fix(user): add config for user invite token expiry (#10618 )

* fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites
fix: return not-found error with diagnostic info for absent metrics (#10560 )
2026-03-17 18:32:11 +00:00 · 2026-03-17 16:57:29 +00:00 · 2026-03-17 16:15:32 +00:00 · 2026-03-17 15:43:58 +00:00 · 2026-03-17 11:51:30 +00:00 · 2026-03-17 11:29:34 +00:00
88 changed files with 2029 additions and 955 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -105,6 +105,10 @@ go.mod @therealpandey
 /pkg/modules/authdomain/ @vikrantgupta25
 /pkg/modules/role/ @vikrantgupta25

+# IdentN Owners 
+/pkg/identn/ @vikrantgupta25
+/pkg/http/middleware/identn.go @vikrantgupta25
+
 # Integration tests

 /tests/integration/ @vikrantgupta25
--- a/.github/workflows/goci.yaml
+++ b/.github/workflows/goci.yaml
@@ -102,13 +102,3 @@ jobs:
        run: |
          go run cmd/enterprise/*.go generate openapi
          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in openapi spec. Run go run cmd/enterprise/*.go generate openapi locally and commit."; exit 1)
-      - name: node-install
-        uses: actions/setup-node@v5
-        with:
-          node-version: "22"
-      - name: install-frontend
-        run: cd frontend && yarn install
-      - name: generate-api-clients
-        run: |
-          cd frontend && yarn generate:api
-          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run yarn generate:api in frontend/ locally and commit."; exit 1)
--- a/.github/workflows/jsci.yaml
+++ b/.github/workflows/jsci.yaml
@@ -52,16 +52,16 @@ jobs:
    with:
      PRIMUS_REF: main
      JS_SRC: frontend
-  md-languages:
+  languages:
    if: |
      github.event_name == 'merge_group' ||
      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
    runs-on: ubuntu-latest
    steps:
-      - name: checkout
+      - name: self-checkout
        uses: actions/checkout@v4
-      - name: validate md languages
+      - name: run
        run: bash frontend/scripts/validate-md-languages.sh
  authz:
    if: |
@@ -70,44 +70,55 @@ jobs:
      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
    runs-on: ubuntu-latest
    steps:
-      - name: Checkout code
+      - name: self-checkout
        uses: actions/checkout@v5
-
-      - name: Set up Node.js
+      - name: node-install
        uses: actions/setup-node@v5
        with:
          node-version: "22"
-
-      - name: Install frontend dependencies
+      - name: deps-install
        working-directory: ./frontend
        run: |
          yarn install
-
-      - name: Install uv
+      - name: uv-install
        uses: astral-sh/setup-uv@v5
-
-      - name: Install Python dependencies
+      - name: uv-deps
        working-directory: ./tests/integration
        run: |
          uv sync
-
-      - name: Start test environment
+      - name: setup-test
        run: |
          make py-test-setup
-
-      - name: Generate permissions.type.ts
+      - name: generate
        working-directory: ./frontend
        run: |
          yarn generate:permissions-type
-
-      - name: Teardown test environment
+      - name: teardown-test
        if: always()
        run: |
          make py-test-teardown
-
-      - name: Check for changes
+      - name: validate
        run: |
          if ! git diff --exit-code frontend/src/hooks/useAuthZ/permissions.type.ts; then
            echo "::error::frontend/src/hooks/useAuthZ/permissions.type.ts is out of date. Please run the generator locally and commit the changes: npm run generate:permissions-type (from the frontend directory)"
            exit 1
          fi
+  openapi:
+    if: |
+      github.event_name == 'merge_group' ||
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: self-checkout
+        uses: actions/checkout@v4
+      - name: node-install
+        uses: actions/setup-node@v5
+        with:
+          node-version: "22"
+      - name: install-frontend
+        run: cd frontend && yarn install
+      - name: generate-api-clients
+        run: |
+          cd frontend && yarn generate:api
+          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run yarn generate:api in frontend/ locally and commit."; exit 1)
--- a/cmd/community/server.go
+++ b/cmd/community/server.go
@@ -18,7 +18,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -74,8 +73,8 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		},
 		signoz.NewSQLStoreProviderFactories(),
 		signoz.NewTelemetryStoreProviderFactories(),
-		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing, userGetter user.Getter) (map[authtypes.AuthNProvider]authn.AuthN, error) {
-			return signoz.NewAuthNs(ctx, providerSettings, store, licensing, userGetter)
+		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
+			return signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 		},
 		func(ctx context.Context, sqlstore sqlstore.SQLStore, _ licensing.Licensing, _ dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
--- a/cmd/enterprise/server.go
+++ b/cmd/enterprise/server.go
@@ -9,12 +9,12 @@ import (
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/oidccallbackauthn"
 	"github.com/SigNoz/signoz/ee/authn/callbackauthn/samlcallbackauthn"
 	"github.com/SigNoz/signoz/ee/authz/openfgaauthz"
+	eequerier "github.com/SigNoz/signoz/ee/querier"
 	"github.com/SigNoz/signoz/ee/authz/openfgaschema"
 	"github.com/SigNoz/signoz/ee/gateway/httpgateway"
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
-	eequerier "github.com/SigNoz/signoz/ee/querier"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
 	"github.com/SigNoz/signoz/ee/sqlschema/postgressqlschema"
 	"github.com/SigNoz/signoz/ee/sqlstore/postgressqlstore"
@@ -29,7 +29,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -96,7 +95,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		},
 		sqlstoreFactories,
 		signoz.NewTelemetryStoreProviderFactories(),
-		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing, userGetter user.Getter) (map[authtypes.AuthNProvider]authn.AuthN, error) {
+		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
 			samlCallbackAuthN, err := samlcallbackauthn.New(ctx, store, licensing)
 			if err != nil {
 				return nil, err
@@ -107,7 +106,7 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 				return nil, err
 			}

-			authNs, err := signoz.NewAuthNs(ctx, providerSettings, store, licensing, userGetter)
+			authNs, err := signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 			if err != nil {
 				return nil, err
 			}
--- a/conf/example.yaml
+++ b/conf/example.yaml
@@ -308,6 +308,9 @@ user:
      allow_self: true
      # The duration within which a user can reset their password.
      max_token_lifetime: 6h
+    invite:
+      # The duration within which a user can accept their invite.
+      max_token_lifetime: 48h
  root:
    # Whether to enable the root user. When enabled, a root user is provisioned
    # on startup using the email and password below. The root user cannot be
@@ -321,3 +324,19 @@ user:
    org:
      name: default
      id: 00000000-0000-0000-0000-000000000000
+
+##################### IdentN #####################
+identn:
+  tokenizer:
+    # toggle the identN resolver
+    enabled: true
+    # headers to use for tokenizer identN resolver
+    headers:
+      - Authorization
+      - Sec-WebSocket-Protocol
+  apikey:
+    # toggle the identN resolver
+    enabled: true
+    # headers to use for apikey identN resolver
+    headers:
+      - SIGNOZ-API-KEY
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
@@ -1984,6 +1984,52 @@ components:
            type: string
          type: array
      type: object
+    TypesChangePasswordRequest:
+      properties:
+        newPassword:
+          type: string
+        oldPassword:
+          type: string
+        userId:
+          type: string
+      type: object
+    TypesGettableAPIKey:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        createdBy:
+          type: string
+        createdByUser:
+          $ref: '#/components/schemas/TypesUser'
+        expiresAt:
+          format: int64
+          type: integer
+        id:
+          type: string
+        lastUsed:
+          format: int64
+          type: integer
+        name:
+          type: string
+        revoked:
+          type: boolean
+        role:
+          type: string
+        token:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+        updatedBy:
+          type: string
+        updatedByUser:
+          $ref: '#/components/schemas/TypesUser'
+        userId:
+          type: string
+      required:
+      - id
+      type: object
    TypesGettableGlobalConfig:
      properties:
        external_url:
@@ -1998,6 +2044,31 @@ components:
      required:
      - id
      type: object
+    TypesInvite:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        email:
+          type: string
+        id:
+          type: string
+        inviteLink:
+          type: string
+        name:
+          type: string
+        orgId:
+          type: string
+        role:
+          type: string
+        token:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+      required:
+      - id
+      type: object
    TypesOrganization:
      properties:
        alias:
@@ -2020,78 +2091,7 @@ components:
      required:
      - id
      type: object
-    UsertypesChangePasswordRequest:
-      properties:
-        newPassword:
-          type: string
-        oldPassword:
-          type: string
-        userId:
-          type: string
-      type: object
-    UsertypesGettableAPIKey:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        createdBy:
-          type: string
-        createdByUser:
-          $ref: '#/components/schemas/UsertypesUser'
-        expiresAt:
-          format: int64
-          type: integer
-        id:
-          type: string
-        lastUsed:
-          format: int64
-          type: integer
-        name:
-          type: string
-        revoked:
-          type: boolean
-        role:
-          type: string
-        token:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-        updatedBy:
-          type: string
-        updatedByUser:
-          $ref: '#/components/schemas/UsertypesUser'
-        userId:
-          type: string
-      required:
-      - id
-      type: object
-    UsertypesInvite:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        email:
-          type: string
-        id:
-          type: string
-        inviteLink:
-          type: string
-        name:
-          type: string
-        orgId:
-          type: string
-        role:
-          type: string
-        token:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-      required:
-      - id
-      type: object
-    UsertypesPostableAPIKey:
+    TypesPostableAPIKey:
      properties:
        expiresInDays:
          format: int64
@@ -2101,7 +2101,7 @@ components:
        role:
          type: string
      type: object
-    UsertypesPostableAcceptInvite:
+    TypesPostableAcceptInvite:
      properties:
        displayName:
          type: string
@@ -2112,16 +2112,16 @@ components:
        token:
          type: string
      type: object
-    UsertypesPostableBulkInviteRequest:
+    TypesPostableBulkInviteRequest:
      properties:
        invites:
          items:
-            $ref: '#/components/schemas/UsertypesPostableInvite'
+            $ref: '#/components/schemas/TypesPostableInvite'
          type: array
      required:
      - invites
      type: object
-    UsertypesPostableForgotPassword:
+    TypesPostableForgotPassword:
      properties:
        email:
          type: string
@@ -2133,7 +2133,7 @@ components:
      - orgId
      - email
      type: object
-    UsertypesPostableInvite:
+    TypesPostableInvite:
      properties:
        email:
          type: string
@@ -2144,14 +2144,14 @@ components:
        role:
          type: string
      type: object
-    UsertypesPostableResetPassword:
+    TypesPostableResetPassword:
      properties:
        password:
          type: string
        token:
          type: string
      type: object
-    UsertypesResetPasswordToken:
+    TypesResetPasswordToken:
      properties:
        expiresAt:
          format: date-time
@@ -2165,7 +2165,7 @@ components:
      required:
      - id
      type: object
-    UsertypesStorableAPIKey:
+    TypesStorableAPIKey:
      properties:
        createdAt:
          format: date-time
@@ -2192,7 +2192,7 @@ components:
      required:
      - id
      type: object
-    UsertypesUser:
+    TypesUser:
      properties:
        createdAt:
          format: date-time
@@ -2392,7 +2392,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesChangePasswordRequest'
+              $ref: '#/components/schemas/TypesChangePasswordRequest'
      responses:
        "204":
          description: No Content
@@ -3197,7 +3197,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesResetPasswordToken'
+                    $ref: '#/components/schemas/TypesResetPasswordToken'
                  status:
                    type: string
                required:
@@ -3302,7 +3302,7 @@ paths:
                properties:
                  data:
                    items:
-                      $ref: '#/components/schemas/UsertypesInvite'
+                      $ref: '#/components/schemas/TypesInvite'
                    type: array
                  status:
                    type: string
@@ -3345,7 +3345,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableInvite'
+              $ref: '#/components/schemas/TypesPostableInvite'
      responses:
        "201":
          content:
@@ -3353,7 +3353,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesInvite'
+                    $ref: '#/components/schemas/TypesInvite'
                  status:
                    type: string
                required:
@@ -3469,7 +3469,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesInvite'
+                    $ref: '#/components/schemas/TypesInvite'
                  status:
                    type: string
                required:
@@ -3507,7 +3507,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableAcceptInvite'
+              $ref: '#/components/schemas/TypesPostableAcceptInvite'
      responses:
        "201":
          content:
@@ -3515,7 +3515,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesUser'
+                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
                required:
@@ -3553,7 +3553,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableBulkInviteRequest'
+              $ref: '#/components/schemas/TypesPostableBulkInviteRequest'
      responses:
        "201":
          description: Created
@@ -3878,7 +3878,7 @@ paths:
                properties:
                  data:
                    items:
-                      $ref: '#/components/schemas/UsertypesGettableAPIKey'
+                      $ref: '#/components/schemas/TypesGettableAPIKey'
                    type: array
                  status:
                    type: string
@@ -3921,7 +3921,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableAPIKey'
+              $ref: '#/components/schemas/TypesPostableAPIKey'
      responses:
        "201":
          content:
@@ -3929,7 +3929,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesGettableAPIKey'
+                    $ref: '#/components/schemas/TypesGettableAPIKey'
                  status:
                    type: string
                required:
@@ -4035,7 +4035,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesStorableAPIKey'
+              $ref: '#/components/schemas/TypesStorableAPIKey'
      responses:
        "204":
          content:
@@ -4196,7 +4196,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableResetPassword'
+              $ref: '#/components/schemas/TypesPostableResetPassword'
      responses:
        "204":
          description: No Content
@@ -5271,7 +5271,7 @@ paths:
                properties:
                  data:
                    items:
-                      $ref: '#/components/schemas/UsertypesUser'
+                      $ref: '#/components/schemas/TypesUser'
                    type: array
                  status:
                    type: string
@@ -5369,7 +5369,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesUser'
+                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
                required:
@@ -5423,7 +5423,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesUser'
+              $ref: '#/components/schemas/TypesUser'
      responses:
        "200":
          content:
@@ -5431,7 +5431,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesUser'
+                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
                required:
@@ -5489,7 +5489,7 @@ paths:
              schema:
                properties:
                  data:
-                    $ref: '#/components/schemas/UsertypesUser'
+                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
                required:
@@ -5692,7 +5692,7 @@ paths:
        content:
          application/json:
            schema:
-              $ref: '#/components/schemas/UsertypesPostableForgotPassword'
+              $ref: '#/components/schemas/TypesPostableForgotPassword'
      responses:
        "204":
          description: No Content
--- a/ee/modules/dashboard/impldashboard/module.go
+++ b/ee/modules/dashboard/impldashboard/module.go
@@ -213,7 +213,7 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, id valuer.U
 	return module.pkgDashboardModule.Update(ctx, orgID, id, updatedBy, data, diff)
 }

-func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role authtypes.LegacyRole, lock bool) error {
+func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error {
 	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, role, lock)
 }

--- a/ee/query-service/app/api/cloudIntegrations.go
+++ b/ee/query-service/app/api/cloudIntegrations.go
@@ -14,8 +14,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	basemodel "github.com/SigNoz/signoz/pkg/query-service/model"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 	"log/slog"
@@ -142,10 +142,10 @@ func (ah *APIHandler) getOrCreateCloudIntegrationPAT(ctx context.Context, orgId
 		"cloud_provider", cloudProvider,
 	)

-	newPAT, err := usertypes.NewStorableAPIKey(
+	newPAT, err := types.NewStorableAPIKey(
 		integrationPATName,
 		integrationUser.ID,
-		authtypes.RoleViewer,
+		types.RoleViewer,
 		0,
 	)
 	if err != nil {
@@ -165,16 +165,16 @@ func (ah *APIHandler) getOrCreateCloudIntegrationPAT(ctx context.Context, orgId

 func (ah *APIHandler) getOrCreateCloudIntegrationUser(
 	ctx context.Context, orgId string, cloudProvider string,
-) (*usertypes.User, *basemodel.ApiError) {
+) (*types.User, *basemodel.ApiError) {
 	cloudIntegrationUserName := fmt.Sprintf("%s-integration", cloudProvider)
 	email := valuer.MustNewEmail(fmt.Sprintf("%s@signoz.io", cloudIntegrationUserName))

-	cloudIntegrationUser, err := usertypes.NewUser(cloudIntegrationUserName, email, authtypes.RoleViewer, valuer.MustNewUUID(orgId), usertypes.UserStatusActive)
+	cloudIntegrationUser, err := types.NewUser(cloudIntegrationUserName, email, types.RoleViewer, valuer.MustNewUUID(orgId), types.UserStatusActive)
 	if err != nil {
 		return nil, basemodel.InternalError(fmt.Errorf("couldn't create cloud integration user: %w", err))
 	}

-	password := usertypes.MustGenerateFactorPassword(cloudIntegrationUser.ID.StringValue())
+	password := types.MustGenerateFactorPassword(cloudIntegrationUser.ID.StringValue())

 	cloudIntegrationUser, err = ah.Signoz.Modules.User.GetOrCreateUser(ctx, cloudIntegrationUser, user.WithFactorPassword(password))
 	if err != nil {
--- a/ee/query-service/rules/manager_test.go
+++ b/ee/query-service/rules/manager_test.go
@@ -80,6 +80,21 @@ func TestManager_TestNotification_SendUnmatched_ThresholdRule(t *testing.T) {
 					alertDataRows := cmock.NewRows(cols, tc.Values)

 					mock := telemetryStore.Mock()
+					// Mock metadata queries for FetchTemporalityAndTypeMulti
+					// First query: fetchMetricsTemporalityAndType (from signoz_metrics time series table)
+					metadataCols := []cmock.ColumnType{
+						{Name: "metric_name", Type: "String"},
+						{Name: "temporality", Type: "String"},
+						{Name: "type", Type: "String"},
+						{Name: "is_monotonic", Type: "Bool"},
+					}
+					metadataRows := cmock.NewRows(metadataCols, [][]any{
+						{"probe_success", metrictypes.Unspecified, metrictypes.GaugeType, false},
+					})
+					mock.ExpectQuery("*distributed_time_series_v4*").WithArgs(nil, nil, nil).WillReturnRows(metadataRows)
+					// Second query: fetchMeterSourceMetricsTemporalityAndType (from signoz_meter table)
+					emptyMetadataRows := cmock.NewRows(metadataCols, [][]any{})
+					mock.ExpectQuery("*meter*").WithArgs(nil).WillReturnRows(emptyMetadataRows)

 					// Generate query arguments for the metric query
 					evalTime := time.Now().UTC()
--- a/ee/sqlschema/postgressqlschema/provider.go
+++ b/ee/sqlschema/postgressqlschema/provider.go
@@ -223,7 +223,8 @@ SELECT
    i.indisunique AS unique,
    i.indisprimary AS primary,
    a.attname AS column_name,
-    array_position(i.indkey, a.attnum) AS column_position
+    array_position(i.indkey, a.attnum) AS column_position,
+    pg_get_expr(i.indpred, i.indrelid) AS predicate
 FROM
    pg_index i
    LEFT JOIN pg_class ct ON ct.oid = i.indrelid
@@ -246,7 +247,12 @@ ORDER BY index_name, column_position`, string(name))
 		}
 	}()

-	uniqueIndicesMap := make(map[string]*sqlschema.UniqueIndex)
+	type indexEntry struct {
+		columns   []sqlschema.ColumnName
+		predicate *string
+	}
+
+	uniqueIndicesMap := make(map[string]*indexEntry)
 	for rows.Next() {
 		var (
 			tableName  string
@@ -256,30 +262,50 @@ ORDER BY index_name, column_position`, string(name))
 			columnName string
 			// starts from 0 and is unused in this function, this is to ensure that the column names are in the correct order
 			columnPosition int
+			predicate      *string
 		)

-		if err := rows.Scan(&tableName, &indexName, &unique, &primary, &columnName, &columnPosition); err != nil {
+		if err := rows.Scan(&tableName, &indexName, &unique, &primary, &columnName, &columnPosition, &predicate); err != nil {
 			return nil, err
 		}

 		if unique {
 			if _, ok := uniqueIndicesMap[indexName]; !ok {
-				uniqueIndicesMap[indexName] = &sqlschema.UniqueIndex{
-					TableName:   name,
-					ColumnNames: []sqlschema.ColumnName{sqlschema.ColumnName(columnName)},
+				uniqueIndicesMap[indexName] = &indexEntry{
+					columns:   []sqlschema.ColumnName{sqlschema.ColumnName(columnName)},
+					predicate: predicate,
 				}
 			} else {
-				uniqueIndicesMap[indexName].ColumnNames = append(uniqueIndicesMap[indexName].ColumnNames, sqlschema.ColumnName(columnName))
+				uniqueIndicesMap[indexName].columns = append(uniqueIndicesMap[indexName].columns, sqlschema.ColumnName(columnName))
 			}
 		}
 	}

 	indices := make([]sqlschema.Index, 0)
-	for indexName, index := range uniqueIndicesMap {
-		if index.Name() == indexName {
-			indices = append(indices, index)
+	for indexName, entry := range uniqueIndicesMap {
+		if entry.predicate != nil {
+			index := &sqlschema.PartialUniqueIndex{
+				TableName:   name,
+				ColumnNames: entry.columns,
+				Where:       *entry.predicate,
+			}
+
+			if index.Name() == indexName {
+				indices = append(indices, index)
+			} else {
+				indices = append(indices, index.Named(indexName))
+			}
 		} else {
-			indices = append(indices, index.Named(indexName))
+			index := &sqlschema.UniqueIndex{
+				TableName:   name,
+				ColumnNames: entry.columns,
+			}
+
+			if index.Name() == indexName {
+				indices = append(indices, index)
+			} else {
+				indices = append(indices, index.Named(indexName))
+			}
 		}
 	}

