fix(member): simplify handler naming convention

cmd/community/server.go

@@ -75,7 +75,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		},
 		signoz.NewEmailingProviderFactories(),
 		signoz.NewCacheProviderFactories(),
-		signoz.NewWebProviderFactories(config.Global),
+		signoz.NewWebProviderFactories(),
 		func(sqlstore sqlstore.SQLStore) factory.NamedMap[factory.ProviderFactory[sqlschema.SQLSchema, sqlschema.Config]] {
 			return signoz.NewSQLSchemaProviderFactories(sqlstore)
 		},

cmd/enterprise/server.go

@@ -96,7 +96,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		},
 		signoz.NewEmailingProviderFactories(),
 		signoz.NewCacheProviderFactories(),
-		signoz.NewWebProviderFactories(config.Global),
+		signoz.NewWebProviderFactories(),
 		func(sqlstore sqlstore.SQLStore) factory.NamedMap[factory.ProviderFactory[sqlschema.SQLSchema, sqlschema.Config]] {
 			existingFactories := signoz.NewSQLSchemaProviderFactories(sqlstore)
 			if err := existingFactories.Add(postgressqlschema.NewFactory(sqlstore)); err != nil {

conf/example.yaml

@@ -6,8 +6,6 @@
 ##################### Global #####################
 global:
   # the url under which the signoz apiserver is externally reachable.
-  # the path component (e.g. /signoz in https://example.com/signoz) is used
-  # as the base path for all HTTP routes (both API and web frontend).
   external_url: <unset>
   # the url where the SigNoz backend receives telemetry data (traces, metrics, logs) from instrumented applications.
   ingestion_url: <unset>
@@ -52,8 +50,8 @@ pprof:
 web:
   # Whether to enable the web frontend
   enabled: true
-  # The index file to use as the SPA entrypoint.
-  index: index.html
+  # The prefix to serve web on
+  prefix: /
   # The directory containing the static build files.
   directory: /etc/signoz/web
 

docs/api/openapi.yml

@@ -6068,9 +6068,9 @@ paths:
       - fields
   /api/v1/getResetPasswordToken/{id}:
     get:
-      deprecated: false
+      deprecated: true
       description: This endpoint returns the reset password token by id
-      operationId: GetResetPasswordToken
+      operationId: GetResetPasswordTokenDeprecated
       parameters:
       - in: path
         name: id
@@ -10894,6 +10894,129 @@ paths:
       summary: Update user v2
       tags:
       - users
+  /api/v2/users/{id}/reset_password_tokens:
+    get:
+      deprecated: false
+      description: This endpoint returns the existing reset password token for a user.
+      operationId: GetResetPasswordToken
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TypesResetPasswordToken'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Get reset password token for a user
+      tags:
+      - users
+    post:
+      deprecated: false
+      description: This endpoint creates or regenerates a reset password token for
+        a user. If a valid token exists, it is returned. If expired, a new one is
+        created.
+      operationId: CreateResetPasswordToken
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "201":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TypesResetPasswordToken'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: Created
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Create or regenerate reset password token for a user
+      tags:
+      - users
   /api/v2/users/{id}/roles:
     get:
       deprecated: false

docs/contributing/onboarding.md

@@ -7,12 +7,12 @@ This guide explains how to add new data sources to the SigNoz onboarding flow. T
 The configuration is located at:
 
 ```
-frontend/src/container/OnboardingV2Container/onboarding-configs/onboarding-config-with-links.ts
+frontend/src/container/OnboardingV2Container/onboarding-configs/onboarding-config-with-links.json
 ```
 
-## Structure Overview
+## JSON Structure Overview
 
-The configuration file exports a TypeScript array (`onboardingConfigWithLinks`) containing data source objects. Each object represents a selectable option in the onboarding flow. SVG logos are imported as ES modules at the top of the file.
+The configuration file is a JSON array containing data source objects. Each object represents a selectable option in the onboarding flow.
 
 ## Data Source Object Keys
 
@@ -24,7 +24,7 @@ The configuration file exports a TypeScript array (`onboardingConfigWithLinks`)
 | `label` | `string` | Display name shown to users (e.g., `"AWS EC2"`) |
 | `tags` | `string[]` | Array of category tags for grouping (e.g., `["AWS"]`, `["database"]`) |
 | `module` | `string` | Destination module after onboarding completion |
-| `imgUrl` | `string` | Imported SVG URL **(SVG required)** (e.g., `import ec2Url from '@/assets/Logos/ec2.svg'`, then use `ec2Url`) |
+| `imgUrl` | `string` | Path to the logo/icon **(SVG required)** (e.g., `"/Logos/ec2.svg"`) |
 
 ### Optional Keys
 
@@ -57,34 +57,36 @@ The `module` key determines where users are redirected after completing onboardi
 
 The `question` object enables multi-step selection flows:
 
-```ts
-question: {
-  desc: 'What would you like to monitor?',
-  type: 'select',
-  helpText: 'Choose the telemetry type you want to collect.',
-  helpLink: '/docs/azure-monitoring/overview/',
-  helpLinkText: 'Read the guide →',
-  options: [
-    {
-      key: 'logging',
-      label: 'Logs',
-      imgUrl: azureVmUrl,
-      link: '/docs/azure-monitoring/app-service/logging/',
-    },
-    {
-      key: 'metrics',
-      label: 'Metrics',
-      imgUrl: azureVmUrl,
-      link: '/docs/azure-monitoring/app-service/metrics/',
-    },
-    {
-      key: 'tracing',
-      label: 'Traces',
-      imgUrl: azureVmUrl,
-      link: '/docs/azure-monitoring/app-service/tracing/',
-    },
-  ],
-},
+```json
+{
+  "question": {
+    "desc": "What would you like to monitor?",
+    "type": "select",
+    "helpText": "Choose the telemetry type you want to collect.",
+    "helpLink": "/docs/azure-monitoring/overview/",
+    "helpLinkText": "Read the guide →",
+    "options": [
+        {
+            "key": "logging",
+            "label": "Logs",
+            "imgUrl": "/Logos/azure-vm.svg",
+            "link": "/docs/azure-monitoring/app-service/logging/"
+        },
+        {
+            "key": "metrics",
+            "label": "Metrics",
+            "imgUrl": "/Logos/azure-vm.svg",
+            "link": "/docs/azure-monitoring/app-service/metrics/"
+        },
+        {
+            "key": "tracing",
+            "label": "Traces",
+            "imgUrl": "/Logos/azure-vm.svg",
+            "link": "/docs/azure-monitoring/app-service/tracing/"
+        }
+    ]
+  }
+}
 ```
 
 ### Question Keys
@@ -104,161 +106,152 @@ Options can be simple (direct link) or nested (with another question):
 
 ### Simple Option (Direct Link)
 
-```ts
+```json
 {
-  key: 'aws-ec2-logs',
-  label: 'Logs',
-  imgUrl: ec2Url,
-  link: '/docs/userguide/collect_logs_from_file/',
-},
+  "key": "aws-ec2-logs",
+  "label": "Logs",
+  "imgUrl": "/Logos/ec2.svg",
+  "link": "/docs/userguide/collect_logs_from_file/"
+}
 ```
 
 ### Option with Internal Redirect
 
-```ts
+```json
 {
-  key: 'aws-ec2-metrics-one-click',
-  label: 'One Click AWS',
-  imgUrl: ec2Url,
-  link: '/integrations?integration=aws-integration&service=ec2',
-  internalRedirect: true,
-},
+  "key": "aws-ec2-metrics-one-click",
+  "label": "One Click AWS",
+  "imgUrl": "/Logos/ec2.svg",
+  "link": "/integrations?integration=aws-integration&service=ec2",
+  "internalRedirect": true
+}
 ```
 
 > **Important**: Set `internalRedirect: true` only for internal app routes (like `/integrations?...`). Docs links should NOT have this flag.
 
 ### Nested Option (Multi-step Flow)
 
-```ts
+```json
 {
-  key: 'aws-ec2-metrics',
-  label: 'Metrics',
-  imgUrl: ec2Url,
-  question: {
-    desc: 'How would you like to set up monitoring?',
-    helpText: 'Choose your setup method.',
-    options: [...],
-  },
-},
+  "key": "aws-ec2-metrics",
+  "label": "Metrics",
+  "imgUrl": "/Logos/ec2.svg",
+  "question": {
+    "desc": "How would you like to set up monitoring?",
+    "helpText": "Choose your setup method.",
+    "options": [...]
+  }
+}
 ```
 
 ## Examples
 
 ### Simple Data Source (Direct Link)
 
-```ts
-import elbUrl from '@/assets/Logos/elb.svg';
-
-// inside the onboardingConfigWithLinks array:
+```json
 {
-  dataSource: 'aws-elb',
-  label: 'AWS ELB',
-  tags: ['AWS'],
-  module: 'logs',
-  relatedSearchKeywords: [
-    'aws',
-    'aws elb',
-    'elb logs',
-    'elastic load balancer',
+  "dataSource": "aws-elb",
+  "label": "AWS ELB",
+  "tags": ["AWS"],
+  "module": "logs",
+  "relatedSearchKeywords": [
+    "aws",
+    "aws elb",
+    "elb logs",
+    "elastic load balancer"
   ],
-  imgUrl: elbUrl,
-  link: '/docs/aws-monitoring/elb/',
-},
+  "imgUrl": "/Logos/elb.svg",
+  "link": "/docs/aws-monitoring/elb/"
+}
 ```
 
 ### Data Source with Single Question Level
 
-```ts
-import azureVmUrl from '@/assets/Logos/azure-vm.svg';
-
-// inside the onboardingConfigWithLinks array:
+```json
 {
-  dataSource: 'app-service',
-  label: 'App Service',
-  imgUrl: azureVmUrl,
-  tags: ['Azure'],
-  module: 'apm',
-  relatedSearchKeywords: ['azure', 'app service'],
-  question: {
-    desc: 'What telemetry data do you want to visualise?',
-    type: 'select',
-    options: [
+  "dataSource": "app-service",
+  "label": "App Service",
+  "imgUrl": "/Logos/azure-vm.svg",
+  "tags": ["Azure"],
+  "module": "apm",
+  "relatedSearchKeywords": ["azure", "app service"],
+  "question": {
+    "desc": "What telemetry data do you want to visualise?",
+    "type": "select",
+    "options": [
       {
-        key: 'logging',
-        label: 'Logs',
-        imgUrl: azureVmUrl,
-        link: '/docs/azure-monitoring/app-service/logging/',
+        "key": "logging",
+        "label": "Logs",
+        "imgUrl": "/Logos/azure-vm.svg",
+        "link": "/docs/azure-monitoring/app-service/logging/"
       },
       {
-        key: 'metrics',
-        label: 'Metrics',
-        imgUrl: azureVmUrl,
-        link: '/docs/azure-monitoring/app-service/metrics/',
+        "key": "metrics",
+        "label": "Metrics",
+        "imgUrl": "/Logos/azure-vm.svg",
+        "link": "/docs/azure-monitoring/app-service/metrics/"
       },
       {
-        key: 'tracing',
-        label: 'Traces',
-        imgUrl: azureVmUrl,
-        link: '/docs/azure-monitoring/app-service/tracing/',
-      },
-    ],
-  },
-},
+        "key": "tracing",
+        "label": "Traces",
+        "imgUrl": "/Logos/azure-vm.svg",
+        "link": "/docs/azure-monitoring/app-service/tracing/"
+      }
+    ]
+  }
+}
 ```
 
