diff --git a/packages/auth/src/accessToken/routes.ts b/packages/auth/src/accessToken/routes.ts
index ff7105584b..f7a3c102eb 100644
--- a/packages/auth/src/accessToken/routes.ts
+++ b/packages/auth/src/accessToken/routes.ts
@@ -1,11 +1,34 @@
 import { Logger } from 'pino'
 import { Access } from '../access/model'
-import { IntrospectContext, RevokeContext, RotateContext } from '../app'
+import { AppContext } from '../app'
 import { IAppConfig } from '../config/app'
 import { AccessTokenService, Introspection } from './service'
 import { accessToBody } from '../shared/utils'
 import { ClientService } from '../client/service'
 
+type TokenRequest<BodyT = never> = Omit<AppContext['request'], 'body'> & {
+  body?: BodyT
+}
+
+type TokenContext<BodyT = never> = Omit<AppContext, 'request'> & {
+  request: TokenRequest<BodyT>
+}
+
+type ManagementRequest = Omit<AppContext['request'], 'params'> & {
+  params?: Record<'id', string>
+}
+
+type ManagementContext = Omit<AppContext, 'request'> & {
+  request: ManagementRequest
+}
+
+interface IntrospectBody {
+  access_token: string
+}
+export type IntrospectContext = TokenContext<IntrospectBody>
+export type RevokeContext = ManagementContext
+export type RotateContext = ManagementContext
+
 interface ServiceDependencies {
   config: IAppConfig
   logger: Logger
@@ -14,7 +37,7 @@ interface ServiceDependencies {
 }
 
 export interface AccessTokenRoutes {
-  introspect(ctx: IntrospectContext<IntrospectBody>): Promise<void>
+  introspect(ctx: IntrospectContext): Promise<void>
   revoke(ctx: RevokeContext): Promise<void>
   rotate(ctx: RotateContext): Promise<void>
 }
@@ -27,20 +50,15 @@ export function createAccessTokenRoutes(
   })
   const deps = { ...deps_, logger }
   return {
-    introspect: (ctx: IntrospectContext<IntrospectBody>) =>
-      introspectToken(deps, ctx),
+    introspect: (ctx: IntrospectContext) => introspectToken(deps, ctx),
     revoke: (ctx: RevokeContext) => revokeToken(deps, ctx),
     rotate: (ctx: RotateContext) => rotateToken(deps, ctx)
   }
 }
 
-interface IntrospectBody {
-  access_token: string
-}
-
 async function introspectToken(
   deps: ServiceDependencies,
-  ctx: IntrospectContext<IntrospectBody>
+  ctx: IntrospectContext
 ): Promise<void> {
   const { body } = ctx.request
   const introspectionResult = await deps.accessTokenService.introspect(
diff --git a/packages/auth/src/app.ts b/packages/auth/src/app.ts
index f8b0d4d166..fd969e2521 100644
--- a/packages/auth/src/app.ts
+++ b/packages/auth/src/app.ts
@@ -1,6 +1,5 @@
 import { Server } from 'http'
 import { EventEmitter } from 'events'
-import { ParsedUrlQuery } from 'querystring'
 
 import { IocContract } from '@adonisjs/fold'
 import { Knex } from 'knex'
@@ -37,66 +36,12 @@ export interface AppContextData extends DefaultContext {
 
