_share_parameters.go
+++ b/rest_server_zrok/operations/service/update_share_parameters.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
--- a/rest_server_zrok/operations/service/update_share_responses.go
+++ b/rest_server_zrok/operations/service/update_share_responses.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
@ -15,7 +15,7 @@ import (
 const UpdateShareOKCode int = 200
 /*
-UpdateShareOK service updated
+UpdateShareOK share updated
 swagger:response updateShareOK
 */
--- a/rest_server_zrok/operations/service/update_share_urlbuilder.go
+++ b/rest_server_zrok/operations/service/update_share_urlbuilder.go
@ -1,6 +1,6 @@
 // Code generated by go-swagger; DO NOT EDIT.
-package service
+package share
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
--- a/rest_server_zrok/operations/zrok_api.go
+++ b/rest_server_zrok/operations/zrok_api.go
@ -24,7 +24,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/admin"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/environment"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/metadata"
-	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/service"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/share"
 )
 // NewZrokAPI creates a new Zrok instance
@ -49,8 +49,8 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		JSONProducer: runtime.JSONProducer(),
-		ServiceAccessHandler: service.AccessHandlerFunc(func(params service.AccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		ShareAccessHandler: share.AccessHandlerFunc(func(params share.AccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.Access has not yet been implemented")
+			return middleware.NotImplemented("operation share.Access has not yet been implemented")
 		}),
 		AdminCreateFrontendHandler: admin.CreateFrontendHandlerFunc(func(params admin.CreateFrontendParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation admin.CreateFrontend has not yet been implemented")
@ -70,11 +70,8 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		MetadataGetEnvironmentDetailHandler: metadata.GetEnvironmentDetailHandlerFunc(func(params metadata.GetEnvironmentDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation metadata.GetEnvironmentDetail has not yet been implemented")
 		}),
-		ServiceGetServiceHandler: service.GetServiceHandlerFunc(func(params service.GetServiceParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		MetadataGetShareDetailHandler: metadata.GetShareDetailHandlerFunc(func(params metadata.GetShareDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.GetService has not yet been implemented")
+			return middleware.NotImplemented("operation metadata.GetShareDetail has not yet been implemented")
 		}),
 		MetadataGetServiceDetailHandler: metadata.GetServiceDetailHandlerFunc(func(params metadata.GetServiceDetailParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation metadata.GetServiceDetail has not yet been implemented")
 		}),
 		AccountInviteHandler: account.InviteHandlerFunc(func(params account.InviteParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.Invite has not yet been implemented")
@ -91,20 +88,20 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		AccountRegisterHandler: account.RegisterHandlerFunc(func(params account.RegisterParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.Register has not yet been implemented")
 		}),
-		ServiceShareHandler: service.ShareHandlerFunc(func(params service.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		ShareShareHandler: share.ShareHandlerFunc(func(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.Share has not yet been implemented")
+			return middleware.NotImplemented("operation share.Share has not yet been implemented")
 		}),
-		ServiceUnaccessHandler: service.UnaccessHandlerFunc(func(params service.UnaccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		ShareUnaccessHandler: share.UnaccessHandlerFunc(func(params share.UnaccessParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.Unaccess has not yet been implemented")
+			return middleware.NotImplemented("operation share.Unaccess has not yet been implemented")