 ### Data Source with Nested Questions (2-3 Levels)
 
-```ts
-import ec2Url from '@/assets/Logos/ec2.svg';
-
-// inside the onboardingConfigWithLinks array:
+```json
 {
-  dataSource: 'aws-ec2',
-  label: 'AWS EC2',
-  tags: ['AWS'],
-  module: 'logs',
-  relatedSearchKeywords: ['aws', 'aws ec2', 'ec2 logs', 'ec2 metrics'],
-  imgUrl: ec2Url,
-  question: {
-    desc: 'What would you like to monitor for AWS EC2?',
-    type: 'select',
-    helpText: 'Choose the type of telemetry data you want to collect.',
-    options: [
+  "dataSource": "aws-ec2",
+  "label": "AWS EC2",
+  "tags": ["AWS"],
+  "module": "logs",
+  "relatedSearchKeywords": ["aws", "aws ec2", "ec2 logs", "ec2 metrics"],
+  "imgUrl": "/Logos/ec2.svg",
+  "question": {
+    "desc": "What would you like to monitor for AWS EC2?",
+    "type": "select",
+    "helpText": "Choose the type of telemetry data you want to collect.",
+    "options": [
       {
-        key: 'aws-ec2-logs',
-        label: 'Logs',
-        imgUrl: ec2Url,
-        link: '/docs/userguide/collect_logs_from_file/',
+        "key": "aws-ec2-logs",
+        "label": "Logs",
+        "imgUrl": "/Logos/ec2.svg",
+        "link": "/docs/userguide/collect_logs_from_file/"
       },
       {
-        key: 'aws-ec2-metrics',
-        label: 'Metrics',
-        imgUrl: ec2Url,
-        question: {
-          desc: 'How would you like to set up EC2 Metrics monitoring?',
-          helpText: 'One Click uses AWS CloudWatch integration. Manual setup uses OpenTelemetry.',
-          helpLink: '/docs/aws-monitoring/one-click-vs-manual/',
-          helpLinkText: 'Read the comparison guide →',
-          options: [
+        "key": "aws-ec2-metrics",
+        "label": "Metrics",
+        "imgUrl": "/Logos/ec2.svg",
+        "question": {
+          "desc": "How would you like to set up EC2 Metrics monitoring?",
+          "helpText": "One Click uses AWS CloudWatch integration. Manual setup uses OpenTelemetry.",
+          "helpLink": "/docs/aws-monitoring/one-click-vs-manual/",
+          "helpLinkText": "Read the comparison guide →",
+          "options": [
             {
-              key: 'aws-ec2-metrics-one-click',
-              label: 'One Click AWS',
-              imgUrl: ec2Url,
-              link: '/integrations?integration=aws-integration&service=ec2',
-              internalRedirect: true,
+              "key": "aws-ec2-metrics-one-click",
+              "label": "One Click AWS",
+              "imgUrl": "/Logos/ec2.svg",
+              "link": "/integrations?integration=aws-integration&service=ec2",
+              "internalRedirect": true
             },
             {
-              key: 'aws-ec2-metrics-manual',
-              label: 'Manual Setup',
-              imgUrl: ec2Url,
-              link: '/docs/tutorial/opentelemetry-binary-usage-in-virtual-machine/',
-            },
-          ],
-        },
-      },
-    ],
-  },
-},
+              "key": "aws-ec2-metrics-manual",
+              "label": "Manual Setup",
+              "imgUrl": "/Logos/ec2.svg",
+              "link": "/docs/tutorial/opentelemetry-binary-usage-in-virtual-machine/"
+            }
+          ]
+        }
+      }
+    ]
+  }
+}
 ```
 
 ## Best Practices
@@ -277,16 +270,11 @@ import ec2Url from '@/assets/Logos/ec2.svg';
 
 ### 3. Logos
 
-- Place logo files in `src/assets/Logos/`
+- Place logo files in `public/Logos/`
 - Use SVG format
-- Import the SVG at the top of the file and reference the imported variable:
-  ```ts
-  import myServiceUrl from '@/assets/Logos/my-service.svg';
-  // then in the config object:
-  imgUrl: myServiceUrl,
-  ```
+- Reference as `"/Logos/your-logo.svg"`
 - **Fetching Icons**: New icons can be easily fetched from [OpenBrand](https://openbrand.sh/). Use the pattern `https://openbrand.sh/?url=<TARGET_URL>`, where `<TARGET_URL>` is the URL-encoded link to the service's website. For example, to get Render's logo, use [https://openbrand.sh/?url=https%3A%2F%2Frender.com](https://openbrand.sh/?url=https%3A%2F%2Frender.com).
-- **Optimize new SVGs**: Run any newly downloaded SVGs through an optimizer like [SVGOMG (svgo)](https://svgomg.net/) or use `npx svgo src/assets/Logos/your-logo.svg` to minimise their size before committing.
+- **Optimize new SVGs**: Run any newly downloaded SVGs through an optimizer like [SVGOMG (svgo)](https://svgomg.net/) or use `npx svgo public/Logos/your-logo.svg` to minimise their size before committing.
 
 ### 4. Links
 
@@ -302,8 +290,8 @@ import ec2Url from '@/assets/Logos/ec2.svg';
 
 ## Adding a New Data Source
 
-1. Add the logo SVG to `src/assets/Logos/` and add a top-level import in the config file (e.g., `import myServiceUrl from '@/assets/Logos/my-service.svg'`)
-2. Add your data source object to the `onboardingConfigWithLinks` array, referencing the imported variable for `imgUrl`
+1. Add your data source object to the JSON array
+2. Ensure the logo exists in `public/Logos/`
 3. Test the flow locally with `yarn dev`
 4. Validation:
    - Navigate to the [onboarding page](http://localhost:3301/get-started-with-signoz-cloud) on your local machine

ee/query-service/app/server.go

@@ -262,20 +262,6 @@ func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*h
 		return nil, err
 	}
 
-	routePrefix := s.config.Global.ExternalPath()
-	if routePrefix != "" {
-		prefixed := http.StripPrefix(routePrefix, handler)
-		handler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-			switch req.URL.Path {
-			case "/api/v1/health", "/api/v2/healthz", "/api/v2/readyz", "/api/v2/livez":
-				r.ServeHTTP(w, req)
-				return
-			}
-
-			prefixed.ServeHTTP(w, req)
-		})
-	}
-
 	return &http.Server{
 		Handler: handler,
 	}, nil

frontend/.gitignore

@@ -28,7 +28,4 @@ e2e/test-plan/saved-views/
 e2e/test-plan/service-map/
 e2e/test-plan/services/
 e2e/test-plan/traces/
-e2e/test-plan/user-preferences/
-
-# Generated by `vite build` — do not commit
-index.html.gotmpl
+e2e/test-plan/user-preferences/

frontend/index.html

@@ -2,7 +2,6 @@
 <html lang="en">
 	<head>
 		<meta charset="utf-8" />
-		<base href="[[.BasePath]]" />
 		<meta
 			http-equiv="Cache-Control"
 			content="no-cache, no-store, must-revalidate, max-age: 0"
@@ -60,7 +59,7 @@
 		<meta data-react-helmet="true" name="docusaurus_locale" content="en" />
 		<meta data-react-helmet="true" name="docusaurus_tag" content="default" />
 		<meta name="robots" content="noindex" />
-		<link data-react-helmet="true" rel="shortcut icon" href="favicon.ico" />
+		<link data-react-helmet="true" rel="shortcut icon" href="/favicon.ico" />
 	</head>
 	<body data-theme="default">
 		<noscript>You need to enable JavaScript to run this app.</noscript>
@@ -114,7 +113,7 @@
 				})(document, 'script');
 			}
 		</script>
-		<link rel="stylesheet" href="css/uPlot.min.css" />
+		<link rel="stylesheet" href="/css/uPlot.min.css" />
 		<script type="module" src="./src/index.tsx"></script>
 	</body>
 </html>

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -5604,10 +5604,10 @@ export type GetFieldsValues200 = {
 	status: string;
 };
 
-export type GetResetPasswordTokenPathParameters = {
+export type GetResetPasswordTokenDeprecatedPathParameters = {
 	id: string;
 };
-export type GetResetPasswordToken200 = {
+export type GetResetPasswordTokenDeprecated200 = {
 	data: TypesResetPasswordTokenDTO;
 	/**
 	 * @type string
@@ -6579,6 +6579,28 @@ export type GetUser200 = {
 export type UpdateUserPathParameters = {
 	id: string;
 };
+export type GetResetPasswordTokenPathParameters = {
+	id: string;
+};
+export type GetResetPasswordToken200 = {
+	data: TypesResetPasswordTokenDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type CreateResetPasswordTokenPathParameters = {
+	id: string;
+};
+export type CreateResetPasswordToken201 = {
+	data: TypesResetPasswordTokenDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
 export type GetRolesByUserIDPathParameters = {
 	id: string;
 };

frontend/src/api/generated/services/users/index.ts

@@ -22,10 +22,14 @@ import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
 import type {
 	ChangePasswordPathParameters,
 	CreateInvite201,
+	CreateResetPasswordToken201,
+	CreateResetPasswordTokenPathParameters,
 	DeleteUserPathParameters,
 	GetMyUser200,
 	GetMyUserDeprecated200,
 	GetResetPasswordToken200,
+	GetResetPasswordTokenDeprecated200,
+	GetResetPasswordTokenDeprecatedPathParameters,
 	GetResetPasswordTokenPathParameters,
 	GetRolesByUserID200,
 	GetRolesByUserIDPathParameters,
@@ -154,33 +158,34 @@ export const useChangePassword = <
 };
 /**
  * This endpoint returns the reset password token by id
+ * @deprecated
  * @summary Get reset password token
  */
-export const getResetPasswordToken = (
-	{ id }: GetResetPasswordTokenPathParameters,
+export const getResetPasswordTokenDeprecated = (
+	{ id }: GetResetPasswordTokenDeprecatedPathParameters,
 	signal?: AbortSignal,
 ) => {
-	return GeneratedAPIInstance<GetResetPasswordToken200>({
+	return GeneratedAPIInstance<GetResetPasswordTokenDeprecated200>({
 		url: `/api/v1/getResetPasswordToken/${id}`,
 		method: 'GET',
 		signal,
 	});
 };
 
-export const getGetResetPasswordTokenQueryKey = ({
+export const getGetResetPasswordTokenDeprecatedQueryKey = ({
 	id,
-}: GetResetPasswordTokenPathParameters) => {
+}: GetResetPasswordTokenDeprecatedPathParameters) => {
 	return [`/api/v1/getResetPasswordToken/${id}`] as const;
 };
 
-export const getGetResetPasswordTokenQueryOptions = <
-	TData = Awaited<ReturnType<typeof getResetPasswordToken>>,
+export const getGetResetPasswordTokenDeprecatedQueryOptions = <
+	TData = Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>,
 	TError = ErrorType<RenderErrorResponseDTO>
 >(
-	{ id }: GetResetPasswordTokenPathParameters,
+	{ id }: GetResetPasswordTokenDeprecatedPathParameters,
 	options?: {
 		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getResetPasswordToken>>,
+			Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>,
 			TError,
 			TData
 		>;
@@ -189,11 +194,11 @@ export const getGetResetPasswordTokenQueryOptions = <
 	const { query: queryOptions } = options ?? {};
 
 	const queryKey =
-		queryOptions?.queryKey ?? getGetResetPasswordTokenQueryKey({ id });
+		queryOptions?.queryKey ?? getGetResetPasswordTokenDeprecatedQueryKey({ id });
 
 	const queryFn: QueryFunction<
-		Awaited<ReturnType<typeof getResetPasswordToken>>
-	> = ({ signal }) => getResetPasswordToken({ id }, signal);
+		Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>
+	> = ({ signal }) => getResetPasswordTokenDeprecated({ id }, signal);
 
 	return {
 		queryKey,
@@ -201,35 +206,39 @@ export const getGetResetPasswordTokenQueryOptions = <
 		enabled: !!id,
 		...queryOptions,
 	} as UseQueryOptions<
-		Awaited<ReturnType<typeof getResetPasswordToken>>,
+		Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>,
 		TError,
 		TData
 	> & { queryKey: QueryKey };
 };
 
-export type GetResetPasswordTokenQueryResult = NonNullable<
-	Awaited<ReturnType<typeof getResetPasswordToken>>
+export type GetResetPasswordTokenDeprecatedQueryResult = NonNullable<
+	Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>
 >;
-export type GetResetPasswordTokenQueryError = ErrorType<RenderErrorResponseDTO>;
+export type GetResetPasswordTokenDeprecatedQueryError = ErrorType<RenderErrorResponseDTO>;
 
 /**
+ * @deprecated
  * @summary Get reset password token
  */
 
-export function useGetResetPasswordToken<
-	TData = Awaited<ReturnType<typeof getResetPasswordToken>>,
+export function useGetResetPasswordTokenDeprecated<
+	TData = Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>,
 	TError = ErrorType<RenderErrorResponseDTO>
 >(
-	{ id }: GetResetPasswordTokenPathParameters,
+	{ id }: GetResetPasswordTokenDeprecatedPathParameters,
 	options?: {
 		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getResetPasswordToken>>,
+			Awaited<ReturnType<typeof getResetPasswordTokenDeprecated>>,
 			TError,
 			TData
 		>;
 	},
 ): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getGetResetPasswordTokenQueryOptions({ id }, options);
+	const queryOptions = getGetResetPasswordTokenDeprecatedQueryOptions(
+		{ id },
+		options,
+	);
 
 	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
 		queryKey: QueryKey;
@@ -241,15 +250,16 @@ export function useGetResetPasswordToken<
 }
 
 /**
+ * @deprecated
  * @summary Get reset password token
  */
-export const invalidateGetResetPasswordToken = async (
+export const invalidateGetResetPasswordTokenDeprecated = async (
 	queryClient: QueryClient,
-	{ id }: GetResetPasswordTokenPathParameters,
+	{ id }: GetResetPasswordTokenDeprecatedPathParameters,
 	options?: InvalidateOptions,
 ): Promise<QueryClient> => {
 	await queryClient.invalidateQueries(
-		{ queryKey: getGetResetPasswordTokenQueryKey({ id }) },
+		{ queryKey: getGetResetPasswordTokenDeprecatedQueryKey({ id }) },
 		options,
 	);
 
@@ -1407,6 +1417,191 @@ export const useUpdateUser = <
 
 	return useMutation(mutationOptions);
 };
+/**
+ * This endpoint returns the existing reset password token for a user.
+ * @summary Get reset password token for a user
+ */
+export const getResetPasswordToken = (
+	{ id }: GetResetPasswordTokenPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<GetResetPasswordToken200>({
+		url: `/api/v2/users/${id}/reset_password_tokens`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getGetResetPasswordTokenQueryKey = ({
+	id,
+}: GetResetPasswordTokenPathParameters) => {
+	return [`/api/v2/users/${id}/reset_password_tokens`] as const;
+};
+
+export const getGetResetPasswordTokenQueryOptions = <
+	TData = Awaited<ReturnType<typeof getResetPasswordToken>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: GetResetPasswordTokenPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getResetPasswordToken>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey =
+		queryOptions?.queryKey ?? getGetResetPasswordTokenQueryKey({ id });
+
+	const queryFn: QueryFunction<
+		Awaited<ReturnType<typeof getResetPasswordToken>>
+	> = ({ signal }) => getResetPasswordToken({ id }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!id,
+		...queryOptions,
+	} as UseQueryOptions<
+		Awaited<ReturnType<typeof getResetPasswordToken>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type GetResetPasswordTokenQueryResult = NonNullable<
+	Awaited<ReturnType<typeof getResetPasswordToken>>
+>;
+export type GetResetPasswordTokenQueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Get reset password token for a user
+ */
+
+export function useGetResetPasswordToken<
+	TData = Awaited<ReturnType<typeof getResetPasswordToken>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: GetResetPasswordTokenPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getResetPasswordToken>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getGetResetPasswordTokenQueryOptions({ id }, options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Get reset password token for a user
+ */
+export const invalidateGetResetPasswordToken = async (
+	queryClient: QueryClient,
+	{ id }: GetResetPasswordTokenPathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getGetResetPasswordTokenQueryKey({ id }) },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * This endpoint creates or regenerates a reset password token for a user. If a valid token exists, it is returned. If expired, a new one is created.
+ * @summary Create or regenerate reset password token for a user
+ */
+export const createResetPasswordToken = (
+	{ id }: CreateResetPasswordTokenPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<CreateResetPasswordToken201>({
+		url: `/api/v2/users/${id}/reset_password_tokens`,
+		method: 'POST',
+		signal,
+	});
+};
+
+export const getCreateResetPasswordTokenMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createResetPasswordToken>>,
+		TError,
+		{ pathParams: CreateResetPasswordTokenPathParameters },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof createResetPasswordToken>>,
+	TError,
+	{ pathParams: CreateResetPasswordTokenPathParameters },
+	TContext
+> => {
+	const mutationKey = ['createResetPasswordToken'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof createResetPasswordToken>>,
+		{ pathParams: CreateResetPasswordTokenPathParameters }
+	> = (props) => {
+		const { pathParams } = props ?? {};
+
+		return createResetPasswordToken(pathParams);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type CreateResetPasswordTokenMutationResult = NonNullable<
+	Awaited<ReturnType<typeof createResetPasswordToken>>
+>;
+
+export type CreateResetPasswordTokenMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Create or regenerate reset password token for a user
+ */
+export const useCreateResetPasswordToken = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createResetPasswordToken>>,
+		TError,
+		{ pathParams: CreateResetPasswordTokenPathParameters },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof createResetPasswordToken>>,
+	TError,
+	{ pathParams: CreateResetPasswordTokenPathParameters },
+	TContext
+> => {
+	const mutationOptions = getCreateResetPasswordTokenMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
 /**
  * This endpoint returns the user roles by user id
  * @summary Get user roles

frontend/src/api/generatedAPIInstance.ts

@@ -1,6 +1,5 @@
 import {
 	interceptorRejected,
-	interceptorsRequestBasePath,
 	interceptorsRequestResponse,
 	interceptorsResponse,
 } from 'api';
@@ -18,7 +17,6 @@ export const GeneratedAPIInstance = <T>(
 	return generatedAPIAxiosInstance({ ...config }).then(({ data }) => data);
 };
 
-generatedAPIAxiosInstance.interceptors.request.use(interceptorsRequestBasePath);
 generatedAPIAxiosInstance.interceptors.request.use(interceptorsRequestResponse);
 generatedAPIAxiosInstance.interceptors.response.use(
 	interceptorsResponse,

frontend/src/api/index.ts

@@ -11,7 +11,6 @@ import axios, {
 import { ENVIRONMENT } from 'constants/env';
 import { Events } from 'constants/events';
 import { LOCALSTORAGE } from 'constants/localStorage';
-import { getBasePath } from 'utils/getBasePath';
 import { eventEmitter } from 'utils/getEventEmitter';
 
 import apiV1, { apiAlertManager, apiV2, apiV3, apiV4, apiV5 } from './apiV1';
@@ -68,28 +67,6 @@ export const interceptorsRequestResponse = (
 	return value;
 };
 
-// Prepends the runtime base path to outgoing requests so API calls work under
-// a URL prefix (e.g. /signoz/api/v1/…). No-op for root deployments and dev
-// (dev baseURL is a full http:// URL, not an absolute path).
-export const interceptorsRequestBasePath = (
-	value: InternalAxiosRequestConfig,
-): InternalAxiosRequestConfig => {
-	const basePath = getBasePath();
-	if (basePath === '/') {
-		return value;
-	}
-
-	if (value.baseURL?.startsWith('/')) {
-		// Named instances: baseURL='/api/v1/' → '/signoz/api/v1/'
-		value.baseURL = basePath + value.baseURL.slice(1);
-	} else if (!value.baseURL && value.url?.startsWith('/')) {
-		// Generated instance: baseURL is '' in prod, path is in url
-		value.url = basePath + value.url.slice(1);
-	}
-
-	return value;
-};
-
 export const interceptorRejected = async (
 	value: AxiosResponse<any>,
 ): Promise<AxiosResponse<any>> => {
@@ -156,7 +133,6 @@ const instance = axios.create({
 });
 
 instance.interceptors.request.use(interceptorsRequestResponse);
-instance.interceptors.request.use(interceptorsRequestBasePath);
 instance.interceptors.response.use(interceptorsResponse, interceptorRejected);
 
 export const AxiosAlertManagerInstance = axios.create({
@@ -171,7 +147,6 @@ ApiV2Instance.interceptors.response.use(
 	interceptorRejected,
 );
 ApiV2Instance.interceptors.request.use(interceptorsRequestResponse);
-ApiV2Instance.interceptors.request.use(interceptorsRequestBasePath);
 
 // axios V3
 export const ApiV3Instance = axios.create({
@@ -183,7 +158,6 @@ ApiV3Instance.interceptors.response.use(
 	interceptorRejected,
 );
 ApiV3Instance.interceptors.request.use(interceptorsRequestResponse);
-ApiV3Instance.interceptors.request.use(interceptorsRequestBasePath);
 //
 
 // axios V4
@@ -196,7 +170,6 @@ ApiV4Instance.interceptors.response.use(
 	interceptorRejected,
 );
 ApiV4Instance.interceptors.request.use(interceptorsRequestResponse);
-ApiV4Instance.interceptors.request.use(interceptorsRequestBasePath);
 //
 
 // axios V5
@@ -209,7 +182,6 @@ ApiV5Instance.interceptors.response.use(
 	interceptorRejected,
 );
 ApiV5Instance.interceptors.request.use(interceptorsRequestResponse);
-ApiV5Instance.interceptors.request.use(interceptorsRequestBasePath);
 //
 
 // axios Base
@@ -222,7 +194,6 @@ LogEventAxiosInstance.interceptors.response.use(
 	interceptorRejectedBase,
 );
 LogEventAxiosInstance.interceptors.request.use(interceptorsRequestResponse);
-LogEventAxiosInstance.interceptors.request.use(interceptorsRequestBasePath);
 //
 
 AxiosAlertManagerInstance.interceptors.response.use(
@@ -230,7 +201,6 @@ AxiosAlertManagerInstance.interceptors.response.use(
 	interceptorRejected,
 );
 AxiosAlertManagerInstance.interceptors.request.use(interceptorsRequestResponse);
-AxiosAlertManagerInstance.interceptors.request.use(interceptorsRequestBasePath);
 
 export { apiV1 };
 export default instance;

frontend/src/api/v1/factor_password/getResetPasswordToken.ts

@@ -1,28 +0,0 @@
-import axios from 'api';
-import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
-import { AxiosError } from 'axios';
-import { ErrorV2Resp, SuccessResponseV2 } from 'types/api';
-import {
-	GetResetPasswordToken,
-	PayloadProps,
-	Props,
-} from 'types/api/user/getResetPasswordToken';
-
-const getResetPasswordToken = async (
-	props: Props,
-): Promise<SuccessResponseV2<GetResetPasswordToken>> => {
-	try {
-		const response = await axios.get<PayloadProps>(
-			`/getResetPasswordToken/${props.userId}`,
-		);
-
-		return {
-			httpStatusCode: response.status,
-			data: response.data.data,
-		};
-	} catch (error) {
-		ErrorResponseHandlerV2(error as AxiosError<ErrorV2Resp>);
-	}
-};
-
-export default getResetPasswordToken;

frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx

@@ -10,8 +10,9 @@ import { Skeleton, Tooltip } from 'antd';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import type { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
 import {
-	getResetPasswordToken,
+	useCreateResetPasswordToken,
 	useDeleteUser,
+	useGetResetPasswordToken,
 	useGetUser,
 	useUpdateMyUserV2,
 	useUpdateUser,
@@ -55,6 +56,27 @@ function getDeleteTooltip(
 	return undefined;
 }
 
+function getInviteButtonLabel(
+	isLoading: boolean,
+	existingToken: { expiresAt?: Date } | undefined,
+	isExpired: boolean,
+	notFound: boolean,
+): string {
+	if (isLoading) {
+		return 'Checking invite...';
+	}
+	if (existingToken && !isExpired) {
+		return 'Copy Invite Link';
+	}
+	if (isExpired) {
+		return 'Regenerate Invite Link';
+	}
+	if (notFound) {
+		return 'Generate Invite Link';
+	}
+	return 'Copy Invite Link';
+}
+
 function toSaveApiError(err: unknown): APIError {
 	return (
 		convertToApiError(err as AxiosError<RenderErrorResponseDTO>) ??
@@ -83,9 +105,11 @@ function EditMemberDrawer({
 	const [localRole, setLocalRole] = useState('');
 	const [isSaving, setIsSaving] = useState(false);
 	const [saveErrors, setSaveErrors] = useState<SaveError[]>([]);
-	const [isGeneratingLink, setIsGeneratingLink] = useState(false);
 	const [showDeleteConfirm, setShowDeleteConfirm] = useState(false);
 	const [resetLink, setResetLink] = useState<string | null>(null);
+	const [resetLinkExpiresAt, setResetLinkExpiresAt] = useState<string | null>(
+		null,
+	);
 	const [showResetLinkDialog, setShowResetLinkDialog] = useState(false);