--- a/frontend/package.json
+++ b/frontend/package.json
@@ -11,6 +11,7 @@
    "prettify": "prettier --write .",
    "fmt": "prettier --check .",
    "lint": "eslint ./src",
+    "lint:generated": "eslint ./src/api/generated --fix",
    "lint:fix": "eslint ./src --fix",
    "jest": "jest",
    "jest:coverage": "jest --coverage",
@@ -283,4 +284,4 @@
    "tmp": "0.2.4",
    "vite": "npm:rolldown-vite@7.3.1"
  }
-}
+}
--- a/frontend/scripts/post-types-generation.sh
+++ b/frontend/scripts/post-types-generation.sh
@@ -25,7 +25,7 @@ echo "\n✅ Prettier formatting successful"

 # Fix linting issues
 echo "\n\n---\nRunning eslint...\n"
-if ! yarn lint --fix --quiet src/api/generated; then
+if ! yarn lint:generated; then
  echo "ESLint check failed! Please fix linting errors before proceeding."
  exit 1
 fi
--- a/frontend/src/api/generated/services/sigNoz.schemas.ts
+++ b/frontend/src/api/generated/services/sigNoz.schemas.ts
@@ -2330,59 +2330,7 @@ export interface TelemetrytypesTelemetryFieldValuesDTO {
 	stringValues?: string[];
 }

-export interface TypesGettableGlobalConfigDTO {
-	/**
-	 * @type string
-	 */
-	external_url?: string;
-	/**
-	 * @type string
-	 */
-	ingestion_url?: string;
-}
-
-export interface TypesIdentifiableDTO {
-	/**
-	 * @type string
-	 */
-	id: string;
-}
-
-export interface TypesOrganizationDTO {
-	/**
-	 * @type string
-	 */
-	alias?: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	displayName?: string;
-	/**
-	 * @type string
-	 */
-	id: string;
-	/**
-	 * @type integer
-	 * @minimum 0
-	 */
-	key?: number;
-	/**
-	 * @type string
-	 */
-	name?: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-}
-
-export interface UsertypesChangePasswordRequestDTO {
+export interface TypesChangePasswordRequestDTO {
 	/**
 	 * @type string
 	 */
@@ -2397,7 +2345,7 @@ export interface UsertypesChangePasswordRequestDTO {
 	userId?: string;
 }

-export interface UsertypesGettableAPIKeyDTO {
+export interface TypesGettableAPIKeyDTO {
 	/**
 	 * @type string
 	 * @format date-time
@@ -2407,7 +2355,7 @@ export interface UsertypesGettableAPIKeyDTO {
 	 * @type string
 	 */
 	createdBy?: string;
-	createdByUser?: UsertypesUserDTO;
+	createdByUser?: TypesUserDTO;
 	/**
 	 * @type integer
 	 * @format int64
@@ -2447,14 +2395,32 @@ export interface UsertypesGettableAPIKeyDTO {
 	 * @type string
 	 */
 	updatedBy?: string;
-	updatedByUser?: UsertypesUserDTO;
+	updatedByUser?: TypesUserDTO;
 	/**
 	 * @type string
 	 */
 	userId?: string;
 }

-export interface UsertypesInviteDTO {
+export interface TypesGettableGlobalConfigDTO {
+	/**
+	 * @type string
+	 */
+	external_url?: string;
+	/**
+	 * @type string
+	 */
+	ingestion_url?: string;
+}
+
+export interface TypesIdentifiableDTO {
+	/**
+	 * @type string
+	 */
+	id: string;
+}
+
+export interface TypesInviteDTO {
 	/**
 	 * @type string
 	 * @format date-time
@@ -2495,7 +2461,41 @@ export interface UsertypesInviteDTO {
 	updatedAt?: Date;
 }

-export interface UsertypesPostableAPIKeyDTO {
+export interface TypesOrganizationDTO {
+	/**
+	 * @type string
+	 */
+	alias?: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: Date;
+	/**
+	 * @type string
+	 */
+	displayName?: string;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type integer
+	 * @minimum 0
+	 */
+	key?: number;
+	/**
+	 * @type string
+	 */
+	name?: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: Date;
+}
+
+export interface TypesPostableAPIKeyDTO {
 	/**
 	 * @type integer
 	 * @format int64
@@ -2511,7 +2511,7 @@ export interface UsertypesPostableAPIKeyDTO {
 	role?: string;
 }

-export interface UsertypesPostableAcceptInviteDTO {
+export interface TypesPostableAcceptInviteDTO {
 	/**
 	 * @type string
 	 */
@@ -2530,14 +2530,14 @@ export interface UsertypesPostableAcceptInviteDTO {
 	token?: string;
 }

-export interface UsertypesPostableBulkInviteRequestDTO {
+export interface TypesPostableBulkInviteRequestDTO {
 	/**
 	 * @type array
 	 */
-	invites: UsertypesPostableInviteDTO[];
+	invites: TypesPostableInviteDTO[];
 }

-export interface UsertypesPostableForgotPasswordDTO {
+export interface TypesPostableForgotPasswordDTO {
 	/**
 	 * @type string
 	 */
@@ -2552,7 +2552,7 @@ export interface UsertypesPostableForgotPasswordDTO {
 	orgId: string;
 }

-export interface UsertypesPostableInviteDTO {
+export interface TypesPostableInviteDTO {
 	/**
 	 * @type string
 	 */
@@ -2571,7 +2571,7 @@ export interface UsertypesPostableInviteDTO {
 	role?: string;
 }

-export interface UsertypesPostableResetPasswordDTO {
+export interface TypesPostableResetPasswordDTO {
 	/**
 	 * @type string
 	 */
@@ -2582,7 +2582,7 @@ export interface UsertypesPostableResetPasswordDTO {
 	token?: string;
 }

-export interface UsertypesResetPasswordTokenDTO {
+export interface TypesResetPasswordTokenDTO {
 	/**
 	 * @type string
 	 * @format date-time
@@ -2602,7 +2602,7 @@ export interface UsertypesResetPasswordTokenDTO {
 	token?: string;
 }

-export interface UsertypesStorableAPIKeyDTO {
+export interface TypesStorableAPIKeyDTO {
 	/**
 	 * @type string
 	 * @format date-time
@@ -2647,7 +2647,7 @@ export interface UsertypesStorableAPIKeyDTO {
 	userId?: string;
 }

-export interface UsertypesUserDTO {
+export interface TypesUserDTO {
 	/**
 	 * @type string
 	 * @format date-time
@@ -3018,7 +3018,7 @@ export type GetResetPasswordTokenPathParameters = {
 	id: string;
 };
 export type GetResetPasswordToken200 = {
-	data: UsertypesResetPasswordTokenDTO;
+	data: TypesResetPasswordTokenDTO;
 	/**
 	 * @type string
 	 */
@@ -3037,7 +3037,7 @@ export type ListInvite200 = {
 	/**
 	 * @type array
 	 */
-	data: UsertypesInviteDTO[];
+	data: TypesInviteDTO[];
 	/**
 	 * @type string
 	 */
@@ -3045,7 +3045,7 @@ export type ListInvite200 = {
 };

 export type CreateInvite201 = {
-	data: UsertypesInviteDTO;
+	data: TypesInviteDTO;
 	/**
 	 * @type string
 	 */
@@ -3059,7 +3059,7 @@ export type GetInvitePathParameters = {
 	token: string;
 };
 export type GetInvite200 = {
-	data: UsertypesInviteDTO;
+	data: TypesInviteDTO;
 	/**
 	 * @type string
 	 */
@@ -3067,7 +3067,7 @@ export type GetInvite200 = {
 };

 export type AcceptInvite201 = {
-	data: UsertypesUserDTO;
+	data: TypesUserDTO;
 	/**
 	 * @type string
 	 */
@@ -3115,7 +3115,7 @@ export type ListAPIKeys200 = {
 	/**
 	 * @type array
 	 */
-	data: UsertypesGettableAPIKeyDTO[];
+	data: TypesGettableAPIKeyDTO[];
 	/**
 	 * @type string
 	 */
@@ -3123,7 +3123,7 @@ export type ListAPIKeys200 = {
 };

 export type CreateAPIKey201 = {
-	data: UsertypesGettableAPIKeyDTO;
+	data: TypesGettableAPIKeyDTO;
 	/**
 	 * @type string
 	 */
@@ -3290,7 +3290,7 @@ export type ListUsers200 = {
 	/**
 	 * @type array
 	 */
-	data: UsertypesUserDTO[];
+	data: TypesUserDTO[];
 	/**
 	 * @type string
 	 */
@@ -3304,7 +3304,7 @@ export type GetUserPathParameters = {
 	id: string;
 };
 export type GetUser200 = {
-	data: UsertypesUserDTO;
+	data: TypesUserDTO;
 	/**
 	 * @type string
 	 */
@@ -3315,7 +3315,7 @@ export type UpdateUserPathParameters = {
 	id: string;
 };
 export type UpdateUser200 = {
-	data: UsertypesUserDTO;
+	data: TypesUserDTO;
 	/**
 	 * @type string
 	 */
@@ -3323,7 +3323,7 @@ export type UpdateUser200 = {
 };

 export type GetMyUser200 = {
-	data: UsertypesUserDTO;
+	data: TypesUserDTO;
 	/**
 	 * @type string
 	 */
--- a/frontend/src/api/generated/services/users/index.ts
+++ b/frontend/src/api/generated/services/users/index.ts
@@ -38,18 +38,18 @@ import type {
 	ListUsers200,
 	RenderErrorResponseDTO,
 	RevokeAPIKeyPathParameters,
+	TypesChangePasswordRequestDTO,
+	TypesPostableAcceptInviteDTO,
+	TypesPostableAPIKeyDTO,
+	TypesPostableBulkInviteRequestDTO,
+	TypesPostableForgotPasswordDTO,
+	TypesPostableInviteDTO,
+	TypesPostableResetPasswordDTO,
+	TypesStorableAPIKeyDTO,
+	TypesUserDTO,
 	UpdateAPIKeyPathParameters,
 	UpdateUser200,
 	UpdateUserPathParameters,
-	UsertypesChangePasswordRequestDTO,
-	UsertypesPostableAcceptInviteDTO,
-	UsertypesPostableAPIKeyDTO,
-	UsertypesPostableBulkInviteRequestDTO,
-	UsertypesPostableForgotPasswordDTO,
-	UsertypesPostableInviteDTO,
-	UsertypesPostableResetPasswordDTO,
-	UsertypesStorableAPIKeyDTO,
-	UsertypesUserDTO,
 } from '../sigNoz.schemas';

 /**
@@ -58,14 +58,14 @@ import type {
 */
 export const changePassword = (
 	{ id }: ChangePasswordPathParameters,
-	usertypesChangePasswordRequestDTO: BodyType<UsertypesChangePasswordRequestDTO>,
+	typesChangePasswordRequestDTO: BodyType<TypesChangePasswordRequestDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<void>({
 		url: `/api/v1/changePassword/${id}`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesChangePasswordRequestDTO,
+		data: typesChangePasswordRequestDTO,
 		signal,
 	});
 };
@@ -79,7 +79,7 @@ export const getChangePasswordMutationOptions = <
 		TError,
 		{
 			pathParams: ChangePasswordPathParameters;
-			data: BodyType<UsertypesChangePasswordRequestDTO>;
+			data: BodyType<TypesChangePasswordRequestDTO>;
 		},
 		TContext
 	>;
@@ -88,7 +88,7 @@ export const getChangePasswordMutationOptions = <
 	TError,
 	{
 		pathParams: ChangePasswordPathParameters;
-		data: BodyType<UsertypesChangePasswordRequestDTO>;
+		data: BodyType<TypesChangePasswordRequestDTO>;
 	},
 	TContext
 > => {
@@ -105,7 +105,7 @@ export const getChangePasswordMutationOptions = <
 		Awaited<ReturnType<typeof changePassword>>,
 		{
 			pathParams: ChangePasswordPathParameters;
-			data: BodyType<UsertypesChangePasswordRequestDTO>;
+			data: BodyType<TypesChangePasswordRequestDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -119,7 +119,7 @@ export const getChangePasswordMutationOptions = <
 export type ChangePasswordMutationResult = NonNullable<
 	Awaited<ReturnType<typeof changePassword>>
 >;
-export type ChangePasswordMutationBody = BodyType<UsertypesChangePasswordRequestDTO>;
+export type ChangePasswordMutationBody = BodyType<TypesChangePasswordRequestDTO>;
 export type ChangePasswordMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -134,7 +134,7 @@ export const useChangePassword = <
 		TError,
 		{
 			pathParams: ChangePasswordPathParameters;
-			data: BodyType<UsertypesChangePasswordRequestDTO>;
+			data: BodyType<TypesChangePasswordRequestDTO>;
 		},
 		TContext
 	>;
@@ -143,7 +143,7 @@ export const useChangePassword = <
 	TError,
 	{
 		pathParams: ChangePasswordPathParameters;
-		data: BodyType<UsertypesChangePasswordRequestDTO>;
+		data: BodyType<TypesChangePasswordRequestDTO>;
 	},
 	TContext
 > => {
@@ -338,14 +338,14 @@ export const invalidateListInvite = async (
 * @summary Create invite
 */
 export const createInvite = (
-	usertypesPostableInviteDTO: BodyType<UsertypesPostableInviteDTO>,
+	typesPostableInviteDTO: BodyType<TypesPostableInviteDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<CreateInvite201>({
 		url: `/api/v1/invite`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableInviteDTO,
+		data: typesPostableInviteDTO,
 		signal,
 	});
 };
@@ -357,13 +357,13 @@ export const getCreateInviteMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableInviteDTO> },
+		{ data: BodyType<TypesPostableInviteDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableInviteDTO> },
+	{ data: BodyType<TypesPostableInviteDTO> },
 	TContext
 > => {
 	const mutationKey = ['createInvite'];
@@ -377,7 +377,7 @@ export const getCreateInviteMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createInvite>>,
-		{ data: BodyType<UsertypesPostableInviteDTO> }
+		{ data: BodyType<TypesPostableInviteDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -390,7 +390,7 @@ export const getCreateInviteMutationOptions = <
 export type CreateInviteMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createInvite>>
 >;
-export type CreateInviteMutationBody = BodyType<UsertypesPostableInviteDTO>;
+export type CreateInviteMutationBody = BodyType<TypesPostableInviteDTO>;
 export type CreateInviteMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -403,13 +403,13 @@ export const useCreateInvite = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableInviteDTO> },
+		{ data: BodyType<TypesPostableInviteDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableInviteDTO> },
+	{ data: BodyType<TypesPostableInviteDTO> },
 	TContext
 > => {
 	const mutationOptions = getCreateInviteMutationOptions(options);
@@ -589,14 +589,14 @@ export const invalidateGetInvite = async (
 * @summary Accept invite
 */
 export const acceptInvite = (
-	usertypesPostableAcceptInviteDTO: BodyType<UsertypesPostableAcceptInviteDTO>,
+	typesPostableAcceptInviteDTO: BodyType<TypesPostableAcceptInviteDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<AcceptInvite201>({
 		url: `/api/v1/invite/accept`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableAcceptInviteDTO,
+		data: typesPostableAcceptInviteDTO,
 		signal,
 	});
 };
@@ -608,13 +608,13 @@ export const getAcceptInviteMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof acceptInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableAcceptInviteDTO> },
+		{ data: BodyType<TypesPostableAcceptInviteDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof acceptInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableAcceptInviteDTO> },
+	{ data: BodyType<TypesPostableAcceptInviteDTO> },
 	TContext
 > => {
 	const mutationKey = ['acceptInvite'];
@@ -628,7 +628,7 @@ export const getAcceptInviteMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof acceptInvite>>,
-		{ data: BodyType<UsertypesPostableAcceptInviteDTO> }
+		{ data: BodyType<TypesPostableAcceptInviteDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -641,7 +641,7 @@ export const getAcceptInviteMutationOptions = <
 export type AcceptInviteMutationResult = NonNullable<
 	Awaited<ReturnType<typeof acceptInvite>>
 >;
-export type AcceptInviteMutationBody = BodyType<UsertypesPostableAcceptInviteDTO>;
+export type AcceptInviteMutationBody = BodyType<TypesPostableAcceptInviteDTO>;
 export type AcceptInviteMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -654,13 +654,13 @@ export const useAcceptInvite = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof acceptInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableAcceptInviteDTO> },
+		{ data: BodyType<TypesPostableAcceptInviteDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof acceptInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableAcceptInviteDTO> },
+	{ data: BodyType<TypesPostableAcceptInviteDTO> },
 	TContext
 > => {
 	const mutationOptions = getAcceptInviteMutationOptions(options);
@@ -672,14 +672,14 @@ export const useAcceptInvite = <
 * @summary Create bulk invite
 */
 export const createBulkInvite = (
-	usertypesPostableBulkInviteRequestDTO: BodyType<UsertypesPostableBulkInviteRequestDTO>,
+	typesPostableBulkInviteRequestDTO: BodyType<TypesPostableBulkInviteRequestDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<void>({
 		url: `/api/v1/invite/bulk`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableBulkInviteRequestDTO,
+		data: typesPostableBulkInviteRequestDTO,
 		signal,
 	});
 };
@@ -691,13 +691,13 @@ export const getCreateBulkInviteMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createBulkInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableBulkInviteRequestDTO> },
+		{ data: BodyType<TypesPostableBulkInviteRequestDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createBulkInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableBulkInviteRequestDTO> },
+	{ data: BodyType<TypesPostableBulkInviteRequestDTO> },
 	TContext
 > => {
 	const mutationKey = ['createBulkInvite'];
@@ -711,7 +711,7 @@ export const getCreateBulkInviteMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createBulkInvite>>,
-		{ data: BodyType<UsertypesPostableBulkInviteRequestDTO> }
+		{ data: BodyType<TypesPostableBulkInviteRequestDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -724,7 +724,7 @@ export const getCreateBulkInviteMutationOptions = <
 export type CreateBulkInviteMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createBulkInvite>>
 >;
-export type CreateBulkInviteMutationBody = BodyType<UsertypesPostableBulkInviteRequestDTO>;
+export type CreateBulkInviteMutationBody = BodyType<TypesPostableBulkInviteRequestDTO>;
 export type CreateBulkInviteMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -737,13 +737,13 @@ export const useCreateBulkInvite = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createBulkInvite>>,
 		TError,
-		{ data: BodyType<UsertypesPostableBulkInviteRequestDTO> },
+		{ data: BodyType<TypesPostableBulkInviteRequestDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createBulkInvite>>,
 	TError,
-	{ data: BodyType<UsertypesPostableBulkInviteRequestDTO> },
+	{ data: BodyType<TypesPostableBulkInviteRequestDTO> },
 	TContext
 > => {
 	const mutationOptions = getCreateBulkInviteMutationOptions(options);
@@ -841,14 +841,14 @@ export const invalidateListAPIKeys = async (
 * @summary Create api key
 */
 export const createAPIKey = (
-	usertypesPostableAPIKeyDTO: BodyType<UsertypesPostableAPIKeyDTO>,
+	typesPostableAPIKeyDTO: BodyType<TypesPostableAPIKeyDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<CreateAPIKey201>({
 		url: `/api/v1/pats`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableAPIKeyDTO,
+		data: typesPostableAPIKeyDTO,
 		signal,
 	});
 };
@@ -860,13 +860,13 @@ export const getCreateAPIKeyMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createAPIKey>>,
 		TError,
-		{ data: BodyType<UsertypesPostableAPIKeyDTO> },
+		{ data: BodyType<TypesPostableAPIKeyDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createAPIKey>>,
 	TError,
-	{ data: BodyType<UsertypesPostableAPIKeyDTO> },
+	{ data: BodyType<TypesPostableAPIKeyDTO> },
 	TContext
 > => {
 	const mutationKey = ['createAPIKey'];
@@ -880,7 +880,7 @@ export const getCreateAPIKeyMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createAPIKey>>,
-		{ data: BodyType<UsertypesPostableAPIKeyDTO> }
+		{ data: BodyType<TypesPostableAPIKeyDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -893,7 +893,7 @@ export const getCreateAPIKeyMutationOptions = <
 export type CreateAPIKeyMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createAPIKey>>
 >;
-export type CreateAPIKeyMutationBody = BodyType<UsertypesPostableAPIKeyDTO>;
+export type CreateAPIKeyMutationBody = BodyType<TypesPostableAPIKeyDTO>;
 export type CreateAPIKeyMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -906,13 +906,13 @@ export const useCreateAPIKey = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createAPIKey>>,
 		TError,
-		{ data: BodyType<UsertypesPostableAPIKeyDTO> },
+		{ data: BodyType<TypesPostableAPIKeyDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createAPIKey>>,
 	TError,
-	{ data: BodyType<UsertypesPostableAPIKeyDTO> },
+	{ data: BodyType<TypesPostableAPIKeyDTO> },
 	TContext
 > => {
 	const mutationOptions = getCreateAPIKeyMutationOptions(options);
@@ -1002,13 +1002,13 @@ export const useRevokeAPIKey = <
 */
 export const updateAPIKey = (
 	{ id }: UpdateAPIKeyPathParameters,
-	usertypesStorableAPIKeyDTO: BodyType<UsertypesStorableAPIKeyDTO>,
+	typesStorableAPIKeyDTO: BodyType<TypesStorableAPIKeyDTO>,
 ) => {
 	return GeneratedAPIInstance<string>({
 		url: `/api/v1/pats/${id}`,
 		method: 'PUT',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesStorableAPIKeyDTO,
+		data: typesStorableAPIKeyDTO,
 	});
 };

