diff --git a/clientapi/auth/login.go b/clientapi/auth/login.go
index 3bbcca2da..1cfe38156 100644
--- a/clientapi/auth/login.go
+++ b/clientapi/auth/login.go
@@ -63,7 +63,7 @@ func LoginFromJSONReader(ctx context.Context, r io.Reader, useraccountAPI uapi.C
 			Config:        cfg,
 			Rt:            rt,
 			InhibitDevice: header.InhibitDevice,
-			UserAPI:       useraccountAPI,
+			UserLoginAPI:  useraccountAPI,
 		}
 	case authtypes.LoginTypeToken:
 		typ = &LoginTypeToken{
diff --git a/clientapi/auth/password.go b/clientapi/auth/password.go
index 4cccd857c..15712ba20 100644
--- a/clientapi/auth/password.go
+++ b/clientapi/auth/password.go
@@ -49,7 +49,7 @@ type LoginTypePassword struct {
 	Config        *config.ClientAPI
 	Rt            *ratelimit.RtFailedLogin
 	InhibitDevice bool
-	UserAPI       api.UserLoginAPI
+	UserLoginAPI  api.UserLoginAPI
 }
 
 func (t *LoginTypePassword) Name() string {
@@ -194,7 +194,7 @@ func (t *LoginTypePassword) authenticateDb(ctx context.Context, localpart string
 	// If we couldn't find the user by the lower cased localpart, try the provided
 	// localpart as is.
 	if !res.Exists {
-		err = t.UserAPI.QueryAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{
+		err = t.UserLoginAPI.QueryAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{
 			Localpart:         localpart,
 			ServerName:        domain,
 			PlaintextPassword: password,
@@ -312,7 +312,7 @@ func (t *LoginTypePassword) isLdapAdmin(conn *ldap.Conn, username string) (bool,
 
 func (t *LoginTypePassword) getOrCreateAccount(ctx context.Context, localpart string, domain gomatrixserverlib.ServerName, admin bool) (*api.Account, *util.JSONResponse) {
 	var existing api.QueryAccountByLocalpartResponse
-	err := t.UserAPI.QueryAccountByLocalpart(ctx, &api.QueryAccountByLocalpartRequest{
+	err := t.UserLoginAPI.QueryAccountByLocalpart(ctx, &api.QueryAccountByLocalpartRequest{
 		Localpart:  localpart,
 		ServerName: domain,
 	}, &existing)
@@ -332,7 +332,7 @@ func (t *LoginTypePassword) getOrCreateAccount(ctx context.Context, localpart st
 		accountType = api.AccountTypeAdmin
 	}
 	var created api.PerformAccountCreationResponse
-	err = t.UserAPI.PerformAccountCreation(ctx, &api.PerformAccountCreationRequest{
+	err = t.UserLoginAPI.PerformAccountCreation(ctx, &api.PerformAccountCreationRequest{
 		AppServiceID: "ldap",
 		Localpart:    localpart,
 		Password:     uuid.New().String(),
diff --git a/clientapi/auth/user_interactive.go b/clientapi/auth/user_interactive.go
index 35dd27ed9..850d3e586 100644
--- a/clientapi/auth/user_interactive.go
+++ b/clientapi/auth/user_interactive.go
@@ -114,9 +114,9 @@ type UserInteractive struct {
 
 func NewUserInteractive(userAccountAPI api.ClientUserAPI, cfg *config.ClientAPI) *UserInteractive {
 	typePassword := &LoginTypePassword{
-		UserApi: userAccountAPI,
-		UserAPI: userAccountAPI,
-		Config:  cfg,
+		UserApi:      userAccountAPI,
+		UserLoginAPI: userAccountAPI,
+		Config:       cfg,
 	}
 	return &UserInteractive{
 		Flows: []userInteractiveFlow{
diff --git a/clientapi/routing/key_crosssigning.go b/clientapi/routing/key_crosssigning.go
index 6764f651e..dc8a92f1c 100644
--- a/clientapi/routing/key_crosssigning.go
+++ b/clientapi/routing/key_crosssigning.go
@@ -62,9 +62,9 @@ func UploadCrossSigningDeviceKeys(
 		}
 	}
 	typePassword := auth.LoginTypePassword{
-		UserApi: accountAPI,
-		UserAPI: accountAPI,
-		Config:  cfg,
+		UserApi:      accountAPI,
+		UserLoginAPI: accountAPI,
+		Config:       cfg,
 	}
 	if _, authErr := typePassword.Login(req.Context(), &uploadReq.Auth.PasswordRequest); authErr != nil {
 		return *authErr