 		}),
-		ServiceUnshareHandler: service.UnshareHandlerFunc(func(params service.UnshareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		ShareUnshareHandler: share.UnshareHandlerFunc(func(params share.UnshareParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.Unshare has not yet been implemented")
+			return middleware.NotImplemented("operation share.Unshare has not yet been implemented")
 		}),
 		AdminUpdateFrontendHandler: admin.UpdateFrontendHandlerFunc(func(params admin.UpdateFrontendParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation admin.UpdateFrontend has not yet been implemented")
 		}),
-		ServiceUpdateShareHandler: service.UpdateShareHandlerFunc(func(params service.UpdateShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+		ShareUpdateShareHandler: share.UpdateShareHandlerFunc(func(params share.UpdateShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
-			return middleware.NotImplemented("operation service.UpdateShare has not yet been implemented")
+			return middleware.NotImplemented("operation share.UpdateShare has not yet been implemented")
 		}),
 		AccountVerifyHandler: account.VerifyHandlerFunc(func(params account.VerifyParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.Verify has not yet been implemented")
@ -162,8 +159,8 @@ type ZrokAPI struct {
 	// APIAuthorizer provides access control (ACL/RBAC/ABAC) by providing access to the request and authenticated principal
 	APIAuthorizer runtime.Authorizer
-	// ServiceAccessHandler sets the operation handler for the access operation
+	// ShareAccessHandler sets the operation handler for the access operation
-	ServiceAccessHandler service.AccessHandler
+	ShareAccessHandler share.AccessHandler
 	// AdminCreateFrontendHandler sets the operation handler for the create frontend operation
 	AdminCreateFrontendHandler admin.CreateFrontendHandler
 	// AdminCreateIdentityHandler sets the operation handler for the create identity operation
@ -176,10 +173,8 @@ type ZrokAPI struct {
 	EnvironmentEnableHandler environment.EnableHandler
 	// MetadataGetEnvironmentDetailHandler sets the operation handler for the get environment detail operation
 	MetadataGetEnvironmentDetailHandler metadata.GetEnvironmentDetailHandler
-	// ServiceGetServiceHandler sets the operation handler for the get service operation
+	// MetadataGetShareDetailHandler sets the operation handler for the get share detail operation
-	ServiceGetServiceHandler service.GetServiceHandler
+	MetadataGetShareDetailHandler metadata.GetShareDetailHandler
 	// MetadataGetServiceDetailHandler sets the operation handler for the get service detail operation
 	MetadataGetServiceDetailHandler metadata.GetServiceDetailHandler
 	// AccountInviteHandler sets the operation handler for the invite operation
 	AccountInviteHandler account.InviteHandler
 	// AdminListFrontendsHandler sets the operation handler for the list frontends operation
@ -190,16 +185,16 @@ type ZrokAPI struct {
 	MetadataOverviewHandler metadata.OverviewHandler
 	// AccountRegisterHandler sets the operation handler for the register operation
 	AccountRegisterHandler account.RegisterHandler
-	// ServiceShareHandler sets the operation handler for the share operation
+	// ShareShareHandler sets the operation handler for the share operation
-	ServiceShareHandler service.ShareHandler
+	ShareShareHandler share.ShareHandler
-	// ServiceUnaccessHandler sets the operation handler for the unaccess operation
+	// ShareUnaccessHandler sets the operation handler for the unaccess operation
-	ServiceUnaccessHandler service.UnaccessHandler
+	ShareUnaccessHandler share.UnaccessHandler
-	// ServiceUnshareHandler sets the operation handler for the unshare operation
+	// ShareUnshareHandler sets the operation handler for the unshare operation
-	ServiceUnshareHandler service.UnshareHandler
+	ShareUnshareHandler share.UnshareHandler
 	// AdminUpdateFrontendHandler sets the operation handler for the update frontend operation
 	AdminUpdateFrontendHandler admin.UpdateFrontendHandler
-	// ServiceUpdateShareHandler sets the operation handler for the update share operation
