diff --git a/zerver/lib/types.py b/zerver/lib/types.py
index 4a7f4e9a26..69292e2f2e 100644
--- a/zerver/lib/types.py
+++ b/zerver/lib/types.py
@@ -76,34 +76,6 @@ class LinkifierDict(TypedDict):
     id: int
 
 
-class SAMLIdPConfigDict(TypedDict, total=False):
-    entity_id: str
-    url: str
-    slo_url: str
-    attr_user_permanent_id: str
-    attr_first_name: str
-    attr_last_name: str
-    attr_username: str
-    attr_email: str
-    attr_org_membership: str
-    auto_signup: bool
-    display_name: str
-    display_icon: str
-    limit_to_subdomains: List[str]
-    extra_attrs: List[str]
-    x509cert: str
-    x509cert_path: str
-
-
-class OIDCIdPConfigDict(TypedDict, total=False):
-    oidc_url: str
-    display_name: str
-    display_icon: Optional[str]
-    client_id: str
-    secret: Optional[str]
-    auto_signup: bool
-
-
 class UnspecifiedValue:
     """In most API endpoints, we use a default value of `None"` to encode
     parameters that the client did not pass, which is nicely Pythonic.
@@ -317,9 +289,3 @@ class RealmPlaygroundDict(TypedDict):
     name: str
     pygments_language: str
     url_prefix: str
-
-
-class SCIMConfigDict(TypedDict):
-    bearer_token: str
-    scim_client_name: str
-    name_formatted_included: bool
diff --git a/zproject/backends.py b/zproject/backends.py
index 3efaf6422a..1a60f98c76 100644
--- a/zproject/backends.py
+++ b/zproject/backends.py
@@ -86,7 +86,7 @@ from zerver.lib.redis_utils import get_dict_from_redis, get_redis_client, put_di
 from zerver.lib.request import RequestNotes
 from zerver.lib.sessions import delete_user_sessions
 from zerver.lib.subdomains import get_subdomain
-from zerver.lib.types import OIDCIdPConfigDict, ProfileDataElementUpdateDict
+from zerver.lib.types import ProfileDataElementUpdateDict
 from zerver.lib.url_encoding import append_url_query_string
 from zerver.lib.users import check_full_name, validate_user_custom_profile_field
 from zerver.models import (
@@ -105,6 +105,7 @@ from zerver.models import (
     remote_user_to_email,
     supported_auth_backends,
 )
+from zproject.settings_types import OIDCIdPConfigDict
 
 redis_client = get_redis_client()
 
diff --git a/zproject/default_settings.py b/zproject/default_settings.py
index 46025fe9b3..2cf5dd1452 100644
--- a/zproject/default_settings.py
+++ b/zproject/default_settings.py
@@ -1,16 +1,15 @@
 import os
 from email.headerregistry import Address
-from typing import TYPE_CHECKING, Any, Dict, List, Optional, TypedDict
+from typing import TYPE_CHECKING, Any, Dict, List, Optional
 
 from scripts.lib.zulip_tools import deport
+from zproject.settings_types import JwtAuthKey, OIDCIdPConfigDict, SAMLIdPConfigDict
 
 from .config import DEVELOPMENT, PRODUCTION, get_secret
 
 if TYPE_CHECKING:
     from django_auth_ldap.config import LDAPSearch
 
-    from zerver.lib.types import OIDCIdPConfigDict, SAMLIdPConfigDict
-
 if PRODUCTION:
     from .prod_settings import EXTERNAL_HOST, ZULIP_ADMINISTRATOR
 else:
@@ -85,7 +84,7 @@ SOCIAL_AUTH_SAML_SP_PRIVATE_KEY = ""
 SOCIAL_AUTH_SAML_ORG_INFO: Optional[Dict[str, Dict[str, str]]] = None
 SOCIAL_AUTH_SAML_TECHNICAL_CONTACT: Optional[Dict[str, str]] = None
 SOCIAL_AUTH_SAML_SUPPORT_CONTACT: Optional[Dict[str, str]] = None
-SOCIAL_AUTH_SAML_ENABLED_IDPS: Dict[str, "SAMLIdPConfigDict"] = {}
+SOCIAL_AUTH_SAML_ENABLED_IDPS: Dict[str, SAMLIdPConfigDict] = {}
 SOCIAL_AUTH_SAML_SECURITY_CONFIG: Dict[str, Any] = {}
 # Set this to True to enforce that any configured IdP needs to specify
 # the limit_to_subdomains setting to be considered valid:
@@ -102,7 +101,7 @@ SOCIAL_AUTH_APPLE_SCOPE = ["name", "email"]
 SOCIAL_AUTH_APPLE_EMAIL_AS_USERNAME = True
 