 	const [hasCopiedResetLink, setHasCopiedResetLink] = useState(false);
 	const [linkType, setLinkType] = useState<'invite' | 'reset' | null>(null);
@@ -121,6 +145,27 @@ function EditMemberDrawer({
 		applyDiff,
 	} = useMemberRoleManager(member?.id ?? '', open && !!member?.id);
 
+	// Token status query for invited users
+	const {
+		data: tokenQueryData,
+		isLoading: isLoadingTokenStatus,
+		isError: tokenNotFound,
+	} = useGetResetPasswordToken(
+		{ id: member?.id ?? '' },
+		{ query: { enabled: open && !!member?.id && isInvited } },
+	);
+
+	const existingToken = tokenQueryData?.data;
+	const isTokenExpired =
+		existingToken != null &&
+		new Date(String(existingToken.expiresAt)) < new Date();
+
+	// Create/regenerate token mutation
+	const {
+		mutateAsync: createTokenMutation,
+		isLoading: isGeneratingLink,
+	} = useCreateResetPasswordToken();
+
 	const fetchedDisplayName =
 		fetchedUser?.data?.displayName ?? member?.name ?? '';
 	const fetchedUserId = fetchedUser?.data?.id;
@@ -338,12 +383,21 @@ function EditMemberDrawer({
 		if (!member) {
 			return;
 		}
-		setIsGeneratingLink(true);
 		try {
-			const response = await getResetPasswordToken({ id: member.id });
+			const response = await createTokenMutation({
+				pathParams: { id: member.id },
+			});
 			if (response?.data?.token) {
 				const link = `${window.location.origin}/password-reset?token=${response.data.token}`;
 				setResetLink(link);
+				setResetLinkExpiresAt(
+					response.data.expiresAt
+						? formatTimezoneAdjustedTimestamp(
+								String(response.data.expiresAt),
+								DATE_TIME_FORMATS.DASH_DATETIME,
+						  )
+						: null,
+				);
 				setHasCopiedResetLink(false);
 				setLinkType(isInvited ? 'invite' : 'reset');
 				setShowResetLinkDialog(true);
@@ -359,10 +413,8 @@ function EditMemberDrawer({
 				err as AxiosError<RenderErrorResponseDTO, unknown> | null,
 			);
 			showErrorModal(errMsg as APIError);
-		} finally {
-			setIsGeneratingLink(false);
 		}
-	}, [member, isInvited, onClose, showErrorModal]);
+	}, [member, isInvited, onClose, showErrorModal, createTokenMutation]);
 
 	const [copyState, copyToClipboard] = useCopyToClipboard();
 	const handleCopyResetLink = useCallback((): void => {
@@ -568,12 +620,19 @@ function EditMemberDrawer({
 								<Button
 									className="edit-member-drawer__footer-btn edit-member-drawer__footer-btn--warning"
 									onClick={handleGenerateResetLink}
-									disabled={isGeneratingLink || isRootUser}
+									disabled={isGeneratingLink || isRootUser || isLoadingTokenStatus}
 								>
 									<RefreshCw size={12} />
-									{isGeneratingLink && 'Generating...'}
-									{!isGeneratingLink && isInvited && 'Copy Invite Link'}
-									{!isGeneratingLink && !isInvited && 'Generate Password Reset Link'}
+									{isGeneratingLink
+										? 'Generating...'
+										: isInvited
+										? getInviteButtonLabel(
+												isLoadingTokenStatus,
+												existingToken,
+												isTokenExpired,
+												tokenNotFound,
+										  )
+										: 'Generate Password Reset Link'}
 								</Button>
 							</span>
 						</Tooltip>
@@ -623,6 +682,7 @@ function EditMemberDrawer({
 				open={showResetLinkDialog}
 				linkType={linkType}
 				resetLink={resetLink}
+				expiresAt={resetLinkExpiresAt}
 				hasCopied={hasCopiedResetLink}
 				onClose={(): void => {
 					setShowResetLinkDialog(false);

frontend/src/components/EditMemberDrawer/ResetLinkDialog.tsx

@@ -6,6 +6,7 @@ interface ResetLinkDialogProps {
 	open: boolean;
 	linkType: 'invite' | 'reset' | null;
 	resetLink: string | null;
+	expiresAt: string | null;
 	hasCopied: boolean;
 	onClose: () => void;
 	onCopy: () => void;
@@ -15,6 +16,7 @@ function ResetLinkDialog({
 	open,
 	linkType,
 	resetLink,
+	expiresAt,
 	hasCopied,
 	onClose,
 	onCopy,
@@ -53,6 +55,11 @@ function ResetLinkDialog({
 						{hasCopied ? 'Copied!' : 'Copy'}
 					</Button>
 				</div>
+				{expiresAt && (
+					<p className="reset-link-dialog__description">
+						This link expires on {expiresAt}.
+					</p>
+				)}
 			</div>
 		</DialogWrapper>
 	);

frontend/src/components/EditMemberDrawer/__tests__/EditMemberDrawer.test.tsx

@@ -2,8 +2,9 @@ import type { ReactNode } from 'react';
 import { toast } from '@signozhq/sonner';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import {
-	getResetPasswordToken,
+	useCreateResetPasswordToken,
 	useDeleteUser,
+	useGetResetPasswordToken,
 	useGetUser,
 	useSetRoleByUserID,
 	useUpdateMyUserV2,
@@ -55,7 +56,8 @@ jest.mock('api/generated/services/users', () => ({
 	useUpdateUser: jest.fn(),
 	useUpdateMyUserV2: jest.fn(),
 	useSetRoleByUserID: jest.fn(),
-	getResetPasswordToken: jest.fn(),
+	useGetResetPasswordToken: jest.fn(),
+	useCreateResetPasswordToken: jest.fn(),
 }));
 
 jest.mock('api/ErrorResponseHandlerForGeneratedAPIs', () => ({
@@ -82,7 +84,7 @@ jest.mock('react-use', () => ({
 const ROLES_ENDPOINT = '*/api/v1/roles';
 
 const mockDeleteMutate = jest.fn();
-const mockGetResetPasswordToken = jest.mocked(getResetPasswordToken);
+const mockCreateTokenMutateAsync = jest.fn();
 
 const showErrorModal = jest.fn();
 jest.mock('providers/ErrorModalProvider', () => ({
@@ -184,6 +186,31 @@ describe('EditMemberDrawer', () => {
 			mutate: mockDeleteMutate,
 			isLoading: false,
 		});
+		// Token query: valid token for invited members
+		(useGetResetPasswordToken as jest.Mock).mockReturnValue({
+			data: {
+				data: {
+					token: 'invite-tok-valid',
+					id: 'token-1',
+					expiresAt: new Date(Date.now() + 86400000).toISOString(),
+				},
+			},
+			isLoading: false,
+			isError: false,
+		});
+		// Create token mutation
+		mockCreateTokenMutateAsync.mockResolvedValue({
+			status: 'success',
+			data: {
+				token: 'reset-tok-abc',
+				id: 'user-1',
+				expiresAt: new Date(Date.now() + 86400000).toISOString(),
+			},
+		});
+		(useCreateResetPasswordToken as jest.Mock).mockReturnValue({
+			mutateAsync: mockCreateTokenMutateAsync,
+			isLoading: false,
+		});
 	});
 
 	afterEach(() => {
@@ -357,6 +384,40 @@ describe('EditMemberDrawer', () => {
 		expect(screen.queryByText('Last Modified')).not.toBeInTheDocument();
 	});
 
+	it('shows "Regenerate Invite Link" when token is expired', () => {
+		(useGetResetPasswordToken as jest.Mock).mockReturnValue({
+			data: {
+				data: {
+					token: 'old-tok',
+					id: 'token-1',
+					expiresAt: new Date(Date.now() - 86400000).toISOString(), // expired yesterday
+				},
+			},
+			isLoading: false,
+			isError: false,
+		});
+
+		renderDrawer({ member: invitedMember });
+
+		expect(
+			screen.getByRole('button', { name: /regenerate invite link/i }),
+		).toBeInTheDocument();
+	});
+
+	it('shows "Generate Invite Link" when no token exists', () => {
+		(useGetResetPasswordToken as jest.Mock).mockReturnValue({
+			data: undefined,
+			isLoading: false,
+			isError: true,
+		});
+
+		renderDrawer({ member: invitedMember });
+
+		expect(
+			screen.getByRole('button', { name: /generate invite link/i }),
+		).toBeInTheDocument();
+	});
+
 	it('calls deleteUser after confirming revoke invite for invited members', async () => {
 		const onComplete = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });
@@ -609,7 +670,7 @@ describe('EditMemberDrawer', () => {
 			).not.toBeInTheDocument();
 		});
 
-		it('does not call getResetPasswordToken when Reset Link is clicked while disabled (root)', async () => {
+		it('does not call createResetPasswordToken when Reset Link is clicked while disabled (root)', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
 			renderDrawer();
 
@@ -617,20 +678,16 @@ describe('EditMemberDrawer', () => {
 				screen.getByRole('button', { name: /generate password reset link/i }),
 			);
 
-			expect(mockGetResetPasswordToken).not.toHaveBeenCalled();
+			expect(mockCreateTokenMutateAsync).not.toHaveBeenCalled();
 		});
 	});
 
 	describe('Generate Password Reset Link', () => {
 		beforeEach(() => {
 			mockCopyToClipboard.mockClear();
-			mockGetResetPasswordToken.mockResolvedValue({
-				status: 'success',
-				data: { token: 'reset-tok-abc', id: 'user-1' },
-			});
 		});
 
-		it('calls getResetPasswordToken and opens the reset link dialog with the generated link', async () => {
+		it('calls POST and opens the reset link dialog with the generated link and expiry', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
 
 			renderDrawer();
@@ -642,11 +699,12 @@ describe('EditMemberDrawer', () => {
 			const dialog = await screen.findByRole('dialog', {
 				name: /password reset link/i,
 			});
-			expect(mockGetResetPasswordToken).toHaveBeenCalledWith({
-				id: 'user-1',
+			expect(mockCreateTokenMutateAsync).toHaveBeenCalledWith({
+				pathParams: { id: 'user-1' },
 			});
 			expect(dialog).toBeInTheDocument();
 			expect(dialog).toHaveTextContent('reset-tok-abc');
+			expect(dialog).toHaveTextContent(/this link expires on/i);
 		});
 
 		it('copies the link to clipboard and shows "Copied!" on the button', async () => {

frontend/src/lib/history.ts

@@ -1,4 +1,3 @@
 import { createBrowserHistory } from 'history';
-import { getBasePath } from 'utils/getBasePath';
 
-export default createBrowserHistory({ basename: getBasePath() });
+export default createBrowserHistory();

frontend/src/pages/ErrorBoundaryFallback/ErrorBoundaryFallback.tsx

@@ -2,7 +2,6 @@ import { useCallback } from 'react';
 import { Button } from 'antd';
 import ROUTES from 'constants/routes';
 import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
-import history from 'lib/history';
 import { Home, LifeBuoy } from 'lucide-react';
 import { handleContactSupport } from 'pages/Integrations/utils';
 
@@ -12,9 +11,8 @@ import './ErrorBoundaryFallback.styles.scss';
 
 function ErrorBoundaryFallback(): JSX.Element {
 	const handleReload = (): void => {
-		// Use history.push so the navigation stays within the base path prefix
-		// (window.location.href would strip any /signoz/ prefix).
-		history.push(ROUTES.HOME);
+		// Go to home page
+		window.location.href = ROUTES.HOME;
 	};
 
 	const { isCloudUser: isCloudUserVal } = useGetTenantLicense();

frontend/src/types/api/user/getResetPasswordToken.ts

@@ -1,15 +0,0 @@
-import { User } from 'types/reducer/app';
-
-export interface Props {
-	userId: User['userId'];
-}
-
-export interface GetResetPasswordToken {
-	token: string;
-	userId: string;
-}
-
-export interface PayloadProps {
-	data: GetResetPasswordToken;
-	status: string;
-}

frontend/src/utils/__tests__/getBasePath.test.ts

@@ -1,50 +0,0 @@
-import { getBasePath } from 'utils/getBasePath';
-
-/**
- * Contract tests for getBasePath().
- *
- * These lock down the exact DOM-reading contract so that any future change to
- * the utility (or to how index.html injects the <base> tag) surfaces
- * immediately as a test failure.
- */
-describe('getBasePath', () => {
-	afterEach(() => {
-		// Remove any <base> elements added during the test.
-		document.head.querySelectorAll('base').forEach((el) => el.remove());
-	});
-
-	it('returns the href from the <base> tag when present', () => {
-		const base = document.createElement('base');
-		base.setAttribute('href', '/signoz/');
-		document.head.appendChild(base);
-
-		expect(getBasePath()).toBe('/signoz/');
-	});
-
-	it('returns "/" when no <base> tag exists in the document', () => {
-		expect(getBasePath()).toBe('/');
-	});
-
-	it('returns "/" when the <base> tag has no href attribute', () => {
-		const base = document.createElement('base');
-		document.head.appendChild(base);
-
-		expect(getBasePath()).toBe('/');
-	});
-
-	it('returns the href unchanged when it already has a trailing slash', () => {
-		const base = document.createElement('base');
-		base.setAttribute('href', '/my/nested/path/');
-		document.head.appendChild(base);
-
-		expect(getBasePath()).toBe('/my/nested/path/');
-	});
-
-	it('appends a trailing slash when the href is missing one', () => {
-		const base = document.createElement('base');
-		base.setAttribute('href', '/signoz');
-		document.head.appendChild(base);
-
-		expect(getBasePath()).toBe('/signoz/');
-	});
-});

frontend/src/utils/getBasePath.ts

@@ -1,17 +0,0 @@
-/**
- * Returns the base path for this SigNoz deployment by reading the
- * `<base href>` element injected into index.html by the Go backend at
- * serve time.
- *
- * Always returns a string ending with `/` (e.g. `/`, `/signoz/`).
- * Falls back to `/` when no `<base>` element is present so the app
- * behaves correctly in local Vite dev and unit-test environments.
- *
- * @internal — consume through `src/lib/history` and the axios interceptor;
- * do not read `<base>` directly anywhere else in the codebase.
- */
-export function getBasePath(): string {
-	const href = document.querySelector('base')?.getAttribute('href') ?? '/';
-	// Trailing slash is required for relative asset resolution and API prefixing.
-	return href.endsWith('/') ? href : `${href}/`;
-}

frontend/vite.config.ts

@@ -10,18 +10,6 @@ import { createHtmlPlugin } from 'vite-plugin-html';
 import { ViteImageOptimizer } from 'vite-plugin-image-optimizer';
 import tsconfigPaths from 'vite-tsconfig-paths';
 
-// In dev the Go backend is not involved, so replace the [[.BasePath]] placeholder
-// with "/" so relative assets resolve correctly from the Vite dev server.
-function devBasePathPlugin(): Plugin {
-	return {
-		name: 'dev-base-path',
-		apply: 'serve',
-		transformIndexHtml(html): string {
-			return html.replace('[[.BasePath]]', '/');
-		},
-	};
-}
-
 function rawMarkdownPlugin(): Plugin {
 	return {
 		name: 'raw-markdown',
@@ -44,7 +32,6 @@ export default defineConfig(
 		const plugins = [
 			tsconfigPaths(),
 			rawMarkdownPlugin(),
-			devBasePathPlugin(),
 			react(),
 			createHtmlPlugin({
 				inject: {
@@ -137,7 +124,6 @@ export default defineConfig(
 				'process.env.TUNNEL_DOMAIN': JSON.stringify(env.VITE_TUNNEL_DOMAIN),
 				'process.env.DOCS_BASE_URL': JSON.stringify(env.VITE_DOCS_BASE_URL),
 			},
-			base: './',
 			build: {
 				sourcemap: true,
 				outDir: 'build',

go.mod

@@ -15,7 +15,6 @@ require (
 	github.com/coreos/go-oidc/v3 v3.17.0
 	github.com/dgraph-io/ristretto/v2 v2.3.0
 	github.com/dustin/go-humanize v1.0.1
-	github.com/emersion/go-smtp v0.24.0
 	github.com/gin-gonic/gin v1.11.0
 	github.com/go-co-op/gocron v1.30.1
 	github.com/go-openapi/runtime v0.29.2
@@ -112,7 +111,6 @@ require (
 	github.com/bytedance/sonic v1.14.1 // indirect
 	github.com/bytedance/sonic/loader v0.3.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
-	github.com/emersion/go-sasl v0.0.0-20241020182733-b788ff22d5a6 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
 	github.com/go-openapi/swag/cmdutils v0.25.4 // indirect
 	github.com/go-openapi/swag/conv v0.25.4 // indirect
@@ -166,7 +164,7 @@ require (
 	github.com/ClickHouse/ch-go v0.67.0 // indirect
 	github.com/Masterminds/squirrel v1.5.4 // indirect
 	github.com/Yiling-J/theine-go v0.6.2 // indirect
-	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b
+	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b // indirect
 	github.com/andybalholm/brotli v1.2.0 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/beevik/etree v1.1.0 // indirect

pkg/alertmanager/alertmanagernotify/email/email.go

@@ -1,431 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package email
-
-import (
-	"bytes"
-	"context"
-	"crypto/tls"
-	"fmt"
-	"log/slog"
-	"math/rand"
-	"mime"
-	"mime/multipart"
-	"mime/quotedprintable"
-	"net"
-	"net/mail"
-	"net/smtp"
-	"net/textproto"
-	"os"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "email"
-)
-
-// Email implements a Notifier for email notifications.
-type Email struct {
-	conf     *config.EmailConfig
-	tmpl     *template.Template
-	logger   *slog.Logger
-	hostname string
-}
-
-var errNoAuthUsernameConfigured = errors.NewInternalf(errors.CodeInternal, "no auth username configured")
-
-// New returns a new Email notifier.
-func New(c *config.EmailConfig, t *template.Template, l *slog.Logger) *Email {
-	if _, ok := c.Headers["Subject"]; !ok {
-		c.Headers["Subject"] = config.DefaultEmailSubject
-	}
-	if _, ok := c.Headers["To"]; !ok {
-		c.Headers["To"] = c.To
-	}
-	if _, ok := c.Headers["From"]; !ok {
-		c.Headers["From"] = c.From
-	}
-
-	h, err := os.Hostname()
-	// If we can't get the hostname, we'll use localhost
-	if err != nil {
-		h = "localhost.localdomain"
-	}
-	return &Email{conf: c, tmpl: t, logger: l, hostname: h}
-}
-
-// auth resolves a string of authentication mechanisms.
-func (n *Email) auth(mechs string) (smtp.Auth, error) {
-	username := n.conf.AuthUsername
-
-	// If no username is set, return custom error which can be ignored if needed.
-	if strings.TrimSpace(username) == "" {
-		return nil, errNoAuthUsernameConfigured
-	}
-
-	var errs error
-	for mech := range strings.SplitSeq(mechs, " ") {
-		switch mech {
-		case "CRAM-MD5":
-			secret, secretErr := n.getAuthSecret()
-			if secretErr != nil {
-				errs = errors.Join(errs, secretErr)
-				continue
-			}
-			if secret == "" {
-				errs = errors.Join(errs, errors.NewInternalf(errors.CodeInternal, "missing secret for CRAM-MD5 auth mechanism"))
-				continue
-			}
-			return smtp.CRAMMD5Auth(username, secret), nil
-
-		case "PLAIN":
-			password, passwordErr := n.getPassword()
-			if passwordErr != nil {
-				errs = errors.Join(errs, passwordErr)
-				continue
-			}
-			if password == "" {
-				errs = errors.Join(errs, errors.NewInternalf(errors.CodeInternal, "missing password for PLAIN auth mechanism"))
-				continue
-			}
-			return smtp.PlainAuth(n.conf.AuthIdentity, username, password, n.conf.Smarthost.Host), nil
-		case "LOGIN":
-			password, passwordErr := n.getPassword()
-			if passwordErr != nil {
-				errs = errors.Join(errs, passwordErr)
-				continue
-			}
-			if password == "" {
-				errs = errors.Join(errs, errors.NewInternalf(errors.CodeInternal, "missing password for LOGIN auth mechanism"))
-				continue
-			}
-			return LoginAuth(username, password), nil
-		default:
-			errs = errors.Join(errs, errors.NewInternalf(errors.CodeUnsupported, "unknown auth mechanism: %s", mech))
-		}
-	}
-	return nil, errs
-}
-
-// Notify implements the Notifier interface.
-func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	var (
-		c       *smtp.Client
-		conn    net.Conn
-		err     error
-		success = false
-	)
-	// Determine whether to use Implicit TLS
-	var useImplicitTLS bool
-	if n.conf.ForceImplicitTLS != nil {
-		useImplicitTLS = *n.conf.ForceImplicitTLS
-	} else {
-		// Default logic: port 465 uses implicit TLS (backward compatibility)
-		useImplicitTLS = n.conf.Smarthost.Port == "465"
-	}
-
-	if useImplicitTLS {
-		tlsConfig, err := commoncfg.NewTLSConfig(n.conf.TLSConfig)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "parse TLS configuration")
-		}
-		if tlsConfig.ServerName == "" {
-			tlsConfig.ServerName = n.conf.Smarthost.Host
-		}
-
-		conn, err = tls.Dial("tcp", n.conf.Smarthost.String(), tlsConfig)
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "establish TLS connection to server")
-		}
-	} else {
-		var (
-			d   = net.Dialer{}
-			err error
-		)
-		conn, err = d.DialContext(ctx, "tcp", n.conf.Smarthost.String())
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "establish connection to server")
-		}
-	}
-	c, err = smtp.NewClient(conn, n.conf.Smarthost.Host)
-	if err != nil {
-		conn.Close()
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "create SMTP client")
-	}
-	defer func() {
-		// Try to clean up after ourselves but don't log anything if something has failed.
-		if err := c.Quit(); success && err != nil {
-			n.logger.WarnContext(ctx, "failed to close SMTP connection", slog.Any("err", err))
-		}
-	}()
-
-	if n.conf.Hello != "" {
-		err = c.Hello(n.conf.Hello)
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send EHLO command")
-		}
-	}
-
-	// Global Config guarantees RequireTLS is not nil.
-	if *n.conf.RequireTLS && !useImplicitTLS {
-		if ok, _ := c.Extension("STARTTLS"); !ok {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "'require_tls' is true (default) but %q does not advertise the STARTTLS extension", n.conf.Smarthost)
-		}
-
-		tlsConf, err := commoncfg.NewTLSConfig(n.conf.TLSConfig)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "parse TLS configuration")
-		}
-		if tlsConf.ServerName == "" {
-			tlsConf.ServerName = n.conf.Smarthost.Host
-		}
-
-		if err := c.StartTLS(tlsConf); err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send STARTTLS command")
-		}
-	}
-
-	if ok, mech := c.Extension("AUTH"); ok {
-		auth, err := n.auth(mech)
-		if err != nil && err != errNoAuthUsernameConfigured {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "find auth mechanism")
-		} else if err == errNoAuthUsernameConfigured {
-			n.logger.DebugContext(ctx, "no auth username configured. Attempting to send email without authenticating")
-		}
-		if auth != nil {
-			if err := c.Auth(auth); err != nil {
-				return true, errors.WrapInternalf(err, errors.CodeInternal, "%T auth", auth)
-			}
-		}
-	}
-
-	var (
-		tmplErr error
-		data    = notify.GetTemplateData(ctx, n.tmpl, as, n.logger)
-		tmpl    = notify.TmplText(n.tmpl, data, &tmplErr)
-	)
-	from := tmpl(n.conf.From)
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "execute 'from' template")
-	}
-	to := tmpl(n.conf.To)
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "execute 'to' template")
-	}
-
-	addrs, err := mail.ParseAddressList(from)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "parse 'from' addresses")
-	}
-	if len(addrs) != 1 {
-		return false, errors.NewInternalf(errors.CodeInternal, "must be exactly one 'from' address (got: %d)", len(addrs))
-	}
-	if err = c.Mail(addrs[0].Address); err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "send MAIL command")
-	}
-	addrs, err = mail.ParseAddressList(to)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "parse 'to' addresses")
-	}
-	for _, addr := range addrs {
-		if err = c.Rcpt(addr.Address); err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send RCPT command")
-		}
-	}
-
-	// Send the email headers and body.
-	message, err := c.Data()
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "send DATA command")
-	}
-	closeOnce := sync.OnceValue(func() error {
-		return message.Close()
-	})
-	// Close the message when this method exits in order to not leak resources. Even though we're calling this explicitly
-	// further down, the method may exit before then.
-	defer func() {
-		// If we try close an already-closed writer, it'll send a subsequent request to the server which is invalid.
-		_ = closeOnce()
-	}()
-
-	buffer := &bytes.Buffer{}
-	for header, t := range n.conf.Headers {
-		value, err := n.tmpl.ExecuteTextString(t, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute %q header template", header)
-		}
-		fmt.Fprintf(buffer, "%s: %s\r\n", header, mime.QEncoding.Encode("utf-8", value))
-	}
-
-	if _, ok := n.conf.Headers["Message-Id"]; !ok {
-		fmt.Fprintf(buffer, "Message-Id: %s\r\n", fmt.Sprintf("<%d.%d@%s>", time.Now().UnixNano(), rand.Uint64(), n.hostname))
-	}
-
-	if n.conf.Threading.Enabled {
-		key, err := notify.ExtractGroupKey(ctx)
-		if err != nil {
-			return false, err
-		}
-		// Add threading headers. All notifications for the same alert group
-		// (identified by key hash) are threaded together.
-		threadBy := ""
-		if n.conf.Threading.ThreadByDate != "none" {
-			// ThreadByDate is 'daily':
-			// Use current date so all mails for this alert today thread together.
-			threadBy = time.Now().Format("2006-01-02")
-		}
-		keyHash := key.Hash()