+	// ShareUpdateShareHandler sets the operation handler for the update share operation
-	ServiceUpdateShareHandler service.UpdateShareHandler
+	ShareUpdateShareHandler share.UpdateShareHandler
 	// AccountVerifyHandler sets the operation handler for the verify operation
 	AccountVerifyHandler account.VerifyHandler
 	// MetadataVersionHandler sets the operation handler for the version operation
@ -285,8 +280,8 @@ func (o *ZrokAPI) Validate() error {
 		unregistered = append(unregistered, "XTokenAuth")
 	}
-	if o.ServiceAccessHandler == nil {
+	if o.ShareAccessHandler == nil {
-		unregistered = append(unregistered, "service.AccessHandler")
+		unregistered = append(unregistered, "share.AccessHandler")
 	}
 	if o.AdminCreateFrontendHandler == nil {
 		unregistered = append(unregistered, "admin.CreateFrontendHandler")
@ -306,11 +301,8 @@ func (o *ZrokAPI) Validate() error {
 	if o.MetadataGetEnvironmentDetailHandler == nil {
 		unregistered = append(unregistered, "metadata.GetEnvironmentDetailHandler")
 	}
-	if o.ServiceGetServiceHandler == nil {
+	if o.MetadataGetShareDetailHandler == nil {
-		unregistered = append(unregistered, "service.GetServiceHandler")
+		unregistered = append(unregistered, "metadata.GetShareDetailHandler")
 	}
 	if o.MetadataGetServiceDetailHandler == nil {
 		unregistered = append(unregistered, "metadata.GetServiceDetailHandler")
 	}
 	if o.AccountInviteHandler == nil {
 		unregistered = append(unregistered, "account.InviteHandler")
@ -327,20 +319,20 @@ func (o *ZrokAPI) Validate() error {
 	if o.AccountRegisterHandler == nil {
 		unregistered = append(unregistered, "account.RegisterHandler")
 	}
-	if o.ServiceShareHandler == nil {
+	if o.ShareShareHandler == nil {
-		unregistered = append(unregistered, "service.ShareHandler")
+		unregistered = append(unregistered, "share.ShareHandler")
 	}
-	if o.ServiceUnaccessHandler == nil {
+	if o.ShareUnaccessHandler == nil {
-		unregistered = append(unregistered, "service.UnaccessHandler")
+		unregistered = append(unregistered, "share.UnaccessHandler")
 	}
-	if o.ServiceUnshareHandler == nil {
+	if o.ShareUnshareHandler == nil {
-		unregistered = append(unregistered, "service.UnshareHandler")
+		unregistered = append(unregistered, "share.UnshareHandler")
 	}
 	if o.AdminUpdateFrontendHandler == nil {
 		unregistered = append(unregistered, "admin.UpdateFrontendHandler")
 	}
-	if o.ServiceUpdateShareHandler == nil {
+	if o.ShareUpdateShareHandler == nil {
-		unregistered = append(unregistered, "service.UpdateShareHandler")
+		unregistered = append(unregistered, "share.UpdateShareHandler")
 	}
 	if o.AccountVerifyHandler == nil {
 		unregistered = append(unregistered, "account.VerifyHandler")
@ -450,7 +442,7 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
-	o.handlers["POST"]["/access"] = service.NewAccess(o.context, o.ServiceAccessHandler)
+	o.handlers["POST"]["/access"] = share.NewAccess(o.context, o.ShareAccessHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
@ -478,11 +470,7 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
-	o.handlers["GET"]["/service"] = service.NewGetService(o.context, o.ServiceGetServiceHandler)
+	o.handlers["GET"]["/detail/share/{shrToken}"] = metadata.NewGetShareDetail(o.context, o.MetadataGetShareDetailHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
 	o.handlers["GET"]["/detail/service/{svcToken}"] = metadata.NewGetServiceDetail(o.context, o.MetadataGetServiceDetailHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
@ -506,15 +494,15 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
-	o.handlers["POST"]["/share"] = service.NewShare(o.context, o.ServiceShareHandler)
+	o.handlers["POST"]["/share"] = share.NewShare(o.context, o.ShareShareHandler)
 	if o.handlers["DELETE"] == nil {
 		o.handlers["DELETE"] = make(map[string]http.Handler)
 	}
-	o.handlers["DELETE"]["/unaccess"] = service.NewUnaccess(o.context, o.ServiceUnaccessHandler)
+	o.handlers["DELETE"]["/unaccess"] = share.NewUnaccess(o.context, o.ShareUnaccessHandler)
 	if o.handlers["DELETE"] == nil {
 		o.handlers["DELETE"] = make(map[string]http.Handler)
 	}