@@ -1021,7 +1021,7 @@ export const getUpdateAPIKeyMutationOptions = <
 		TError,
 		{
 			pathParams: UpdateAPIKeyPathParameters;
-			data: BodyType<UsertypesStorableAPIKeyDTO>;
+			data: BodyType<TypesStorableAPIKeyDTO>;
 		},
 		TContext
 	>;
@@ -1030,7 +1030,7 @@ export const getUpdateAPIKeyMutationOptions = <
 	TError,
 	{
 		pathParams: UpdateAPIKeyPathParameters;
-		data: BodyType<UsertypesStorableAPIKeyDTO>;
+		data: BodyType<TypesStorableAPIKeyDTO>;
 	},
 	TContext
 > => {
@@ -1047,7 +1047,7 @@ export const getUpdateAPIKeyMutationOptions = <
 		Awaited<ReturnType<typeof updateAPIKey>>,
 		{
 			pathParams: UpdateAPIKeyPathParameters;
-			data: BodyType<UsertypesStorableAPIKeyDTO>;
+			data: BodyType<TypesStorableAPIKeyDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -1061,7 +1061,7 @@ export const getUpdateAPIKeyMutationOptions = <
 export type UpdateAPIKeyMutationResult = NonNullable<
 	Awaited<ReturnType<typeof updateAPIKey>>
 >;
-export type UpdateAPIKeyMutationBody = BodyType<UsertypesStorableAPIKeyDTO>;
+export type UpdateAPIKeyMutationBody = BodyType<TypesStorableAPIKeyDTO>;
 export type UpdateAPIKeyMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -1076,7 +1076,7 @@ export const useUpdateAPIKey = <
 		TError,
 		{
 			pathParams: UpdateAPIKeyPathParameters;
-			data: BodyType<UsertypesStorableAPIKeyDTO>;
+			data: BodyType<TypesStorableAPIKeyDTO>;
 		},
 		TContext
 	>;
@@ -1085,7 +1085,7 @@ export const useUpdateAPIKey = <
 	TError,
 	{
 		pathParams: UpdateAPIKeyPathParameters;
-		data: BodyType<UsertypesStorableAPIKeyDTO>;
+		data: BodyType<TypesStorableAPIKeyDTO>;
 	},
 	TContext
 > => {
@@ -1098,14 +1098,14 @@ export const useUpdateAPIKey = <
 * @summary Reset password
 */
 export const resetPassword = (
-	usertypesPostableResetPasswordDTO: BodyType<UsertypesPostableResetPasswordDTO>,
+	typesPostableResetPasswordDTO: BodyType<TypesPostableResetPasswordDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<void>({
 		url: `/api/v1/resetPassword`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableResetPasswordDTO,
+		data: typesPostableResetPasswordDTO,
 		signal,
 	});
 };
@@ -1117,13 +1117,13 @@ export const getResetPasswordMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof resetPassword>>,
 		TError,
-		{ data: BodyType<UsertypesPostableResetPasswordDTO> },
+		{ data: BodyType<TypesPostableResetPasswordDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof resetPassword>>,
 	TError,
-	{ data: BodyType<UsertypesPostableResetPasswordDTO> },
+	{ data: BodyType<TypesPostableResetPasswordDTO> },
 	TContext
 > => {
 	const mutationKey = ['resetPassword'];
@@ -1137,7 +1137,7 @@ export const getResetPasswordMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof resetPassword>>,
-		{ data: BodyType<UsertypesPostableResetPasswordDTO> }
+		{ data: BodyType<TypesPostableResetPasswordDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -1150,7 +1150,7 @@ export const getResetPasswordMutationOptions = <
 export type ResetPasswordMutationResult = NonNullable<
 	Awaited<ReturnType<typeof resetPassword>>
 >;
-export type ResetPasswordMutationBody = BodyType<UsertypesPostableResetPasswordDTO>;
+export type ResetPasswordMutationBody = BodyType<TypesPostableResetPasswordDTO>;
 export type ResetPasswordMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -1163,13 +1163,13 @@ export const useResetPassword = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof resetPassword>>,
 		TError,
-		{ data: BodyType<UsertypesPostableResetPasswordDTO> },
+		{ data: BodyType<TypesPostableResetPasswordDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof resetPassword>>,
 	TError,
-	{ data: BodyType<UsertypesPostableResetPasswordDTO> },
+	{ data: BodyType<TypesPostableResetPasswordDTO> },
 	TContext
 > => {
 	const mutationOptions = getResetPasswordMutationOptions(options);
@@ -1428,13 +1428,13 @@ export const invalidateGetUser = async (
 */
 export const updateUser = (
 	{ id }: UpdateUserPathParameters,
-	usertypesUserDTO: BodyType<UsertypesUserDTO>,
+	typesUserDTO: BodyType<TypesUserDTO>,
 ) => {
 	return GeneratedAPIInstance<UpdateUser200>({
 		url: `/api/v1/user/${id}`,
 		method: 'PUT',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesUserDTO,
+		data: typesUserDTO,
 	});
 };

@@ -1445,13 +1445,13 @@ export const getUpdateUserMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof updateUser>>,
 		TError,
-		{ pathParams: UpdateUserPathParameters; data: BodyType<UsertypesUserDTO> },
+		{ pathParams: UpdateUserPathParameters; data: BodyType<TypesUserDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof updateUser>>,
 	TError,
-	{ pathParams: UpdateUserPathParameters; data: BodyType<UsertypesUserDTO> },
+	{ pathParams: UpdateUserPathParameters; data: BodyType<TypesUserDTO> },
 	TContext
 > => {
 	const mutationKey = ['updateUser'];
@@ -1465,7 +1465,7 @@ export const getUpdateUserMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof updateUser>>,
-		{ pathParams: UpdateUserPathParameters; data: BodyType<UsertypesUserDTO> }
+		{ pathParams: UpdateUserPathParameters; data: BodyType<TypesUserDTO> }
 	> = (props) => {
 		const { pathParams, data } = props ?? {};

@@ -1478,7 +1478,7 @@ export const getUpdateUserMutationOptions = <
 export type UpdateUserMutationResult = NonNullable<
 	Awaited<ReturnType<typeof updateUser>>
 >;
-export type UpdateUserMutationBody = BodyType<UsertypesUserDTO>;
+export type UpdateUserMutationBody = BodyType<TypesUserDTO>;
 export type UpdateUserMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -1491,13 +1491,13 @@ export const useUpdateUser = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof updateUser>>,
 		TError,
-		{ pathParams: UpdateUserPathParameters; data: BodyType<UsertypesUserDTO> },
+		{ pathParams: UpdateUserPathParameters; data: BodyType<TypesUserDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof updateUser>>,
 	TError,
-	{ pathParams: UpdateUserPathParameters; data: BodyType<UsertypesUserDTO> },
+	{ pathParams: UpdateUserPathParameters; data: BodyType<TypesUserDTO> },
 	TContext
 > => {
 	const mutationOptions = getUpdateUserMutationOptions(options);
@@ -1587,14 +1587,14 @@ export const invalidateGetMyUser = async (
 * @summary Forgot password
 */
 export const forgotPassword = (
-	usertypesPostableForgotPasswordDTO: BodyType<UsertypesPostableForgotPasswordDTO>,
+	typesPostableForgotPasswordDTO: BodyType<TypesPostableForgotPasswordDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<void>({
 		url: `/api/v2/factor_password/forgot`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: usertypesPostableForgotPasswordDTO,
+		data: typesPostableForgotPasswordDTO,
 		signal,
 	});
 };
@@ -1606,13 +1606,13 @@ export const getForgotPasswordMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof forgotPassword>>,
 		TError,
-		{ data: BodyType<UsertypesPostableForgotPasswordDTO> },
+		{ data: BodyType<TypesPostableForgotPasswordDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof forgotPassword>>,
 	TError,
-	{ data: BodyType<UsertypesPostableForgotPasswordDTO> },
+	{ data: BodyType<TypesPostableForgotPasswordDTO> },
 	TContext
 > => {
 	const mutationKey = ['forgotPassword'];
@@ -1626,7 +1626,7 @@ export const getForgotPasswordMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof forgotPassword>>,
-		{ data: BodyType<UsertypesPostableForgotPasswordDTO> }
+		{ data: BodyType<TypesPostableForgotPasswordDTO> }
 	> = (props) => {
 		const { data } = props ?? {};

@@ -1639,7 +1639,7 @@ export const getForgotPasswordMutationOptions = <
 export type ForgotPasswordMutationResult = NonNullable<
 	Awaited<ReturnType<typeof forgotPassword>>
 >;
-export type ForgotPasswordMutationBody = BodyType<UsertypesPostableForgotPasswordDTO>;
+export type ForgotPasswordMutationBody = BodyType<TypesPostableForgotPasswordDTO>;
 export type ForgotPasswordMutationError = ErrorType<RenderErrorResponseDTO>;

 /**
@@ -1652,13 +1652,13 @@ export const useForgotPassword = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof forgotPassword>>,
 		TError,
-		{ data: BodyType<UsertypesPostableForgotPasswordDTO> },
+		{ data: BodyType<TypesPostableForgotPasswordDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof forgotPassword>>,
 	TError,
-	{ data: BodyType<UsertypesPostableForgotPasswordDTO> },
+	{ data: BodyType<TypesPostableForgotPasswordDTO> },
 	TContext
 > => {
 	const mutationOptions = getForgotPasswordMutationOptions(options);
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -1,9 +1,8 @@
 import { sentryVitePlugin } from '@sentry/vite-plugin';
 import react from '@vitejs/plugin-react';
-import { readFileSync } from 'fs';
 import { resolve } from 'path';
 import { visualizer } from 'rollup-plugin-visualizer';
-import type { Plugin, UserConfig } from 'vite';
+import type { Plugin, TransformResult, UserConfig } from 'vite';
 import { defineConfig, loadEnv } from 'vite';
 import vitePluginChecker from 'vite-plugin-checker';
 import viteCompression from 'vite-plugin-compression';
@@ -14,15 +13,14 @@ import tsconfigPaths from 'vite-tsconfig-paths';
 function rawMarkdownPlugin(): Plugin {
 	return {
 		name: 'raw-markdown',
-		transform(_, id): any {
-			if (id.endsWith('.md')) {
-				const content = readFileSync(id, 'utf-8');
-				return {
-					code: `export default ${JSON.stringify(content)};`,
-					map: null,
-				};
+		transform(code, id): TransformResult | undefined {
+			if (!id.endsWith('.md')) {
+				return undefined;
 			}
-			return undefined;
+			return {
+				code: `export default ${JSON.stringify(code)};`,
+				map: null,
+			};
 		},
 	};
 }
@@ -71,7 +69,7 @@ export default defineConfig(
 			);
 		}

-		if (env.NODE_ENV === 'production') {
+		if (mode === 'production') {
 			plugins.push(
 				ViteImageOptimizer({
 					jpeg: { quality: 80 },
@@ -102,22 +100,25 @@ export default defineConfig(
 			},
 			define: {
 				// TODO: Remove this in favor of import.meta.env
-				'process.env': JSON.stringify({
-					NODE_ENV: mode,
-					FRONTEND_API_ENDPOINT: env.VITE_FRONTEND_API_ENDPOINT,
-					WEBSOCKET_API_ENDPOINT: env.VITE_WEBSOCKET_API_ENDPOINT,
-					PYLON_APP_ID: env.VITE_PYLON_APP_ID,
-					PYLON_IDENTITY_SECRET: env.VITE_PYLON_IDENTITY_SECRET,
-					APPCUES_APP_ID: env.VITE_APPCUES_APP_ID,
-					POSTHOG_KEY: env.VITE_POSTHOG_KEY,
-					SENTRY_AUTH_TOKEN: env.VITE_SENTRY_AUTH_TOKEN,
-					SENTRY_ORG: env.VITE_SENTRY_ORG,
-					SENTRY_PROJECT_ID: env.VITE_SENTRY_PROJECT_ID,
-					SENTRY_DSN: env.VITE_SENTRY_DSN,
-					TUNNEL_URL: env.VITE_TUNNEL_URL,
-					TUNNEL_DOMAIN: env.VITE_TUNNEL_DOMAIN,
-					DOCS_BASE_URL: env.VITE_DOCS_BASE_URL,
-				}),
+				'process.env.NODE_ENV': JSON.stringify(mode),
+				'process.env.FRONTEND_API_ENDPOINT': JSON.stringify(
+					env.VITE_FRONTEND_API_ENDPOINT,
+				),
+				'process.env.WEBSOCKET_API_ENDPOINT': JSON.stringify(
+					env.VITE_WEBSOCKET_API_ENDPOINT,
+				),
+				'process.env.PYLON_APP_ID': JSON.stringify(env.VITE_PYLON_APP_ID),
+				'process.env.PYLON_IDENTITY_SECRET': JSON.stringify(
+					env.VITE_PYLON_IDENTITY_SECRET,
+				),
+				'process.env.APPCUES_APP_ID': JSON.stringify(env.VITE_APPCUES_APP_ID),
+				'process.env.POSTHOG_KEY': JSON.stringify(env.VITE_POSTHOG_KEY),
+				'process.env.SENTRY_ORG': JSON.stringify(env.VITE_SENTRY_ORG),
+				'process.env.SENTRY_PROJECT_ID': JSON.stringify(env.VITE_SENTRY_PROJECT_ID),
+				'process.env.SENTRY_DSN': JSON.stringify(env.VITE_SENTRY_DSN),
+				'process.env.TUNNEL_URL': JSON.stringify(env.VITE_TUNNEL_URL),
+				'process.env.TUNNEL_DOMAIN': JSON.stringify(env.VITE_TUNNEL_DOMAIN),
+				'process.env.DOCS_BASE_URL': JSON.stringify(env.VITE_DOCS_BASE_URL),
 			},
 			build: {
 				sourcemap: true,
--- a/pkg/apiserver/signozapiserver/authdomain.go
+++ b/pkg/apiserver/signozapiserver/authdomain.go
@@ -4,6 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/gorilla/mux"
 )
@@ -21,7 +22,7 @@ func (provider *provider) addAuthDomainRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -38,7 +39,7 @@ func (provider *provider) addAuthDomainRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -55,7 +56,7 @@ func (provider *provider) addAuthDomainRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -72,7 +73,7 @@ func (provider *provider) addAuthDomainRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/dashboard.go
+++ b/pkg/apiserver/signozapiserver/dashboard.go
@@ -25,7 +25,7 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -42,7 +42,7 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -59,7 +59,7 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -76,7 +76,7 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/fields.go
+++ b/pkg/apiserver/signozapiserver/fields.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/gorilla/mux"
 )
@@ -23,7 +23,7 @@ func (provider *provider) addFieldsRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -41,7 +41,7 @@ func (provider *provider) addFieldsRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/flagger.go
+++ b/pkg/apiserver/signozapiserver/flagger.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/featuretypes"
 	"github.com/gorilla/mux"
 )
@@ -22,7 +22,7 @@ func (provider *provider) addFlaggerRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/gateway.go
+++ b/pkg/apiserver/signozapiserver/gateway.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/gatewaytypes"
 	"github.com/gorilla/mux"
 )
@@ -23,7 +23,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -41,7 +41,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -58,7 +58,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -75,7 +75,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
 		return err
 	}
@@ -92,7 +92,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
@@ -109,7 +109,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -126,7 +126,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
 		return err
 	}
@@ -143,7 +143,7 @@ func (provider *provider) addGatewayRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/global.go
+++ b/pkg/apiserver/signozapiserver/global.go
@@ -5,7 +5,6 @@ import (

 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/gorilla/mux"
 )

@@ -22,7 +21,7 @@ func (provider *provider) addGlobalRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleEditor),
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/metricsexplorer.go
+++ b/pkg/apiserver/signozapiserver/metricsexplorer.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/metricsexplorertypes"
 	"github.com/gorilla/mux"
 )
@@ -25,7 +25,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -44,7 +44,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -63,7 +63,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -83,7 +83,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusNotFound, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -102,7 +102,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusNotFound, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -121,7 +121,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleEditor),
+			SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
 		})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -140,7 +140,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusNotFound, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -159,7 +159,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusNotFound, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -178,7 +178,7 @@ func (provider *provider) addMetricsExplorerRoutes(router *mux.Router) error {
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusNotFound, http.StatusInternalServerError},
 			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+			SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 		})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/org.go
+++ b/pkg/apiserver/signozapiserver/org.go
@@ -5,7 +5,6 @@ import (

 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/gorilla/mux"
 )

@@ -22,7 +21,7 @@ func (provider *provider) addOrgRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -39,7 +38,7 @@ func (provider *provider) addOrgRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusConflict, http.StatusBadRequest},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/preference.go
+++ b/pkg/apiserver/signozapiserver/preference.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/preferencetypes"
 	"github.com/gorilla/mux"
 )
@@ -22,7 +22,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -39,7 +39,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -56,7 +56,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -73,7 +73,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -90,7 +90,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -107,7 +107,7 @@ func (provider *provider) addPreferenceRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/promote.go
+++ b/pkg/apiserver/signozapiserver/promote.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/promotetypes"
 	"github.com/gorilla/mux"
 )
@@ -21,7 +21,7 @@ func (provider *provider) addPromoteRoutes(router *mux.Router) error {
 		ResponseContentType: "",
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleEditor),
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -37,7 +37,7 @@ func (provider *provider) addPromoteRoutes(router *mux.Router) error {
 		ResponseContentType: "",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/provider.go
+++ b/pkg/apiserver/signozapiserver/provider.go
@@ -22,6 +22,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/zeus"
 	"github.com/gorilla/mux"
@@ -235,7 +236,7 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 	return nil
 }

-func newSecuritySchemes(role authtypes.LegacyRole) []handler.OpenAPISecurityScheme {
+func newSecuritySchemes(role types.Role) []handler.OpenAPISecurityScheme {
 	return []handler.OpenAPISecurityScheme{
 		{Name: authtypes.IdentNProviderAPIkey.StringValue(), Scopes: []string{role.String()}},
 		{Name: authtypes.IdentNProviderTokenizer.StringValue(), Scopes: []string{role.String()}},
--- a/pkg/apiserver/signozapiserver/querier.go
+++ b/pkg/apiserver/signozapiserver/querier.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/gorilla/mux"
 )
@@ -446,7 +446,7 @@ func (provider *provider) addQuerierRoutes(router *mux.Router) error {
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -462,7 +462,7 @@ func (provider *provider) addQuerierRoutes(router *mux.Router) error {
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleViewer),
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/role.go
+++ b/pkg/apiserver/signozapiserver/role.go
@@ -22,7 +22,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -39,7 +39,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -56,7 +56,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -73,7 +73,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -90,7 +90,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
 		return err
 	}
@@ -107,7 +107,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
 		return err
 	}
@@ -124,7 +124,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/serviceaccount.go
+++ b/pkg/apiserver/signozapiserver/serviceaccount.go
@@ -5,7 +5,6 @@ import (

 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
 	"github.com/gorilla/mux"
 )
@@ -23,7 +22,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -40,7 +39,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -57,7 +56,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -74,7 +73,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -91,7 +90,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -108,7 +107,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
@@ -125,7 +124,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -142,7 +141,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -159,7 +158,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -176,7 +175,7 @@ func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/user.go
+++ b/pkg/apiserver/signozapiserver/user.go
@@ -4,8 +4,8 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/gorilla/mux"
 )