 export type AppContext = Koa.ParameterizedContext<DefaultState, AppContextData>
 
-interface ClientKeyContext extends AppContext {
-  clientKeyId: string
-}
-
-type GrantRequest<BodyT = never, QueryT = ParsedUrlQuery> = Omit<
-  ClientKeyContext['request'],
-  'body'
-> & {
-  body: BodyT
-  query: ParsedUrlQuery & QueryT
-}
-
-type GrantContext<BodyT = never, QueryT = ParsedUrlQuery> = Omit<
-  ClientKeyContext,
-  'request'
-> & {
-  request: GrantRequest<BodyT, QueryT>
-}
-
-type InteractionRequest<
-  BodyT = never,
-  QueryT = ParsedUrlQuery,
-  ParamsT = { [key: string]: string }
-> = Omit<AppContext['request'], 'body'> & {
-  body: BodyT
-  query: ParsedUrlQuery & QueryT
-  params: ParamsT
-}
-
-type InteractionContext<QueryT, ParamsT> = Omit<AppContext, 'request'> & {
-  request: InteractionRequest<QueryT, ParamsT>
-}
-
-type TokenRequest<BodyT = never> = Omit<AppContext['request'], 'body'> & {
-  body?: BodyT
-}
-
-type TokenContext<BodyT = never> = Omit<AppContext, 'request'> & {
-  request: TokenRequest<BodyT>
-}
-
-type ManagementRequest = Omit<AppContext['request'], 'params'> & {
-  params?: Record<'id', string>
-}
-
-type ManagementContext = Omit<AppContext, 'request'> & {
-  request: ManagementRequest
-}
-
-export type CreateContext<BodyT> = GrantContext<BodyT>
-export type ContinueContext<BodyT, QueryT> = GrantContext<BodyT, QueryT>
-
-export type StartContext<QueryT, ParamsT> = InteractionContext<QueryT, ParamsT>
-export type GetContext<ParamsT> = InteractionContext<never, ParamsT>
-export type ChooseContext<ParamsT> = InteractionContext<never, ParamsT>
-export type FinishContext<ParamsT> = InteractionContext<never, ParamsT>
-
-export type IntrospectContext<BodyT> = TokenContext<BodyT>
-export type RevokeContext = ManagementContext
-export type RotateContext = ManagementContext
+type ContextType<T> = T extends (
+  ctx: infer Context
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+) => any
+  ? Context
+  : never
 
 export interface DatabaseCleanupRule {
   /**
@@ -255,109 +200,164 @@ export class App {
     const openApi = await this.container.use('openApi')
     /* Back-channel GNAP Routes */
     // Grant Initiation
+    const {
+      create: grantCreate,
+      continue: grantContinue
+    }: {
+      create: (ctx: AppContext) => Promise<void>
+      continue: (ctx: AppContext) => Promise<void>
+    } = grantRoutes
     this.publicRouter.post(
       '/',
-      createValidatorMiddleware(openApi.authServerSpec, {
-        path: '/',
-        method: HttpMethod.POST
-      }),
+      createValidatorMiddleware<ContextType<typeof grantCreate>>(
+        openApi.authServerSpec,
+        {
+          path: '/',
+          method: HttpMethod.POST
+        }
+      ),
       this.config.bypassSignatureValidation
         ? (ctx, next) => next()
         : grantInitiationHttpsigMiddleware,
-      grantRoutes.create
+      grantCreate
     )
 
     // Grant Continue
     this.publicRouter.post(
       '/continue/:id',
-      createValidatorMiddleware(openApi.authServerSpec, {
-        path: '/continue/{id}',
-        method: HttpMethod.POST
-      }),
+      createValidatorMiddleware<ContextType<typeof grantContinue>>(
+        openApi.authServerSpec,
+        {
+          path: '/continue/{id}',
+          method: HttpMethod.POST
+        }
+      ),
       this.config.bypassSignatureValidation
         ? (ctx, next) => next()
         : grantContinueHttpsigMiddleware,
-      grantRoutes.continue
+      grantContinue
     )
 
     // Token Rotation
+    const {
+      rotate: tokenRotate,
+      revoke: tokenRevoke,
+      introspect: tokenIntrospect
+    }: {
+      rotate: (ctx: AppContext) => Promise<void>
+      revoke: (ctx: AppContext) => Promise<void>
+      introspect: (ctx: AppContext) => Promise<void>
+    } = accessTokenRoutes
     this.publicRouter.post(
       '/token/:id',
-      createValidatorMiddleware(openApi.authServerSpec, {
-        path: '/token/{id}',
-        method: HttpMethod.POST
-      }),
+      createValidatorMiddleware<ContextType<typeof tokenRotate>>(
+        openApi.authServerSpec,
+        {
+          path: '/token/{id}',
+          method: HttpMethod.POST
+        }
+      ),
       this.config.bypassSignatureValidation
         ? (ctx, next) => next()
         : tokenHttpsigMiddleware,
-      accessTokenRoutes.rotate
+      tokenRotate
     )
 