-	o.handlers["DELETE"]["/unshare"] = service.NewUnshare(o.context, o.ServiceUnshareHandler)
+	o.handlers["DELETE"]["/unshare"] = share.NewUnshare(o.context, o.ShareUnshareHandler)
 	if o.handlers["PATCH"] == nil {
 		o.handlers["PATCH"] = make(map[string]http.Handler)
 	}
@ -522,7 +510,7 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["PATCH"] == nil {
 		o.handlers["PATCH"] = make(map[string]http.Handler)
 	}
-	o.handlers["PATCH"]["/share"] = service.NewUpdateShare(o.context, o.ServiceUpdateShareHandler)
+	o.handlers["PATCH"]["/share"] = share.NewUpdateShare(o.context, o.ShareUpdateShareHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
--- a/specs/zrok.yml
+++ b/specs/zrok.yml
@ -268,7 +268,7 @@ paths:
        200:
          description: ok
          schema:
-            $ref: "#/definitions/environmentServices"
+            $ref: "#/definitions/environmentShares"
        401:
          description: unauthorized
        404:
@ -276,15 +276,15 @@ paths:
        500:
          description: internal server error
-  /detail/service/{svcToken}:
+  /detail/share/{shrToken}:
    get:
      tags:
        - metadata
      security:
        - key: []
-      operationId: getServiceDetail
+      operationId: getShareDetail
      parameters:
-        - name: svcToken
+        - name: shrToken
          in: path
          type: string
          required: true
@ -292,7 +292,7 @@ paths:
        200:
          description: ok
          schema:
-            $ref: "#/definitions/service"
+            $ref: "#/definitions/share"
        401:
          description: unauthorized
        404:
@ -311,7 +311,7 @@ paths:
        200:
          description: overview returned
          schema:
-            $ref: "#/definitions/environmentServicesList"
+            $ref: "#/definitions/environmentSharesList"
        500:
          description: internal server error
          schema:
@ -328,12 +328,12 @@ paths:
          schema:
            $ref: "#/definitions/version"
  #
-  # service
+  # share
  #
  /access:
    post:
      tags:
-        - service
+        - share
      security:
        - key: []
      operationId: access
@ -354,34 +354,10 @@ paths:
        500:
          description: internal server error
  /service:
    get:
      tags:
        - service
      security:
        - key: []
      operationId: getService
      parameters:
        - name: body
          in: body
          schema:
            $ref: "#/definitions/serviceRequest"
      responses:
        200:
          description: ok
          schema:
            $ref: "#/definitions/service"
        401:
          description: unauthorized
        404:
          description: not found
        500:
          description: internal server error
  /share:
    post:
      tags:
-        - service
+        - share
      security:
        - key: []
      operationId: share
@ -392,7 +368,7 @@ paths:
            $ref: "#/definitions/shareRequest"
      responses:
        201:
-          description: service created
+          description: share created
          schema:
            $ref: "#/definitions/shareResponse"
        401:
@ -405,7 +381,7 @@ paths:
            $ref: "#/definitions/errorMessage"
    patch:
      tags:
-        - service
+        - share
      security:
        - key: []
      operationId: updateShare
@ -416,7 +392,7 @@ paths:
            $ref: "#/definitions/updateShareRequest"
      responses:
        200:
-          description: service updated
+          description: share updated
        401:
          description: unauthorized
        404:
@ -427,7 +403,7 @@ paths:
  /unaccess:
    delete:
      tags:
-        - service
+        - share
      security:
        - key: []
      operationId: unaccess
@ -449,7 +425,7 @@ paths:
  /unshare:
    delete:
      tags:
-        - service
+        - share
      security:
        - key: []
      operationId: unshare
@ -460,7 +436,7 @@ paths:
            $ref: "#/definitions/unshareRequest"
      responses:
        200:
-          description: service removed
+          description: share removed
        401:
          description: unauthorized
        404:
@ -476,7 +452,7 @@ definitions:
    properties:
      envZId:
        type: string
-      svcToken:
+      shrToken:
        type: string
  accessResponse:
@ -560,18 +536,18 @@ definitions:
    items:
      $ref: "#/definitions/environment"
-  environmentServicesList:
+  environmentSharesList:
    type: array
    items:
-      $ref: "#/definitions/environmentServices"
+      $ref: "#/definitions/environmentShares"
-  environmentServices:
+  environmentShares:
    type: object
    properties:
      environment:
        $ref: "#/definitions/environment"
-      services:
+      shares:
-        $ref: "#/definitions/services"
+        $ref: "#/definitions/shares"
  errorMessage:
    type: string
@ -640,7 +616,7 @@ definitions:
      token:
        type: string
-  service:
+  share:
    type: object
    properties:
      token:
@ -660,30 +636,22 @@ definitions:
      reserved:
        type: boolean
      metrics:
-        $ref: "#/definitions/serviceMetrics"
+        $ref: "#/definitions/shareMetrics"
      createdAt:
        type: integer
      updatedAt:
        type: integer
-  services:
+  shares:
    type: array
    items:
-      $ref: "#/definitions/service"
+      $ref: "#/definitions/share"
-  serviceMetrics:
+  shareMetrics:
    type: array
    items:
      type: integer
  serviceRequest:
    type: object
    properties:
      envZId:
        type: string
      svcToken:
        type: string
  shareRequest:
    type: object
    properties:
@ -717,7 +685,7 @@ definitions:
        type: array
        items:
          type: string
-      svcToken:
+      shrToken:
        type: string
  unaccessRequest:
@ -727,7 +695,7 @@ definitions:
        type: string
      envZId:
        type: string
-      svcToken:
+      shrToken:
        type: string
  unshareRequest:
@ -735,7 +703,7 @@ definitions:
    properties:
      envZId:
        type: string
-      svcToken:
+      shrToken:
        type: string
      reserved:
        type: boolean
@ -753,7 +721,7 @@ definitions:
  updateShareRequest:
    type: object
    properties:
-      serviceToken:
+      shrToken:
        type: string
      backendProxyEndpoint:
        type: string
--- a/ui/src/api/metadata.js
+++ b/ui/src/api/metadata.js
@ -4,7 +4,7 @@ import * as gateway from './gateway'
 /**
 * @param {string} envZId 
- * @return {Promise<module:types.environmentServices>} ok
+ * @return {Promise<module:types.environmentShares>} ok
 */
 export function getEnvironmentDetail(envZId) {
  const parameters = {
@ -16,16 +16,16 @@ export function getEnvironmentDetail(envZId) {
 }
 /**
- * @param {string} svcToken 
+ * @param {string} shrToken 
- * @return {Promise<module:types.service>} ok
+ * @return {Promise<module:types.share>} ok
 */
-export function getServiceDetail(svcToken) {
+export function getShareDetail(shrToken) {
  const parameters = {
    path: {
-      svcToken
+      shrToken
    }
  }
-  return gateway.request(getServiceDetailOperation, parameters)
+  return gateway.request(getShareDetailOperation, parameters)
 }
 /**
@ -50,8 +50,8 @@ const getEnvironmentDetailOperation = {
  ]
 }
-const getServiceDetailOperation = {
+const getShareDetailOperation = {
-  path: '/detail/service/{svcToken}',
+  path: '/detail/share/{shrToken}',
  method: 'get',
  security: [
    {
--- a/ui/src/api/service.js
+++ b/ui/src/api/service.js
@ -1,4 +1,4 @@
-/** @module service */
+/** @module share */
 // Auto-generated, edits will be overwritten
 import * as gateway from './gateway'
@ -17,25 +17,10 @@ export function access(options) {
  return gateway.request(accessOperation, parameters)
 }
 /**
 * @param {object} options Optional options
 * @param {module:types.serviceRequest} [options.body] 
 * @return {Promise<module:types.service>} ok
 */
 export function getService(options) {
  if (!options) options = {}
  const parameters = {
    body: {
      body: options.body
    }
  }
  return gateway.request(getServiceOperation, parameters)
 }
 /**
 * @param {object} options Optional options
 * @param {module:types.shareRequest} [options.body] 
- * @return {Promise<module:types.shareResponse>} service created