-		if len(keyHash) > 16 {
-			keyHash = keyHash[:16]
-		}
-		// The thread root ID is a Message-ID that doesn't correspond to
-		// any actual email. Email clients following the (commonly used) JWZ
-		// algorithm will create a dummy container to group these messages.
-		threadRootID := fmt.Sprintf("<alert-%s-%s@alertmanager>", keyHash, threadBy)
-		fmt.Fprintf(buffer, "References: %s\r\n", threadRootID)
-		fmt.Fprintf(buffer, "In-Reply-To: %s\r\n", threadRootID)
-	}
-
-	multipartBuffer := &bytes.Buffer{}
-	multipartWriter := multipart.NewWriter(multipartBuffer)
-
-	fmt.Fprintf(buffer, "Date: %s\r\n", time.Now().Format(time.RFC1123Z))
-	fmt.Fprintf(buffer, "Content-Type: multipart/alternative;  boundary=%s\r\n", multipartWriter.Boundary())
-	fmt.Fprintf(buffer, "MIME-Version: 1.0\r\n\r\n")
-
-	// TODO: Add some useful headers here, such as URL of the alertmanager
-	// and active/resolved.
-	_, err = message.Write(buffer.Bytes())
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "write headers")
-	}
-
-	if len(n.conf.Text) > 0 {
-		// Text template
-		w, err := multipartWriter.CreatePart(textproto.MIMEHeader{
-			"Content-Transfer-Encoding": {"quoted-printable"},
-			"Content-Type":              {"text/plain; charset=UTF-8"},
-		})
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "create part for text template")
-		}
-		body, err := n.tmpl.ExecuteTextString(n.conf.Text, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute text template")
-		}
-		qw := quotedprintable.NewWriter(w)
-		_, err = qw.Write([]byte(body))
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "write text part")
-		}
-		err = qw.Close()
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "close text part")
-		}
-	}
-
-	if len(n.conf.HTML) > 0 {
-		// Html template
-		// Preferred alternative placed last per section 5.1.4 of RFC 2046
-		// https://www.ietf.org/rfc/rfc2046.txt
-		w, err := multipartWriter.CreatePart(textproto.MIMEHeader{
-			"Content-Transfer-Encoding": {"quoted-printable"},
-			"Content-Type":              {"text/html; charset=UTF-8"},
-		})
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "create part for html template")
-		}
-		body, err := n.tmpl.ExecuteHTMLString(n.conf.HTML, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute html template")
-		}
-		qw := quotedprintable.NewWriter(w)
-		_, err = qw.Write([]byte(body))
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "write HTML part")
-		}
-		err = qw.Close()
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "close HTML part")
-		}
-	}
-
-	err = multipartWriter.Close()
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "close multipartWriter")
-	}
-
-	_, err = message.Write(multipartBuffer.Bytes())
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "write body buffer")
-	}
-
-	// Complete the message and await response.
-	if err = closeOnce(); err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "delivery failure")
-	}
-
-	success = true
-	return false, nil
-}
-
-type loginAuth struct {
-	username, password string
-}
-
-func LoginAuth(username, password string) smtp.Auth {
-	return &loginAuth{username, password}
-}
-
-func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
-	return "LOGIN", []byte{}, nil
-}
-
-// Used for AUTH LOGIN. (Maybe password should be encrypted).
-func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
-	if more {
-		switch strings.ToLower(string(fromServer)) {
-		case "username:":
-			return []byte(a.username), nil
-		case "password:":
-			return []byte(a.password), nil
-		default:
-			return nil, errors.NewInternalf(errors.CodeInternal, "unexpected server challenge")
-		}
-	}
-	return nil, nil
-}
-
-func (n *Email) getPassword() (string, error) {
-	if len(n.conf.AuthPasswordFile) > 0 {
-		content, err := os.ReadFile(n.conf.AuthPasswordFile)
-		if err != nil {
-			return "", errors.NewInternalf(errors.CodeInternal, "could not read %s: %v", n.conf.AuthPasswordFile, err)
-		}
-		return strings.TrimSpace(string(content)), nil
-	}
-	return string(n.conf.AuthPassword), nil
-}
-
-func (n *Email) getAuthSecret() (string, error) {
-	if len(n.conf.AuthSecretFile) > 0 {
-		content, err := os.ReadFile(n.conf.AuthSecretFile)
-		if err != nil {
-			return "", errors.NewInternalf(errors.CodeInternal, "could not read %s: %v", n.conf.AuthSecretFile, err)
-		}
-		return string(content), nil
-	}
-	return string(n.conf.AuthSecret), nil
-}

pkg/alertmanager/alertmanagernotify/msteamsv2/msteamsv2.go

@@ -1,7 +1,3 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
 package msteamsv2
 
 import (
@@ -31,10 +27,6 @@ const (
 	colorGrey  = "Warning"
 )
 
-const (
-	Integration = "msteamsv2"
-)
-
 type Notifier struct {
 	conf         *config.MSTeamsV2Config
 	titleLink    string
@@ -95,7 +87,7 @@ type teamsMessage struct {
 
 // New returns a new notifier that uses the Microsoft Teams Power Platform connector.
 func New(c *config.MSTeamsV2Config, t *template.Template, titleLink string, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
+	client, err := commoncfg.NewClientFromConfig(*c.HTTPConfig, "msteamsv2", httpOpts...)
 	if err != nil {
 		return nil, err
 	}

pkg/alertmanager/alertmanagernotify/msteamsv2/msteamsv2_test.go

@@ -1,7 +1,3 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
 package msteamsv2
 
 import (

pkg/alertmanager/alertmanagernotify/opsgenie/api_key_file

@@ -1,2 +0,0 @@
-my_secret_api_key
-

pkg/alertmanager/alertmanagernotify/opsgenie/opsgenie.go

@@ -1,294 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package opsgenie
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"log/slog"
-	"maps"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "opsgenie"
-)
-
-// https://docs.opsgenie.com/docs/alert-api - 130 characters meaning runes.
-const maxMessageLenRunes = 130
-
-// Notifier implements a Notifier for OpsGenie notifications.
-type Notifier struct {
-	conf    *config.OpsGenieConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new OpsGenie notifier.
-func New(c *config.OpsGenieConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return &Notifier{
-		conf:    c,
-		tmpl:    t,
-		logger:  l,
-		client:  client,
-		retrier: &notify.Retrier{RetryCodes: []int{http.StatusTooManyRequests}},
-	}, nil
-}
-
-type opsGenieCreateMessage struct {
-	Alias       string                           `json:"alias"`
-	Message     string                           `json:"message"`
-	Description string                           `json:"description,omitempty"`
-	Details     map[string]string                `json:"details"`
-	Source      string                           `json:"source"`
-	Responders  []opsGenieCreateMessageResponder `json:"responders,omitempty"`
-	Tags        []string                         `json:"tags,omitempty"`
-	Note        string                           `json:"note,omitempty"`
-	Priority    string                           `json:"priority,omitempty"`
-	Entity      string                           `json:"entity,omitempty"`
-	Actions     []string                         `json:"actions,omitempty"`
-}
-
-type opsGenieCreateMessageResponder struct {
-	ID       string `json:"id,omitempty"`
-	Name     string `json:"name,omitempty"`
-	Username string `json:"username,omitempty"`
-	Type     string `json:"type"` // team, user, escalation, schedule etc.
-}
-
-type opsGenieCloseMessage struct {
-	Source string `json:"source"`
-}
-
-type opsGenieUpdateMessageMessage struct {
-	Message string `json:"message,omitempty"`
-}
-
-type opsGenieUpdateDescriptionMessage struct {
-	Description string `json:"description,omitempty"`
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	requests, retry, err := n.createRequests(ctx, as...)
-	if err != nil {
-		return retry, err
-	}
-
-	for _, req := range requests {
-		req.Header.Set("User-Agent", notify.UserAgentHeader)
-		resp, err := n.client.Do(req) //nolint:bodyclose
-		if err != nil {
-			return true, err
-		}
-		shouldRetry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-		notify.Drain(resp)
-		if err != nil {
-			return shouldRetry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-		}
-	}
-	return true, nil
-}
-
-// Like Split but filter out empty strings.
-func safeSplit(s, sep string) []string {
-	a := strings.Split(strings.TrimSpace(s), sep)
-	b := a[:0]
-	for _, x := range a {
-		if x != "" {
-			b = append(b, x)
-		}
-	}
-	return b
-}
-
-// Create requests for a list of alerts.
-func (n *Notifier) createRequests(ctx context.Context, as ...*types.Alert) ([]*http.Request, bool, error) {
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return nil, false, err
-	}
-	logger := n.logger.With(slog.Any("group_key", key))
-	logger.DebugContext(ctx, "extracted group key")
-
-	data := notify.GetTemplateData(ctx, n.tmpl, as, logger)
-
-	tmpl := notify.TmplText(n.tmpl, data, &err)
-
-	details := make(map[string]string)
-
-	maps.Copy(details, data.CommonLabels)
-
-	for k, v := range n.conf.Details {
-		details[k] = tmpl(v)
-	}
-
-	requests := []*http.Request{}
-
-	var (
-		alias  = key.Hash()
-		alerts = types.Alerts(as...)
-	)
-	switch alerts.Status() {
-	case model.AlertResolved:
-		resolvedEndpointURL := n.conf.APIURL.Copy()
-		resolvedEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/close", alias)
-		q := resolvedEndpointURL.Query()
-		q.Set("identifierType", "alias")
-		resolvedEndpointURL.RawQuery = q.Encode()
-		msg := &opsGenieCloseMessage{Source: tmpl(n.conf.Source)}
-		var buf bytes.Buffer
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return nil, false, err
-		}
-		req, err := http.NewRequest("POST", resolvedEndpointURL.String(), &buf)
-		if err != nil {
-			return nil, true, err
-		}
-		requests = append(requests, req.WithContext(ctx))
-	default:
-		message, truncated := notify.TruncateInRunes(tmpl(n.conf.Message), maxMessageLenRunes)
-		if truncated {
-			logger.WarnContext(ctx, "Truncated message", slog.Any("alert", key), slog.Int("max_runes", maxMessageLenRunes))
-		}
-
-		createEndpointURL := n.conf.APIURL.Copy()
-		createEndpointURL.Path += "v2/alerts"
-
-		var responders []opsGenieCreateMessageResponder
-		for _, r := range n.conf.Responders {
-			responder := opsGenieCreateMessageResponder{
-				ID:       tmpl(r.ID),
-				Name:     tmpl(r.Name),
-				Username: tmpl(r.Username),
-				Type:     tmpl(r.Type),
-			}
-
-			if responder == (opsGenieCreateMessageResponder{}) {
-				// Filter out empty responders. This is useful if you want to fill
-				// responders dynamically from alert's common labels.
-				continue
-			}
-
-			if responder.Type == "teams" {
-				teams := safeSplit(responder.Name, ",")
-				for _, team := range teams {
-					newResponder := opsGenieCreateMessageResponder{
-						Name: tmpl(team),
-						Type: tmpl("team"),
-					}
-					responders = append(responders, newResponder)
-				}
-				continue
-			}
-
-			responders = append(responders, responder)
-		}
-
-		msg := &opsGenieCreateMessage{
-			Alias:       alias,
-			Message:     message,
-			Description: tmpl(n.conf.Description),
-			Details:     details,
-			Source:      tmpl(n.conf.Source),
-			Responders:  responders,
-			Tags:        safeSplit(tmpl(n.conf.Tags), ","),
-			Note:        tmpl(n.conf.Note),
-			Priority:    tmpl(n.conf.Priority),
-			Entity:      tmpl(n.conf.Entity),
-			Actions:     safeSplit(tmpl(n.conf.Actions), ","),
-		}
-		var buf bytes.Buffer
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return nil, false, err
-		}
-		req, err := http.NewRequest("POST", createEndpointURL.String(), &buf)
-		if err != nil {
-			return nil, true, err
-		}
-		requests = append(requests, req.WithContext(ctx))
-
-		if n.conf.UpdateAlerts {
-			updateMessageEndpointURL := n.conf.APIURL.Copy()
-			updateMessageEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/message", alias)
-			q := updateMessageEndpointURL.Query()
-			q.Set("identifierType", "alias")
-			updateMessageEndpointURL.RawQuery = q.Encode()
-			updateMsgMsg := &opsGenieUpdateMessageMessage{
-				Message: msg.Message,
-			}
-			var updateMessageBuf bytes.Buffer
-			if err := json.NewEncoder(&updateMessageBuf).Encode(updateMsgMsg); err != nil {
-				return nil, false, err
-			}
-			req, err := http.NewRequest("PUT", updateMessageEndpointURL.String(), &updateMessageBuf)
-			if err != nil {
-				return nil, true, err
-			}
-			requests = append(requests, req)
-
-			updateDescriptionEndpointURL := n.conf.APIURL.Copy()
-			updateDescriptionEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/description", alias)
-			q = updateDescriptionEndpointURL.Query()
-			q.Set("identifierType", "alias")
-			updateDescriptionEndpointURL.RawQuery = q.Encode()
-			updateDescMsg := &opsGenieUpdateDescriptionMessage{
-				Description: msg.Description,
-			}
-
-			var updateDescriptionBuf bytes.Buffer
-			if err := json.NewEncoder(&updateDescriptionBuf).Encode(updateDescMsg); err != nil {
-				return nil, false, err
-			}
-			req, err = http.NewRequest("PUT", updateDescriptionEndpointURL.String(), &updateDescriptionBuf)
-			if err != nil {
-				return nil, true, err
-			}
-			requests = append(requests, req.WithContext(ctx))
-		}
-	}
-
-	var apiKey string
-	if n.conf.APIKey != "" {
-		apiKey = tmpl(string(n.conf.APIKey))
-	} else {
-		content, err := os.ReadFile(n.conf.APIKeyFile)
-		if err != nil {
-			return nil, false, errors.WrapInternalf(err, errors.CodeInternal, "read key_file error")
-		}
-		apiKey = tmpl(string(content))
-		apiKey = strings.TrimSpace(string(apiKey))
-	}
-
-	if err != nil {
-		return nil, false, errors.WrapInternalf(err, errors.CodeInternal, "templating error")
-	}
-
-	for _, req := range requests {
-		req.Header.Set("Content-Type", "application/json")
-		req.Header.Set("Authorization", fmt.Sprintf("GenieKey %s", apiKey))
-	}
-
-	return requests, true, nil
-}

pkg/alertmanager/alertmanagernotify/opsgenie/opsgenie_test.go

@@ -1,337 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package opsgenie
-
-import (
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"os"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestOpsGenieRetry(t *testing.T) {
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusTooManyRequests)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "error on status %d", statusCode)
-	}
-}
-
-func TestOpsGenieRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "key"
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			APIURL:     &config.URL{URL: u},
-			APIKey:     config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestGettingOpsGegineApikeyFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "key"
-
-	f, err := os.CreateTemp(t.TempDir(), "opsgenie_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			APIURL:     &config.URL{URL: u},
-			APIKeyFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestOpsGenie(t *testing.T) {
-	u, err := url.Parse("https://opsgenie/api")
-	if err != nil {
-		t.Fatalf("failed to parse URL: %v", err)
-	}
-	logger := promslog.NewNopLogger()
-	tmpl := test.CreateTmpl(t)
-
-	for _, tc := range []struct {
-		title string
-		cfg   *config.OpsGenieConfig
-
-		expectedEmptyAlertBody string
-		expectedBody           string
-	}{
-		{
-			title: "config without details",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName1 }}`,
-						Type: `{{ .CommonLabels.ResponderType1 }}`,
-					},
-					{
-						Name: `{{ .CommonLabels.ResponderName2 }}`,
-						Type: `{{ .CommonLabels.ResponderType2 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				Entity:     `{{ .CommonLabels.Entity }}`,
-				Actions:    `{{ .CommonLabels.Actions }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"EscalationA","type":"escalation"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1","entity":"test-domain","actions":["doThis","doThat"]}
-`,
-		},
-		{
-			title: "config with details",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Details: map[string]string{
-					"Description": `adjusted {{ .CommonLabels.Description }}`,
-				},
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName1 }}`,
-						Type: `{{ .CommonLabels.ResponderType1 }}`,
-					},
-					{
-						Name: `{{ .CommonLabels.ResponderName2 }}`,
-						Type: `{{ .CommonLabels.ResponderType2 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				Entity:     `{{ .CommonLabels.Entity }}`,
-				Actions:    `{{ .CommonLabels.Actions }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{"Description":"adjusted "},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"adjusted description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"EscalationA","type":"escalation"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1","entity":"test-domain","actions":["doThis","doThat"]}
-`,
-		},
-		{
-			title: "config with multiple teams",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Details: map[string]string{
-					"Description": `adjusted {{ .CommonLabels.Description }}`,
-				},
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName3 }}`,
-						Type: `{{ .CommonLabels.ResponderType3 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{"Description":"adjusted "},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"adjusted description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"TeamB","type":"team"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1"}
-`,
-		},
-	} {
-		t.Run(tc.title, func(t *testing.T) {
-			notifier, err := New(tc.cfg, tmpl, logger)
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			expectedURL, _ := url.Parse("https://opsgenie/apiv2/alerts")
-
-			// Empty alert.
-			alert1 := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-
-			req, retry, err := notifier.createRequests(ctx, alert1)
-			require.NoError(t, err)
-			require.Len(t, req, 1)
-			require.True(t, retry)
-			require.Equal(t, expectedURL, req[0].URL)
-			require.Equal(t, "GenieKey http://am", req[0].Header.Get("Authorization"))
-			require.Equal(t, tc.expectedEmptyAlertBody, readBody(t, req[0]))
-
-			// Fully defined alert.
-			alert2 := &types.Alert{
-				Alert: model.Alert{
-					Labels: model.LabelSet{
-						"Message":        "message",
-						"Description":    "description",
-						"Source":         "http://prometheus",
-						"ResponderName1": "TeamA",
-						"ResponderType1": "team",
-						"ResponderName2": "EscalationA",
-						"ResponderType2": "escalation",
-						"ResponderName3": "TeamA,TeamB",
-						"ResponderType3": "teams",
-						"Tags":           "tag1,tag2",
-						"Note":           "this is a note",
-						"Priority":       "P1",
-						"Entity":         "test-domain",
-						"Actions":        "doThis,doThat",
-					},
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			req, retry, err = notifier.createRequests(ctx, alert2)
-			require.NoError(t, err)
-			require.True(t, retry)
-			require.Len(t, req, 1)
-			require.Equal(t, tc.expectedBody, readBody(t, req[0]))
-
-			// Broken API Key Template.
-			tc.cfg.APIKey = "{{ kaput "
-			_, _, err = notifier.createRequests(ctx, alert2)
-			require.Error(t, err)
-			require.Equal(t, "template: :1: function \"kaput\" not defined", err.Error())
-		})
-	}
-}
-
-func TestOpsGenieWithUpdate(t *testing.T) {
-	u, err := url.Parse("https://test-opsgenie-url")
-	require.NoError(t, err)
-	tmpl := test.CreateTmpl(t)
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-	opsGenieConfigWithUpdate := config.OpsGenieConfig{
-		Message:      `{{ .CommonLabels.Message }}`,
-		Description:  `{{ .CommonLabels.Description }}`,
-		UpdateAlerts: true,
-		APIKey:       "test-api-key",
-		APIURL:       &config.URL{URL: u},
-		HTTPConfig:   &commoncfg.HTTPClientConfig{},
-	}
-	notifierWithUpdate, err := New(&opsGenieConfigWithUpdate, tmpl, promslog.NewNopLogger())
-	alert := &types.Alert{
-		Alert: model.Alert{
-			StartsAt: time.Now(),
-			EndsAt:   time.Now().Add(time.Hour),
-			Labels: model.LabelSet{
-				"Message":     "new message",
-				"Description": "new description",
-			},
-		},
-	}
-	require.NoError(t, err)
-	requests, retry, err := notifierWithUpdate.createRequests(ctx, alert)
-	require.NoError(t, err)
-	require.True(t, retry)
-	require.Len(t, requests, 3)
-
-	body0 := readBody(t, requests[0])
-	body1 := readBody(t, requests[1])
-	body2 := readBody(t, requests[2])
-	key, _ := notify.ExtractGroupKey(ctx)
-	alias := key.Hash()
-
-	require.Equal(t, "https://test-opsgenie-url/v2/alerts", requests[0].URL.String())
-	require.NotEmpty(t, body0)
-
-	require.Equal(t, requests[1].URL.String(), fmt.Sprintf("https://test-opsgenie-url/v2/alerts/%s/message?identifierType=alias", alias))
-	require.JSONEq(t, `{"message":"new message"}`, body1)
-	require.Equal(t, requests[2].URL.String(), fmt.Sprintf("https://test-opsgenie-url/v2/alerts/%s/description?identifierType=alias", alias))
-	require.JSONEq(t, `{"description":"new description"}`, body2)
-}
-
-func TestOpsGenieApiKeyFile(t *testing.T) {
-	u, err := url.Parse("https://test-opsgenie-url")
-	require.NoError(t, err)
-	tmpl := test.CreateTmpl(t)
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-	opsGenieConfigWithUpdate := config.OpsGenieConfig{
-		APIKeyFile: `./api_key_file`,
-		APIURL:     &config.URL{URL: u},
-		HTTPConfig: &commoncfg.HTTPClientConfig{},
-	}
-	notifierWithUpdate, err := New(&opsGenieConfigWithUpdate, tmpl, promslog.NewNopLogger())
-
-	require.NoError(t, err)
-	requests, _, err := notifierWithUpdate.createRequests(ctx)
-	require.NoError(t, err)
-	require.Equal(t, "GenieKey my_secret_api_key", requests[0].Header.Get("Authorization"))
-}
-
-func readBody(t *testing.T, r *http.Request) string {
-	t.Helper()
-	body, err := io.ReadAll(r.Body)
-	require.NoError(t, err)
-	return string(body)
-}

pkg/alertmanager/alertmanagernotify/pagerduty/pagerduty.go

@@ -1,378 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package pagerduty
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/alecthomas/units"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "pagerduty"
-)
-
-const (
-	maxEventSize int = 512000
-	// https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTc4-send-a-v1-event - 1024 characters or runes.
-	maxV1DescriptionLenRunes = 1024
-	// https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event - 1024 characters or runes.
-	maxV2SummaryLenRunes = 1024
-)
-
-// Notifier implements a Notifier for PagerDuty notifications.
-type Notifier struct {
-	conf    *config.PagerdutyConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	apiV1   string // for tests.
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new PagerDuty notifier.
-func New(c *config.PagerdutyConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	n := &Notifier{conf: c, tmpl: t, logger: l, client: client}
-	if c.ServiceKey != "" || c.ServiceKeyFile != "" {
-		n.apiV1 = "https://events.pagerduty.com/generic/2010-04-15/create_event.json"
-		// Retrying can solve the issue on 403 (rate limiting) and 5xx response codes.
-		// https://developer.pagerduty.com/docs/events-api-v1-overview#api-response-codes--retry-logic
-		n.retrier = &notify.Retrier{RetryCodes: []int{http.StatusForbidden}, CustomDetailsFunc: errDetails}
-	} else {
-		// Retrying can solve the issue on 429 (rate limiting) and 5xx response codes.
-		// https://developer.pagerduty.com/docs/events-api-v2-overview#response-codes--retry-logic
-		n.retrier = &notify.Retrier{RetryCodes: []int{http.StatusTooManyRequests}, CustomDetailsFunc: errDetails}
-	}
-	return n, nil
-}
-
-const (
-	pagerDutyEventTrigger = "trigger"
-	pagerDutyEventResolve = "resolve"
-)
-
-type pagerDutyMessage struct {
-	RoutingKey  string            `json:"routing_key,omitempty"`
-	ServiceKey  string            `json:"service_key,omitempty"`