@@ -15,14 +15,14 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Create invite",
 		Description:         "This endpoint creates an invite for a user",
-		Request:             new(usertypes.PostableInvite),
+		Request:             new(types.PostableInvite),
 		RequestContentType:  "application/json",
-		Response:            new(usertypes.Invite),
+		Response:            new(types.Invite),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -32,13 +32,13 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:               []string{"users"},
 		Summary:            "Create bulk invite",
 		Description:        "This endpoint creates a bulk invite for a user",
-		Request:            new(usertypes.PostableBulkInviteRequest),
+		Request:            new(types.PostableBulkInviteRequest),
 		RequestContentType: "application/json",
 		Response:           nil,
 		SuccessStatusCode:  http.StatusCreated,
 		ErrorStatusCodes:   []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:         false,
-		SecuritySchemes:    newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:    newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -50,7 +50,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint gets an invite by token",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            new(usertypes.Invite),
+		Response:            new(types.Invite),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
@@ -72,7 +72,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
@@ -84,12 +84,12 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint lists all invites",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            make([]*usertypes.Invite, 0),
+		Response:            make([]*types.Invite, 0),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -99,9 +99,9 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Accept invite",
 		Description:         "This endpoint accepts an invite by token",
-		Request:             new(usertypes.PostableAcceptInvite),
+		Request:             new(types.PostableAcceptInvite),
 		RequestContentType:  "application/json",
-		Response:            new(usertypes.User),
+		Response:            new(types.User),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
@@ -116,14 +116,14 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Create api key",
 		Description:         "This endpoint creates an api key",
-		Request:             new(usertypes.PostableAPIKey),
+		Request:             new(types.PostableAPIKey),
 		RequestContentType:  "application/json",
-		Response:            new(usertypes.GettableAPIKey),
+		Response:            new(types.GettableAPIKey),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -135,12 +135,12 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint lists all api keys",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            make([]*usertypes.GettableAPIKey, 0),
+		Response:            make([]*types.GettableAPIKey, 0),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -150,14 +150,14 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Update api key",
 		Description:         "This endpoint updates an api key",
-		Request:             new(usertypes.StorableAPIKey),
+		Request:             new(types.StorableAPIKey),
 		RequestContentType:  "application/json",
 		Response:            nil,
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -174,7 +174,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
@@ -186,12 +186,12 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint lists all users",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            make([]*usertypes.GettableUser, 0),
+		Response:            make([]*types.GettableUser, 0),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -203,7 +203,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint returns the user I belong to",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            new(usertypes.GettableUser),
+		Response:            new(types.GettableUser),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
@@ -220,12 +220,12 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint returns the user by id",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            new(usertypes.GettableUser),
+		Response:            new(types.GettableUser),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -235,14 +235,14 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Update user",
 		Description:         "This endpoint updates the user by id",
-		Request:             new(usertypes.User),
+		Request:             new(types.User),
 		RequestContentType:  "application/json",
-		Response:            new(usertypes.GettableUser),
+		Response:            new(types.GettableUser),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -259,7 +259,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
 		return err
 	}
@@ -271,12 +271,12 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Description:         "This endpoint returns the reset password token by id",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            new(usertypes.ResetPasswordToken),
+		Response:            new(types.ResetPasswordToken),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -286,7 +286,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Reset password",
 		Description:         "This endpoint resets the password by token",
-		Request:             new(usertypes.PostableResetPassword),
+		Request:             new(types.PostableResetPassword),
 		RequestContentType:  "application/json",
 		Response:            nil,
 		ResponseContentType: "",
@@ -303,14 +303,14 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Change password",
 		Description:         "This endpoint changes the password by id",
-		Request:             new(usertypes.ChangePasswordRequest),
+		Request:             new(types.ChangePasswordRequest),
 		RequestContentType:  "application/json",
 		Response:            nil,
 		ResponseContentType: "",
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -320,7 +320,7 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		Tags:                []string{"users"},
 		Summary:             "Forgot password",
 		Description:         "This endpoint initiates the forgot password flow by sending a reset password email",
-		Request:             new(usertypes.PostableForgotPassword),
+		Request:             new(types.PostableForgotPassword),
 		RequestContentType:  "application/json",
 		Response:            nil,
 		ResponseContentType: "",
--- a/pkg/apiserver/signozapiserver/zeus.go
+++ b/pkg/apiserver/signozapiserver/zeus.go
@@ -4,7 +4,7 @@ import (
 	"net/http"

 	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/zeustypes"
 	"github.com/gorilla/mux"
 )
@@ -22,7 +22,7 @@ func (provider *provider) addZeusRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusForbidden, http.StatusNotFound, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
@@ -39,7 +39,7 @@ func (provider *provider) addZeusRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusForbidden, http.StatusNotFound},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
@@ -56,7 +56,7 @@ func (provider *provider) addZeusRoutes(router *mux.Router) error {
 		SuccessStatusCode:   http.StatusNoContent,
 		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusUnauthorized, http.StatusForbidden, http.StatusNotFound, http.StatusConflict},
 		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(authtypes.RoleAdmin),
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPut).GetError(); err != nil {
 		return err
 	}
--- a/pkg/authn/authnstore/sqlauthnstore/store.go
+++ b/pkg/authn/authnstore/sqlauthnstore/store.go
@@ -4,6 +4,7 @@ import (
 	"context"

 	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -16,6 +17,37 @@ func NewStore(sqlstore sqlstore.SQLStore) authtypes.AuthNStore {
 	return &store{sqlstore: sqlstore}
 }

+func (store *store) GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*types.User, *types.FactorPassword, error) {
+	user := new(types.User)
+	factorPassword := new(types.FactorPassword)
+
+	err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(user).
+		Where("email = ?", email).
+		Where("org_id = ?", orgID).
+		Where("status = ?", types.UserStatusActive.StringValue()).
+		Scan(ctx)
+	if err != nil {
+		return nil, nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user with email %s in org %s not found", email, orgID)
+	}
+
+	err = store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(factorPassword).
+		Where("user_id = ?", user.ID).
+		Scan(ctx)
+	if err != nil {
+		return nil, nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodePasswordNotFound, "user with email %s in org %s does not have password", email, orgID)
+	}
+
+	return user, factorPassword, nil
+}
+
 func (store *store) GetAuthDomainFromID(ctx context.Context, domainID valuer.UUID) (*authtypes.AuthDomain, error) {
 	storableAuthDomain := new(authtypes.StorableAuthDomain)

--- a/pkg/authn/passwordauthn/emailpasswordauthn/authn.go
+++ b/pkg/authn/passwordauthn/emailpasswordauthn/authn.go
@@ -5,30 +5,29 @@ import (

 	"github.com/SigNoz/signoz/pkg/authn"
 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/modules/user"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 var _ authn.PasswordAuthN = (*AuthN)(nil)

 type AuthN struct {
-	userGetter user.Getter
+	store authtypes.AuthNStore
 }

-func New(userGetter user.Getter) *AuthN {
-	return &AuthN{userGetter: userGetter}
+func New(store authtypes.AuthNStore) *AuthN {
+	return &AuthN{store: store}
 }

 func (a *AuthN) Authenticate(ctx context.Context, email string, password string, orgID valuer.UUID) (*authtypes.Identity, error) {
-	user, factorPassword, err := a.userGetter.GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx, email, orgID)
+	user, factorPassword, err := a.store.GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx, email, orgID)
 	if err != nil {
 		return nil, err
 	}

 	if !factorPassword.Equals(password) {
-		return nil, errors.New(errors.TypeUnauthenticated, usertypes.ErrCodeIncorrectPassword, "invalid email or password")
+		return nil, errors.New(errors.TypeUnauthenticated, types.ErrCodeIncorrectPassword, "invalid email or password")
 	}

 	return authtypes.NewIdentity(user.ID, orgID, user.Email, user.Role, authtypes.IdentNProviderTokenizer), nil
--- a/pkg/identn/apikeyidentn/identn.go
+++ b/pkg/identn/apikeyidentn/identn.go
@@ -9,36 +9,42 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/identn"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"golang.org/x/sync/singleflight"
 )

 // todo: will move this in types layer with service account integration
 type apiKeyTokenKey struct{}

-type resolver struct {
+type provider struct {
 	store    sqlstore.SQLStore
-	headers  []string
+	config   identn.Config
 	settings factory.ScopedProviderSettings
 	sfGroup  *singleflight.Group
 }

-func New(providerSettings factory.ProviderSettings, store sqlstore.SQLStore, headers []string) identn.IdentN {
-	return &resolver{
-		store:    store,
-		headers:  headers,
-		settings: factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/apikeyidentn"),
-		sfGroup:  &singleflight.Group{},
-	}
+func NewFactory(store sqlstore.SQLStore) factory.ProviderFactory[identn.IdentN, identn.Config] {
+	return factory.NewProviderFactory(factory.MustNewName(authtypes.IdentNProviderAPIkey.StringValue()), func(ctx context.Context, providerSettings factory.ProviderSettings, config identn.Config) (identn.IdentN, error) {
+		return New(providerSettings, store, config)
+	})
 }

-func (r *resolver) Name() authtypes.IdentNProvider {
+func New(providerSettings factory.ProviderSettings, store sqlstore.SQLStore, config identn.Config) (identn.IdentN, error) {
+	return &provider{
+		store:    store,
+		config:   config,
+		settings: factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/apikeyidentn"),
+		sfGroup:  &singleflight.Group{},
+	}, nil
+}
+
+func (provider *provider) Name() authtypes.IdentNProvider {
 	return authtypes.IdentNProviderAPIkey
 }

-func (r *resolver) Test(req *http.Request) bool {
-	for _, header := range r.headers {
+func (provider *provider) Test(req *http.Request) bool {
+	for _, header := range provider.config.APIKeyConfig.Headers {
 		if req.Header.Get(header) != "" {
 			return true
 		}
@@ -46,8 +52,12 @@ func (r *resolver) Test(req *http.Request) bool {
 	return false
 }

-func (r *resolver) Pre(req *http.Request) *http.Request {
-	token := r.extractToken(req)
+func (provider *provider) Enabled() bool {
+	return provider.config.APIKeyConfig.Enabled
+}
+
+func (provider *provider) Pre(req *http.Request) *http.Request {
+	token := provider.extractToken(req)
 	if token == "" {
 		return req
 	}
@@ -56,16 +66,16 @@ func (r *resolver) Pre(req *http.Request) *http.Request {
 	return req.WithContext(ctx)
 }

-func (r *resolver) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
+func (provider *provider) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 	ctx := req.Context()
-
 	apiKeyToken, ok := ctx.Value(apiKeyTokenKey{}).(string)
 	if !ok || apiKeyToken == "" {
 		return nil, errors.New(errors.TypeUnauthenticated, errors.CodeUnauthenticated, "missing api key")
 	}

-	var apiKey usertypes.StorableAPIKey
-	err := r.store.
+	var apiKey types.StorableAPIKey
+	err := provider.
+		store.
 		BunDB().
 		NewSelect().
 		Model(&apiKey).
@@ -75,12 +85,13 @@ func (r *resolver) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 		return nil, err
 	}

-	if apiKey.ExpiresAt.Before(time.Now()) && !apiKey.ExpiresAt.Equal(usertypes.NEVER_EXPIRES) {
+	if apiKey.ExpiresAt.Before(time.Now()) && !apiKey.ExpiresAt.Equal(types.NEVER_EXPIRES) {
 		return nil, errors.New(errors.TypeUnauthenticated, errors.CodeUnauthenticated, "api key has expired")
 	}

-	var user usertypes.User
-	err = r.store.
+	var user types.User
+	err = provider.
+		store.
 		BunDB().
 		NewSelect().
 		Model(&user).
@@ -99,30 +110,31 @@ func (r *resolver) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 	return &identity, nil
 }

-func (r *resolver) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {
+func (provider *provider) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {
 	apiKeyToken, ok := ctx.Value(apiKeyTokenKey{}).(string)
 	if !ok || apiKeyToken == "" {
 		return
 	}

-	_, _, _ = r.sfGroup.Do(apiKeyToken, func() (any, error) {
-		_, err := r.store.
+	_, _, _ = provider.sfGroup.Do(apiKeyToken, func() (any, error) {
+		_, err := provider.
+			store.
 			BunDB().
 			NewUpdate().
-			Model(new(usertypes.StorableAPIKey)).
+			Model(new(types.StorableAPIKey)).
 			Set("last_used = ?", time.Now()).
 			Where("token = ?", apiKeyToken).
 			Where("revoked = false").
 			Exec(ctx)
 		if err != nil {
-			r.settings.Logger().ErrorContext(ctx, "failed to update last used of api key", "error", err)
+			provider.settings.Logger().ErrorContext(ctx, "failed to update last used of api key", "error", err)
 		}
 		return true, nil
 	})
 }

-func (r *resolver) extractToken(req *http.Request) string {
-	for _, header := range r.headers {
+func (provider *provider) extractToken(req *http.Request) string {
+	for _, header := range provider.config.APIKeyConfig.Headers {
 		if v := req.Header.Get(header); v != "" {
 			return v
 		}
--- a/pkg/identn/config.go
+++ b/pkg/identn/config.go
@@ -0,0 +1,48 @@
+package identn
+
+import (
+	"github.com/SigNoz/signoz/pkg/factory"
+)
+
+type Config struct {
+	// Config for tokenizer identN resolver
+	Tokenizer TokenizerConfig `mapstructure:"tokenizer"`
+
+	// Config for apikey identN resolver
+	APIKeyConfig APIKeyConfig `mapstructure:"apikey"`
+}
+
+type TokenizerConfig struct {
+	// Toggles the identN resolver
+	Enabled bool `mapstructure:"enabled"`
+	// Headers to extract from incoming requests
+	Headers []string `mapstructure:"headers"`
+}
+
+type APIKeyConfig struct {
+	// Toggles the identN resolver
+	Enabled bool `mapstructure:"enabled"`
+	// Headers to extract from incoming requests
+	Headers []string `mapstructure:"headers"`
+}
+
+func NewConfigFactory() factory.ConfigFactory {
+	return factory.NewConfigFactory(factory.MustNewName("identn"), newConfig)
+}
+
+func newConfig() factory.Config {
+	return &Config{
+		Tokenizer: TokenizerConfig{
+			Enabled: true,
+			Headers: []string{"Authorization", "Sec-WebSocket-Protocol"},
+		},
+		APIKeyConfig: APIKeyConfig{
+			Enabled: true,
+			Headers: []string{"SIGNOZ-API-KEY"},
+		},
+	}
+}
+
+func (c Config) Validate() error {
+	return nil
+}
--- a/pkg/identn/identn.go
+++ b/pkg/identn/identn.go
@@ -23,6 +23,8 @@ type IdentN interface {
 	GetIdentity(r *http.Request) (*authtypes.Identity, error)

 	Name() authtypes.IdentNProvider
+
+	Enabled() bool
 }

 // IdentNWithPreHook is optionally implemented by resolvers that need to
--- a/pkg/identn/resolver.go
+++ b/pkg/identn/resolver.go
@@ -12,8 +12,16 @@ type identNResolver struct {
 }

 func NewIdentNResolver(providerSettings factory.ProviderSettings, identNs ...IdentN) IdentNResolver {
+	enabledIdentNs := []IdentN{}
+
+	for _, identN := range identNs {
+		if identN.Enabled() {
+			enabledIdentNs = append(enabledIdentNs, identN)
+		}
+	}
+
 	return &identNResolver{
-		identNs:  identNs,
+		identNs:  enabledIdentNs,
 		settings: factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn"),
 	}
 }
--- a/pkg/identn/tokenizeridentn/identn.go
+++ b/pkg/identn/tokenizeridentn/identn.go
@@ -13,28 +13,34 @@ import (
 	"golang.org/x/sync/singleflight"
 )

-type resolver struct {
+type provider struct {
 	tokenizer tokenizer.Tokenizer
-	headers   []string
+	config    identn.Config
 	settings  factory.ScopedProviderSettings
 	sfGroup   *singleflight.Group
 }

-func New(providerSettings factory.ProviderSettings, tokenizer tokenizer.Tokenizer, headers []string) identn.IdentN {
-	return &resolver{
-		tokenizer: tokenizer,
-		headers:   headers,
-		settings:  factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/tokenizeridentn"),
-		sfGroup:   &singleflight.Group{},
-	}
+func NewFactory(tokenizer tokenizer.Tokenizer) factory.ProviderFactory[identn.IdentN, identn.Config] {
+	return factory.NewProviderFactory(factory.MustNewName(authtypes.IdentNProviderTokenizer.StringValue()), func(ctx context.Context, providerSettings factory.ProviderSettings, config identn.Config) (identn.IdentN, error) {
+		return New(providerSettings, tokenizer, config)
+	})
 }

-func (r *resolver) Name() authtypes.IdentNProvider {
+func New(providerSettings factory.ProviderSettings, tokenizer tokenizer.Tokenizer, config identn.Config) (identn.IdentN, error) {
+	return &provider{
+		tokenizer: tokenizer,
+		config:    config,
+		settings:  factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/tokenizeridentn"),
+		sfGroup:   &singleflight.Group{},
+	}, nil
+}
+
+func (provider *provider) Name() authtypes.IdentNProvider {
 	return authtypes.IdentNProviderTokenizer
 }

-func (r *resolver) Test(req *http.Request) bool {
-	for _, header := range r.headers {
+func (provider *provider) Test(req *http.Request) bool {
+	for _, header := range provider.config.Tokenizer.Headers {
 		if req.Header.Get(header) != "" {
 			return true
 		}
@@ -42,8 +48,12 @@ func (r *resolver) Test(req *http.Request) bool {
 	return false
 }

-func (r *resolver) Pre(req *http.Request) *http.Request {
-	accessToken := r.extractToken(req)
+func (provider *provider) Enabled() bool {
+	return provider.config.Tokenizer.Enabled
+}
+
+func (provider *provider) Pre(req *http.Request) *http.Request {
+	accessToken := provider.extractToken(req)
 	if accessToken == "" {
 		return req
 	}
@@ -52,7 +62,7 @@ func (r *resolver) Pre(req *http.Request) *http.Request {
 	return req.WithContext(ctx)
 }

-func (r *resolver) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
+func (provider *provider) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 	ctx := req.Context()

 	accessToken, err := authtypes.AccessTokenFromContext(ctx)
@@ -60,41 +70,45 @@ func (r *resolver) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 		return nil, err
 	}

-	return r.tokenizer.GetIdentity(ctx, accessToken)
+	return provider.tokenizer.GetIdentity(ctx, accessToken)
 }

-func (r *resolver) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {
+func (provider *provider) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {
+	if !provider.config.Tokenizer.Enabled {
+		return
+	}
+
 	accessToken, err := authtypes.AccessTokenFromContext(ctx)
 	if err != nil {
 		return
 	}

-	_, _, _ = r.sfGroup.Do(accessToken, func() (any, error) {
-		if err := r.tokenizer.SetLastObservedAt(ctx, accessToken, time.Now()); err != nil {
-			r.settings.Logger().ErrorContext(ctx, "failed to set last observed at", "error", err)
+	_, _, _ = provider.sfGroup.Do(accessToken, func() (any, error) {
+		if err := provider.tokenizer.SetLastObservedAt(ctx, accessToken, time.Now()); err != nil {
+			provider.settings.Logger().ErrorContext(ctx, "failed to set last observed at", "error", err)
 			return false, err
 		}
 		return true, nil
 	})
 }

-func (r *resolver) extractToken(req *http.Request) string {
+func (provider *provider) extractToken(req *http.Request) string {
 	var value string
-	for _, header := range r.headers {
+	for _, header := range provider.config.Tokenizer.Headers {
 		if v := req.Header.Get(header); v != "" {
 			value = v
 			break
 		}
 	}

-	accessToken, ok := r.parseBearerAuth(value)
+	accessToken, ok := provider.parseBearerAuth(value)
 	if !ok {
 		return value
 	}
 	return accessToken
 }

-func (r *resolver) parseBearerAuth(auth string) (string, bool) {
+func (provider *provider) parseBearerAuth(auth string) (string, bool) {
 	const prefix = "Bearer "
 	if len(auth) < len(prefix) || !strings.EqualFold(auth[:len(prefix)], prefix) {
 		return "", false
--- a/pkg/modules/dashboard/dashboard.go
+++ b/pkg/modules/dashboard/dashboard.go
@@ -43,7 +43,7 @@ type Module interface {

 	Update(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, data dashboardtypes.UpdatableDashboard, diff int) (*dashboardtypes.Dashboard, error)

-	LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role authtypes.LegacyRole, lock bool) error
+	LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error

 	Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error

--- a/pkg/modules/dashboard/impldashboard/module.go
+++ b/pkg/modules/dashboard/impldashboard/module.go
@@ -99,7 +99,7 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, id valuer.U
 	return dashboard, nil
 }