     // Token Revocation
     this.publicRouter.delete(
       '/token/:id',
-      createValidatorMiddleware(openApi.authServerSpec, {
-        path: '/token/{id}',
-        method: HttpMethod.DELETE
-      }),
+      createValidatorMiddleware<ContextType<typeof tokenRevoke>>(
+        openApi.authServerSpec,
+        {
+          path: '/token/{id}',
+          method: HttpMethod.DELETE
+        }
+      ),
       this.config.bypassSignatureValidation
         ? (ctx, next) => next()
         : tokenHttpsigMiddleware,
-      accessTokenRoutes.revoke
+      tokenRevoke
     )
 
     /* AS <-> RS Routes */
     // Token Introspection
     this.publicRouter.post(
       '/introspect',
-      createValidatorMiddleware(openApi.tokenIntrospectionSpec, {
-        path: '/introspect',
-        method: HttpMethod.POST
-      }),
-      accessTokenRoutes.introspect
+      createValidatorMiddleware<ContextType<typeof tokenIntrospect>>(
+        openApi.tokenIntrospectionSpec,
+        {
+          path: '/introspect',
+          method: HttpMethod.POST
+        }
+      ),
+      tokenIntrospect
     )
 
     /* Front Channel Routes */
     // TODO: update front-channel routes to have /frontend prefix here and in openapi spec
 
+    const {
+      start: interactionStart,
+      finish: interactionFinish,
+      details: interactionDetails,
+      acceptOrReject: interactionAcceptOrReject
+    }: {
+      start: (ctx: AppContext) => Promise<void>
+      finish: (ctx: AppContext) => Promise<void>
+      details: (ctx: AppContext) => Promise<void>
+      acceptOrReject: (ctx: AppContext) => Promise<void>
+    } = grantRoutes.interaction
+
     // Interaction start
     this.publicRouter.get(
       '/interact/:id/:nonce',
-      createValidatorMiddleware(openApi.idpSpec, {
-        path: '/interact/{id}/{nonce}',
-        method: HttpMethod.GET
-      }),
-      grantRoutes.interaction.start
+      createValidatorMiddleware<ContextType<typeof interactionStart>>(
+        openApi.idpSpec,
+        {
+          path: '/interact/{id}/{nonce}',
+          method: HttpMethod.GET
+        }
+      ),
+      interactionStart
     )
 
     // Interaction finish
     this.publicRouter.get(
       '/interact/:id/:nonce/finish',
-      createValidatorMiddleware(openApi.idpSpec, {
-        path: '/interact/{id}/{nonce}/finish',
-        method: HttpMethod.GET
-      }),
-      grantRoutes.interaction.finish
+      createValidatorMiddleware<ContextType<typeof interactionFinish>>(
+        openApi.idpSpec,
+        {
+          path: '/interact/{id}/{nonce}/finish',
+          method: HttpMethod.GET
+        }
+      ),
+      interactionFinish
     )
 
     // Grant lookup
     this.publicRouter.get(
       '/grant/:id/:nonce',
-      createValidatorMiddleware(openApi.idpSpec, {
-        path: '/grant/{id}/{nonce}',
-        method: HttpMethod.GET
-      }),
-      grantRoutes.interaction.details
+      createValidatorMiddleware<ContextType<typeof interactionDetails>>(
+        openApi.idpSpec,
+        {
+          path: '/grant/{id}/{nonce}',
+          method: HttpMethod.GET
+        }
+      ),
+      interactionDetails
     )
 
     // Grant accept/reject
     this.publicRouter.post(
       '/grant/:id/:nonce/:choice',
-      createValidatorMiddleware(openApi.idpSpec, {
-        path: '/grant/{id}/{nonce}/{choice}',
-        method: HttpMethod.POST
-      }),
-      grantRoutes.interaction.acceptOrReject
+      createValidatorMiddleware<ContextType<typeof interactionAcceptOrReject>>(
+        openApi.idpSpec,
+        {
+          path: '/grant/{id}/{nonce}/{choice}',
+          method: HttpMethod.POST
+        }
+      ),
+      interactionAcceptOrReject
     )
 