-	DedupKey    string            `json:"dedup_key,omitempty"`
-	IncidentKey string            `json:"incident_key,omitempty"`
-	EventType   string            `json:"event_type,omitempty"`
-	Description string            `json:"description,omitempty"`
-	EventAction string            `json:"event_action"`
-	Payload     *pagerDutyPayload `json:"payload"`
-	Client      string            `json:"client,omitempty"`
-	ClientURL   string            `json:"client_url,omitempty"`
-	Details     map[string]any    `json:"details,omitempty"`
-	Images      []pagerDutyImage  `json:"images,omitempty"`
-	Links       []pagerDutyLink   `json:"links,omitempty"`
-}
-
-type pagerDutyLink struct {
-	HRef string `json:"href"`
-	Text string `json:"text"`
-}
-
-type pagerDutyImage struct {
-	Src  string `json:"src"`
-	Alt  string `json:"alt"`
-	Href string `json:"href"`
-}
-
-type pagerDutyPayload struct {
-	Summary       string         `json:"summary"`
-	Source        string         `json:"source"`
-	Severity      string         `json:"severity"`
-	Timestamp     string         `json:"timestamp,omitempty"`
-	Class         string         `json:"class,omitempty"`
-	Component     string         `json:"component,omitempty"`
-	Group         string         `json:"group,omitempty"`
-	CustomDetails map[string]any `json:"custom_details,omitempty"`
-}
-
-func (n *Notifier) encodeMessage(ctx context.Context, msg *pagerDutyMessage) (bytes.Buffer, error) {
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-		return buf, errors.WrapInternalf(err, errors.CodeInternal, "failed to encode PagerDuty message")
-	}
-
-	if buf.Len() > maxEventSize {
-		truncatedMsg := fmt.Sprintf("Custom details have been removed because the original event exceeds the maximum size of %s", units.MetricBytes(maxEventSize).String())
-
-		if n.apiV1 != "" {
-			msg.Details = map[string]any{"error": truncatedMsg}
-		} else {
-			msg.Payload.CustomDetails = map[string]any{"error": truncatedMsg}
-		}
-
-		n.logger.WarnContext(ctx, "Truncated Details because message of size exceeds limit", slog.String("message_size", units.MetricBytes(buf.Len()).String()), slog.String("max_size", units.MetricBytes(maxEventSize).String()))
-
-		buf.Reset()
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return buf, errors.WrapInternalf(err, errors.CodeInternal, "failed to encode PagerDuty message")
-		}
-	}
-
-	return buf, nil
-}
-
-func (n *Notifier) notifyV1(
-	ctx context.Context,
-	eventType string,
-	key notify.Key,
-	data *template.Data,
-	details map[string]any,
-) (bool, error) {
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	description, truncated := notify.TruncateInRunes(tmpl(n.conf.Description), maxV1DescriptionLenRunes)
-	if truncated {
-		n.logger.WarnContext(ctx, "Truncated description", slog.Any("key", key), slog.Int("max_runes", maxV1DescriptionLenRunes))
-	}
-
-	serviceKey := string(n.conf.ServiceKey)
-	if serviceKey == "" {
-		content, fileErr := os.ReadFile(n.conf.ServiceKeyFile)
-		if fileErr != nil {
-			return false, errors.WrapInternalf(fileErr, errors.CodeInternal, "failed to read service key from file")
-		}
-		serviceKey = strings.TrimSpace(string(content))
-	}
-
-	msg := &pagerDutyMessage{
-		ServiceKey:  tmpl(serviceKey),
-		EventType:   eventType,
-		IncidentKey: key.Hash(),
-		Description: description,
-		Details:     details,
-	}
-
-	if eventType == pagerDutyEventTrigger {
-		msg.Client = tmpl(n.conf.Client)
-		msg.ClientURL = tmpl(n.conf.ClientURL)
-	}
-
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "failed to template PagerDuty v1 message")
-	}
-
-	// Ensure that the service key isn't empty after templating.
-	if msg.ServiceKey == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "service key cannot be empty")
-	}
-
-	encodedMsg, err := n.encodeMessage(ctx, msg)
-	if err != nil {
-		return false, err
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, n.apiV1, &encodedMsg) //nolint:bodyclose
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "failed to post message to PagerDuty v1")
-	}
-	defer notify.Drain(resp)
-
-	return n.retrier.Check(resp.StatusCode, resp.Body)
-}
-
-func (n *Notifier) notifyV2(
-	ctx context.Context,
-	eventType string,
-	key notify.Key,
-	data *template.Data,
-	details map[string]any,
-) (bool, error) {
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	if n.conf.Severity == "" {
-		n.conf.Severity = "error"
-	}
-
-	summary, truncated := notify.TruncateInRunes(tmpl(n.conf.Description), maxV2SummaryLenRunes)
-	if truncated {
-		n.logger.WarnContext(ctx, "Truncated summary", slog.Any("key", key), slog.Int("max_runes", maxV2SummaryLenRunes))
-	}
-
-	routingKey := string(n.conf.RoutingKey)
-	if routingKey == "" {
-		content, fileErr := os.ReadFile(n.conf.RoutingKeyFile)
-		if fileErr != nil {
-			return false, errors.WrapInternalf(fileErr, errors.CodeInternal, "failed to read routing key from file")
-		}
-		routingKey = strings.TrimSpace(string(content))
-	}
-
-	msg := &pagerDutyMessage{
-		Client:      tmpl(n.conf.Client),
-		ClientURL:   tmpl(n.conf.ClientURL),
-		RoutingKey:  tmpl(routingKey),
-		EventAction: eventType,
-		DedupKey:    key.Hash(),
-		Images:      make([]pagerDutyImage, 0, len(n.conf.Images)),
-		Links:       make([]pagerDutyLink, 0, len(n.conf.Links)),
-		Payload: &pagerDutyPayload{
-			Summary:       summary,
-			Source:        tmpl(n.conf.Source),
-			Severity:      tmpl(n.conf.Severity),
-			CustomDetails: details,
-			Class:         tmpl(n.conf.Class),
-			Component:     tmpl(n.conf.Component),
-			Group:         tmpl(n.conf.Group),
-		},
-	}
-
-	for _, item := range n.conf.Images {
-		image := pagerDutyImage{
-			Src:  tmpl(item.Src),
-			Alt:  tmpl(item.Alt),
-			Href: tmpl(item.Href),
-		}
-
-		if image.Src != "" {
-			msg.Images = append(msg.Images, image)
-		}
-	}
-
-	for _, item := range n.conf.Links {
-		link := pagerDutyLink{
-			HRef: tmpl(item.Href),
-			Text: tmpl(item.Text),
-		}
-
-		if link.HRef != "" {
-			msg.Links = append(msg.Links, link)
-		}
-	}
-
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "failed to template PagerDuty v2 message")
-	}
-
-	// Ensure that the routing key isn't empty after templating.
-	if msg.RoutingKey == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "routing key cannot be empty")
-	}
-
-	encodedMsg, err := n.encodeMessage(ctx, msg)
-	if err != nil {
-		return false, err
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, n.conf.URL.String(), &encodedMsg) //nolint:bodyclose
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "failed to post message to PagerDuty")
-	}
-	defer notify.Drain(resp)
-
-	retry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		return retry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-	return retry, err
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-	logger := n.logger.With(slog.Any("group_key", key))
-
-	var (
-		alerts    = types.Alerts(as...)
-		data      = notify.GetTemplateData(ctx, n.tmpl, as, logger)
-		eventType = pagerDutyEventTrigger
-	)
-
-	if alerts.Status() == model.AlertResolved {
-		eventType = pagerDutyEventResolve
-	}
-
-	logger.DebugContext(ctx, "extracted group key", slog.String("event_type", eventType))
-
-	details, err := n.renderDetails(data)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "failed to render details: %v", err)
-	}
-
-	if n.conf.Timeout > 0 {
-		nfCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured pagerduty timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = nfCtx
-	}
-
-	nf := n.notifyV2
-	if n.apiV1 != "" {
-		nf = n.notifyV1
-	}
-	retry, err := nf(ctx, eventType, key, data, details)
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.WrapInternalf(err, errors.CodeInternal, "failed to notify PagerDuty: %v", context.Cause(ctx))
-		}
-		return retry, err
-	}
-	return retry, nil
-}
-
-func errDetails(status int, body io.Reader) string {
-	// See https://v2.developer.pagerduty.com/docs/trigger-events for the v1 events API.
-	// See https://v2.developer.pagerduty.com/docs/send-an-event-events-api-v2 for the v2 events API.
-	if status != http.StatusBadRequest || body == nil {
-		return ""
-	}
-	var pgr struct {
-		Status  string   `json:"status"`
-		Message string   `json:"message"`
-		Errors  []string `json:"errors"`
-	}
-	if err := json.NewDecoder(body).Decode(&pgr); err != nil {
-		return ""
-	}
-	return fmt.Sprintf("%s: %s", pgr.Message, strings.Join(pgr.Errors, ","))
-}
-
-func (n *Notifier) renderDetails(
-	data *template.Data,
-) (map[string]any, error) {
-	var (
-		tmplTextErr  error
-		tmplText     = notify.TmplText(n.tmpl, data, &tmplTextErr)
-		tmplTextFunc = func(tmpl string) (string, error) {
-			return tmplText(tmpl), tmplTextErr
-		}
-	)
-	var err error
-	rendered := make(map[string]any, len(n.conf.Details))
-	for k, v := range n.conf.Details {
-		rendered[k], err = template.DeepCopyWithTemplate(v, tmplTextFunc)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return rendered, nil
-}

pkg/alertmanager/alertmanagernotify/pagerduty/pagerduty_test.go

@@ -1,883 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package pagerduty
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"strings"
-	"testing"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestPagerDutyRetryV1(t *testing.T) {
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusForbidden)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "retryv1 - error on status %d", statusCode)
-	}
-}
-
-func TestPagerDutyRetryV2(t *testing.T) {
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			RoutingKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusTooManyRequests)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "retryv2 - error on status %d", statusCode)
-	}
-}
-
-func TestPagerDutyRedactedURLV1(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "01234567890123456789012345678901"
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-	notifier.apiV1 = u.String()
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyRedactedURLV2(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "01234567890123456789012345678901"
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			URL:        &config.URL{URL: u},
-			RoutingKey: config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyV1ServiceKeyFromFile(t *testing.T) {
-	key := "01234567890123456789012345678901"
-	f, err := os.CreateTemp(t.TempDir(), "pagerduty_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKeyFile: f.Name(),
-			HTTPConfig:     &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-	notifier.apiV1 = u.String()
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyV2RoutingKeyFromFile(t *testing.T) {
-	key := "01234567890123456789012345678901"
-	f, err := os.CreateTemp(t.TempDir(), "pagerduty_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			URL:            &config.URL{URL: u},
-			RoutingKeyFile: f.Name(),
-			HTTPConfig:     &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyTemplating(t *testing.T) {
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		dec := json.NewDecoder(r.Body)
-		out := make(map[string]any)
-		err := dec.Decode(&out)
-		if err != nil {
-			panic(err)
-		}
-	}))
-	defer srv.Close()
-	u, _ := url.Parse(srv.URL)
-
-	for _, tc := range []struct {
-		title string
-		cfg   *config.PagerdutyConfig
-
-		retry  bool
-		errMsg string
-	}{
-		{
-			title: "full-blown legacy message",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Images: []config.PagerdutyImage{
-					{
-						Src:  "{{ .Status }}",
-						Alt:  "{{ .Status }}",
-						Href: "{{ .Status }}",
-					},
-				},
-				Links: []config.PagerdutyLink{
-					{
-						Href: "{{ .Status }}",
-						Text: "{{ .Status }}",
-					},
-				},
-				Details: map[string]any{
-					"firing":       `{{ .Alerts.Firing | toJson }}`,
-					"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-		},
-		{
-			title: "full-blown legacy message",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Images: []config.PagerdutyImage{
-					{
-						Src:  "{{ .Status }}",
-						Alt:  "{{ .Status }}",
-						Href: "{{ .Status }}",
-					},
-				},
-				Links: []config.PagerdutyLink{
-					{
-						Href: "{{ .Status }}",
-						Text: "{{ .Status }}",
-					},
-				},
-				Details: map[string]any{
-					"firing":       `{{ template "pagerduty.default.instances" .Alerts.Firing }}`,
-					"resolved":     `{{ template "pagerduty.default.instances" .Alerts.Resolved }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-		},
-		{
-			title: "nested details",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": map[string]any{
-								"firing":       `{{ .Alerts.Firing | toJson }}`,
-								"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-								"num_firing":   `{{ .Alerts.Firing | len }}`,
-								"num_resolved": `{{ .Alerts.Resolved | len }}`,
-							},
-						},
-					},
-				},
-			},
-		},
-		{
-			title: "nested details with template error",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": map[string]any{
-								"firing": `{{ template "pagerduty.default.instances" .Alerts.Firing`,
-							},
-						},
-					},
-				},
-			},
-			errMsg: "failed to render details: template: :1: unclosed action",
-		},
-		{
-			title: "details with templating errors",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"firing":       `{{ .Alerts.Firing | toJson`,
-					"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-			errMsg: "failed to render details: template: :1: unclosed action",
-		},
-		{
-			title: "v2 message with templating errors",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Severity:   "{{ ",
-			},
-			errMsg: "failed to template",
-		},
-		{
-			title: "v1 message with templating errors",
-			cfg: &config.PagerdutyConfig{
-				ServiceKey: config.Secret("01234567890123456789012345678901"),
-				Client:     "{{ ",
-			},
-			errMsg: "failed to template",
-		},
-		{
-			title: "routing key cannot be empty",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret(`{{ "" }}`),
-			},
-			errMsg: "routing key cannot be empty",
-		},
-		{
-			title: "service_key cannot be empty",
-			cfg: &config.PagerdutyConfig{
-				ServiceKey: config.Secret(`{{ "" }}`),
-			},
-			errMsg: "service key cannot be empty",
-		},
-	} {
-		t.Run(tc.title, func(t *testing.T) {
-			tc.cfg.URL = &config.URL{URL: u}
-			tc.cfg.HTTPConfig = &commoncfg.HTTPClientConfig{}
-			pd, err := New(tc.cfg, test.CreateTmpl(t), promslog.NewNopLogger())
-			require.NoError(t, err)
-			if pd.apiV1 != "" {
-				pd.apiV1 = u.String()
-			}
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			ok, err := pd.Notify(ctx, []*types.Alert{
-				{
-					Alert: model.Alert{
-						Labels: model.LabelSet{
-							"lbl1": "val1",
-						},
-						StartsAt: time.Now(),
-						EndsAt:   time.Now().Add(time.Hour),
-					},
-				},
-			}...)
-			if tc.errMsg == "" {
-				require.NoError(t, err)
-			} else {
-				require.Error(t, err)
-				if errors.Asc(err, errors.CodeInternal) {
-					_, _, errMsg, _, _, _ := errors.Unwrapb(err)
-					require.Contains(t, errMsg, tc.errMsg)
-				} else {
-					require.Contains(t, err.Error(), tc.errMsg)
-				}
-			}
-			require.Equal(t, tc.retry, ok)
-		})
-	}
-}
-
-func TestErrDetails(t *testing.T) {
-	for _, tc := range []struct {
-		status int
-		body   io.Reader
-
-		exp string
-	}{
-		{
-			status: http.StatusBadRequest,
-			body: bytes.NewBuffer([]byte(
-				`{"status":"invalid event","message":"Event object is invalid","errors":["Length of 'routing_key' is incorrect (should be 32 characters)"]}`,
-			)),
-
-			exp: "Length of 'routing_key' is incorrect",
-		},
-		{
-			status: http.StatusBadRequest,
-			body:   bytes.NewBuffer([]byte(`{"status"}`)),
-
-			exp: "",
-		},
-		{
-			status: http.StatusBadRequest,
-
-			exp: "",
-		},
-		{
-			status: http.StatusTooManyRequests,
-
-			exp: "",
-		},
-	} {
-		t.Run("", func(t *testing.T) {
-			err := errDetails(tc.status, tc.body)
-			require.Contains(t, err, tc.exp)
-		})
-	}
-}
-
-func TestEventSizeEnforcement(t *testing.T) {
-	bigDetailsV1 := map[string]any{
-		"firing": strings.Repeat("a", 513000),
-	}
-	bigDetailsV2 := map[string]any{
-		"firing": strings.Repeat("a", 513000),
-	}
-
-	// V1 Messages
-	msgV1 := &pagerDutyMessage{
-		ServiceKey: "01234567890123456789012345678901",
-		EventType:  "trigger",
-		Details:    bigDetailsV1,
-	}
-
-	notifierV1, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	encodedV1, err := notifierV1.encodeMessage(context.Background(), msgV1)
-	require.NoError(t, err)
-	require.Contains(t, encodedV1.String(), `"details":{"error":"Custom details have been removed because the original event exceeds the maximum size of 512KB"}`)
-
-	// V2 Messages
-	msgV2 := &pagerDutyMessage{
-		RoutingKey:  "01234567890123456789012345678901",
-		EventAction: "trigger",
-		Payload: &pagerDutyPayload{
-			CustomDetails: bigDetailsV2,
-		},
-	}
-
-	notifierV2, err := New(
-		&config.PagerdutyConfig{
-			RoutingKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	encodedV2, err := notifierV2.encodeMessage(context.Background(), msgV2)
-	require.NoError(t, err)
-	require.Contains(t, encodedV2.String(), `"custom_details":{"error":"Custom details have been removed because the original event exceeds the maximum size of 512KB"}`)
-}
-
-func TestPagerDutyEmptySrcHref(t *testing.T) {
-	type pagerDutyEvent struct {
-		RoutingKey  string           `json:"routing_key"`
-		EventAction string           `json:"event_action"`
-		DedupKey    string           `json:"dedup_key"`
-		Payload     pagerDutyPayload `json:"payload"`
-		Images      []pagerDutyImage
-		Links       []pagerDutyLink
-	}
-
-	images := []config.PagerdutyImage{
-		{
-			Src:  "",
-			Alt:  "Empty src",
-			Href: "https://example.com/",
-		},
-		{
-			Src:  "https://example.com/cat.jpg",
-			Alt:  "Empty href",
-			Href: "",
-		},
-		{
-			Src:  "https://example.com/cat.jpg",
-			Alt:  "",
-			Href: "https://example.com/",
-		},
-	}
-
-	links := []config.PagerdutyLink{
-		{
-			Href: "",
-			Text: "Empty href",
-		},
-		{
-			Href: "https://example.com/",
-			Text: "",
-		},
-	}
-
-	expectedImages := make([]pagerDutyImage, 0, len(images))
-	for _, image := range images {
-		if image.Src == "" {
-			continue
-		}
-		expectedImages = append(expectedImages, pagerDutyImage{
-			Src:  image.Src,
-			Alt:  image.Alt,
-			Href: image.Href,
-		})
-	}
-
-	expectedLinks := make([]pagerDutyLink, 0, len(links))
-	for _, link := range links {
-		if link.Href == "" {
-			continue
-		}
-		expectedLinks = append(expectedLinks, pagerDutyLink{
-			HRef: link.Href,
-			Text: link.Text,
-		})
-	}
-
-	server := httptest.NewServer(http.HandlerFunc(
-		func(w http.ResponseWriter, r *http.Request) {
-			decoder := json.NewDecoder(r.Body)
-			var event pagerDutyEvent
-			if err := decoder.Decode(&event); err != nil {
-				panic(err)
-			}
-
-			if event.RoutingKey == "" || event.EventAction == "" {
-				http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
-				return
-			}
-
-			for _, image := range event.Images {
-				if image.Src == "" {
-					http.Error(w, "Event object is invalid: 'image src' is missing or blank", http.StatusBadRequest)
-					return
-				}
-			}
-
-			for _, link := range event.Links {
-				if link.HRef == "" {
-					http.Error(w, "Event object is invalid: 'link href' is missing or blank", http.StatusBadRequest)
-					return
-				}
-			}
-
-			require.Equal(t, expectedImages, event.Images)
-			require.Equal(t, expectedLinks, event.Links)
-		},
-	))
-	defer server.Close()
-
-	url, err := url.Parse(server.URL)
-	require.NoError(t, err)
-
-	pagerDutyConfig := config.PagerdutyConfig{
-		HTTPConfig: &commoncfg.HTTPClientConfig{},
-		RoutingKey: config.Secret("01234567890123456789012345678901"),
-		URL:        &config.URL{URL: url},
-		Images:     images,
-		Links:      links,
-	}
-
-	pagerDuty, err := New(&pagerDutyConfig, test.CreateTmpl(t), promslog.NewNopLogger())
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-
-	_, err = pagerDuty.Notify(ctx, []*types.Alert{
-		{
-			Alert: model.Alert{
-				Labels: model.LabelSet{
-					"lbl1": "val1",
-				},
-				StartsAt: time.Now(),
-				EndsAt:   time.Now().Add(time.Hour),
-			},
-		},
-	}...)
-	require.NoError(t, err)
-}
-
-func TestPagerDutyTimeout(t *testing.T) {
-	type pagerDutyEvent struct {
-		RoutingKey  string           `json:"routing_key"`
-		EventAction string           `json:"event_action"`
-		DedupKey    string           `json:"dedup_key"`
-		Payload     pagerDutyPayload `json:"payload"`
-		Images      []pagerDutyImage
-		Links       []pagerDutyLink
-	}
-
-	tests := map[string]struct {
-		latency time.Duration
-		timeout time.Duration
-		wantErr bool
-	}{
-		"success": {latency: 100 * time.Millisecond, timeout: 120 * time.Millisecond, wantErr: false},
-		"error":   {latency: 100 * time.Millisecond, timeout: 80 * time.Millisecond, wantErr: true},
-	}
-
-	for name, tt := range tests {
-		t.Run(name, func(t *testing.T) {
-			srv := httptest.NewServer(http.HandlerFunc(
-				func(w http.ResponseWriter, r *http.Request) {
-					decoder := json.NewDecoder(r.Body)
-					var event pagerDutyEvent
-					if err := decoder.Decode(&event); err != nil {
-						panic(err)
-					}
-
-					if event.RoutingKey == "" || event.EventAction == "" {
-						http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
-						return
-					}
-					time.Sleep(tt.latency)
-				},
-			))
-			defer srv.Close()
-			u, err := url.Parse(srv.URL)
-			require.NoError(t, err)
-
-			cfg := config.PagerdutyConfig{
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				URL:        &config.URL{URL: u},
-				Timeout:    tt.timeout,
-			}
-
-			pd, err := New(&cfg, test.CreateTmpl(t), promslog.NewNopLogger())
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-			alert := &types.Alert{
-				Alert: model.Alert{
-					Labels: model.LabelSet{
-						"lbl1": "val1",
-					},
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			_, err = pd.Notify(ctx, alert)
-			require.Equal(t, tt.wantErr, err != nil)
-		})
-	}
-}
-
-func TestRenderDetails(t *testing.T) {
-	type args struct {
-		details map[string]any
-		data    *template.Data
-	}
-	tests := []struct {
-		name    string
-		args    args
-		want    map[string]any
-		wantErr bool
-	}{
-		{
-			name: "flat",
-			args: args{
-				details: map[string]any{
-					"a": "{{ .Status }}",
-					"b": "String",
-				},
-				data: &template.Data{
-					Status: "Flat",
-				},
-			},
-			want: map[string]any{
-				"a": "Flat",
-				"b": "String",
-			},
-			wantErr: false,
-		},
-		{
-			name: "flat error",
-			args: args{
-				details: map[string]any{
-					"a": "{{ .Status",
-				},
-				data: &template.Data{
-					Status: "Error",
-				},
-			},
-			want:    nil,
-			wantErr: true,
-		},
-		{
-			name: "nested",
-			args: args{
-				details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": "{{ .Status }}",
-							"d": "String",
-						},
-					},
-				},
-				data: &template.Data{
-					Status: "Nested",
-				},
-			},
-			want: map[string]any{
-				"a": map[string]any{
-					"b": map[string]any{
-						"c": "Nested",
-						"d": "String",
-					},
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "nested error",
-			args: args{
-				details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": "{{ .Status",
-						},
-					},
-				},
-				data: &template.Data{
-					Status: "Error",
-				},
-			},
-			want:    nil,
-			wantErr: true,
-		},
-		{
-			name: "alerts",
-			args: args{
-				details: map[string]any{
-					"alerts": map[string]any{
-						"firing":       "{{ .Alerts.Firing | toJson }}",