+ * @return {Promise<module:types.shareResponse>} share created
 */
 export function share(options) {
  if (!options) options = {}
@ -50,7 +35,7 @@ export function share(options) {
 /**
 * @param {object} options Optional options
 * @param {module:types.updateShareRequest} [options.body] 
- * @return {Promise<object>} service updated
+ * @return {Promise<object>} share updated
 */
 export function updateShare(options) {
  if (!options) options = {}
@ -80,7 +65,7 @@ export function unaccess(options) {
 /**
 * @param {object} options Optional options
 * @param {module:types.unshareRequest} [options.body] 
- * @return {Promise<object>} service removed
+ * @return {Promise<object>} share removed
 */
 export function unshare(options) {
  if (!options) options = {}
@ -103,17 +88,6 @@ const accessOperation = {
  ]
 }
 const getServiceOperation = {
  path: '/service',
  contentTypes: ['application/zrok.v1+json'],
  method: 'get',
  security: [
    {
      id: 'key'
    }
  ]
 }
 const shareOperation = {
  path: '/share',
  contentTypes: ['application/zrok.v1+json'],
--- a/ui/src/api/types.js
+++ b/ui/src/api/types.js
@ -6,7 +6,7 @@
 * @memberof module:types
 * 
 * @property {string} envZId 
- * @property {string} svcToken 
+ * @property {string} shrToken 
 */
 /**
@ -84,11 +84,11 @@
 */
 /**
- * @typedef environmentServices
+ * @typedef environmentShares
 * @memberof module:types
 * 
 * @property {module:types.environment} environment 
- * @property {module:types.services} services 
+ * @property {module:types.shares} shares 
 */
 /**
@ -144,7 +144,7 @@
 */
 /**
- * @typedef service
+ * @typedef share
 * @memberof module:types
 * 
 * @property {string} token 
@ -155,19 +155,11 @@
 * @property {string} frontendEndpoint 
 * @property {string} backendProxyEndpoint 
 * @property {boolean} reserved 
- * @property {module:types.serviceMetrics} metrics 
+ * @property {module:types.shareMetrics} metrics 
 * @property {number} createdAt 
 * @property {number} updatedAt 
 */
 /**
 * @typedef serviceRequest
 * @memberof module:types
 * 
 * @property {string} envZId 
 * @property {string} svcToken 
 */
 /**
 * @typedef shareRequest
 * @memberof module:types
@ -187,7 +179,7 @@
 * @memberof module:types
 * 
 * @property {string[]} frontendProxyEndpoints 
- * @property {string} svcToken 
+ * @property {string} shrToken 
 */
 /**
@ -196,7 +188,7 @@
 * 
 * @property {string} frontendToken 
 * @property {string} envZId 
- * @property {string} svcToken 
+ * @property {string} shrToken 
 */
 /**
@ -204,7 +196,7 @@
 * @memberof module:types
 * 
 * @property {string} envZId 
- * @property {string} svcToken 
+ * @property {string} shrToken 
 * @property {boolean} reserved 
 */
@ -221,7 +213,7 @@
 * @typedef updateShareRequest
 * @memberof module:types
 * 
- * @property {string} serviceToken 
+ * @property {string} shrToken 
 * @property {string} backendProxyEndpoint 
 */
--- a/ui/src/console/detail/ShareDetail.js
+++ b/ui/src/console/detail/ShareDetail.js
@ -10,7 +10,7 @@ const ShareDetail = (props) => {
    const [detail, setDetail] = useState({});
    useEffect(() => {
-        metadata.getServiceDetail(props.selection.id)
+        metadata.getShareDetail(props.selection.id)
            .then(resp => {
               setDetail(resp.data);
            });
@ -19,7 +19,7 @@ const ShareDetail = (props) => {
    useEffect(() => {
        let mounted = true;
        let interval = setInterval(() => {
-            metadata.getServiceDetail(props.selection.id)
+            metadata.getShareDetail(props.selection.id)
                .then(resp => {
                    setDetail(resp.data);
                });
--- a/ui/src/console/login/Login.js
+++ b/ui/src/console/login/Login.js
@ -45,9 +45,6 @@ const Login = (props) => {
                </Row>
                <Row className={"fullscreen-body"}>
                    <Container className={"fullscreen-form"}>
                        <Row>
                            {message}
                        </Row>
                        <Row>
                            <Form onSubmit={handleSubmit}>
                                <Form.Group controlId={"email"}>