     this.koa.use(this.publicRouter.middleware())
diff --git a/packages/auth/src/grant/routes.ts b/packages/auth/src/grant/routes.ts
index d724db8974..1dca0b7834 100644
--- a/packages/auth/src/grant/routes.ts
+++ b/packages/auth/src/grant/routes.ts
@@ -1,13 +1,8 @@
 import * as crypto from 'crypto'
 import { URL } from 'url'
-import {
-  CreateContext,
-  ContinueContext,
-  StartContext,
-  GetContext,
-  ChooseContext,
-  FinishContext
-} from '../app'
+import { ParsedUrlQuery } from 'querystring'
+
+import { AppContext } from '../app'
 import { GrantService, GrantRequest as GrantRequestBody } from './service'
 import { Grant, GrantState } from './model'
 import { Access } from '../access/model'
@@ -31,18 +26,84 @@ interface ServiceDependencies extends BaseService {
   config: IAppConfig
 }
 
+type GrantRequest<BodyT = never, QueryT = ParsedUrlQuery> = Omit<
+  AppContext['request'],
+  'body'
+> & {
+  body: BodyT
+  query: ParsedUrlQuery & QueryT
+}
+
+type GrantContext<BodyT = never, QueryT = ParsedUrlQuery> = Omit<
+  AppContext,
+  'request'
+> & {
+  request: GrantRequest<BodyT, QueryT>
+  clientKeyId: string
+}
+
+export type CreateContext = GrantContext<GrantRequestBody>
+
+interface GrantContinueBody {
+  interact_ref: string
+}
+
+interface GrantContinueParams {
+  id: string
+}
+export type ContinueContext = GrantContext<
+  GrantContinueBody,
+  GrantContinueParams
+>
+
+type InteractionRequest<
+  BodyT = never,
+  QueryT = ParsedUrlQuery,
+  ParamsT = { [key: string]: string }
+> = Omit<AppContext['request'], 'body'> & {
+  body: BodyT
+  query: ParsedUrlQuery & QueryT
+  params: ParamsT
+}
+
+type InteractionContext<QueryT, ParamsT> = Omit<AppContext, 'request'> & {
+  request: InteractionRequest<QueryT, ParamsT>
+}
+
+interface StartQuery {
+  clientName: string
+  clientUri: string
+}
+
+interface InteractionParams {
+  id: string
+  nonce: string
+}
+export type StartContext = InteractionContext<StartQuery, InteractionParams>
+
+export type GetContext = InteractionContext<never, InteractionParams>
+
+export enum GrantChoices {
+  Accept = 'accept',
+  Reject = 'reject'
+}
+interface ChooseParams extends InteractionParams {
+  choice: string
+}
+export type ChooseContext = InteractionContext<never, ChooseParams>
+
+export type FinishContext = InteractionContext<never, InteractionParams>
+
 export interface GrantRoutes {
-  create(ctx: CreateContext<GrantRequestBody>): Promise<void>
+  create(ctx: CreateContext): Promise<void>
   // TODO: factor this out into separate routes service
   interaction: {
-    start(ctx: StartContext<StartQuery, StartParams>): Promise<void>
-    finish(ctx: FinishContext<FinishParams>): Promise<void>
-    acceptOrReject(ctx: ChooseContext<ChooseParams>): Promise<void>
-    details(ctx: GetContext<GetParams>): Promise<void>
+    start(ctx: StartContext): Promise<void>
+    finish(ctx: FinishContext): Promise<void>
+    acceptOrReject(ctx: ChooseContext): Promise<void>
+    details(ctx: GetContext): Promise<void>
   }
-  continue(
-    ctx: ContinueContext<GrantContinueBody, GrantContinueParams>
-  ): Promise<void>
+  continue(ctx: ContinueContext): Promise<void>
 }
 