-func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role authtypes.LegacyRole, lock bool) error {
+func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error {
 	dashboard, err := module.Get(ctx, orgID, id)
 	if err != nil {
 		return err
--- a/pkg/modules/session/implsession/module.go
+++ b/pkg/modules/session/implsession/module.go
@@ -17,7 +17,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/tokenizer"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

@@ -67,7 +66,7 @@ func (module *module) GetSessionContext(ctx context.Context, email valuer.Email,
 	}

 	// filter out deleted users
-	users = slices.DeleteFunc(users, func(user *usertypes.User) bool { return user.ErrIfDeleted() != nil })
+	users = slices.DeleteFunc(users, func(user *types.User) bool { return user.ErrIfDeleted() != nil })

 	// Since email is a valuer, we can be sure that it is a valid email and we can split it to get the domain name.
 	name := strings.Split(email.String(), "@")[1]
@@ -145,7 +144,7 @@ func (module *module) CreateCallbackAuthNSession(ctx context.Context, authNProvi
 	roleMapping := authDomain.AuthDomainConfig().RoleMapping
 	role := roleMapping.NewRoleFromCallbackIdentity(callbackIdentity)

-	user, err := usertypes.NewUser(callbackIdentity.Name, callbackIdentity.Email, role, callbackIdentity.OrgID, usertypes.UserStatusActive)
+	user, err := types.NewUser(callbackIdentity.Name, callbackIdentity.Email, role, callbackIdentity.OrgID, types.UserStatusActive)
 	if err != nil {
 		return "", err
 	}
--- a/pkg/modules/tracefunnel/impltracefunnel/module.go
+++ b/pkg/modules/tracefunnel/impltracefunnel/module.go
@@ -8,7 +8,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel"
 	"github.com/SigNoz/signoz/pkg/types"
 	traceFunnels "github.com/SigNoz/signoz/pkg/types/tracefunneltypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

@@ -31,7 +30,7 @@ func (module *module) Create(ctx context.Context, timestamp int64, name string,
 	funnel.CreatedBy = userID.String()

 	// Set up the user relationship
-	funnel.CreatedByUser = &usertypes.User{
+	funnel.CreatedByUser = &types.User{
 		Identifiable: types.Identifiable{
 			ID: userID,
 		},
--- a/pkg/modules/user/config.go
+++ b/pkg/modules/user/config.go
@@ -5,7 +5,7 @@ import (

 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

@@ -27,7 +27,12 @@ type OrgConfig struct {
 }

 type PasswordConfig struct {
-	Reset ResetConfig `mapstructure:"reset"`
+	Invite InviteConfig `mapstructure:"invite"`
+	Reset  ResetConfig  `mapstructure:"reset"`
+}
+
+type InviteConfig struct {
+	MaxTokenLifetime time.Duration `mapstructure:"max_token_lifetime"`
 }

 type ResetConfig struct {
@@ -46,6 +51,9 @@ func newConfig() factory.Config {
 				AllowSelf:        false,
 				MaxTokenLifetime: 6 * time.Hour,
 			},
+			Invite: InviteConfig{
+				MaxTokenLifetime: 48 * time.Hour,
+			},
 		},
 		Root: RootConfig{
 			Enabled: false,
@@ -61,6 +69,10 @@ func (c Config) Validate() error {
 		return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::password::reset::max_token_lifetime must be positive")
 	}

+	if c.Password.Invite.MaxTokenLifetime <= 0 {
+		return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::password::invite::max_token_lifetime must be positive")
+	}
+
 	if c.Root.Enabled {
 		if c.Root.Email.IsZero() {
 			return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::root::email is required when root user is enabled")
@@ -68,7 +80,7 @@ func (c Config) Validate() error {
 		if c.Root.Password == "" {
 			return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::root::password is required when root user is enabled")
 		}
-		if !usertypes.IsPasswordValid(c.Root.Password) {
+		if !types.IsPasswordValid(c.Root.Password) {
 			return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::root::password does not meet password requirements")
 		}
 	}
--- a/pkg/modules/user/impluser/getter.go
+++ b/pkg/modules/user/impluser/getter.go
@@ -6,25 +6,25 @@ import (

 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/modules/user"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/featuretypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type getter struct {
-	store   usertypes.UserStore
+	store   types.UserStore
 	flagger flagger.Flagger
 }

-func NewGetter(store usertypes.UserStore, flagger flagger.Flagger) user.Getter {
+func NewGetter(store types.UserStore, flagger flagger.Flagger) user.Getter {
 	return &getter{store: store, flagger: flagger}
 }

-func (module *getter) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (*usertypes.User, error) {
+func (module *getter) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (*types.User, error) {
 	return module.store.GetRootUserByOrgID(ctx, orgID)
 }

-func (module *getter) ListByOrgID(ctx context.Context, orgID valuer.UUID) ([]*usertypes.User, error) {
+func (module *getter) ListByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.User, error) {
 	users, err := module.store.ListUsersByOrgID(ctx, orgID)
 	if err != nil {
 		return nil, err
@@ -35,13 +35,13 @@ func (module *getter) ListByOrgID(ctx context.Context, orgID valuer.UUID) ([]*us
 	hideRootUsers := module.flagger.BooleanOrEmpty(ctx, flagger.FeatureHideRootUser, evalCtx)

 	if hideRootUsers {
-		users = slices.DeleteFunc(users, func(user *usertypes.User) bool { return user.IsRoot })
+		users = slices.DeleteFunc(users, func(user *types.User) bool { return user.IsRoot })
 	}

 	return users, nil
 }

-func (module *getter) GetUsersByEmail(ctx context.Context, email valuer.Email) ([]*usertypes.User, error) {
+func (module *getter) GetUsersByEmail(ctx context.Context, email valuer.Email) ([]*types.User, error) {
 	users, err := module.store.GetUsersByEmail(ctx, email)
 	if err != nil {
 		return nil, err
@@ -50,7 +50,7 @@ func (module *getter) GetUsersByEmail(ctx context.Context, email valuer.Email) (
 	return users, nil
 }

-func (module *getter) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*usertypes.User, error) {
+func (module *getter) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*types.User, error) {
 	user, err := module.store.GetByOrgIDAndID(ctx, orgID, id)
 	if err != nil {
 		return nil, err
@@ -59,7 +59,7 @@ func (module *getter) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id
 	return user, nil
 }

-func (module *getter) Get(ctx context.Context, id valuer.UUID) (*usertypes.User, error) {
+func (module *getter) Get(ctx context.Context, id valuer.UUID) (*types.User, error) {
 	user, err := module.store.GetUser(ctx, id)
 	if err != nil {
 		return nil, err
@@ -68,7 +68,7 @@ func (module *getter) Get(ctx context.Context, id valuer.UUID) (*usertypes.User,
 	return user, nil
 }

-func (module *getter) ListUsersByEmailAndOrgIDs(ctx context.Context, email valuer.Email, orgIDs []valuer.UUID) ([]*usertypes.User, error) {
+func (module *getter) ListUsersByEmailAndOrgIDs(ctx context.Context, email valuer.Email, orgIDs []valuer.UUID) ([]*types.User, error) {
 	users, err := module.store.ListUsersByEmailAndOrgIDs(ctx, email, orgIDs)
 	if err != nil {
 		return nil, err
@@ -95,7 +95,7 @@ func (module *getter) CountByOrgIDAndStatuses(ctx context.Context, orgID valuer.
 	return counts, nil
 }

-func (module *getter) GetFactorPasswordByUserID(ctx context.Context, userID valuer.UUID) (*usertypes.FactorPassword, error) {
+func (module *getter) GetFactorPasswordByUserID(ctx context.Context, userID valuer.UUID) (*types.FactorPassword, error) {
 	factorPassword, err := module.store.GetPasswordByUserID(ctx, userID)
 	if err != nil {
 		return nil, err
@@ -103,12 +103,3 @@ func (module *getter) GetFactorPasswordByUserID(ctx context.Context, userID valu

 	return factorPassword, nil
 }
-
-func (module *getter) GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*usertypes.User, *usertypes.FactorPassword, error) {
-	user, factorPassword, err := module.store.GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx, email, orgID)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return user, factorPassword, nil
-}
--- a/pkg/modules/user/impluser/handler.go
+++ b/pkg/modules/user/impluser/handler.go
@@ -11,9 +11,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
 	root "github.com/SigNoz/signoz/pkg/modules/user"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/integrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 )
@@ -31,7 +31,7 @@ func (h *handler) AcceptInvite(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()

-	req := new(usertypes.PostableAcceptInvite)
+	req := new(types.PostableAcceptInvite)
 	if err := binding.JSON.BindBody(r.Body, req); err != nil {
 		render.Error(w, err)
 		return
@@ -56,14 +56,14 @@ func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var req usertypes.PostableInvite
+	var req types.PostableInvite
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		render.Error(rw, err)
 		return
 	}

-	invites, err := h.module.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), &usertypes.PostableBulkInviteRequest{
-		Invites: []usertypes.PostableInvite{req},
+	invites, err := h.module.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), &types.PostableBulkInviteRequest{
+		Invites: []types.PostableInvite{req},
 	})
 	if err != nil {
 		render.Error(rw, err)
@@ -83,7 +83,7 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var req usertypes.PostableBulkInviteRequest
+	var req types.PostableBulkInviteRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		render.Error(rw, err)
 		return
@@ -214,7 +214,7 @@ func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 	}

 	// temp code - show only active users
-	users = slices.DeleteFunc(users, func(user *usertypes.User) bool { return user.Status != usertypes.UserStatusActive })
+	users = slices.DeleteFunc(users, func(user *types.User) bool { return user.Status != types.UserStatusActive })

 	render.Success(w, http.StatusOK, users)
 }
@@ -231,7 +231,7 @@ func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var user usertypes.User
+	var user types.User
 	if err := json.NewDecoder(r.Body).Decode(&user); err != nil {
 		render.Error(w, err)
 		return
@@ -297,7 +297,7 @@ func (handler *handler) ResetPassword(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()

-	req := new(usertypes.PostableResetPassword)
+	req := new(types.PostableResetPassword)
 	if err := json.NewDecoder(r.Body).Decode(req); err != nil {
 		render.Error(w, err)
 		return
@@ -316,7 +316,7 @@ func (handler *handler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()

-	var req usertypes.ChangePasswordRequest
+	var req types.ChangePasswordRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		render.Error(w, err)
 		return
@@ -335,7 +335,7 @@ func (h *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()

-	req := new(usertypes.PostableForgotPassword)
+	req := new(types.PostableForgotPassword)
 	if err := binding.JSON.BindBody(r.Body, req); err != nil {
 		render.Error(w, err)
 		return
@@ -360,13 +360,13 @@ func (h *handler) CreateAPIKey(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	req := new(usertypes.PostableAPIKey)
+	req := new(types.PostableAPIKey)
 	if err := json.NewDecoder(r.Body).Decode(req); err != nil {
 		render.Error(w, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to decode api key"))
 		return
 	}

-	apiKey, err := usertypes.NewStorableAPIKey(
+	apiKey, err := types.NewStorableAPIKey(
 		req.Name,
 		valuer.MustNewUUID(claims.UserID),
 		req.Role,
@@ -411,13 +411,13 @@ func (h *handler) ListAPIKeys(w http.ResponseWriter, r *http.Request) {

 	// for backward compatibility
 	if len(apiKeys) == 0 {
-		render.Success(w, http.StatusOK, []usertypes.GettableAPIKey{})
+		render.Success(w, http.StatusOK, []types.GettableAPIKey{})
 		return
 	}

-	result := make([]*usertypes.GettableAPIKey, len(apiKeys))
+	result := make([]*types.GettableAPIKey, len(apiKeys))
 	for i, apiKey := range apiKeys {
-		result[i] = usertypes.NewGettableAPIKeyFromStorableAPIKey(apiKey)
+		result[i] = types.NewGettableAPIKeyFromStorableAPIKey(apiKey)
 	}

 	render.Success(w, http.StatusOK, result)
@@ -434,7 +434,7 @@ func (h *handler) UpdateAPIKey(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	req := usertypes.StorableAPIKey{}
+	req := types.StorableAPIKey{}
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		render.Error(w, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to decode api key"))
 		return
--- a/pkg/modules/user/impluser/module.go
+++ b/pkg/modules/user/impluser/module.go
@@ -19,13 +19,12 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/emailtypes"
 	"github.com/SigNoz/signoz/pkg/types/integrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/dustin/go-humanize"
 )

 type Module struct {
-	store     usertypes.UserStore
+	store     types.UserStore
 	tokenizer tokenizer.Tokenizer
 	emailing  emailing.Emailing
 	settings  factory.ScopedProviderSettings
@@ -36,7 +35,7 @@ type Module struct {
 }

 // This module is a WIP, don't take inspiration from this.
-func NewModule(store usertypes.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, authz authz.AuthZ, analytics analytics.Analytics, config user.Config) root.Module {
+func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, authz authz.AuthZ, analytics analytics.Analytics, config user.Config) root.Module {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/modules/user/impluser")
 	return &Module{
 		store:     store,
@@ -50,7 +49,7 @@ func NewModule(store usertypes.UserStore, tokenizer tokenizer.Tokenizer, emailin
 	}
 }

-func (m *Module) AcceptInvite(ctx context.Context, token string, password string) (*usertypes.User, error) {
+func (m *Module) AcceptInvite(ctx context.Context, token string, password string) (*types.User, error) {
 	// get the user by reset password token
 	user, err := m.store.GetUserByResetPasswordToken(ctx, token)
 	if err != nil {
@@ -72,7 +71,7 @@ func (m *Module) AcceptInvite(ctx context.Context, token string, password string
 	return user, nil
 }

-func (m *Module) GetInviteByToken(ctx context.Context, token string) (*usertypes.Invite, error) {
+func (m *Module) GetInviteByToken(ctx context.Context, token string) (*types.Invite, error) {
 	// get the user
 	user, err := m.store.GetUserByResetPasswordToken(ctx, token)
 	if err != nil {
@@ -80,7 +79,7 @@ func (m *Module) GetInviteByToken(ctx context.Context, token string) (*usertypes
 	}

 	// create a dummy invite obj for backward compatibility
-	invite := &usertypes.Invite{
+	invite := &types.Invite{
 		Identifiable: types.Identifiable{
 			ID: user.ID,
 		},
@@ -99,7 +98,7 @@ func (m *Module) GetInviteByToken(ctx context.Context, token string) (*usertypes
 }

 // CreateBulk implements invite.Module.
-func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *usertypes.PostableBulkInviteRequest) ([]*usertypes.Invite, error) {
+func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error) {
 	creator, err := m.store.GetUser(ctx, userID)
 	if err != nil {
 		return nil, err
@@ -110,7 +109,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 	for idx, invite := range bulkInvites.Invites {
 		emails[idx] = invite.Email.StringValue()
 	}
-	users, err := m.store.GetUsersByEmailsOrgIDAndStatuses(ctx, orgID, emails, []string{usertypes.UserStatusActive.StringValue(), usertypes.UserStatusPendingInvite.StringValue()})
+	users, err := m.store.GetUsersByEmailsOrgIDAndStatuses(ctx, orgID, emails, []string{types.UserStatusActive.StringValue(), types.UserStatusPendingInvite.StringValue()})
 	if err != nil {
 		return nil, err
 	}
@@ -120,7 +119,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 			return nil, errors.WithAdditionalf(err, "Cannot send invite to root user")
 		}

-		if users[0].Status == usertypes.UserStatusPendingInvite {
+		if users[0].Status == types.UserStatusPendingInvite {
 			return nil, errors.Newf(errors.TypeAlreadyExists, errors.CodeAlreadyExists, "An invite already exists for this email: %s", users[0].Email.StringValue())
 		}

@@ -128,21 +127,21 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 	}

 	type userWithResetToken struct {
-		User               *usertypes.User
-		ResetPasswordToken *usertypes.ResetPasswordToken
+		User               *types.User
+		ResetPasswordToken *types.ResetPasswordToken
 	}

 	newUsersWithResetToken := make([]*userWithResetToken, len(bulkInvites.Invites))

 	if err := m.store.RunInTx(ctx, func(ctx context.Context) error {
 		for idx, invite := range bulkInvites.Invites {
-			role, err := authtypes.NewLegacyRole(invite.Role.String())
+			role, err := types.NewRole(invite.Role.String())
 			if err != nil {
 				return err
 			}

 			// create a new user with pending invite status
-			newUser, err := usertypes.NewUser(invite.Name, invite.Email, role, orgID, usertypes.UserStatusPendingInvite)
+			newUser, err := types.NewUser(invite.Name, invite.Email, role, orgID, types.UserStatusPendingInvite)
 			if err != nil {
 				return err
 			}
@@ -170,7 +169,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 		return nil, err
 	}

-	invites := make([]*usertypes.Invite, len(bulkInvites.Invites))
+	invites := make([]*types.Invite, len(bulkInvites.Invites))

 	// send password reset emails to all the invited users
 	for idx, userWithToken := range newUsersWithResetToken {
@@ -179,7 +178,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 			"invitee_role":  userWithToken.User.Role,
 		})

-		invite := &usertypes.Invite{
+		invite := &types.Invite{
 			Identifiable: types.Identifiable{
 				ID: userWithToken.User.ID,
 			},
@@ -204,7 +203,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID

 		resetLink := userWithToken.ResetPasswordToken.FactorPasswordResetLink(frontendBaseUrl)

-		tokenLifetime := m.config.Password.Reset.MaxTokenLifetime
+		tokenLifetime := m.config.Password.Invite.MaxTokenLifetime
 		humanizedTokenLifetime := strings.TrimSpace(humanize.RelTime(time.Now(), time.Now().Add(tokenLifetime), "", ""))

 		if err := m.emailing.SendHTML(ctx, userWithToken.User.Email.String(), "You're Invited to Join SigNoz", emailtypes.TemplateNameInvitationEmail, map[string]any{
@@ -219,16 +218,16 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 	return invites, nil
 }

-func (m *Module) ListInvite(ctx context.Context, orgID string) ([]*usertypes.Invite, error) {
+func (m *Module) ListInvite(ctx context.Context, orgID string) ([]*types.Invite, error) {
 	// find all the users with pending_invite status
 	users, err := m.store.ListUsersByOrgID(ctx, valuer.MustNewUUID(orgID))
 	if err != nil {
 		return nil, err
 	}

-	pendingUsers := slices.DeleteFunc(users, func(user *usertypes.User) bool { return user.Status != usertypes.UserStatusPendingInvite })
+	pendingUsers := slices.DeleteFunc(users, func(user *types.User) bool { return user.Status != types.UserStatusPendingInvite })

-	var invites []*usertypes.Invite
+	var invites []*types.Invite

 	for _, pUser := range pendingUsers {
 		// get the reset password token
@@ -238,7 +237,7 @@ func (m *Module) ListInvite(ctx context.Context, orgID string) ([]*usertypes.Inv
 		}

 		// create a dummy invite obj for backward compatibility
-		invite := &usertypes.Invite{
+		invite := &types.Invite{
 			Identifiable: types.Identifiable{
 				ID: pUser.ID,
 			},
@@ -259,7 +258,7 @@ func (m *Module) ListInvite(ctx context.Context, orgID string) ([]*usertypes.Inv
 	return invites, nil
 }

-func (module *Module) CreateUser(ctx context.Context, input *usertypes.User, opts ...root.CreateUserOption) error {
+func (module *Module) CreateUser(ctx context.Context, input *types.User, opts ...root.CreateUserOption) error {
 	createUserOpts := root.NewCreateUserOptions(opts...)

