diff --git a/Cargo.toml b/Cargo.toml
index 68067cfa..1afe73be 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -55,4 +55,4 @@ no-omit-frame-pointer = ["grpcio-sys/no-omit-frame-pointer"]
 travis-ci = { repository = "tikv/grpc-rs" }
 
 [patch.crates-io]
-grpcio-compiler = { path = "compiler", version = "0.12.1", default-features = false }
+grpcio-compiler = { path = "compiler", version = "0.12.1" }
diff --git a/src/call/server.rs b/src/call/server.rs
index 35149e09..ce3ca76a 100644
--- a/src/call/server.rs
+++ b/src/call/server.rs
@@ -16,7 +16,6 @@ use futures_util::{Sink, Stream};
 use parking_lot::Mutex;
 
 use super::{RpcStatus, ShareCall, ShareCallHolder, WriteFlags};
-use crate::auth_context::AuthContext;
 use crate::buf::GrpcSlice;
 use crate::call::{
     BatchContext, Call, MessageReader, MethodType, RpcStatusCode, SinkBase, StreamingBase,
@@ -193,10 +192,11 @@ impl RequestContext {
     }
 
     /// If the server binds in non-secure mode, this will return None
-    fn auth_context(&self) -> Option<AuthContext> {
+    #[cfg(feature = "_secure")]
+    fn auth_context(&self) -> Option<crate::AuthContext> {
         unsafe {
             let call = grpc_sys::grpcwrap_request_call_context_get_call(self.ctx);
-            AuthContext::from_call_ptr(call)
+            crate::AuthContext::from_call_ptr(call)
         }
     }
 }
@@ -690,7 +690,8 @@ impl<'a> RpcContext<'a> {
     /// Wrapper around the gRPC Core AuthContext
     ///
     /// If the server binds in non-secure mode, this will return None
-    pub fn auth_context(&self) -> Option<AuthContext> {
+    #[cfg(feature = "_secure")]
+    pub fn auth_context(&self) -> Option<crate::AuthContext> {
         self.ctx.auth_context()
     }
 
diff --git a/src/lib.rs b/src/lib.rs
index 0e5d2251..65246702 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -29,7 +29,6 @@ use grpcio_sys as grpc_sys;
 #[macro_use]
 extern crate log;
 
-mod auth_context;
 mod buf;
 mod call;
 mod channel;
@@ -68,7 +67,6 @@ pub use crate::codec::pb_codec::{de as pb_de, ser as pb_ser};
 #[cfg(feature = "prost-codec")]
 pub use crate::codec::pr_codec::{de as pr_de, ser as pr_ser};
 
-pub use crate::auth_context::{AuthContext, AuthProperty, AuthPropertyIter};
 pub use crate::codec::{Marshaller, MAX_MESSAGE_SIZE};
 pub use crate::env::{EnvBuilder, Environment};
 pub use crate::error::{Error, Result};
diff --git a/src/auth_context.rs b/src/security/auth_context.rs
similarity index 100%
rename from src/auth_context.rs
rename to src/security/auth_context.rs
diff --git a/src/security/mod.rs b/src/security/mod.rs
index c9354616..d0fa76c7 100644
--- a/src/security/mod.rs
+++ b/src/security/mod.rs
@@ -1,10 +1,14 @@
 // Copyright 2020 TiKV Project Authors. Licensed under Apache-2.0.
 
+#[cfg(feature = "_secure")]
+mod auth_context;
 #[cfg(feature = "_secure")]
 mod credentials;
 
 use grpcio_sys::{grpc_channel_credentials, grpc_server_credentials};
 
+#[cfg(feature = "_secure")]
+pub use self::auth_context::*;
 #[cfg(feature = "_secure")]
 pub use self::credentials::{
     CertificateRequestType, ChannelCredentialsBuilder, ServerCredentialsBuilder,
@@ -59,6 +63,7 @@ impl ServerCredentials {
             ServerCredentials::from_raw(creds)
         }
     }
+
     pub(crate) unsafe fn from_raw(creds: *mut grpc_server_credentials) -> ServerCredentials {
         ServerCredentials {
             creds,