 export function createGrantRoutes({
@@ -66,25 +127,20 @@ export function createGrantRoutes({
     config
   }
   return {
-    create: (ctx: CreateContext<GrantRequestBody>) =>
-      createGrantInitiation(deps, ctx),
+    create: (ctx: CreateContext) => createGrantInitiation(deps, ctx),
     interaction: {
-      start: (ctx: StartContext<StartQuery, StartParams>) =>
-        startInteraction(deps, ctx),
-      finish: (ctx: FinishContext<FinishParams>) =>
-        finishInteraction(deps, ctx),
-      acceptOrReject: (ctx: ChooseContext<ChooseParams>) =>
-        handleGrantChoice(deps, ctx),
-      details: (ctx: GetContext<GetParams>) => getGrantDetails(deps, ctx)
+      start: (ctx: StartContext) => startInteraction(deps, ctx),
+      finish: (ctx: FinishContext) => finishInteraction(deps, ctx),
+      acceptOrReject: (ctx: ChooseContext) => handleGrantChoice(deps, ctx),
+      details: (ctx: GetContext) => getGrantDetails(deps, ctx)
     },
-    continue: (ctx: ContinueContext<GrantContinueBody, GrantContinueParams>) =>
-      continueGrant(deps, ctx)
+    continue: (ctx: ContinueContext) => continueGrant(deps, ctx)
   }
 }
 
 async function createGrantInitiation(
   deps: ServiceDependencies,
-  ctx: CreateContext<GrantRequestBody>
+  ctx: CreateContext
 ): Promise<void> {
   if (
     !ctx.accepts('application/json') ||
@@ -185,14 +241,9 @@ async function createGrantInitiation(
   }
 }
 
-interface GetParams {
-  id: string
-  nonce: string
-}
-
 async function getGrantDetails(
   deps: ServiceDependencies,
-  ctx: GetContext<GetParams>
+  ctx: GetContext
 ): Promise<void> {
   const secret = ctx.headers?.['x-idp-secret']
   const { config, grantService } = deps
@@ -222,19 +273,9 @@ async function getGrantDetails(
   ctx.body = { access: grant.access }
 }
 
-interface StartQuery {
-  clientName: string
-  clientUri: string
-}
-
-interface StartParams {
-  id: string
-  nonce: string
-}
-
 async function startInteraction(
   deps: ServiceDependencies,
-  ctx: StartContext<StartQuery, StartParams>
+  ctx: StartContext
 ): Promise<void> {
   deps.logger.info(
     {
@@ -269,21 +310,10 @@ async function startInteraction(
   ctx.redirect(interactionUrl.toString())
 }
 
-export enum GrantChoices {
-  Accept = 'accept',
-  Reject = 'reject'
-}
-
-interface ChooseParams {
-  id: string
-  nonce: string
-  choice: string
-}
-
 // TODO: allow idp to specify the reason for rejection
 async function handleGrantChoice(
   deps: ServiceDependencies,
-  ctx: ChooseContext<ChooseParams>
+  ctx: ChooseContext
 ): Promise<void> {
   // TODO: check redis for a session
   const { id: interactId, nonce, choice } = ctx.params
@@ -344,14 +374,9 @@ async function handleGrantChoice(
   ctx.status = 202
 }
 
-interface FinishParams {
-  id: string
-  nonce: string
-}
-
 async function finishInteraction(
   deps: ServiceDependencies,
-  ctx: FinishContext<FinishParams>
+  ctx: FinishContext
 ): Promise<void> {
   const { id: interactId, nonce } = ctx.params
   const sessionNonce = ctx.session.nonce
@@ -399,17 +424,9 @@ async function finishInteraction(
   }
 }
 
-interface GrantContinueBody {
-  interact_ref: string
-}
-
-interface GrantContinueParams {
-  id: string
-}
-
 async function continueGrant(
   deps: ServiceDependencies,
-  ctx: ContinueContext<GrantContinueBody, GrantContinueParams>
+  ctx: ContinueContext
 ): Promise<void> {
   const { id: continueId } = ctx.params
   const continueToken = (ctx.headers['authorization'] as string)?.split(
diff --git a/packages/openapi/src/middleware.ts b/packages/openapi/src/middleware.ts
index c90572b24d..8ce9fe404f 100644
--- a/packages/openapi/src/middleware.ts
+++ b/packages/openapi/src/middleware.ts
@@ -31,6 +31,7 @@ export function createValidatorMiddleware<T extends Koa.ParameterizedContext>(
       } else if (isValidationError(err)) {
         ctx.throw(err.status ?? 500, err.errors[0])
       } else {
+        console.log('err=', err)
         ctx.throw(500)
       }
     }