 	// since assign is idempotant multiple calls to assign won't cause issues in case of retries.
@@ -284,14 +283,14 @@ func (module *Module) CreateUser(ctx context.Context, input *usertypes.User, opt
 		return err
 	}

-	traitsOrProperties := usertypes.NewTraitsFromUser(input)
+	traitsOrProperties := types.NewTraitsFromUser(input)
 	module.analytics.IdentifyUser(ctx, input.OrgID.String(), input.ID.String(), traitsOrProperties)
 	module.analytics.TrackUser(ctx, input.OrgID.String(), input.ID.String(), "User Created", traitsOrProperties)

 	return nil
 }

-func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *usertypes.User, updatedBy string) (*usertypes.User, error) {
+func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.User, updatedBy string) (*types.User, error) {
 	existingUser, err := m.store.GetUser(ctx, valuer.MustNewUUID(id))
 	if err != nil {
 		return nil, err
@@ -314,13 +313,13 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 		return nil, err
 	}

-	if user.Role != "" && user.Role != existingUser.Role && requestor.Role != authtypes.RoleAdmin {
+	if user.Role != "" && user.Role != existingUser.Role && requestor.Role != types.RoleAdmin {
 		return nil, errors.New(errors.TypeForbidden, errors.CodeForbidden, "only admins can change roles")
 	}

 	// Make sure that the request is not demoting the last admin user.
-	if user.Role != "" && user.Role != existingUser.Role && existingUser.Role == authtypes.RoleAdmin {
-		adminUsers, err := m.store.GetActiveUsersByRoleAndOrgID(ctx, authtypes.RoleAdmin, orgID)
+	if user.Role != "" && user.Role != existingUser.Role && existingUser.Role == types.RoleAdmin {
+		adminUsers, err := m.store.GetActiveUsersByRoleAndOrgID(ctx, types.RoleAdmin, orgID)
 		if err != nil {
 			return nil, err
 		}
@@ -350,12 +349,12 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 	return existingUser, nil
 }

-func (module *Module) UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *usertypes.User) error {
+func (module *Module) UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.User) error {
 	if err := module.store.UpdateUser(ctx, orgID, user); err != nil {
 		return err
 	}

-	traits := usertypes.NewTraitsFromUser(user)
+	traits := types.NewTraitsFromUser(user)
 	module.analytics.IdentifyUser(ctx, user.OrgID.String(), user.ID.String(), traits)
 	module.analytics.TrackUser(ctx, user.OrgID.String(), user.ID.String(), "User Updated", traits)

@@ -385,12 +384,12 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	}

 	// don't allow to delete the last admin user
-	adminUsers, err := module.store.GetActiveUsersByRoleAndOrgID(ctx, authtypes.RoleAdmin, orgID)
+	adminUsers, err := module.store.GetActiveUsersByRoleAndOrgID(ctx, types.RoleAdmin, orgID)
 	if err != nil {
 		return err
 	}

-	if len(adminUsers) == 1 && user.Role == authtypes.RoleAdmin {
+	if len(adminUsers) == 1 && user.Role == types.RoleAdmin {
 		return errors.New(errors.TypeForbidden, errors.CodeForbidden, "cannot delete the last admin")
 	}

@@ -412,7 +411,7 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	return nil
 }

-func (module *Module) GetOrCreateResetPasswordToken(ctx context.Context, userID valuer.UUID) (*usertypes.ResetPasswordToken, error) {
+func (module *Module) GetOrCreateResetPasswordToken(ctx context.Context, userID valuer.UUID) (*types.ResetPasswordToken, error) {
 	user, err := module.store.GetUser(ctx, userID)
 	if err != nil {
 		return nil, err
@@ -435,7 +434,7 @@ func (module *Module) GetOrCreateResetPasswordToken(ctx context.Context, userID

 	if password == nil {
 		// if the user does not have a password, we need to create a new one (common for SSO/SAML users)
-		password = usertypes.MustGenerateFactorPassword(userID.String())
+		password = types.MustGenerateFactorPassword(userID.String())

 		if err := module.store.CreatePassword(ctx, password); err != nil {
 			return nil, err
@@ -461,7 +460,11 @@ func (module *Module) GetOrCreateResetPasswordToken(ctx context.Context, userID
 	}

 	// create a new token
-	resetPasswordToken, err := usertypes.NewResetPasswordToken(password.ID, time.Now().Add(module.config.Password.Reset.MaxTokenLifetime))
+	tokenLifetime := module.config.Password.Reset.MaxTokenLifetime
+	if user.Status == types.UserStatusPendingInvite {
+		tokenLifetime = module.config.Password.Invite.MaxTokenLifetime
+	}
+	resetPasswordToken, err := types.NewResetPasswordToken(password.ID, time.Now().Add(tokenLifetime))
 	if err != nil {
 		return nil, err
 	}
@@ -501,6 +504,9 @@ func (module *Module) ForgotPassword(ctx context.Context, orgID valuer.UUID, ema
 	resetLink := token.FactorPasswordResetLink(frontendBaseURL)

 	tokenLifetime := module.config.Password.Reset.MaxTokenLifetime
+	if user.Status == types.UserStatusPendingInvite {
+		tokenLifetime = module.config.Password.Invite.MaxTokenLifetime
+	}
 	humanizedTokenLifetime := strings.TrimSpace(humanize.RelTime(time.Now(), time.Now().Add(tokenLifetime), "", ""))

 	if err := module.emailing.SendHTML(
@@ -554,7 +560,7 @@ func (module *Module) UpdatePasswordByResetPasswordToken(ctx context.Context, to
 	}

 	// since grant is idempotent, multiple calls won't cause issues in case of retries
-	if user.Status == usertypes.UserStatusPendingInvite {
+	if user.Status == types.UserStatusPendingInvite {
 		if err = module.authz.Grant(
 			ctx,
 			user.OrgID,
@@ -566,8 +572,8 @@ func (module *Module) UpdatePasswordByResetPasswordToken(ctx context.Context, to
 	}

 	return module.store.RunInTx(ctx, func(ctx context.Context) error {
-		if user.Status == usertypes.UserStatusPendingInvite {
-			if err := user.UpdateStatus(usertypes.UserStatusActive); err != nil {
+		if user.Status == types.UserStatusPendingInvite {
+			if err := user.UpdateStatus(types.UserStatusActive); err != nil {
 				return err
 			}
 			if err := module.store.UpdateUser(ctx, user.OrgID, user); err != nil {
@@ -607,7 +613,7 @@ func (module *Module) UpdatePassword(ctx context.Context, userID valuer.UUID, ol
 	}

 	if !password.Equals(oldpasswd) {
-		return errors.New(errors.TypeInvalidInput, usertypes.ErrCodeIncorrectPassword, "old password is incorrect")
+		return errors.New(errors.TypeInvalidInput, types.ErrCodeIncorrectPassword, "old password is incorrect")
 	}

 	if err := password.Update(passwd); err != nil {
@@ -631,7 +637,7 @@ func (module *Module) UpdatePassword(ctx context.Context, userID valuer.UUID, ol
 	return module.tokenizer.DeleteTokensByUserID(ctx, userID)
 }

-func (module *Module) GetOrCreateUser(ctx context.Context, user *usertypes.User, opts ...root.CreateUserOption) (*usertypes.User, error) {
+func (module *Module) GetOrCreateUser(ctx context.Context, user *types.User, opts ...root.CreateUserOption) (*types.User, error) {
 	existingUser, err := module.GetNonDeletedUserByEmailAndOrgID(ctx, user.Email, user.OrgID)
 	if err != nil {
 		if !errors.Ast(err, errors.TypeNotFound) {
@@ -641,7 +647,7 @@ func (module *Module) GetOrCreateUser(ctx context.Context, user *usertypes.User,

 	if existingUser != nil {
 		// for users logging through SSO flow but are having status as pending_invite
-		if existingUser.Status == usertypes.UserStatusPendingInvite {
+		if existingUser.Status == types.UserStatusPendingInvite {
 			// respect the role coming from the SSO
 			existingUser.Update("", user.Role)
 			// activate the user
@@ -661,19 +667,19 @@ func (module *Module) GetOrCreateUser(ctx context.Context, user *usertypes.User,
 	return user, nil
 }

-func (m *Module) CreateAPIKey(ctx context.Context, apiKey *usertypes.StorableAPIKey) error {
+func (m *Module) CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error {
 	return m.store.CreateAPIKey(ctx, apiKey)
 }

-func (m *Module) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *usertypes.StorableAPIKey, updaterID valuer.UUID) error {
+func (m *Module) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error {
 	return m.store.UpdateAPIKey(ctx, id, apiKey, updaterID)
 }

-func (m *Module) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*usertypes.StorableAPIKeyUser, error) {
+func (m *Module) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error) {
 	return m.store.ListAPIKeys(ctx, orgID)
 }

-func (m *Module) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*usertypes.StorableAPIKeyUser, error) {
+func (m *Module) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*types.StorableAPIKeyUser, error) {
 	return m.store.GetAPIKey(ctx, orgID, id)
 }

@@ -681,13 +687,13 @@ func (m *Module) RevokeAPIKey(ctx context.Context, id, removedByUserID valuer.UU
 	return m.store.RevokeAPIKey(ctx, id, removedByUserID)
 }

-func (module *Module) CreateFirstUser(ctx context.Context, organization *types.Organization, name string, email valuer.Email, passwd string) (*usertypes.User, error) {
-	user, err := usertypes.NewRootUser(name, email, organization.ID)
+func (module *Module) CreateFirstUser(ctx context.Context, organization *types.Organization, name string, email valuer.Email, passwd string) (*types.User, error) {
+	user, err := types.NewRootUser(name, email, organization.ID)
 	if err != nil {
 		return nil, err
 	}

-	password, err := usertypes.NewFactorPassword(passwd, user.ID.StringValue())
+	password, err := types.NewFactorPassword(passwd, user.ID.StringValue())
 	if err != nil {
 		return nil, err
 	}
@@ -726,12 +732,12 @@ func (module *Module) CreateFirstUser(ctx context.Context, organization *types.O

 func (module *Module) Collect(ctx context.Context, orgID valuer.UUID) (map[string]any, error) {
 	stats := make(map[string]any)
-	counts, err := module.store.CountByOrgIDAndStatuses(ctx, orgID, []string{usertypes.UserStatusActive.StringValue(), usertypes.UserStatusDeleted.StringValue(), usertypes.UserStatusPendingInvite.StringValue()})
+	counts, err := module.store.CountByOrgIDAndStatuses(ctx, orgID, []string{types.UserStatusActive.StringValue(), types.UserStatusDeleted.StringValue(), types.UserStatusPendingInvite.StringValue()})
 	if err == nil {
-		stats["user.count"] = counts[usertypes.UserStatusActive] + counts[usertypes.UserStatusDeleted] + counts[usertypes.UserStatusPendingInvite]
-		stats["user.count.active"] = counts[usertypes.UserStatusActive]
-		stats["user.count.deleted"] = counts[usertypes.UserStatusDeleted]
-		stats["user.count.pending_invite"] = counts[usertypes.UserStatusPendingInvite]
+		stats["user.count"] = counts[types.UserStatusActive] + counts[types.UserStatusDeleted] + counts[types.UserStatusPendingInvite]
+		stats["user.count.active"] = counts[types.UserStatusActive]
+		stats["user.count.deleted"] = counts[types.UserStatusDeleted]
+		stats["user.count.pending_invite"] = counts[types.UserStatusPendingInvite]
 	}

 	count, err := module.store.CountAPIKeyByOrgID(ctx, orgID)
@@ -743,14 +749,14 @@ func (module *Module) Collect(ctx context.Context, orgID valuer.UUID) (map[strin
 }

 // this function restricts that only one non-deleted user email can exist for an org ID, if found more, it throws an error
-func (module *Module) GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*usertypes.User, error) {
+func (module *Module) GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*types.User, error) {
 	existingUsers, err := module.store.GetUsersByEmailAndOrgID(ctx, email, orgID)
 	if err != nil {
 		return nil, err
 	}

 	// filter out the deleted users
-	existingUsers = slices.DeleteFunc(existingUsers, func(user *usertypes.User) bool { return user.ErrIfDeleted() != nil })
+	existingUsers = slices.DeleteFunc(existingUsers, func(user *types.User) bool { return user.ErrIfDeleted() != nil })

 	if len(existingUsers) > 1 {
 		return nil, errors.Newf(errors.TypeInternal, errors.CodeInternal, "Multiple non-deleted users found for email %s in org_id: %s", email.StringValue(), orgID.StringValue())
@@ -764,7 +770,7 @@ func (module *Module) GetNonDeletedUserByEmailAndOrgID(ctx context.Context, emai

 }

-func (module *Module) createUserWithoutGrant(ctx context.Context, input *usertypes.User, opts ...root.CreateUserOption) error {
+func (module *Module) createUserWithoutGrant(ctx context.Context, input *types.User, opts ...root.CreateUserOption) error {
 	createUserOpts := root.NewCreateUserOptions(opts...)
 	if err := module.store.RunInTx(ctx, func(ctx context.Context) error {
 		if err := module.store.CreateUser(ctx, input); err != nil {
@@ -782,14 +788,14 @@ func (module *Module) createUserWithoutGrant(ctx context.Context, input *usertyp
 		return err
 	}

-	traitsOrProperties := usertypes.NewTraitsFromUser(input)
+	traitsOrProperties := types.NewTraitsFromUser(input)
 	module.analytics.IdentifyUser(ctx, input.OrgID.String(), input.ID.String(), traitsOrProperties)
 	module.analytics.TrackUser(ctx, input.OrgID.String(), input.ID.String(), "User Created", traitsOrProperties)

 	return nil
 }

-func (module *Module) activatePendingUser(ctx context.Context, user *usertypes.User) error {
+func (module *Module) activatePendingUser(ctx context.Context, user *types.User) error {
 	err := module.authz.Grant(
 		ctx,
 		user.OrgID,
@@ -800,7 +806,7 @@ func (module *Module) activatePendingUser(ctx context.Context, user *usertypes.U
 		return err
 	}

-	if err := user.UpdateStatus(usertypes.UserStatusActive); err != nil {
+	if err := user.UpdateStatus(types.UserStatusActive); err != nil {
 		return err
 	}
 	err = module.store.UpdateUser(ctx, user.OrgID, user)
--- a/pkg/modules/user/impluser/service.go
+++ b/pkg/modules/user/impluser/service.go
@@ -11,13 +11,12 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type service struct {
 	settings  factory.ScopedProviderSettings
-	store     usertypes.UserStore
+	store     types.UserStore
 	module    user.Module
 	orgGetter organization.Getter
 	authz     authz.AuthZ
@@ -27,7 +26,7 @@ type service struct {

 func NewService(
 	providerSettings factory.ProviderSettings,
-	store usertypes.UserStore,
+	store types.UserStore,
 	module user.Module,
 	orgGetter organization.Getter,
 	authz authz.AuthZ,
@@ -156,11 +155,11 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 			return err
 		}

-		if oldRole != authtypes.RoleAdmin {
+		if oldRole != types.RoleAdmin {
 			if err := s.authz.ModifyGrant(ctx,
 				orgID,
 				[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(oldRole)},
-				[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(authtypes.RoleAdmin)},
+				[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(types.RoleAdmin)},
 				authtypes.MustNewSubject(authtypes.TypeableUser, existingUser.ID.StringValue(), orgID, nil),
 			); err != nil {
 				return err
@@ -171,12 +170,12 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 	}

 	// Create new root user
-	newUser, err := usertypes.NewRootUser(s.config.Email.String(), s.config.Email, orgID)
+	newUser, err := types.NewRootUser(s.config.Email.String(), s.config.Email, orgID)
 	if err != nil {
 		return err
 	}

-	factorPassword, err := usertypes.NewFactorPassword(s.config.Password, newUser.ID.StringValue())
+	factorPassword, err := types.NewFactorPassword(s.config.Password, newUser.ID.StringValue())
 	if err != nil {
 		return err
 	}
@@ -184,7 +183,7 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 	return s.module.CreateUser(ctx, newUser, user.WithFactorPassword(factorPassword))
 }

-func (s *service) updateExistingRootUser(ctx context.Context, orgID valuer.UUID, existingRoot *usertypes.User) error {
+func (s *service) updateExistingRootUser(ctx context.Context, orgID valuer.UUID, existingRoot *types.User) error {
 	existingRoot.PromoteToRoot()

 	if existingRoot.Email != s.config.Email {
@@ -204,7 +203,7 @@ func (s *service) setPassword(ctx context.Context, userID valuer.UUID) error {
 			return err
 		}

-		factorPassword, err := usertypes.NewFactorPassword(s.config.Password, userID.StringValue())
+		factorPassword, err := types.NewFactorPassword(s.config.Password, userID.StringValue())
 		if err != nil {
 			return err
 		}
--- a/pkg/modules/user/impluser/store.go
+++ b/pkg/modules/user/impluser/store.go
@@ -9,9 +9,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/preferencetypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -21,11 +21,11 @@ type store struct {
 	settings factory.ProviderSettings
 }

-func NewStore(sqlstore sqlstore.SQLStore, settings factory.ProviderSettings) usertypes.UserStore {
+func NewStore(sqlstore sqlstore.SQLStore, settings factory.ProviderSettings) types.UserStore {
 	return &store{sqlstore: sqlstore, settings: settings}
 }

-func (store *store) CreatePassword(ctx context.Context, password *usertypes.FactorPassword) error {
+func (store *store) CreatePassword(ctx context.Context, password *types.FactorPassword) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -33,13 +33,13 @@ func (store *store) CreatePassword(ctx context.Context, password *usertypes.Fact
 		Model(password).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, usertypes.ErrPasswordAlreadyExists, "password for user %s already exists", password.UserID)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, types.ErrPasswordAlreadyExists, "password for user %s already exists", password.UserID)
 	}

 	return nil
 }

-func (store *store) CreateUser(ctx context.Context, user *usertypes.User) error {
+func (store *store) CreateUser(ctx context.Context, user *types.User) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -47,13 +47,13 @@ func (store *store) CreateUser(ctx context.Context, user *usertypes.User) error
 		Model(user).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, usertypes.ErrUserAlreadyExists, "user with email %s already exists in org %s", user.Email, user.OrgID)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, types.ErrUserAlreadyExists, "user with email %s already exists in org %s", user.Email, user.OrgID)
 	}
 	return nil
 }

-func (store *store) GetUsersByEmail(ctx context.Context, email valuer.Email) ([]*usertypes.User, error) {
-	var users []*usertypes.User
+func (store *store) GetUsersByEmail(ctx context.Context, email valuer.Email) ([]*types.User, error) {
+	var users []*types.User

 	err := store.
 		sqlstore.
@@ -69,8 +69,8 @@ func (store *store) GetUsersByEmail(ctx context.Context, email valuer.Email) ([]
 	return users, nil
 }

-func (store *store) GetUser(ctx context.Context, id valuer.UUID) (*usertypes.User, error) {
-	user := new(usertypes.User)
+func (store *store) GetUser(ctx context.Context, id valuer.UUID) (*types.User, error) {
+	user := new(types.User)

 	err := store.
 		sqlstore.
@@ -80,14 +80,14 @@ func (store *store) GetUser(ctx context.Context, id valuer.UUID) (*usertypes.Use
 		Where("id = ?", id).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user with id %s does not exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user with id %s does not exist", id)
 	}

 	return user, nil
 }

-func (store *store) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*usertypes.User, error) {
-	user := new(usertypes.User)
+func (store *store) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*types.User, error) {
+	user := new(types.User)

 	err := store.
 		sqlstore.
@@ -98,14 +98,14 @@ func (store *store) GetByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id v
 		Where("id = ?", id).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user with id %s does not exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user with id %s does not exist", id)
 	}

 	return user, nil
 }

-func (store *store) GetUsersByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) ([]*usertypes.User, error) {
-	var users []*usertypes.User
+func (store *store) GetUsersByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) ([]*types.User, error) {
+	var users []*types.User

 	err := store.
 		sqlstore.
@@ -122,8 +122,8 @@ func (store *store) GetUsersByEmailAndOrgID(ctx context.Context, email valuer.Em
 	return users, nil
 }

-func (store *store) GetActiveUsersByRoleAndOrgID(ctx context.Context, role authtypes.LegacyRole, orgID valuer.UUID) ([]*usertypes.User, error) {
-	var users []*usertypes.User
+func (store *store) GetActiveUsersByRoleAndOrgID(ctx context.Context, role types.Role, orgID valuer.UUID) ([]*types.User, error) {
+	var users []*types.User

 	err := store.
 		sqlstore.
@@ -132,7 +132,7 @@ func (store *store) GetActiveUsersByRoleAndOrgID(ctx context.Context, role autht
 		Model(&users).
 		Where("org_id = ?", orgID).
 		Where("role = ?", role).
-		Where("status = ?", usertypes.UserStatusActive.StringValue()).
+		Where("status = ?", types.UserStatusActive.StringValue()).
 		Scan(ctx)
 	if err != nil {
 		return nil, err
@@ -141,7 +141,7 @@ func (store *store) GetActiveUsersByRoleAndOrgID(ctx context.Context, role autht
 	return users, nil
 }

-func (store *store) UpdateUser(ctx context.Context, orgID valuer.UUID, user *usertypes.User) error {
+func (store *store) UpdateUser(ctx context.Context, orgID valuer.UUID, user *types.User) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -157,13 +157,13 @@ func (store *store) UpdateUser(ctx context.Context, orgID valuer.UUID, user *use
 		Where("id = ?", user.ID).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user does not exist in org: %s", orgID)
+		return store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user does not exist in org: %s", orgID)
 	}
 	return nil
 }

-func (store *store) ListUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*usertypes.GettableUser, error) {
-	users := []*usertypes.User{}
+func (store *store) ListUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.GettableUser, error) {
+	users := []*types.User{}

 	err := store.
 		sqlstore.
@@ -191,7 +191,7 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err

 	// get the password id

-	var password usertypes.FactorPassword
+	var password types.FactorPassword
 	err = tx.NewSelect().
 		Model(&password).
 		Where("user_id = ?", id).
@@ -202,7 +202,7 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err