-						"resolved":     "{{ .Alerts.Resolved | toJson }}",
-						"num_firing":   "{{ len .Alerts.Firing }}",
-						"num_resolved": "{{ len .Alerts.Resolved }}",
-					},
-				},
-				data: &template.Data{
-					Alerts: template.Alerts{
-						{
-							Status: "firing",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Firing1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint1",
-							GeneratorURL: "http://generator1",
-							StartsAt:     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "firing",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Firing2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint2",
-							GeneratorURL: "http://generator2",
-							StartsAt:     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "resolved",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Resolved1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint3",
-							GeneratorURL: "http://generator3",
-							StartsAt:     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "resolved",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Resolved2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint4",
-							GeneratorURL: "http://generator4",
-							StartsAt:     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-					},
-				},
-			},
-			want: map[string]any{
-				"alerts": map[string]any{
-					"firing": []any{
-						map[string]any{
-							"status": "firing",
-							"labels": map[string]any{
-								"alertname": "Firing1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint1",
-							"generatorURL": "http://generator1",
-						},
-						map[string]any{
-							"status": "firing",
-							"labels": map[string]any{
-								"alertname": "Firing2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint2",
-							"generatorURL": "http://generator2",
-						},
-					},
-					"resolved": []any{
-						map[string]any{
-							"status": "resolved",
-							"labels": map[string]any{
-								"alertname": "Resolved1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint3",
-							"generatorURL": "http://generator3",
-						},
-						map[string]any{
-							"status": "resolved",
-							"labels": map[string]any{
-								"alertname": "Resolved2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint4",
-							"generatorURL": "http://generator4",
-						},
-					},
-					"num_firing":   2,
-					"num_resolved": 2,
-				},
-			},
-			wantErr: false,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			n := &Notifier{
-				conf: &config.PagerdutyConfig{
-					Details: tt.args.details,
-				},
-				tmpl: test.CreateTmpl(t),
-			}
-			got, err := n.renderDetails(tt.args.data)
-			if (err != nil) != tt.wantErr {
-				t.Errorf("renderDetails() error = %v, wantErr %v", err, tt.wantErr)
-				return
-			}
-			require.Equal(t, tt.want, got)
-		})
-	}
-}

pkg/alertmanager/alertmanagernotify/receiver.go

@@ -2,14 +2,8 @@ package alertmanagernotify
 
 import (
 	"log/slog"
-	"slices"
 
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/email"
 	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/msteamsv2"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/opsgenie"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/pagerduty"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/slack"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/webhook"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
 	"github.com/prometheus/alertmanager/config/receiver"
 	"github.com/prometheus/alertmanager/notify"
@@ -17,15 +11,6 @@ import (
 	"github.com/prometheus/alertmanager/types"
 )
 
-var customNotifierIntegrations = []string{
-	webhook.Integration,
-	email.Integration,
-	pagerduty.Integration,
-	opsgenie.Integration,
-	slack.Integration,
-	msteamsv2.Integration,
-}
-
 func NewReceiverIntegrations(nc alertmanagertypes.Receiver, tmpl *template.Template, logger *slog.Logger) ([]notify.Integration, error) {
 	upstreamIntegrations, err := receiver.BuildReceiverIntegrations(nc, tmpl, logger)
 	if err != nil {
@@ -46,29 +31,14 @@ func NewReceiverIntegrations(nc alertmanagertypes.Receiver, tmpl *template.Templ
 	)
 
 	for _, integration := range upstreamIntegrations {
-		// skip upstream integration if we support custom integration for it
-		if !slices.Contains(customNotifierIntegrations, integration.Name()) {
+		// skip upstream msteamsv2 integration
+		if integration.Name() != "msteamsv2" {
 			integrations = append(integrations, integration)
 		}
 	}
 
-	for i, c := range nc.WebhookConfigs {
-		add(webhook.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return webhook.New(c, tmpl, l) })
-	}
-	for i, c := range nc.EmailConfigs {
-		add(email.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return email.New(c, tmpl, l), nil })
-	}
-	for i, c := range nc.PagerdutyConfigs {
-		add(pagerduty.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return pagerduty.New(c, tmpl, l) })
-	}
-	for i, c := range nc.OpsGenieConfigs {
-		add(opsgenie.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return opsgenie.New(c, tmpl, l) })
-	}
-	for i, c := range nc.SlackConfigs {
-		add(slack.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return slack.New(c, tmpl, l) })
-	}
 	for i, c := range nc.MSTeamsV2Configs {
-		add(msteamsv2.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) {
+		add("msteamsv2", i, c, func(l *slog.Logger) (notify.Notifier, error) {
 			return msteamsv2.New(c, tmpl, `{{ template "msteamsv2.default.titleLink" . }}`, l)
 		})
 	}

pkg/alertmanager/alertmanagernotify/slack/slack.go

@@ -1,281 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package slack
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "slack"
-)
-
-// https://api.slack.com/reference/messaging/attachments#legacy_fields - 1024, no units given, assuming runes or characters.
-const maxTitleLenRunes = 1024
-
-// Notifier implements a Notifier for Slack notifications.
-type Notifier struct {
-	conf    *config.SlackConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-
-	postJSONFunc func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error)
-}
-
-// New returns a new Slack notification handler.
-func New(c *config.SlackConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Notifier{
-		conf:         c,
-		tmpl:         t,
-		logger:       l,
-		client:       client,
-		retrier:      &notify.Retrier{},
-		postJSONFunc: notify.PostJSON,
-	}, nil
-}
-
-// request is the request for sending a slack notification.
-type request struct {
-	Channel     string       `json:"channel,omitempty"`
-	Username    string       `json:"username,omitempty"`
-	IconEmoji   string       `json:"icon_emoji,omitempty"`
-	IconURL     string       `json:"icon_url,omitempty"`
-	LinkNames   bool         `json:"link_names,omitempty"`
-	Text        string       `json:"text,omitempty"`
-	Attachments []attachment `json:"attachments"`
-}
-
-// attachment is used to display a richly-formatted message block.
-type attachment struct {
-	Title      string               `json:"title,omitempty"`
-	TitleLink  string               `json:"title_link,omitempty"`
-	Pretext    string               `json:"pretext,omitempty"`
-	Text       string               `json:"text"`
-	Fallback   string               `json:"fallback"`
-	CallbackID string               `json:"callback_id"`
-	Fields     []config.SlackField  `json:"fields,omitempty"`
-	Actions    []config.SlackAction `json:"actions,omitempty"`
-	ImageURL   string               `json:"image_url,omitempty"`
-	ThumbURL   string               `json:"thumb_url,omitempty"`
-	Footer     string               `json:"footer"`
-	Color      string               `json:"color,omitempty"`
-	MrkdwnIn   []string             `json:"mrkdwn_in,omitempty"`
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-	logger := n.logger.With(slog.Any("group_key", key))
-	logger.DebugContext(ctx, "extracted group key")
-
-	var (
-		data     = notify.GetTemplateData(ctx, n.tmpl, as, logger)
-		tmplText = notify.TmplText(n.tmpl, data, &err)
-	)
-	var markdownIn []string
-
-	if len(n.conf.MrkdwnIn) == 0 {
-		markdownIn = []string{"fallback", "pretext", "text"}
-	} else {
-		markdownIn = n.conf.MrkdwnIn
-	}
-
-	title, truncated := notify.TruncateInRunes(tmplText(n.conf.Title), maxTitleLenRunes)
-	if truncated {
-		logger.WarnContext(ctx, "Truncated title", slog.Int("max_runes", maxTitleLenRunes))
-	}
-	att := &attachment{
-		Title:      title,
-		TitleLink:  tmplText(n.conf.TitleLink),
-		Pretext:    tmplText(n.conf.Pretext),
-		Text:       tmplText(n.conf.Text),
-		Fallback:   tmplText(n.conf.Fallback),
-		CallbackID: tmplText(n.conf.CallbackID),
-		ImageURL:   tmplText(n.conf.ImageURL),
-		ThumbURL:   tmplText(n.conf.ThumbURL),
-		Footer:     tmplText(n.conf.Footer),
-		Color:      tmplText(n.conf.Color),
-		MrkdwnIn:   markdownIn,
-	}
-
-	numFields := len(n.conf.Fields)
-	if numFields > 0 {
-		fields := make([]config.SlackField, numFields)
-		for index, field := range n.conf.Fields {
-			// Check if short was defined for the field otherwise fallback to the global setting
-			var short bool
-			if field.Short != nil {
-				short = *field.Short
-			} else {
-				short = n.conf.ShortFields
-			}
-
-			// Rebuild the field by executing any templates and setting the new value for short
-			fields[index] = config.SlackField{
-				Title: tmplText(field.Title),
-				Value: tmplText(field.Value),
-				Short: &short,
-			}
-		}
-		att.Fields = fields
-	}
-
-	numActions := len(n.conf.Actions)
-	if numActions > 0 {
-		actions := make([]config.SlackAction, numActions)
-		for index, action := range n.conf.Actions {
-			slackAction := config.SlackAction{
-				Type:  tmplText(action.Type),
-				Text:  tmplText(action.Text),
-				URL:   tmplText(action.URL),
-				Style: tmplText(action.Style),
-				Name:  tmplText(action.Name),
-				Value: tmplText(action.Value),
-			}
-
-			if action.ConfirmField != nil {
-				slackAction.ConfirmField = &config.SlackConfirmationField{
-					Title:       tmplText(action.ConfirmField.Title),
-					Text:        tmplText(action.ConfirmField.Text),
-					OkText:      tmplText(action.ConfirmField.OkText),
-					DismissText: tmplText(action.ConfirmField.DismissText),
-				}
-			}
-
-			actions[index] = slackAction
-		}
-		att.Actions = actions
-	}
-
-	req := &request{
-		Channel:     tmplText(n.conf.Channel),
-		Username:    tmplText(n.conf.Username),
-		IconEmoji:   tmplText(n.conf.IconEmoji),
-		IconURL:     tmplText(n.conf.IconURL),
-		LinkNames:   n.conf.LinkNames,
-		Text:        tmplText(n.conf.MessageText),
-		Attachments: []attachment{*att},
-	}
-	if err != nil {
-		return false, err
-	}
-
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(req); err != nil {
-		return false, err
-	}
-
-	var u string
-	if n.conf.APIURL != nil {
-		u = n.conf.APIURL.String()
-	} else {
-		content, err := os.ReadFile(n.conf.APIURLFile)
-		if err != nil {
-			return false, err
-		}
-		u = strings.TrimSpace(string(content))
-	}
-
-	if n.conf.Timeout > 0 {
-		postCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured slack timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = postCtx
-	}
-
-	resp, err := n.postJSONFunc(ctx, n.client, u, &buf) //nolint:bodyclose
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.NewInternalf(errors.CodeInternal, "failed to post JSON to slack: %v", context.Cause(ctx))
-		}
-		return true, notify.RedactURL(err)
-	}
-	defer notify.Drain(resp)
-
-	// Use a retrier to generate an error message for non-200 responses and
-	// classify them as retriable or not.
-	retry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		err = errors.NewInternalf(errors.CodeInternal, "channel %q: %v", req.Channel, err)
-		return retry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-
-	// Slack web API might return errors with a 200 response code.
-	// https://docs.slack.dev/tools/node-slack-sdk/web-api/#handle-errors
-	retry, err = checkResponseError(resp)
-	if err != nil {
-		err = errors.NewInternalf(errors.CodeInternal, "channel %q: %v", req.Channel, err)
-		return retry, notify.NewErrorWithReason(notify.ClientErrorReason, err)
-	}
-
-	return retry, nil
-}
-
-// checkResponseError parses out the error message from Slack API response.
-func checkResponseError(resp *http.Response) (bool, error) {
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "could not read response body")
-	}
-
-	if strings.HasPrefix(resp.Header.Get("Content-Type"), "application/json") {
-		return checkJSONResponseError(body)
-	}
-	return checkTextResponseError(body)
-}
-
-// checkTextResponseError classifies plaintext responses from Slack.
-// A plaintext (non-JSON) response is successful if it's a string "ok".
-// This is typically a response for an Incoming Webhook
-// (https://api.slack.com/messaging/webhooks#handling_errors)
-func checkTextResponseError(body []byte) (bool, error) {
-	if !bytes.Equal(body, []byte("ok")) {
-		return false, errors.NewInternalf(errors.CodeInternal, "received an error response from Slack: %s", string(body))
-	}
-	return false, nil
-}
-
-// checkJSONResponseError classifies JSON responses from Slack.
-func checkJSONResponseError(body []byte) (bool, error) {
-	// response is for parsing out errors from the JSON response.
-	type response struct {
-		OK    bool   `json:"ok"`
-		Error string `json:"error"`
-	}
-
-	var data response
-	if err := json.Unmarshal(body, &data); err != nil {
-		return true, errors.NewInternalf(errors.CodeInternal, "could not unmarshal JSON response %q: %v", string(body), err)
-	}
-	if !data.OK {
-		return false, errors.NewInternalf(errors.CodeInternal, "error response from Slack: %s", data.Error)
-	}
-	return false, nil
-}

pkg/alertmanager/alertmanagernotify/slack/slack_test.go

@@ -1,343 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package slack
-
-import (
-	"context"
-	"encoding/json"
-	"io"
-	"log/slog"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"strings"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestSlackRetry(t *testing.T) {
-	notifier, err := New(
-		&config.SlackConfig{
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	for statusCode, expected := range test.RetryTests(test.DefaultRetryCodes()) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "error on status %d", statusCode)
-	}
-}
-
-func TestSlackRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURL:     &config.SecretURL{URL: u},
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestGettingSlackURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "slack_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String())
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURLFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestTrimmingSlackURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "slack_test_newline")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String() + "\n\n")
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURLFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestNotifier_Notify_WithReason(t *testing.T) {
-	tests := []struct {
-		name           string
-		statusCode     int
-		responseBody   string
-		expectedReason notify.Reason
-		expectedErr    string
-		expectedRetry  bool
-		noError        bool
-	}{
-		{
-			name:           "with a 4xx status code",
-			statusCode:     http.StatusUnauthorized,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 401",
-		},
-		{
-			name:           "with a 5xx status code",
-			statusCode:     http.StatusInternalServerError,
-			expectedReason: notify.ServerErrorReason,
-			expectedRetry:  true,
-			expectedErr:    "unexpected status code 500",
-		},
-		{
-			name:           "with a 3xx status code",
-			statusCode:     http.StatusTemporaryRedirect,
-			expectedReason: notify.DefaultReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 307",
-		},
-		{
-			name:           "with a 1xx status code",
-			statusCode:     http.StatusSwitchingProtocols,
-			expectedReason: notify.DefaultReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 101",
-		},
-		{
-			name:           "2xx response with invalid JSON",
-			statusCode:     http.StatusOK,
-			responseBody:   `{"not valid json"}`,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  true,
-			expectedErr:    "could not unmarshal",
-		},
-		{
-			name:           "2xx response with a JSON error",
-			statusCode:     http.StatusOK,
-			responseBody:   `{"ok":false,"error":"error_message"}`,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "error response from Slack: error_message",
-		},
-		{
-			name:           "2xx response with a plaintext error",
-			statusCode:     http.StatusOK,
-			responseBody:   "no_channel",
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "error response from Slack: no_channel",
-		},
-		{
-			name:         "successful JSON response",
-			statusCode:   http.StatusOK,
-			responseBody: `{"ok":true}`,
-			noError:      true,
-		},
-		{
-			name:         "successful plaintext response",
-			statusCode:   http.StatusOK,
-			responseBody: "ok",
-			noError:      true,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			apiurl, _ := url.Parse("https://slack.com/post.Message")
-			notifier, err := New(
-				&config.SlackConfig{
-					NotifierConfig: config.NotifierConfig{},
-					HTTPConfig:     &commoncfg.HTTPClientConfig{},
-					APIURL:         &config.SecretURL{URL: apiurl},
-					Channel:        "channelname",
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-
-			notifier.postJSONFunc = func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error) {
-				resp := httptest.NewRecorder()
-				if strings.HasPrefix(tt.responseBody, "{") {
-					resp.Header().Add("Content-Type", "application/json; charset=utf-8")
-				}
-				resp.WriteHeader(tt.statusCode)
-				_, _ = resp.WriteString(tt.responseBody)
-				return resp.Result(), nil
-			}
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			alert1 := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			retry, err := notifier.Notify(ctx, alert1)
-			require.Equal(t, tt.expectedRetry, retry)
-			if tt.noError {
-				require.NoError(t, err)
-			} else {
-				var reasonError *notify.ErrorWithReason
-				require.ErrorAs(t, err, &reasonError)
-				require.Equal(t, tt.expectedReason, reasonError.Reason)
-				require.Contains(t, err.Error(), tt.expectedErr)
-				require.Contains(t, err.Error(), "channelname")
-			}
-		})
-	}
-}
-
-func TestSlackTimeout(t *testing.T) {
-	tests := map[string]struct {
-		latency time.Duration
-		timeout time.Duration
-		wantErr bool
-	}{
-		"success": {latency: 100 * time.Millisecond, timeout: 120 * time.Millisecond, wantErr: false},
-		"error":   {latency: 100 * time.Millisecond, timeout: 80 * time.Millisecond, wantErr: true},
-	}
-
-	for name, tt := range tests {
-		t.Run(name, func(t *testing.T) {
-			u, _ := url.Parse("https://slack.com/post.Message")
-			notifier, err := New(
-				&config.SlackConfig{
-					NotifierConfig: config.NotifierConfig{},
-					HTTPConfig:     &commoncfg.HTTPClientConfig{},
-					APIURL:         &config.SecretURL{URL: u},
-					Channel:        "channelname",
-					Timeout:        tt.timeout,
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-			notifier.postJSONFunc = func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error) {
-				select {
-				case <-ctx.Done():
-					return nil, ctx.Err()
-				case <-time.After(tt.latency):
-					resp := httptest.NewRecorder()
-					resp.Header().Set("Content-Type", "application/json; charset=utf-8")
-					resp.WriteHeader(http.StatusOK)
-					_, _ = resp.WriteString(`{"ok":true}`)
-
-					return resp.Result(), nil
-				}
-			}
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			alert := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			_, err = notifier.Notify(ctx, alert)
-			require.Equal(t, tt.wantErr, err != nil)
-		})
-	}
-}
-
-func TestSlackMessageField(t *testing.T) {
-	// 1. Setup a fake Slack server
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		var body map[string]any
-		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
-			t.Fatal(err)
-		}
-
-		// 2. VERIFY: Top-level text exists
-		if body["text"] != "My Top Level Message" {
-			t.Errorf("Expected top-level 'text' to be 'My Top Level Message', got %v", body["text"])
-		}
-
-		// 3. VERIFY: Old attachments still exist
-		attachments, ok := body["attachments"].([]any)
-		if !ok || len(attachments) == 0 {
-			t.Errorf("Expected attachments to exist")
-		} else {
-			first := attachments[0].(map[string]any)
-			if first["title"] != "Old Attachment Title" {
-				t.Errorf("Expected attachment title 'Old Attachment Title', got %v", first["title"])
-			}
-		}
-
-		w.Header().Set("Content-Type", "application/json")
-		w.WriteHeader(http.StatusOK)
-		_, _ = w.Write([]byte(`{"ok": true}`))
-	}))
-	defer server.Close()
-
-	// 4. Configure Notifier with BOTH new and old fields
-	u, _ := url.Parse(server.URL)
-	conf := &config.SlackConfig{
-		APIURL:      &config.SecretURL{URL: u},
-		MessageText: "My Top Level Message", // Your NEW field
-		Title:       "Old Attachment Title", // An OLD field
-		Channel:     "#test-channel",
-		HTTPConfig:  &commoncfg.HTTPClientConfig{},
-	}
-
-	tmpl, err := template.FromGlobs([]string{})
-	if err != nil {
-		t.Fatal(err)
-	}
-	tmpl.ExternalURL = u
-
-	logger := slog.New(slog.DiscardHandler)
-	notifier, err := New(conf, tmpl, logger)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "test-group-key")
-
-	if _, err := notifier.Notify(ctx); err != nil {
-		t.Fatal("Notify failed:", err)
-	}
-}

pkg/alertmanager/alertmanagernotify/webhook/webhook.go

@@ -1,140 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package webhook
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "webhook"
-)
-
-// Notifier implements a Notifier for generic webhooks.
-type Notifier struct {
-	conf    *config.WebhookConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new Webhook.
-func New(conf *config.WebhookConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*conf.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return &Notifier{
-		conf:   conf,
-		tmpl:   t,
-		logger: l,
-		client: client,
-		// Webhooks are assumed to respond with 2xx response codes on a successful
-		// request and 5xx response codes are assumed to be recoverable.
-		retrier: &notify.Retrier{},
-	}, nil
-}
-
-// Message defines the JSON object send to webhook endpoints.
-type Message struct {
-	*template.Data
-
-	// The protocol version.
-	Version         string `json:"version"`
-	GroupKey        string `json:"groupKey"`
-	TruncatedAlerts uint64 `json:"truncatedAlerts"`
-}
-
-func truncateAlerts(maxAlerts uint64, alerts []*types.Alert) ([]*types.Alert, uint64) {
-	if maxAlerts != 0 && uint64(len(alerts)) > maxAlerts {
-		return alerts[:maxAlerts], uint64(len(alerts)) - maxAlerts
-	}
-
-	return alerts, 0
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, alerts ...*types.Alert) (bool, error) {
-	alerts, numTruncated := truncateAlerts(n.conf.MaxAlerts, alerts)
-	data := notify.GetTemplateData(ctx, n.tmpl, alerts, n.logger)
-
-	groupKey, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-
-	logger := n.logger.With(slog.Any("group_key", groupKey))
-	logger.DebugContext(ctx, "extracted group key")
-
-	msg := &Message{
-		Version:         "4",
-		Data:            data,
-		GroupKey:        groupKey.String(),
-		TruncatedAlerts: numTruncated,
-	}
-
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-		return false, err
-	}
-
-	var url string
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	if n.conf.URL != "" {
-		url = tmpl(string(n.conf.URL))
-	} else {