 # Generic OpenID Connect:
-SOCIAL_AUTH_OIDC_ENABLED_IDPS: Dict[str, "OIDCIdPConfigDict"] = {}
+SOCIAL_AUTH_OIDC_ENABLED_IDPS: Dict[str, OIDCIdPConfigDict] = {}
 SOCIAL_AUTH_OIDC_FULL_NAME_VALIDATED = False
 
 SOCIAL_AUTH_SYNC_CUSTOM_ATTRS_DICT: Dict[str, Dict[str, Dict[str, str]]] = {}
@@ -374,16 +373,7 @@ TERMS_OF_SERVICE_MESSAGE: Optional[str] = None
 STATSD_HOST = ""
 
 # Configuration for JWT auth.
-if TYPE_CHECKING:
-
-    class JwtAuthKey(TypedDict):
-        key: str
-        # See https://pyjwt.readthedocs.io/en/latest/algorithms.html for a list
-        # of supported algorithms.
-        algorithms: List[str]
-
-
-JWT_AUTH_KEYS: Dict[str, "JwtAuthKey"] = {}
+JWT_AUTH_KEYS: Dict[str, JwtAuthKey] = {}
 
 # https://docs.djangoproject.com/en/3.2/ref/settings/#std:setting-SERVER_EMAIL
 # Django setting for what from address to use in error emails.
diff --git a/zproject/dev_settings.py b/zproject/dev_settings.py
index 2d85a814f0..d445bdeffa 100644
--- a/zproject/dev_settings.py
+++ b/zproject/dev_settings.py
@@ -3,7 +3,7 @@ import pwd
 from typing import Dict, Optional, Set, Tuple
 
 from scripts.lib.zulip_tools import deport
-from zerver.lib.types import SCIMConfigDict
+from zproject.settings_types import SCIMConfigDict
 
 ZULIP_ADMINISTRATOR = "desdemona+admin@zulip.com"
 
diff --git a/zproject/settings_types.py b/zproject/settings_types.py
new file mode 100644
index 0000000000..cfd4314669
--- /dev/null
+++ b/zproject/settings_types.py
@@ -0,0 +1,42 @@
+from typing import List, Optional, TypedDict
+
+
+class JwtAuthKey(TypedDict):
+    key: str
+    # See https://pyjwt.readthedocs.io/en/latest/algorithms.html for a list
+    # of supported algorithms.
+    algorithms: List[str]
+
+
+class SAMLIdPConfigDict(TypedDict, total=False):
+    entity_id: str
+    url: str
+    slo_url: str
+    attr_user_permanent_id: str
+    attr_first_name: str
+    attr_last_name: str
+    attr_username: str
+    attr_email: str
+    attr_org_membership: str
+    auto_signup: bool
+    display_name: str
+    display_icon: str
+    limit_to_subdomains: List[str]
+    extra_attrs: List[str]
+    x509cert: str
+    x509cert_path: str
+
+
+class OIDCIdPConfigDict(TypedDict, total=False):
+    oidc_url: str
+    display_name: str
+    display_icon: Optional[str]
+    client_id: str
+    secret: Optional[str]
+    auto_signup: bool
+
+
+class SCIMConfigDict(TypedDict):
+    bearer_token: str
+    scim_client_name: str
+    name_formatted_included: bool
diff --git a/zproject/test_extra_settings.py b/zproject/test_extra_settings.py
index fa9bcac9cf..0c66c49931 100644
--- a/zproject/test_extra_settings.py
+++ b/zproject/test_extra_settings.py
@@ -5,7 +5,7 @@ import ldap
 from django_auth_ldap.config import LDAPSearch
 
 from zerver.lib.db import TimeTrackingConnection, TimeTrackingCursor
-from zerver.lib.types import OIDCIdPConfigDict, SAMLIdPConfigDict, SCIMConfigDict
+from zproject.settings_types import OIDCIdPConfigDict, SAMLIdPConfigDict, SCIMConfigDict
 
 from .config import DEPLOY_ROOT, get_from_file_if_exists
 from .settings import (