 	// delete reset password request
 	_, err = tx.NewDelete().
-		Model(new(usertypes.ResetPasswordToken)).
+		Model(new(types.ResetPasswordToken)).
 		Where("password_id = ?", password.ID.String()).
 		Exec(ctx)
 	if err != nil {
@@ -211,7 +211,7 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err

 	// delete factor password
 	_, err = tx.NewDelete().
-		Model(new(usertypes.FactorPassword)).
+		Model(new(types.FactorPassword)).
 		Where("user_id = ?", id).
 		Exec(ctx)
 	if err != nil {
@@ -220,7 +220,7 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err

 	// delete api keys
 	_, err = tx.NewDelete().
-		Model(&usertypes.StorableAPIKey{}).
+		Model(&types.StorableAPIKey{}).
 		Where("user_id = ?", id).
 		Exec(ctx)
 	if err != nil {
@@ -247,7 +247,7 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err

 	// delete user
 	_, err = tx.NewDelete().
-		Model(new(usertypes.User)).
+		Model(new(types.User)).
 		Where("org_id = ?", orgID).
 		Where("id = ?", id).
 		Exec(ctx)
@@ -275,7 +275,7 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)

 	// get the password id

-	var password usertypes.FactorPassword
+	var password types.FactorPassword
 	err = tx.NewSelect().
 		Model(&password).
 		Where("user_id = ?", id).
@@ -286,7 +286,7 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)

 	// delete reset password request
 	_, err = tx.NewDelete().
-		Model(new(usertypes.ResetPasswordToken)).
+		Model(new(types.ResetPasswordToken)).
 		Where("password_id = ?", password.ID.String()).
 		Exec(ctx)
 	if err != nil {
@@ -295,7 +295,7 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)

 	// delete factor password
 	_, err = tx.NewDelete().
-		Model(new(usertypes.FactorPassword)).
+		Model(new(types.FactorPassword)).
 		Where("user_id = ?", id).
 		Exec(ctx)
 	if err != nil {
@@ -304,7 +304,7 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)

 	// delete api keys
 	_, err = tx.NewDelete().
-		Model(&usertypes.StorableAPIKey{}).
+		Model(&types.StorableAPIKey{}).
 		Where("user_id = ?", id).
 		Exec(ctx)
 	if err != nil {
@@ -332,8 +332,8 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)
 	// soft delete user
 	now := time.Now()
 	_, err = tx.NewUpdate().
-		Model(new(usertypes.User)).
-		Set("status = ?", usertypes.UserStatusDeleted).
+		Model(new(types.User)).
+		Set("status = ?", types.UserStatusDeleted).
 		Set("deleted_at = ?", now).
 		Set("updated_at = ?", now).
 		Where("org_id = ?", orgID).
@@ -351,7 +351,7 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)
 	return nil
 }

-func (store *store) CreateResetPasswordToken(ctx context.Context, resetPasswordToken *usertypes.ResetPasswordToken) error {
+func (store *store) CreateResetPasswordToken(ctx context.Context, resetPasswordToken *types.ResetPasswordToken) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -359,14 +359,14 @@ func (store *store) CreateResetPasswordToken(ctx context.Context, resetPasswordT
 		Model(resetPasswordToken).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, usertypes.ErrResetPasswordTokenAlreadyExists, "reset password token for password  %s already exists", resetPasswordToken.PasswordID)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, types.ErrResetPasswordTokenAlreadyExists, "reset password token for password  %s already exists", resetPasswordToken.PasswordID)
 	}

 	return nil
 }

-func (store *store) GetPassword(ctx context.Context, id valuer.UUID) (*usertypes.FactorPassword, error) {
-	password := new(usertypes.FactorPassword)
+func (store *store) GetPassword(ctx context.Context, id valuer.UUID) (*types.FactorPassword, error) {
+	password := new(types.FactorPassword)

 	err := store.
 		sqlstore.
@@ -376,14 +376,14 @@ func (store *store) GetPassword(ctx context.Context, id valuer.UUID) (*usertypes
 		Where("id = ?", id).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodePasswordNotFound, "password with id: %s does not exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrPasswordNotFound, "password with id: %s does not exist", id)
 	}

 	return password, nil
 }

-func (store *store) GetPasswordByUserID(ctx context.Context, userID valuer.UUID) (*usertypes.FactorPassword, error) {
-	password := new(usertypes.FactorPassword)
+func (store *store) GetPasswordByUserID(ctx context.Context, userID valuer.UUID) (*types.FactorPassword, error) {
+	password := new(types.FactorPassword)

 	err := store.
 		sqlstore.
@@ -393,13 +393,13 @@ func (store *store) GetPasswordByUserID(ctx context.Context, userID valuer.UUID)
 		Where("user_id = ?", userID).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodePasswordNotFound, "password for user %s does not exist", userID)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrPasswordNotFound, "password for user %s does not exist", userID)
 	}
 	return password, nil
 }

-func (store *store) GetResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) (*usertypes.ResetPasswordToken, error) {
-	resetPasswordToken := new(usertypes.ResetPasswordToken)
+func (store *store) GetResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) (*types.ResetPasswordToken, error) {
+	resetPasswordToken := new(types.ResetPasswordToken)

 	err := store.
 		sqlstore.
@@ -409,7 +409,7 @@ func (store *store) GetResetPasswordTokenByPasswordID(ctx context.Context, passw
 		Where("password_id = ?", passwordID).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrResetPasswordTokenNotFound, "reset password token for password %s does not exist", passwordID)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrResetPasswordTokenNotFound, "reset password token for password %s does not exist", passwordID)
 	}

 	return resetPasswordToken, nil
@@ -417,7 +417,7 @@ func (store *store) GetResetPasswordTokenByPasswordID(ctx context.Context, passw

 func (store *store) DeleteResetPasswordTokenByPasswordID(ctx context.Context, passwordID valuer.UUID) error {
 	_, err := store.sqlstore.BunDBCtx(ctx).NewDelete().
-		Model(&usertypes.ResetPasswordToken{}).
+		Model(&types.ResetPasswordToken{}).
 		Where("password_id = ?", passwordID).
 		Exec(ctx)
 	if err != nil {
@@ -427,8 +427,8 @@ func (store *store) DeleteResetPasswordTokenByPasswordID(ctx context.Context, pa
 	return nil
 }

-func (store *store) GetResetPasswordToken(ctx context.Context, token string) (*usertypes.ResetPasswordToken, error) {
-	resetPasswordRequest := new(usertypes.ResetPasswordToken)
+func (store *store) GetResetPasswordToken(ctx context.Context, token string) (*types.ResetPasswordToken, error) {
+	resetPasswordRequest := new(types.ResetPasswordToken)

 	err := store.
 		sqlstore.
@@ -438,38 +438,38 @@ func (store *store) GetResetPasswordToken(ctx context.Context, token string) (*u
 		Where("token = ?", token).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrResetPasswordTokenNotFound, "reset password token does not exist")
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrResetPasswordTokenNotFound, "reset password token does not exist")
 	}

 	return resetPasswordRequest, nil
 }

-func (store *store) UpdatePassword(ctx context.Context, factorPassword *usertypes.FactorPassword) error {
+func (store *store) UpdatePassword(ctx context.Context, factorPassword *types.FactorPassword) error {
 	_, err := store.sqlstore.BunDBCtx(ctx).
 		NewUpdate().
 		Model(factorPassword).
 		Where("user_id = ?", factorPassword.UserID).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodePasswordNotFound, "password for user %s does not exist", factorPassword.UserID)
+		return store.sqlstore.WrapNotFoundErrf(err, types.ErrPasswordNotFound, "password for user %s does not exist", factorPassword.UserID)
 	}

 	return nil
 }

 // --- API KEY ---
-func (store *store) CreateAPIKey(ctx context.Context, apiKey *usertypes.StorableAPIKey) error {
+func (store *store) CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error {
 	_, err := store.sqlstore.BunDB().NewInsert().
 		Model(apiKey).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, usertypes.ErrAPIKeyAlreadyExists, "API key with token: %s already exists", apiKey.Token)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, types.ErrAPIKeyAlreadyExists, "API key with token: %s already exists", apiKey.Token)
 	}

 	return nil
 }

-func (store *store) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *usertypes.StorableAPIKey, updaterID valuer.UUID) error {
+func (store *store) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error {
 	apiKey.UpdatedBy = updaterID.String()
 	apiKey.UpdatedAt = time.Now()
 	_, err := store.sqlstore.BunDB().NewUpdate().
@@ -479,13 +479,13 @@ func (store *store) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *us
 		Where("revoked = false").
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+		return store.sqlstore.WrapNotFoundErrf(err, types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
 	}
 	return nil
 }

-func (store *store) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*usertypes.StorableAPIKeyUser, error) {
-	orgUserAPIKeys := new(usertypes.OrgUserAPIKey)
+func (store *store) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error) {
+	orgUserAPIKeys := new(types.OrgUserAPIKey)

 	if err := store.sqlstore.BunDB().NewSelect().
 		Model(orgUserAPIKeys).
@@ -502,7 +502,7 @@ func (store *store) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*user
 	}

 	// Flatten the API keys from all users
-	var allAPIKeys []*usertypes.StorableAPIKeyUser
+	var allAPIKeys []*types.StorableAPIKeyUser
 	for _, user := range orgUserAPIKeys.Users {
 		if user.APIKeys != nil {
 			allAPIKeys = append(allAPIKeys, user.APIKeys...)
@@ -520,7 +520,7 @@ func (store *store) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*user
 func (store *store) RevokeAPIKey(ctx context.Context, id, revokedByUserID valuer.UUID) error {
 	updatedAt := time.Now().Unix()
 	_, err := store.sqlstore.BunDB().NewUpdate().
-		Model(&usertypes.StorableAPIKey{}).
+		Model(&types.StorableAPIKey{}).
 		Set("revoked = ?", true).
 		Set("updated_by = ?", revokedByUserID).
 		Set("updated_at = ?", updatedAt).
@@ -532,8 +532,8 @@ func (store *store) RevokeAPIKey(ctx context.Context, id, revokedByUserID valuer
 	return nil
 }

-func (store *store) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*usertypes.StorableAPIKeyUser, error) {
-	apiKey := new(usertypes.OrgUserAPIKey)
+func (store *store) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*types.StorableAPIKeyUser, error) {
+	apiKey := new(types.OrgUserAPIKey)
 	if err := store.sqlstore.BunDB().NewSelect().
 		Model(apiKey).
 		Relation("Users").
@@ -545,25 +545,25 @@ func (store *store) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*user
 		Relation("Users.APIKeys.CreatedByUser").
 		Relation("Users.APIKeys.UpdatedByUser").
 		Scan(ctx); err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
 	}

 	// flatten the API keys
-	flattenedAPIKeys := []*usertypes.StorableAPIKeyUser{}
+	flattenedAPIKeys := []*types.StorableAPIKeyUser{}
 	for _, user := range apiKey.Users {
 		if user.APIKeys != nil {
 			flattenedAPIKeys = append(flattenedAPIKeys, user.APIKeys...)
 		}
 	}
 	if len(flattenedAPIKeys) == 0 {
-		return nil, store.sqlstore.WrapNotFoundErrf(errors.New(errors.TypeNotFound, errors.CodeNotFound, "API key with id: %s does not exist"), usertypes.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(errors.New(errors.TypeNotFound, errors.CodeNotFound, "API key with id: %s does not exist"), types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
 	}

 	return flattenedAPIKeys[0], nil
 }

 func (store *store) CountByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
-	user := new(usertypes.User)
+	user := new(types.User)

 	count, err := store.
 		sqlstore.
@@ -580,7 +580,7 @@ func (store *store) CountByOrgID(ctx context.Context, orgID valuer.UUID) (int64,
 }

 func (store *store) CountByOrgIDAndStatuses(ctx context.Context, orgID valuer.UUID, statuses []string) (map[valuer.String]int64, error) {
-	user := new(usertypes.User)
+	user := new(types.User)
 	var results []struct {
 		Status valuer.String `bun:"status"`
 		Count  int64         `bun:"count"`
@@ -610,7 +610,7 @@ func (store *store) CountByOrgIDAndStatuses(ctx context.Context, orgID valuer.UU
 }

 func (store *store) CountAPIKeyByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
-	apiKey := new(usertypes.StorableAPIKey)
+	apiKey := new(types.StorableAPIKey)

 	count, err := store.
 		sqlstore.
@@ -633,8 +633,8 @@ func (store *store) RunInTx(ctx context.Context, cb func(ctx context.Context) er
 	})
 }

-func (store *store) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (*usertypes.User, error) {
-	user := new(usertypes.User)
+func (store *store) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (*types.User, error) {
+	user := new(types.User)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -644,13 +644,13 @@ func (store *store) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (
 		Where("is_root = ?", true).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "root user for org %s not found", orgID)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "root user for org %s not found", orgID)
 	}
 	return user, nil
 }

-func (store *store) ListUsersByEmailAndOrgIDs(ctx context.Context, email valuer.Email, orgIDs []valuer.UUID) ([]*usertypes.User, error) {
-	users := []*usertypes.User{}
+func (store *store) ListUsersByEmailAndOrgIDs(ctx context.Context, email valuer.Email, orgIDs []valuer.UUID) ([]*types.User, error) {
+	users := []*types.User{}
 	err := store.
 		sqlstore.
 		BunDB().
@@ -666,8 +666,8 @@ func (store *store) ListUsersByEmailAndOrgIDs(ctx context.Context, email valuer.
 	return users, nil
 }

-func (store *store) GetUserByResetPasswordToken(ctx context.Context, token string) (*usertypes.User, error) {
-	user := new(usertypes.User)
+func (store *store) GetUserByResetPasswordToken(ctx context.Context, token string) (*types.User, error) {
+	user := new(types.User)

 	err := store.
 		sqlstore.
@@ -679,14 +679,14 @@ func (store *store) GetUserByResetPasswordToken(ctx context.Context, token strin
 		Where("reset_password_token.token = ?", token).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user not found for reset password token")
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user not found for reset password token")
 	}

 	return user, nil
 }

-func (store *store) GetUsersByEmailsOrgIDAndStatuses(ctx context.Context, orgID valuer.UUID, emails []string, statuses []string) ([]*usertypes.User, error) {
-	users := []*usertypes.User{}
+func (store *store) GetUsersByEmailsOrgIDAndStatuses(ctx context.Context, orgID valuer.UUID, emails []string, statuses []string) ([]*types.User, error) {
+	users := []*types.User{}

 	err := store.
 		sqlstore.
@@ -703,34 +703,3 @@ func (store *store) GetUsersByEmailsOrgIDAndStatuses(ctx context.Context, orgID

 	return users, nil
 }
-
-func (store *store) GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*usertypes.User, *usertypes.FactorPassword, error) {
-	user := new(usertypes.User)
-	factorPassword := new(usertypes.FactorPassword)
-
-	err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(user).
-		Where("email = ?", email).
-		Where("org_id = ?", orgID).
-		Where("status = ?", usertypes.UserStatusActive.StringValue()).
-		Scan(ctx)
-	if err != nil {
-		return nil, nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user with email %s in org %s not found", email, orgID)
-	}
-
-	err = store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(factorPassword).
-		Where("user_id = ?", user.ID).
-		Scan(ctx)
-	if err != nil {
-		return nil, nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodePasswordNotFound, "user with email %s in org %s does not have password", email, orgID)
-	}
-
-	return user, factorPassword, nil
-}
--- a/pkg/modules/user/option.go
+++ b/pkg/modules/user/option.go
@@ -1,17 +1,17 @@
 package user

 import (
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type createUserOptions struct {
-	FactorPassword *usertypes.FactorPassword
+	FactorPassword *types.FactorPassword
 }

 type CreateUserOption func(*createUserOptions)

-func WithFactorPassword(factorPassword *usertypes.FactorPassword) CreateUserOption {
+func WithFactorPassword(factorPassword *types.FactorPassword) CreateUserOption {
 	return func(o *createUserOptions) {
 		o.FactorPassword = factorPassword
 	}
--- a/pkg/modules/user/user.go
+++ b/pkg/modules/user/user.go
@@ -6,23 +6,22 @@ import (

 	"github.com/SigNoz/signoz/pkg/statsreporter"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type Module interface {
 	// Creates the organization and the first user of that organization.
-	CreateFirstUser(ctx context.Context, organization *types.Organization, name string, email valuer.Email, password string) (*usertypes.User, error)
+	CreateFirstUser(ctx context.Context, organization *types.Organization, name string, email valuer.Email, password string) (*types.User, error)

 	// Creates a user and sends an analytics event.
-	CreateUser(ctx context.Context, user *usertypes.User, opts ...CreateUserOption) error
+	CreateUser(ctx context.Context, user *types.User, opts ...CreateUserOption) error

 	// Get or create a user. If a user with the same email and orgID already exists, it returns the existing user.
-	GetOrCreateUser(ctx context.Context, user *usertypes.User, opts ...CreateUserOption) (*usertypes.User, error)
+	GetOrCreateUser(ctx context.Context, user *types.User, opts ...CreateUserOption) (*types.User, error)

 	// Get or Create a reset password token for a user. If the password does not exist, a new one is randomly generated and inserted. The function
 	// is idempotent and can be called multiple times.
-	GetOrCreateResetPasswordToken(ctx context.Context, userID valuer.UUID) (*usertypes.ResetPasswordToken, error)
+	GetOrCreateResetPasswordToken(ctx context.Context, userID valuer.UUID) (*types.ResetPasswordToken, error)

 	// Updates password of a user using a reset password token. It also deletes all reset password tokens for the user.
 	// This is used to reset the password of a user when they forget their password.
@@ -34,48 +33,48 @@ type Module interface {
 	// Initiate forgot password flow for a user
 	ForgotPassword(ctx context.Context, orgID valuer.UUID, email valuer.Email, frontendBaseURL string) error

-	UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *usertypes.User, updatedBy string) (*usertypes.User, error)
+	UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.User, updatedBy string) (*types.User, error)

 	// UpdateAnyUser updates a user and persists the changes to the database along with the analytics and identity deletion.
-	UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *usertypes.User) error
+	UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.User) error
 	DeleteUser(ctx context.Context, orgID valuer.UUID, id string, deletedBy string) error

 	// invite
-	CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *usertypes.PostableBulkInviteRequest) ([]*usertypes.Invite, error)
-	ListInvite(ctx context.Context, orgID string) ([]*usertypes.Invite, error)
-	AcceptInvite(ctx context.Context, token string, password string) (*usertypes.User, error)
-	GetInviteByToken(ctx context.Context, token string) (*usertypes.Invite, error)
+	CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error)
+	ListInvite(ctx context.Context, orgID string) ([]*types.Invite, error)
+	AcceptInvite(ctx context.Context, token string, password string) (*types.User, error)
+	GetInviteByToken(ctx context.Context, token string) (*types.Invite, error)

 	// API KEY
-	CreateAPIKey(ctx context.Context, apiKey *usertypes.StorableAPIKey) error
-	UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *usertypes.StorableAPIKey, updaterID valuer.UUID) error
-	ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*usertypes.StorableAPIKeyUser, error)
+	CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error
+	UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error
+	ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error)
 	RevokeAPIKey(ctx context.Context, id, removedByUserID valuer.UUID) error
-	GetAPIKey(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*usertypes.StorableAPIKeyUser, error)
+	GetAPIKey(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*types.StorableAPIKeyUser, error)

-	GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*usertypes.User, error)
+	GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*types.User, error)

 	statsreporter.StatsCollector
 }

 type Getter interface {
 	// Get root user by org id.
-	GetRootUserByOrgID(context.Context, valuer.UUID) (*usertypes.User, error)
+	GetRootUserByOrgID(context.Context, valuer.UUID) (*types.User, error)

 	// Get gets the users based on the given id
-	ListByOrgID(context.Context, valuer.UUID) ([]*usertypes.User, error)
+	ListByOrgID(context.Context, valuer.UUID) ([]*types.User, error)

 	// Get users by email.
-	GetUsersByEmail(context.Context, valuer.Email) ([]*usertypes.User, error)
+	GetUsersByEmail(context.Context, valuer.Email) ([]*types.User, error)

 	// Get user by orgID and id.
-	GetByOrgIDAndID(context.Context, valuer.UUID, valuer.UUID) (*usertypes.User, error)
+	GetByOrgIDAndID(context.Context, valuer.UUID, valuer.UUID) (*types.User, error)

 	// Get user by id.
-	Get(context.Context, valuer.UUID) (*usertypes.User, error)
+	Get(context.Context, valuer.UUID) (*types.User, error)

 	// List users by email and org ids.
-	ListUsersByEmailAndOrgIDs(context.Context, valuer.Email, []valuer.UUID) ([]*usertypes.User, error)
+	ListUsersByEmailAndOrgIDs(context.Context, valuer.Email, []valuer.UUID) ([]*types.User, error)