-		content, err := os.ReadFile(n.conf.URLFile)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "read url_file")
-		}
-		url = tmpl(strings.TrimSpace(string(content)))
-	}
-
-	if tmplErr != nil {
-		return false, errors.NewInternalf(errors.CodeInternal, "failed to template webhook URL: %v", tmplErr)
-	}
-
-	if url == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "webhook URL is empty after templating")
-	}
-
-	if n.conf.Timeout > 0 {
-		postCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured webhook timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = postCtx
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, url, &buf) //nolint:bodyclose
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.NewInternalf(errors.CodeInternal, "failed to post JSON to webhook: %v", context.Cause(ctx))
-		}
-		return true, notify.RedactURL(err)
-	}
-	defer notify.Drain(resp)
-
-	shouldRetry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		return shouldRetry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-	return shouldRetry, err
-}

pkg/alertmanager/alertmanagernotify/webhook/webhook_test.go

@@ -1,218 +0,0 @@
-// Copyright (c) 2026 SigNoz, Inc.
-// Copyright 2019 Prometheus Team
-// SPDX-License-Identifier: Apache-2.0
-
-package webhook
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"os"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestWebhookRetry(t *testing.T) {
-	notifier, err := New(
-		&config.WebhookConfig{
-			URL:        config.SecretTemplateURL("http://example.com"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	if err != nil {
-		require.NoError(t, err)
-	}
-
-	t.Run("test retry status code", func(t *testing.T) {
-		for statusCode, expected := range test.RetryTests(test.DefaultRetryCodes()) {
-			actual, _ := notifier.retrier.Check(statusCode, nil)
-			require.Equal(t, expected, actual, "error on status %d", statusCode)
-		}
-	})
-
-	t.Run("test retry error details", func(t *testing.T) {
-		for _, tc := range []struct {
-			status int
-			body   io.Reader
-
-			exp string
-		}{
-			{
-				status: http.StatusBadRequest,
-				body: bytes.NewBuffer([]byte(
-					`{"status":"invalid event"}`,
-				)),
-
-				exp: fmt.Sprintf(`unexpected status code %d: {"status":"invalid event"}`, http.StatusBadRequest),
-			},
-			{
-				status: http.StatusBadRequest,
-
-				exp: fmt.Sprintf(`unexpected status code %d`, http.StatusBadRequest),
-			},
-		} {
-			t.Run("", func(t *testing.T) {
-				_, err = notifier.retrier.Check(tc.status, tc.body)
-				require.Equal(t, tc.exp, err.Error())
-			})
-		}
-	})
-}
-
-func TestWebhookTruncateAlerts(t *testing.T) {
-	alerts := make([]*types.Alert, 10)
-
-	truncatedAlerts, numTruncated := truncateAlerts(0, alerts)
-	require.Len(t, truncatedAlerts, 10)
-	require.EqualValues(t, 0, numTruncated)
-
-	truncatedAlerts, numTruncated = truncateAlerts(4, alerts)
-	require.Len(t, truncatedAlerts, 4)
-	require.EqualValues(t, 6, numTruncated)
-
-	truncatedAlerts, numTruncated = truncateAlerts(100, alerts)
-	require.Len(t, truncatedAlerts, 10)
-	require.EqualValues(t, 0, numTruncated)
-}
-
-func TestWebhookRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	secret := "secret"
-	notifier, err := New(
-		&config.WebhookConfig{
-			URL:        config.SecretTemplateURL(u.String()),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, secret)
-}
-
-func TestWebhookReadingURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "webhook_url")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String() + "\n")
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.WebhookConfig{
-			URLFile:    f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestWebhookURLTemplating(t *testing.T) {
-	var calledURL string
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		calledURL = r.URL.Path
-		w.WriteHeader(http.StatusOK)
-	}))
-	defer srv.Close()
-
-	tests := []struct {
-		name           string
-		url            string
-		groupLabels    model.LabelSet
-		alertLabels    model.LabelSet
-		expectError    bool
-		expectedErrMsg string
-		expectedPath   string
-	}{
-		{
-			name:         "templating with alert labels",
-			url:          srv.URL + "/{{ .GroupLabels.alertname }}/{{ .CommonLabels.severity }}",
-			groupLabels:  model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:  model.LabelSet{"alertname": "TestAlert", "severity": "critical"},
-			expectError:  false,
-			expectedPath: "/TestAlert/critical",
-		},
-		{
-			name:           "invalid template field",
-			url:            srv.URL + "/{{ .InvalidField }}",
-			groupLabels:    model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:    model.LabelSet{"alertname": "TestAlert"},
-			expectError:    true,
-			expectedErrMsg: "failed to template webhook URL",
-		},
-		{
-			name:           "template renders to empty string",
-			url:            "{{ if .CommonLabels.nonexistent }}http://example.com{{ end }}",
-			groupLabels:    model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:    model.LabelSet{"alertname": "TestAlert"},
-			expectError:    true,
-			expectedErrMsg: "webhook URL is empty after templating",
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			calledURL = "" // Reset for each test
-
-			notifier, err := New(
-				&config.WebhookConfig{
-					URL:        config.SecretTemplateURL(tc.url),
-					HTTPConfig: &commoncfg.HTTPClientConfig{},
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "test-group")
-			if tc.groupLabels != nil {
-				ctx = notify.WithGroupLabels(ctx, tc.groupLabels)
-			}
-
-			alerts := []*types.Alert{
-				{
-					Alert: model.Alert{
-						Labels:   tc.alertLabels,
-						StartsAt: time.Now(),
-						EndsAt:   time.Now().Add(time.Hour),
-					},
-				},
-			}
-
-			_, err = notifier.Notify(ctx, alerts...)
-
-			if tc.expectError {
-				require.Error(t, err)
-				require.Contains(t, err.Error(), tc.expectedErrMsg)
-			} else {
-				require.NoError(t, err)
-				require.Equal(t, tc.expectedPath, calledURL)
-			}
-		})
-	}
-}

pkg/apiserver/signozapiserver/user.go

@@ -213,8 +213,8 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/getResetPasswordToken/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetResetPasswordToken), handler.OpenAPIDef{
-		ID:                  "GetResetPasswordToken",
+	if err := router.Handle("/api/v1/getResetPasswordToken/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetResetPasswordTokenDeprecated), handler.OpenAPIDef{
+		ID:                  "GetResetPasswordTokenDeprecated",
 		Tags:                []string{"users"},
 		Summary:             "Get reset password token",
 		Description:         "This endpoint returns the reset password token by id",
@@ -224,12 +224,46 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          true,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/users/{id}/reset_password_tokens", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetResetPasswordToken), handler.OpenAPIDef{
+		ID:                  "GetResetPasswordToken",
+		Tags:                []string{"users"},
+		Summary:             "Get reset password token for a user",
+		Description:         "This endpoint returns the existing reset password token for a user.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(types.ResetPasswordToken),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
 
+	if err := router.Handle("/api/v2/users/{id}/reset_password_tokens", handler.New(provider.authZ.AdminAccess(provider.userHandler.CreateResetPasswordToken), handler.OpenAPIDef{
+		ID:                  "CreateResetPasswordToken",
+		Tags:                []string{"users"},
+		Summary:             "Create or regenerate reset password token for a user",
+		Description:         "This endpoint creates or regenerates a reset password token for a user. If a valid token exists, it is returned. If expired, a new one is created.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(types.ResetPasswordToken),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/resetPassword", handler.New(provider.authZ.OpenAccess(provider.userHandler.ResetPassword), handler.OpenAPIDef{
 		ID:                  "ResetPassword",
 		Tags:                []string{"users"},

pkg/errors/errors.go

@@ -172,7 +172,7 @@ func Ast(cause error, typ typ) bool {
 	return t == typ
 }
 
-// Asc checks if the provided error matches the specified custom error code.
+// Ast checks if the provided error matches the specified custom error code.
 func Asc(cause error, code Code) bool {
 	_, c, _, _, _, _ := Unwrapb(cause)
 

pkg/global/config.go

@@ -2,8 +2,6 @@ package global
 
 import (
 	"net/url"
-	"path"
-	"strings"
 
 	"github.com/SigNoz/signoz/pkg/errors"
 
@@ -39,34 +37,5 @@ func newConfig() factory.Config {
 }
 
 func (c Config) Validate() error {
-	if c.ExternalURL != nil {
-		if c.ExternalURL.Path != "" && c.ExternalURL.Path != "/" {
-			if !strings.HasPrefix(c.ExternalURL.Path, "/") {
-				return errors.NewInvalidInputf(ErrCodeInvalidGlobalConfig, "global::external_url path must start with '/', got %q", c.ExternalURL.Path)
-			}
-		}
-	}
-
 	return nil
 }
-
-func (c Config) ExternalPath() string {
-	if c.ExternalURL == nil || c.ExternalURL.Path == "" || c.ExternalURL.Path == "/" {
-		return ""
-	}
-
-	p := path.Clean("/" + c.ExternalURL.Path)
-	if p == "/" {
-		return ""
-	}
-
-	return p
-}
-
-func (c Config) ExternalPathTrailing() string {
-	if p := c.ExternalPath(); p != "" {
-		return p + "/"
-	}
-
-	return "/"
-}

pkg/global/config_test.go

@@ -1,139 +0,0 @@
-package global
-
-import (
-	"net/url"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestExternalPath(t *testing.T) {
-	testCases := []struct {
-		name     string
-		config   Config
-		expected string
-	}{
-		{
-			name:     "NilURL",
-			config:   Config{ExternalURL: nil},
-			expected: "",
-		},
-		{
-			name:     "EmptyPath",
-			config:   Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: ""}},
-			expected: "",
-		},
-		{
-			name:     "RootPath",
-			config:   Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/"}},
-			expected: "",
-		},
-		{
-			name:     "SingleSegment",
-			config:   Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/signoz"}},
-			expected: "/signoz",
-		},
-		{
-			name:     "TrailingSlash",
-			config:   Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/signoz/"}},
-			expected: "/signoz",
-		},
-		{
-			name:     "MultiSegment",
-			config:   Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/a/b/c"}},
-			expected: "/a/b/c",
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			assert.Equal(t, tc.expected, tc.config.ExternalPath())
-		})
-	}
-}
-
-func TestExternalPathTrailing(t *testing.T) {
-	testCases := []struct {
-		name     string
-		config   Config
-		expected string
-	}{
-		{
-			name:     "NilURL",
-			config:   Config{ExternalURL: nil},
-			expected: "/",
-		},
-		{
-			name:     "EmptyPath",
-			config:   Config{ExternalURL: &url.URL{Path: ""}},
-			expected: "/",
-		},
-		{
-			name:     "RootPath",
-			config:   Config{ExternalURL: &url.URL{Path: "/"}},
-			expected: "/",
-		},
-		{
-			name:     "SingleSegment",
-			config:   Config{ExternalURL: &url.URL{Path: "/signoz"}},
-			expected: "/signoz/",
-		},
-		{
-			name:     "MultiSegment",
-			config:   Config{ExternalURL: &url.URL{Path: "/a/b/c"}},
-			expected: "/a/b/c/",
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			assert.Equal(t, tc.expected, tc.config.ExternalPathTrailing())
-		})
-	}
-}
-
-func TestValidate(t *testing.T) {
-	testCases := []struct {
-		name   string
-		config Config
-		fail   bool
-	}{
-		{
-			name:   "NilURL",
-			config: Config{ExternalURL: nil},
-			fail:   false,
-		},
-		{
-			name:   "EmptyPath",
-			config: Config{ExternalURL: &url.URL{Path: ""}},
-			fail:   false,
-		},
-		{
-			name:   "RootPath",
-			config: Config{ExternalURL: &url.URL{Path: "/"}},
-			fail:   false,
-		},
-		{
-			name:   "ValidPath",
-			config: Config{ExternalURL: &url.URL{Path: "/signoz"}},
-			fail:   false,
-		},
-		{
-			name:   "NoLeadingSlash",
-			config: Config{ExternalURL: &url.URL{Path: "signoz"}},
-			fail:   true,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			err := tc.config.Validate()
-			if tc.fail {
-				assert.Error(t, err)
-				return
-			}
-
-			assert.NoError(t, err)
-		})
-	}
-}

pkg/modules/user/impluser/getter.go

@@ -218,6 +218,10 @@ func (module *getter) GetRolesByUserID(ctx context.Context, userID valuer.UUID)
 	return userRoles, nil
 }
 
+func (module *getter) GetResetPasswordTokenByOrgIDAndUserID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*types.ResetPasswordToken, error) {
+	return module.store.GetResetPasswordTokenByOrgIDAndUserID(ctx, orgID, userID)
+}
+
 func (module *getter) GetUsersByOrgIDAndRoleID(ctx context.Context, orgID valuer.UUID, roleID valuer.UUID) ([]*types.User, error) {
 	return module.store.GetUsersByOrgIDAndRoleID(ctx, orgID, roleID)
 }

pkg/modules/user/impluser/handler.go

@@ -25,7 +25,7 @@ func NewHandler(setter root.Setter, getter root.Getter) root.Handler {
 	return &handler{setter: setter, getter: getter}
 }
 
-func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
+func (handler *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -41,7 +41,7 @@ func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	invites, err := h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &types.PostableBulkInviteRequest{
+	invites, err := handler.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &types.PostableBulkInviteRequest{
 		Invites: []types.PostableInvite{req},
 	})
 	if err != nil {
@@ -52,7 +52,7 @@ func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 	render.Success(rw, http.StatusCreated, invites[0])
 }
 
-func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
+func (handler *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -74,7 +74,7 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	_, err = h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &req)
+	_, err = handler.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &req)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -83,7 +83,7 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 	render.Success(rw, http.StatusCreated, nil)
 }
 
-func (h *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -95,7 +95,7 @@ func (h *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, err := h.getter.GetDeprecatedUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(id))
+	user, err := handler.getter.GetDeprecatedUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(id))
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -104,7 +104,7 @@ func (h *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, user)
 }
 
-func (h *handler) GetUser(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -116,13 +116,13 @@ func (h *handler) GetUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
+	user, err := handler.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
 	if err != nil {
 		render.Error(w, err)
 		return
 	}
 
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
+	userRoles, err := handler.getter.GetRolesByUserID(ctx, user.ID)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -136,7 +136,7 @@ func (h *handler) GetUser(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, userWithRoles)
 }
 
-func (h *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -146,7 +146,7 @@ func (h *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, err := h.getter.GetDeprecatedUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID))
+	user, err := handler.getter.GetDeprecatedUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID))
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -155,7 +155,7 @@ func (h *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, user)
 }
 
-func (h *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -165,13 +165,13 @@ func (h *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID))
+	user, err := handler.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID))
 	if err != nil {
 		render.Error(w, err)
 		return
 	}
 
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
+	userRoles, err := handler.getter.GetRolesByUserID(ctx, user.ID)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -185,7 +185,7 @@ func (h *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, userWithRoles)
 }
 
-func (h *handler) UpdateMyUser(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) UpdateMyUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -201,7 +201,7 @@ func (h *handler) UpdateMyUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	_, err = h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), updatableUser)
+	_, err = handler.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), updatableUser)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -210,7 +210,7 @@ func (h *handler) UpdateMyUser(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (h *handler) ListUsersDeprecated(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) ListUsersDeprecated(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -220,7 +220,7 @@ func (h *handler) ListUsersDeprecated(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	users, err := h.getter.ListDeprecatedUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
+	users, err := handler.getter.ListDeprecatedUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -229,7 +229,7 @@ func (h *handler) ListUsersDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, users)
 }
 
-func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -239,7 +239,7 @@ func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	users, err := h.getter.ListUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
+	users, err := handler.getter.ListUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -248,7 +248,7 @@ func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, users)
 }
 
-func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -266,7 +266,7 @@ func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	updatedUser, err := h.setter.UpdateUserDeprecated(ctx, valuer.MustNewUUID(claims.OrgID), id, &user)
+	updatedUser, err := handler.setter.UpdateUserDeprecated(ctx, valuer.MustNewUUID(claims.OrgID), id, &user)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -275,7 +275,7 @@ func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, updatedUser)
 }
 
-func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -298,7 +298,7 @@ func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	_, err = h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), updatableUser)
+	_, err = handler.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), updatableUser)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -307,7 +307,7 @@ func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (h *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -319,7 +319,7 @@ func (h *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := h.setter.DeleteUser(ctx, valuer.MustNewUUID(claims.OrgID), id, claims.IdentityID()); err != nil {
+	if err := handler.setter.DeleteUser(ctx, valuer.MustNewUUID(claims.OrgID), id, claims.IdentityID()); err != nil {
 		render.Error(w, err)
 		return
 	}
@@ -327,7 +327,7 @@ func (h *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (handler *handler) GetResetPasswordToken(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetResetPasswordTokenDeprecated(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -354,6 +354,62 @@ func (handler *handler) GetResetPasswordToken(w http.ResponseWriter, r *http.Req
 	render.Success(w, http.StatusOK, token)
 }
 
+func (handler *handler) GetResetPasswordToken(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	userID, err := valuer.NewUUID(mux.Vars(r)["id"])
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	token, err := handler.getter.GetResetPasswordTokenByOrgIDAndUserID(ctx, valuer.MustNewUUID(claims.OrgID), userID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	render.Success(w, http.StatusOK, token)
+}
+
+func (handler *handler) CreateResetPasswordToken(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	userID, err := valuer.NewUUID(mux.Vars(r)["id"])
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	user, err := handler.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), userID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	token, err := handler.setter.GetOrCreateResetPasswordToken(ctx, user.ID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	render.Success(w, http.StatusCreated, token)
+}
+
 func (handler *handler) ResetPassword(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
@@ -392,7 +448,7 @@ func (handler *handler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (h *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -402,7 +458,7 @@ func (h *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err := h.setter.ForgotPassword(ctx, req.OrgID, req.Email, req.FrontendBaseURL)
+	err := handler.setter.ForgotPassword(ctx, req.OrgID, req.Email, req.FrontendBaseURL)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -411,7 +467,7 @@ func (h *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (h *handler) GetRolesByUserID(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetRolesByUserID(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -423,13 +479,13 @@ func (h *handler) GetRolesByUserID(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
+	user, err := handler.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
 	if err != nil {
 		render.Error(w, err)
 		return
 	}
 
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
+	userRoles, err := handler.getter.GetRolesByUserID(ctx, user.ID)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -443,7 +499,7 @@ func (h *handler) GetRolesByUserID(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, roles)
 }
 
-func (h *handler) SetRoleByUserID(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) SetRoleByUserID(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -471,7 +527,7 @@ func (h *handler) SetRoleByUserID(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := h.setter.AddUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), postableRole.Name); err != nil {
+	if err := handler.setter.AddUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), postableRole.Name); err != nil {
 		render.Error(w, err)
 		return
 	}
@@ -479,7 +535,7 @@ func (h *handler) SetRoleByUserID(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, nil)
 }
 
-func (h *handler) RemoveUserRoleByRoleID(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) RemoveUserRoleByRoleID(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -497,7 +553,7 @@ func (h *handler) RemoveUserRoleByRoleID(w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	if err := h.setter.RemoveUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), valuer.MustNewUUID(roleID)); err != nil {
+	if err := handler.setter.RemoveUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), valuer.MustNewUUID(roleID)); err != nil {
 		render.Error(w, err)
 		return
 	}
@@ -505,7 +561,7 @@ func (h *handler) RemoveUserRoleByRoleID(w http.ResponseWriter, r *http.Request)
 	render.Success(w, http.StatusNoContent, nil)
 }
 
-func (h *handler) GetUsersByRoleID(w http.ResponseWriter, r *http.Request) {
+func (handler *handler) GetUsersByRoleID(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -517,7 +573,7 @@ func (h *handler) GetUsersByRoleID(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	users, err := h.getter.GetUsersByOrgIDAndRoleID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(roleID))
