diff --git a/unix_integration/src/idprovider/interface.rs b/unix_integration/src/idprovider/interface.rs
index 5d79b6830..100f6fb97 100644
--- a/unix_integration/src/idprovider/interface.rs
+++ b/unix_integration/src/idprovider/interface.rs
@@ -124,6 +124,7 @@ pub trait IdProvider {
         _id: &Id,
         _token: Option<&UserToken>,
         _tpm: &mut tpm::BoxedDynTpm,
+        _machine_key: &tpm::MachineKey,
     ) -> Result<UserToken, IdpError>;
 
     async fn unix_user_online_auth_init(
diff --git a/unix_integration/src/idprovider/kanidm.rs b/unix_integration/src/idprovider/kanidm.rs
index ac0185e2f..2b4708da9 100644
--- a/unix_integration/src/idprovider/kanidm.rs
+++ b/unix_integration/src/idprovider/kanidm.rs
@@ -131,6 +131,7 @@ impl IdProvider for KanidmProvider {
         id: &Id,
         _token: Option<&UserToken>,
         _tpm: &mut tpm::BoxedDynTpm,
+        _machine_key: &tpm::MachineKey,
     ) -> Result<UserToken, IdpError> {
         match self
             .client
diff --git a/unix_integration/src/resolver.rs b/unix_integration/src/resolver.rs
index 8c75fcc15..1bb56699f 100644
--- a/unix_integration/src/resolver.rs
+++ b/unix_integration/src/resolver.rs
@@ -477,7 +477,12 @@ where
 
         let user_get_result = self
             .client
-            .unix_user_get(account_id, token.as_ref(), hsm_lock.deref_mut())
+            .unix_user_get(
+                account_id,
+                token.as_ref(),
+                hsm_lock.deref_mut(),
+                &self.machine_key,
+            )
             .await;
 
         drop(hsm_lock);