+	users, err := handler.getter.GetUsersByOrgIDAndRoleID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(roleID))
 	if err != nil {
 		render.Error(w, err)
 		return

pkg/modules/user/impluser/store.go

@@ -359,6 +359,26 @@ func (store *store) GetResetPasswordTokenByPasswordID(ctx context.Context, passw
 	return resetPasswordToken, nil
 }
 
+func (store *store) GetResetPasswordTokenByOrgIDAndUserID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*types.ResetPasswordToken, error) {
+	resetPasswordToken := new(types.ResetPasswordToken)
+
+	err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(resetPasswordToken).
+		Join("JOIN factor_password ON factor_password.id = reset_password_token.password_id").
+		Join("JOIN users ON users.id = factor_password.user_id").
+		Where("factor_password.user_id = ?", userID).
+		Where("users.org_id = ?", orgID).
+		Scan(ctx)
+	if err != nil {
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrResetPasswordTokenNotFound, "reset password token for user %s does not exist", userID)
+	}
+
+	return resetPasswordToken, nil
+}
+
 func (store *store) DeleteResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) error {
 	_, err := store.sqlstore.BunDBCtx(ctx).NewDelete().
 		Model(&types.ResetPasswordToken{}).

pkg/modules/user/user.go

@@ -80,6 +80,9 @@ type Getter interface {
 	// Get factor password by user id.
 	GetFactorPasswordByUserID(context.Context, valuer.UUID) (*types.FactorPassword, error)
 
+	// Get reset password token by org id and user id.
+	GetResetPasswordTokenByOrgIDAndUserID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*types.ResetPasswordToken, error)
+
 	// Gets single Non-Deleted user by email and org id
 	GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*types.User, error)
 
@@ -112,7 +115,9 @@ type Handler interface {
 	GetUsersByRoleID(http.ResponseWriter, *http.Request)
 
 	// Reset Password
+	GetResetPasswordTokenDeprecated(http.ResponseWriter, *http.Request)
 	GetResetPasswordToken(http.ResponseWriter, *http.Request)
+	CreateResetPasswordToken(http.ResponseWriter, *http.Request)
 	ResetPassword(http.ResponseWriter, *http.Request)
 	ChangePassword(http.ResponseWriter, *http.Request)
 	ForgotPassword(http.ResponseWriter, *http.Request)

pkg/query-service/app/http_handler.go

@@ -587,6 +587,7 @@ func (aH *APIHandler) RegisterRoutes(router *mux.Router, am *middleware.AuthZ) {
 	router.HandleFunc("/api/v1/query_filter/analyze", am.ViewAccess(aH.QueryParserAPI.AnalyzeQueryFilter)).Methods(http.MethodPost)
 }
 
+
 func Intersection(a, b []int) (c []int) {
 	m := make(map[int]bool)
 

pkg/query-service/app/server.go

@@ -244,20 +244,6 @@ func (s *Server) createPublicServer(api *APIHandler, web web.Web) (*http.Server,
 		return nil, err
 	}
 
-	routePrefix := s.config.Global.ExternalPath()
-	if routePrefix != "" {
-		prefixed := http.StripPrefix(routePrefix, handler)
-		handler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-			switch req.URL.Path {
-			case "/api/v1/health", "/api/v2/healthz", "/api/v2/readyz", "/api/v2/livez":
-				r.ServeHTTP(w, req)
-				return
-			}
-
-			prefixed.ServeHTTP(w, req)
-		})
-	}
-
 	return &http.Server{
 		Handler: handler,
 	}, nil

pkg/signoz/provider.go

@@ -88,9 +88,9 @@ func NewCacheProviderFactories() factory.NamedMap[factory.ProviderFactory[cache.
 	)
 }
 
-func NewWebProviderFactories(globalConfig global.Config) factory.NamedMap[factory.ProviderFactory[web.Web, web.Config]] {
+func NewWebProviderFactories() factory.NamedMap[factory.ProviderFactory[web.Web, web.Config]] {
 	return factory.MustNewNamedMap(
-		routerweb.NewFactory(globalConfig),
+		routerweb.NewFactory(),
 		noopweb.NewFactory(),
 	)
 }

pkg/signoz/provider_test.go

@@ -8,7 +8,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager/nfmanagertest"
 	"github.com/SigNoz/signoz/pkg/analytics"
 	"github.com/SigNoz/signoz/pkg/flagger"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
@@ -35,7 +34,7 @@ func TestNewProviderFactories(t *testing.T) {
 	})
 
 	assert.NotPanics(t, func() {
-		NewWebProviderFactories(global.Config{})
+		NewWebProviderFactories()
 	})
 
 	assert.NotPanics(t, func() {

pkg/types/user.go

@@ -284,6 +284,7 @@ type UserStore interface {
 	GetPasswordByUserID(ctx context.Context, userID valuer.UUID) (*FactorPassword, error)
 	GetResetPasswordToken(ctx context.Context, token string) (*ResetPasswordToken, error)
 	GetResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) (*ResetPasswordToken, error)
+	GetResetPasswordTokenByOrgIDAndUserID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*ResetPasswordToken, error)
 	DeleteResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) error
 	UpdatePassword(ctx context.Context, password *FactorPassword) error
 

pkg/web/config.go

@@ -8,11 +8,10 @@ import (
 type Config struct {
 	// Whether the web package is enabled.
 	Enabled bool `mapstructure:"enabled"`
-
-	// The name of the index file to serve.
-	Index string `mapstructure:"index"`
-
-	// The directory from which to serve the web files.
+	// The prefix to serve the files from
+	Prefix string `mapstructure:"prefix"`
+	// The directory containing the static build files. The root of this directory should
+	// have an index.html file.
 	Directory string `mapstructure:"directory"`
 }
 
@@ -23,7 +22,7 @@ func NewConfigFactory() factory.ConfigFactory {
 func newConfig() factory.Config {
 	return &Config{
 		Enabled:   true,
-		Index:     "index.html",
+		Prefix:    "/",
 		Directory: "/etc/signoz/web",
 	}
 }

pkg/web/config_test.go

@@ -12,6 +12,7 @@ import (
 )
 
 func TestNewWithEnvProvider(t *testing.T) {
+	t.Setenv("SIGNOZ_WEB_PREFIX", "/web")
 	t.Setenv("SIGNOZ_WEB_ENABLED", "false")
 
 	conf, err := config.New(
@@ -36,7 +37,7 @@ func TestNewWithEnvProvider(t *testing.T) {
 
 	expected := &Config{
 		Enabled:   false,
-		Index:     def.Index,
+		Prefix:    "/web",
 		Directory: def.Directory,
 	}
 

pkg/web/routerweb/provider.go

@@ -8,55 +8,56 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/web"
 	"github.com/gorilla/mux"
 )
 
+const (
+	indexFileName string = "index.html"
+)
+
 type provider struct {
-	config        web.Config
-	indexContents []byte
-	fileHandler   http.Handler
+	config web.Config
 }
 
-func NewFactory(globalConfig global.Config) factory.ProviderFactory[web.Web, web.Config] {
-	return factory.NewProviderFactory(factory.MustNewName("router"), func(ctx context.Context, settings factory.ProviderSettings, config web.Config) (web.Web, error) {
-		return New(ctx, settings, config, globalConfig)
-	})
+func NewFactory() factory.ProviderFactory[web.Web, web.Config] {
+	return factory.NewProviderFactory(factory.MustNewName("router"), New)
 }
 
-func New(ctx context.Context, settings factory.ProviderSettings, config web.Config, globalConfig global.Config) (web.Web, error) {
+func New(ctx context.Context, settings factory.ProviderSettings, config web.Config) (web.Web, error) {
 	fi, err := os.Stat(config.Directory)
 	if err != nil {
 		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "cannot access web directory")
 	}
 
-	if !fi.IsDir() {
+	ok := fi.IsDir()
+	if !ok {
 		return nil, errors.NewInvalidInputf(errors.CodeInvalidInput, "web directory is not a directory")
 	}
 
-	indexPath := filepath.Join(config.Directory, config.Index)
-	raw, err := os.ReadFile(indexPath)
+	fi, err = os.Stat(filepath.Join(config.Directory, indexFileName))
 	if err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "cannot read %q in web directory", config.Index)
+		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "cannot access %q in web directory", indexFileName)
 	}
 
-	logger := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/web/routerweb").Logger()
-	indexContents := web.NewIndex(ctx, logger, config.Index, raw, web.TemplateData{BaseHref: globalConfig.ExternalPathTrailing()})
+	if os.IsNotExist(err) || fi.IsDir() {
+		return nil, errors.NewInvalidInputf(errors.CodeInvalidInput, "%q does not exist", indexFileName)
+	}
 
 	return &provider{
-		config:        config,
-		indexContents: indexContents,
-		fileHandler:   http.FileServer(http.Dir(config.Directory)),
+		config: config,
 	}, nil
 }
 
 func (provider *provider) AddToRouter(router *mux.Router) error {
 	cache := middleware.NewCache(0)
-	err := router.PathPrefix("/").
+	err := router.PathPrefix(provider.config.Prefix).
 		Handler(
-			cache.Wrap(http.HandlerFunc(provider.ServeHTTP)),
+			http.StripPrefix(
+				provider.config.Prefix,
+				cache.Wrap(http.HandlerFunc(provider.ServeHTTP)),
+			),
 		).GetError()
 	if err != nil {
 		return errors.WrapInternalf(err, errors.CodeInternal, "unable to add web to router")
@@ -74,7 +75,7 @@ func (provider *provider) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 	if err != nil {
 		// if the file doesn't exist, serve index.html
 		if os.IsNotExist(err) {
-			provider.serveIndex(rw)
+			http.ServeFile(rw, req, filepath.Join(provider.config.Directory, indexFileName))
 			return
 		}
 
@@ -86,15 +87,10 @@ func (provider *provider) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 
 	if fi.IsDir() {
 		// path is a directory, serve index.html
-		provider.serveIndex(rw)
+		http.ServeFile(rw, req, filepath.Join(provider.config.Directory, indexFileName))
 		return
 	}
 
 	// otherwise, use http.FileServer to serve the static file
-	provider.fileHandler.ServeHTTP(rw, req)
-}
-
-func (provider *provider) serveIndex(rw http.ResponseWriter) {
-	rw.Header().Set("Content-Type", "text/html; charset=utf-8")
-	_, _ = rw.Write(provider.indexContents)
+	http.FileServer(http.Dir(provider.config.Directory)).ServeHTTP(rw, req)
 }

pkg/web/routerweb/provider_test.go

@@ -5,113 +5,45 @@ import (
 	"io"
 	"net"
 	"net/http"
-	"net/url"
 	"os"
 	"path/filepath"
-	"strings"
 	"testing"
 
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
-	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/web"
 	"github.com/gorilla/mux"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func startServer(t *testing.T, config web.Config, globalConfig global.Config) string {
-	t.Helper()
+func TestServeHttpWithoutPrefix(t *testing.T) {
+	t.Parallel()
+	fi, err := os.Open(filepath.Join("testdata", indexFileName))
+	require.NoError(t, err)
 
-	web, err := New(context.Background(), factorytest.NewSettings(), config, globalConfig)
+	expected, err := io.ReadAll(fi)
+	require.NoError(t, err)
+
+	web, err := New(context.Background(), factorytest.NewSettings(), web.Config{Prefix: "/", Directory: filepath.Join("testdata")})
 	require.NoError(t, err)
 
 	router := mux.NewRouter()
-	require.NoError(t, web.AddToRouter(router))
+	err = web.AddToRouter(router)
+	require.NoError(t, err)
 
 	listener, err := net.Listen("tcp", "localhost:0")
 	require.NoError(t, err)
 
-	server := &http.Server{Handler: router}
-	go func() { _ = server.Serve(listener) }()
-	t.Cleanup(func() { _ = server.Close() })
-
-	return "http://" + listener.Addr().String()
-}
-
-func httpGet(t *testing.T, url string) string {
-	t.Helper()
-
-	res, err := http.DefaultClient.Get(url)
-	require.NoError(t, err)
-	defer func() { _ = res.Body.Close() }()
-
-	body, err := io.ReadAll(res.Body)
-	require.NoError(t, err)
-
-	return string(body)
-}
-
-func TestServeTemplatedIndex(t *testing.T) {
-	t.Parallel()
-
-	testCases := []struct {
-		name         string
-		path         string
-		globalConfig global.Config
-		expected     string
-	}{
-		{
-			name:         "RootBaseHrefAtRoot",
-			path:         "/",
-			globalConfig: global.Config{},
-			expected:     `<html><head><base href="/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
-		{
-			name:         "RootBaseHrefAtNonExistentPath",
-			path:         "/does-not-exist",
-			globalConfig: global.Config{},
-			expected:     `<html><head><base href="/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
-		{
-			name:         "RootBaseHrefAtDirectory",
-			path:         "/assets",
-			globalConfig: global.Config{},
-			expected:     `<html><head><base href="/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
-		{
-			name:         "SubPathBaseHrefAtRoot",
-			path:         "/",
-			globalConfig: global.Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/signoz"}},
-			expected:     `<html><head><base href="/signoz/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
-		{
-			name:         "SubPathBaseHrefAtNonExistentPath",
-			path:         "/does-not-exist",
-			globalConfig: global.Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/signoz"}},
-			expected:     `<html><head><base href="/signoz/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
-		{
-			name:         "SubPathBaseHrefAtDirectory",
-			path:         "/assets",
-			globalConfig: global.Config{ExternalURL: &url.URL{Scheme: "https", Host: "example.com", Path: "/signoz"}},
-			expected:     `<html><head><base href="/signoz/" /></head><body>Welcome to test data!!!</body></html>`,
-		},
+	server := &http.Server{
+		Handler: router,
 	}
 
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			base := startServer(t, web.Config{Index: "valid_template.html", Directory: "testdata"}, testCase.globalConfig)
-
-			assert.Equal(t, testCase.expected, strings.TrimSuffix(httpGet(t, base+testCase.path), "\n"))
-		})
-	}
-}
-
-func TestServeNoTemplateIndex(t *testing.T) {
-	t.Parallel()
-
-	expected, err := os.ReadFile(filepath.Join("testdata", "no_template.html"))
-	require.NoError(t, err)
+	go func() {
+		_ = server.Serve(listener)
+	}()
+	defer func() {
+		_ = server.Close()
+	}()
 
 	testCases := []struct {
 		name string
@@ -122,7 +54,11 @@ func TestServeNoTemplateIndex(t *testing.T) {
 			path: "/",
 		},
 		{
-			name: "NonExistentPath",
+			name: "Index",
+			path: "/" + indexFileName,
+		},
+		{
+			name: "DoesNotExist",
 			path: "/does-not-exist",
 		},
 		{
@@ -131,55 +67,104 @@ func TestServeNoTemplateIndex(t *testing.T) {
 		},
 	}
 
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			base := startServer(t, web.Config{Index: "no_template.html", Directory: "testdata"}, global.Config{})
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			res, err := http.DefaultClient.Get("http://" + listener.Addr().String() + tc.path)
+			require.NoError(t, err)
 
-			assert.Equal(t, string(expected), httpGet(t, base+testCase.path))
+			defer func() {
+				_ = res.Body.Close()
+			}()
+
+			actual, err := io.ReadAll(res.Body)
+			require.NoError(t, err)
+
+			assert.Equal(t, expected, actual)
 		})
 	}
+
 }
 
-func TestServeInvalidTemplateIndex(t *testing.T) {
+func TestServeHttpWithPrefix(t *testing.T) {
 	t.Parallel()
-
-	expected, err := os.ReadFile(filepath.Join("testdata", "invalid_template.html"))
+	fi, err := os.Open(filepath.Join("testdata", indexFileName))
 	require.NoError(t, err)
 
+	expected, err := io.ReadAll(fi)
+	require.NoError(t, err)
+
+	web, err := New(context.Background(), factorytest.NewSettings(), web.Config{Prefix: "/web", Directory: filepath.Join("testdata")})
+	require.NoError(t, err)
+
+	router := mux.NewRouter()
+	err = web.AddToRouter(router)
+	require.NoError(t, err)
+
+	listener, err := net.Listen("tcp", "localhost:0")
+	require.NoError(t, err)
+
+	server := &http.Server{
+		Handler: router,
+	}
+
+	go func() {
+		_ = server.Serve(listener)
+	}()
+	defer func() {
+		_ = server.Close()
+	}()
+
 	testCases := []struct {
-		name string
-		path string
+		name  string
+		path  string
+		found bool
 	}{
 		{
-			name: "Root",
-			path: "/",
+			name:  "Root",
+			path:  "/web",
+			found: true,
 		},
 		{
-			name: "NonExistentPath",
-			path: "/does-not-exist",
+			name:  "Index",
+			path:  "/web/" + indexFileName,
+			found: true,
 		},
 		{
-			name: "Directory",
-			path: "/assets",
+			name:  "FileDoesNotExist",
+			path:  "/web/does-not-exist",
+			found: true,
+		},
+		{
+			name:  "Directory",
+			path:  "/web/assets",
+			found: true,
+		},
+		{
+			name:  "DoesNotExist",
+			path:  "/does-not-exist",
+			found: false,
 		},
 	}
 
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			base := startServer(t, web.Config{Index: "invalid_template.html", Directory: "testdata"}, global.Config{ExternalURL: &url.URL{Path: "/signoz"}})
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			res, err := http.DefaultClient.Get("http://" + listener.Addr().String() + tc.path)
+			require.NoError(t, err)
+
+			defer func() {
+				_ = res.Body.Close()
+			}()
+
+			if tc.found {
+				actual, err := io.ReadAll(res.Body)
+				require.NoError(t, err)
+
+				assert.Equal(t, expected, actual)
+			} else {
+				assert.Equal(t, http.StatusNotFound, res.StatusCode)
+			}
 
-			assert.Equal(t, string(expected), httpGet(t, base+testCase.path))
 		})
 	}
-}
-
-func TestServeStaticFilesUnchanged(t *testing.T) {
-	t.Parallel()
-
-	expected, err := os.ReadFile(filepath.Join("testdata", "assets", "style.css"))
-	require.NoError(t, err)
-
-	base := startServer(t, web.Config{Index: "valid_template.html", Directory: "testdata"}, global.Config{ExternalURL: &url.URL{Path: "/signoz"}})
-
-	assert.Equal(t, string(expected), httpGet(t, base+"/assets/style.css"))
+
 }

pkg/web/routerweb/testdata/assets/index.css

@@ -0,0 +1,3 @@
+#root {
+  background-color: red;
+}

pkg/web/routerweb/testdata/assets/style.css

@@ -1 +0,0 @@
-body { color: red; }

pkg/web/routerweb/testdata/index.html

@@ -0,0 +1 @@
+<h1>Welcome to test data!!!</h1>

pkg/web/routerweb/testdata/invalid_template.html

@@ -1 +0,0 @@
-<html><head><base href="[[." /></head><body>Bad template</body></html>

pkg/web/routerweb/testdata/no_template.html

@@ -1 +0,0 @@
-<html><head></head><body>No template here</body></html>

pkg/web/routerweb/testdata/valid_template.html

@@ -1 +0,0 @@
-<html><head><base href="[[.BaseHref]]" /></head><body>Welcome to test data!!!</body></html>

pkg/web/template.go

@@ -1,42 +0,0 @@
-package web
-
-import (
-	"bytes"
-	"context"
-	"log/slog"
-	"text/template"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-)
-
-// Field names map to the HTML attributes they populate in the template:
-//   - BaseHref  → <base href="[[.BaseHref]]" />
-type TemplateData struct {
-	BaseHref string
-}
-
-// If the template cannot be parsed or executed, the raw bytes are
-// returned unchanged and the error is logged.
-func NewIndex(ctx context.Context, logger *slog.Logger, name string, raw []byte, data TemplateData) []byte {
-	result, err := NewIndexE(name, raw, data)
-	if err != nil {
-		logger.ErrorContext(ctx, "cannot render index template, serving raw file", slog.String("name", name), errors.Attr(err))
-		return raw
-	}
-
-	return result
-}
-
-func NewIndexE(name string, raw []byte, data TemplateData) ([]byte, error) {
-	tmpl, err := template.New(name).Delims("[[", "]]").Parse(string(raw))
-	if err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "cannot parse %q as template", name)
-	}
-
-	var buf bytes.Buffer
-	if err := tmpl.Execute(&buf, data); err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "cannot execute template for %q", name)
-	}
-
-	return buf.Bytes(), nil
-}

tests/integration/src/passwordauthn/03_password.py

@@ -91,17 +91,42 @@ def test_reset_password(
     # Get the user id via v2
     found_user = find_user_by_email(signoz, admin_token, PASSWORD_USER_EMAIL)
 
-    response = requests.get(
+    # Create a reset password token via v2 POST
+    response = requests.post(
         signoz.self.host_configs["8080"].get(
-            f"/api/v1/getResetPasswordToken/{found_user['id']}"
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
         ),
         headers={"Authorization": f"Bearer {admin_token}"},
         timeout=2,
     )
 
-    assert response.status_code == HTTPStatus.OK
+    assert response.status_code == HTTPStatus.CREATED, response.text
+    token_data = response.json()["data"]
+    assert "token" in token_data
+    assert "expiresAt" in token_data
+    token = token_data["token"]
 
-    token = response.json()["data"]["token"]
+    # Calling POST again should return the same token (still valid)
+    response = requests.post(
+        signoz.self.host_configs["8080"].get(
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
+        ),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=2,
+    )
+    assert response.status_code == HTTPStatus.CREATED, response.text
+    assert response.json()["data"]["token"] == token
+
+    # GET should also return the same token
+    response = requests.get(
+        signoz.self.host_configs["8080"].get(
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
+        ),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=2,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text
+    assert response.json()["data"]["token"] == token
 
     # Reset the password with a bad password which should fail
     response = requests.post(
@@ -140,18 +165,29 @@ def test_reset_password_with_no_password(
         )
         assert result.rowcount == 1
 
-    # Generate a new reset password token
+    # GET should return 404 since there's no password (and thus no token)
     response = requests.get(
         signoz.self.host_configs["8080"].get(
-            f"/api/v1/getResetPasswordToken/{found_user['id']}"
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
+        ),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=2,
+    )
+    assert response.status_code == HTTPStatus.NOT_FOUND, response.text
+
+    # Generate a new reset password token via v2 POST
+    response = requests.post(
+        signoz.self.host_configs["8080"].get(
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
         ),
         headers={"Authorization": f"Bearer {admin_token}"},
         timeout=2,
     )
 
-    assert response.status_code == HTTPStatus.OK
-
-    token = response.json()["data"]["token"]
+    assert response.status_code == HTTPStatus.CREATED, response.text
+    token_data = response.json()["data"]
+    assert "expiresAt" in token_data
+    token = token_data["token"]
 
     # Reset the password with a good password
     response = requests.post(
@@ -262,32 +298,22 @@ def test_forgot_password_creates_reset_token(
     )
     assert response.status_code == HTTPStatus.NO_CONTENT
 
-    # Verify reset password token was created by querying the database
+    # Verify reset password token was created via the v2 GET endpoint
     found_user = find_user_by_email(signoz, admin_token, forgot_email)
 
-    reset_token = None
-    # Query the database directly to get the reset password token
-    # First get the password_id from factor_password, then get the token
-    with signoz.sqlstore.conn.connect() as conn:
-        result = conn.execute(
-            sql.text(
-                """
-                SELECT rpt.token
-                FROM reset_password_token rpt
-                JOIN factor_password fp ON rpt.password_id = fp.id
-                WHERE fp.user_id = :user_id
-            """
-            ),
-            {"user_id": found_user["id"]},
-        )
-        row = result.fetchone()
-        assert (
-            row is not None
-        ), "Reset password token should exist after calling forgotPassword"
-        reset_token = row[0]
-
+    response = requests.get(
+        signoz.self.host_configs["8080"].get(
+            f"/api/v2/users/{found_user['id']}/reset_password_tokens"
+        ),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=2,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text
+    token_data = response.json()["data"]
+    reset_token = token_data["token"]
     assert reset_token is not None
     assert reset_token != ""
+    assert "expiresAt" in token_data
 
     # Reset password with a valid strong password
     response = requests.post(