 	// Count users by org id.
 	CountByOrgID(context.Context, valuer.UUID) (int64, error)
@@ -84,10 +83,7 @@ type Getter interface {
 	CountByOrgIDAndStatuses(context.Context, valuer.UUID, []string) (map[valuer.String]int64, error)

 	// Get factor password by user id.
-	GetFactorPasswordByUserID(context.Context, valuer.UUID) (*usertypes.FactorPassword, error)
-
-	// Get Active User and FactorPassword by email and org id.
-	GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*usertypes.User, *usertypes.FactorPassword, error)
+	GetFactorPasswordByUserID(context.Context, valuer.UUID) (*types.FactorPassword, error)
 }

 type Handler interface {
--- a/pkg/querier/querier.go
+++ b/pkg/querier/querier.go
@@ -20,6 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
 	"github.com/SigNoz/signoz/pkg/types/metrictypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/dustin/go-humanize"
 	"golang.org/x/exp/maps"

 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
@@ -158,7 +159,8 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 	metricNames := make([]string, 0)
 	for idx, query := range req.CompositeQuery.Queries {
 		event.QueryType = query.Type.StringValue()
-		if query.Type == qbtypes.QueryTypeBuilder {
+		switch query.Type {
+		case qbtypes.QueryTypeBuilder:
 			if spec, ok := query.Spec.(qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]); ok {
 				for _, agg := range spec.Aggregations {
 					if agg.MetricName != "" {
@@ -236,7 +238,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				}
 				req.CompositeQuery.Queries[idx].Spec = spec
 			}
-		} else if query.Type == qbtypes.QueryTypePromQL {
+		case qbtypes.QueryTypePromQL:
 			event.MetricsUsed = true
 			switch spec := query.Spec.(type) {
 			case qbtypes.PromQuery:
@@ -247,7 +249,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				}
 				req.CompositeQuery.Queries[idx].Spec = spec
 			}
-		} else if query.Type == qbtypes.QueryTypeClickHouseSQL {
+		case qbtypes.QueryTypeClickHouseSQL:
 			switch spec := query.Spec.(type) {
 			case qbtypes.ClickHouseQuery:
 				if strings.TrimSpace(spec.Query) != "" {
@@ -256,7 +258,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 					event.TracesUsed = strings.Contains(spec.Query, "signoz_traces")
 				}
 			}
-		} else if query.Type == qbtypes.QueryTypeTraceOperator {
+		case qbtypes.QueryTypeTraceOperator:
 			if spec, ok := query.Spec.(qbtypes.QueryBuilderTraceOperator); ok {
 				if spec.StepInterval.Seconds() == 0 {
 					spec.StepInterval = qbtypes.Step{
@@ -276,23 +278,9 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 		}
 	}

-	// Fetch temporality for all metrics at once
-	var metricTemporality map[string]metrictypes.Temporality
-	var metricTypes map[string]metrictypes.Type
-	if len(metricNames) > 0 {
-		var err error
-		metricTemporality, metricTypes, err = q.metadataStore.FetchTemporalityAndTypeMulti(ctx, req.Start, req.End, metricNames...)
-		if err != nil {
-			q.logger.WarnContext(ctx, "failed to fetch metric temporality", "error", err, "metrics", metricNames)
-			// Continue without temporality - statement builder will handle unspecified
-			metricTemporality = make(map[string]metrictypes.Temporality)
-			metricTypes = make(map[string]metrictypes.Type)
-		}
-		q.logger.DebugContext(ctx, "fetched metric temporalities and types", "metric_temporality", metricTemporality, "metric_types", metricTypes)
-	}
-
 	queries := make(map[string]qbtypes.Query)
 	steps := make(map[string]qbtypes.Step)
+	missingMetrics := []string{}

 	for _, query := range req.CompositeQuery.Queries {
 		var queryName string
@@ -374,15 +362,26 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				queries[spec.Name] = bq
 				steps[spec.Name] = spec.StepInterval
 			case qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]:
+				var metricTemporality map[string]metrictypes.Temporality
+				var metricTypes map[string]metrictypes.Type
+				if len(metricNames) > 0 {
+					var err error
+					metricTemporality, metricTypes, err = q.metadataStore.FetchTemporalityAndTypeMulti(ctx, req.Start, req.End, metricNames...)
+					if err != nil {
+						q.logger.WarnContext(ctx, "failed to fetch metric temporality", "error", err, "metrics", metricNames)
+						return nil, errors.NewInternalf(errors.CodeInternal, "failed to fetch metrics temporality")
+					}
+					q.logger.DebugContext(ctx, "fetched metric temporalities and types", "metric_temporality", metricTemporality, "metric_types", metricTypes)
+				}
 				for i := range spec.Aggregations {
 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Temporality == metrictypes.Unknown {
 						if temp, ok := metricTemporality[spec.Aggregations[i].MetricName]; ok && temp != metrictypes.Unknown {
 							spec.Aggregations[i].Temporality = temp
 						}
 					}
-					// TODO(srikanthccv): warn when the metric is missing
 					if spec.Aggregations[i].Temporality == metrictypes.Unknown {
-						spec.Aggregations[i].Temporality = metrictypes.Unspecified
+						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
+						continue
 					}

 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
@@ -409,6 +408,24 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 			}
 		}
 	}
+	if len(missingMetrics) > 0 {
+		lastSeenInfo, _ := q.metadataStore.FetchLastSeenInfoMulti(ctx, missingMetrics...)
+		lastSeenStr := func(name string) string {
+			if ts, ok := lastSeenInfo[name]; ok && ts > 0 {
+				ago := humanize.RelTime(time.UnixMilli(ts), time.Now(), "ago", "from now")
+				return fmt.Sprintf("%s (last seen %s)", name, ago)
+			}
+			return name
+		}
+		if len(missingMetrics) == 1 {
+			return nil, errors.NewNotFoundf(errors.CodeNotFound, "no data found for the metric %s in the query time range", lastSeenStr(missingMetrics[0]))
+		}
+		parts := make([]string, len(missingMetrics))
+		for i, m := range missingMetrics {
+			parts[i] = lastSeenStr(m)
+		}
+		return nil, errors.NewNotFoundf(errors.CodeNotFound, "no data found for the following metrics in the query time range: %s", strings.Join(parts, ", "))
+	}
 	qbResp, qbErr := q.run(ctx, orgID, queries, req, steps, event)
 	if qbResp != nil {
 		qbResp.QBEvent = event
@@ -663,7 +680,7 @@ func (q *querier) run(
 }

 // executeWithCache executes a query using the bucket cache
-func (q *querier) executeWithCache(ctx context.Context, orgID valuer.UUID, query qbtypes.Query, step qbtypes.Step, noCache bool) (*qbtypes.Result, error) {
+func (q *querier) executeWithCache(ctx context.Context, orgID valuer.UUID, query qbtypes.Query, step qbtypes.Step, _ bool) (*qbtypes.Result, error) {
 	// Get cached data and missing ranges
 	cachedResult, missingRanges := q.bucketCache.GetMissRanges(ctx, orgID, query, step)

--- a/pkg/query-service/app/http_handler.go
+++ b/pkg/query-service/app/http_handler.go
@@ -73,7 +73,6 @@ import (
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/types/ruletypes"
 	traceFunnels "github.com/SigNoz/signoz/pkg/types/tracefunneltypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"

 	"github.com/SigNoz/signoz/pkg/query-service/app/integrations/messagingQueues/kafka"
 	"github.com/SigNoz/signoz/pkg/query-service/app/logparsingpipeline"
@@ -2035,7 +2034,7 @@ func (aH *APIHandler) registerUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var req usertypes.PostableRegisterOrgAndAdmin
+	var req types.PostableRegisterOrgAndAdmin
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		render.Error(w, err)
 		return
--- a/pkg/query-service/rules/manager_test.go
+++ b/pkg/query-service/rules/manager_test.go
@@ -76,6 +76,21 @@ func TestManager_TestNotification_SendUnmatched_ThresholdRule(t *testing.T) {
 					alertDataRows := cmock.NewRows(cols, tc.Values)

 					mock := mockStore.Mock()
+					// Mock metadata queries for FetchTemporalityAndTypeMulti
+					// First query: fetchMetricsTemporalityAndType (from signoz_metrics time series table)
+					metadataCols := []cmock.ColumnType{
+						{Name: "metric_name", Type: "String"},
+						{Name: "temporality", Type: "String"},
+						{Name: "type", Type: "String"},
+						{Name: "is_monotonic", Type: "Bool"},
+					}
+					metadataRows := cmock.NewRows(metadataCols, [][]any{
+						{"probe_success", metrictypes.Unspecified, metrictypes.GaugeType, false},
+					})
+					mock.ExpectQuery("*distributed_time_series_v4*").WithArgs(nil, nil, nil).WillReturnRows(metadataRows)
+					// Second query: fetchMeterSourceMetricsTemporalityAndType (from signoz_meter table)
+					emptyMetadataRows := cmock.NewRows(metadataCols, [][]any{})
+					mock.ExpectQuery("*meter*").WithArgs(nil).WillReturnRows(emptyMetadataRows)

 					// Generate query arguments for the metric query
 					evalTime := time.Now().UTC()
--- a/pkg/signoz/authn.go
+++ b/pkg/signoz/authn.go
@@ -8,12 +8,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/authn/passwordauthn/emailpasswordauthn"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 )

-func NewAuthNs(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing, userGetter user.Getter) (map[authtypes.AuthNProvider]authn.AuthN, error) {
-	emailPasswordAuthN := emailpasswordauthn.New(userGetter)
+func NewAuthNs(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
+	emailPasswordAuthN := emailpasswordauthn.New(store)

 	googleCallbackAuthN, err := googlecallbackauthn.New(ctx, store, providerSettings)
 	if err != nil {
--- a/pkg/signoz/config.go
+++ b/pkg/signoz/config.go
@@ -20,6 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/global"
+	"github.com/SigNoz/signoz/pkg/identn"
 	"github.com/SigNoz/signoz/pkg/instrumentation"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/user"
@@ -113,6 +114,9 @@ type Config struct {

 	// User config
 	User user.Config `mapstructure:"user"`
+
+	// IdentN config
+	IdentN identn.Config `mapstructure:"identn"`
 }

 // DeprecatedFlags are the flags that are deprecated and scheduled for removal.
@@ -176,6 +180,7 @@ func NewConfig(ctx context.Context, logger *slog.Logger, resolverConfig config.R
 		metricsexplorer.NewConfigFactory(),
 		flagger.NewConfigFactory(),
 		user.NewConfigFactory(),
+		identn.NewConfigFactory(),
 	}

 	conf, err := config.New(ctx, resolverConfig, configFactories)
--- a/pkg/signoz/provider.go
+++ b/pkg/signoz/provider.go
@@ -22,6 +22,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/flagger/configflagger"
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/global/signozglobal"
+	"github.com/SigNoz/signoz/pkg/identn"
+	"github.com/SigNoz/signoz/pkg/identn/apikeyidentn"
+	"github.com/SigNoz/signoz/pkg/identn/tokenizeridentn"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain/implauthdomain"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
@@ -271,6 +274,13 @@ func NewTokenizerProviderFactories(cache cache.Cache, sqlstore sqlstore.SQLStore
 	)
 }

+func NewIdentNProviderFactories(sqlstore sqlstore.SQLStore, tokenizer tokenizer.Tokenizer) factory.NamedMap[factory.ProviderFactory[identn.IdentN, identn.Config]] {
+	return factory.MustNewNamedMap(
+		tokenizeridentn.NewFactory(tokenizer),
+		apikeyidentn.NewFactory(sqlstore),
+	)
+}
+
 func NewGlobalProviderFactories() factory.NamedMap[factory.ProviderFactory[global.Global, global.Config]] {
 	return factory.MustNewNamedMap(
 		signozglobal.NewFactory(),
--- a/pkg/signoz/signoz.go
+++ b/pkg/signoz/signoz.go
@@ -17,14 +17,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/identn"
-	"github.com/SigNoz/signoz/pkg/identn/apikeyidentn"
-	"github.com/SigNoz/signoz/pkg/identn/tokenizeridentn"
 	"github.com/SigNoz/signoz/pkg/instrumentation"
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -91,7 +88,7 @@ func New(
 	sqlSchemaProviderFactories func(sqlstore.SQLStore) factory.NamedMap[factory.ProviderFactory[sqlschema.SQLSchema, sqlschema.Config]],
 	sqlstoreProviderFactories factory.NamedMap[factory.ProviderFactory[sqlstore.SQLStore, sqlstore.Config]],
 	telemetrystoreProviderFactories factory.NamedMap[factory.ProviderFactory[telemetrystore.TelemetryStore, telemetrystore.Config]],
-	authNsCallback func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing, userGetter user.Getter) (map[authtypes.AuthNProvider]authn.AuthN, error),
+	authNsCallback func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error),
 	authzCallback func(context.Context, sqlstore.SQLStore, licensing.Licensing, dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config],
 	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
@@ -354,7 +351,7 @@ func New(

 	// Initialize authns
 	store := sqlauthnstore.NewStore(sqlstore)
-	authNs, err := authNsCallback(ctx, providerSettings, store, licensing, userGetter)
+	authNs, err := authNsCallback(ctx, providerSettings, store, licensing)
 	if err != nil {
 		return nil, err
 	}
@@ -396,9 +393,16 @@ func New(
 	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter)

 	// Initialize identN resolver
-	tokenizeridentN := tokenizeridentn.New(providerSettings, tokenizer, []string{"Authorization", "Sec-WebSocket-Protocol"})
-	apikeyIdentN := apikeyidentn.New(providerSettings, sqlstore, []string{"SIGNOZ-API-KEY"})
-	identNResolver := identn.NewIdentNResolver(providerSettings, tokenizeridentN, apikeyIdentN)
+	identNFactories := NewIdentNProviderFactories(sqlstore, tokenizer)
+	identNs := []identn.IdentN{}
+	for _, identNFactory := range identNFactories.GetInOrder() {
+		identN, err := identNFactory.New(ctx, providerSettings, config.IdentN)
+		if err != nil {
+			return nil, err
+		}
+		identNs = append(identNs, identN)
+	}
+	identNResolver := identn.NewIdentNResolver(providerSettings, identNs...)

 	userService := impluser.NewService(providerSettings, impluser.NewStore(sqlstore, providerSettings), modules.User, orgGetter, authz, config.User.Root)

--- a/pkg/sqlmigration/037_add_trace_funnels.go
+++ b/pkg/sqlmigration/037_add_trace_funnels.go
@@ -2,11 +2,9 @@ package sqlmigration

 import (
 	"context"
-
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 	"github.com/uptrace/bun/migrate"
@@ -18,12 +16,12 @@ type funnel struct {
 	types.Identifiable // funnel id
 	types.TimeAuditable
 	types.UserAuditable
-	Name          string          `json:"funnel_name" bun:"name,type:text,notnull"` // funnel name
-	Description   string          `json:"description" bun:"description,type:text"`  // funnel description
-	OrgID         valuer.UUID     `json:"org_id" bun:"org_id,type:varchar,notnull"`
-	Steps         []funnelStep    `json:"steps" bun:"steps,type:text,notnull"`
-	Tags          string          `json:"tags" bun:"tags,type:text"`
-	CreatedByUser *usertypes.User `json:"user" bun:"rel:belongs-to,join:created_by=id"`
+	Name          string       `json:"funnel_name" bun:"name,type:text,notnull"` // funnel name
+	Description   string       `json:"description" bun:"description,type:text"`  // funnel description
+	OrgID         valuer.UUID  `json:"org_id" bun:"org_id,type:varchar,notnull"`
+	Steps         []funnelStep `json:"steps" bun:"steps,type:text,notnull"`
+	Tags          string       `json:"tags" bun:"tags,type:text"`
+	CreatedByUser *types.User  `json:"user" bun:"rel:belongs-to,join:created_by=id"`
 }

 type funnelStep struct {
--- a/pkg/sqlschema/index.go
+++ b/pkg/sqlschema/index.go
@@ -8,8 +8,9 @@ import (
 )

 var (
-	IndexTypeUnique = IndexType{s: valuer.NewString("uq")}
-	IndexTypeIndex  = IndexType{s: valuer.NewString("ix")}
+	IndexTypeUnique        = IndexType{s: valuer.NewString("uq")}
+	IndexTypeIndex         = IndexType{s: valuer.NewString("ix")}
+	IndexTypePartialUnique = IndexType{s: valuer.NewString("puq")}
 )

 type IndexType struct{ s valuer.String }
@@ -22,6 +23,7 @@ type Index interface {
 	// The name of the index.
 	//   - Indexes are named as `ix_<table_name>_<column_names>`. The column names are separated by underscores.
 	//   - Unique constraints are named as `uq_<table_name>_<column_names>`. The column names are separated by underscores.
+	//   - Partial unique indexes are named as `puq_<table_name>_<column_names>_<predicate_hash>`.
 	// The name is autogenerated and should not be set by the user.
 	Name() string

@@ -133,3 +135,101 @@ func (index *UniqueIndex) ToDropSQL(fmter SQLFormatter) []byte {

 	return sql
 }
+
+type PartialUniqueIndex struct {
+	TableName   TableName
+	ColumnNames []ColumnName
+	Where       string
+	name        string
+}
+
+func (index *PartialUniqueIndex) Name() string {
+	if index.name != "" {
+		return index.name
+	}
+
+	var b strings.Builder
+	b.WriteString(IndexTypePartialUnique.String())
+	b.WriteString("_")
+	b.WriteString(string(index.TableName))
+	b.WriteString("_")
+	for i, column := range index.ColumnNames {
+		if i > 0 {
+			b.WriteString("_")
+		}
+		b.WriteString(string(column))
+	}
+	b.WriteString("_")
+	b.WriteString((&whereNormalizer{input: index.Where}).hash())
+	return b.String()
+}
+
+func (index *PartialUniqueIndex) Named(name string) Index {
+	copyOfColumnNames := make([]ColumnName, len(index.ColumnNames))
+	copy(copyOfColumnNames, index.ColumnNames)
+
+	return &PartialUniqueIndex{
+		TableName:   index.TableName,
+		ColumnNames: copyOfColumnNames,
+		Where:       index.Where,
+		name:        name,
+	}
+}
+
+func (index *PartialUniqueIndex) IsNamed() bool {
+	return index.name != ""
+}
+
+func (*PartialUniqueIndex) Type() IndexType {
+	return IndexTypePartialUnique
+}
+
+func (index *PartialUniqueIndex) Columns() []ColumnName {
+	return index.ColumnNames
+}
+
+func (index *PartialUniqueIndex) Equals(other Index) bool {
+	if other.Type() != IndexTypePartialUnique {
+		return false
+	}
+
+	otherPartial, ok := other.(*PartialUniqueIndex)
+	if !ok {
+		return false
+	}
+
+	return index.Name() == other.Name() && slices.Equal(index.Columns(), other.Columns()) && (&whereNormalizer{input: index.Where}).normalize() == (&whereNormalizer{input: otherPartial.Where}).normalize()
+}
+
+func (index *PartialUniqueIndex) ToCreateSQL(fmter SQLFormatter) []byte {
+	sql := []byte{}
+
+	sql = append(sql, "CREATE UNIQUE INDEX IF NOT EXISTS "...)
+	sql = fmter.AppendIdent(sql, index.Name())
+	sql = append(sql, " ON "...)
+	sql = fmter.AppendIdent(sql, string(index.TableName))
+	sql = append(sql, " ("...)
+
+	for i, column := range index.ColumnNames {
+		if i > 0 {
+			sql = append(sql, ", "...)
+		}
+
+		sql = fmter.AppendIdent(sql, string(column))
+	}
+
+	sql = append(sql, ") WHERE "...)
+	sql = append(sql, index.Where...)
+
+	return sql
+}
+
+func (index *PartialUniqueIndex) ToDropSQL(fmter SQLFormatter) []byte {
+	sql := []byte{}
+
+	sql = append(sql, "DROP INDEX IF EXISTS "...)
+	sql = fmter.AppendIdent(sql, index.Name())
+
+	return sql
+}
+
--- a/pkg/sqlschema/index_test.go
+++ b/pkg/sqlschema/index_test.go
@@ -38,6 +38,110 @@ func TestIndexToCreateSQL(t *testing.T) {
 			},
 			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "my_index" ON "users" ("id", "name", "email")`,
 		},
+		{
+			name: "PartialUnique_1Column",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_94610c77" ON "users" ("email") WHERE "deleted_at" IS NULL`,
+		},
+		{
+			name: "PartialUnique_2Columns",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"org_id", "email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_org_id_email_94610c77" ON "users" ("org_id", "email") WHERE "deleted_at" IS NULL`,
+		},
+		{
+			name: "PartialUnique_Named",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+				name:        "my_partial_index",
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "my_partial_index" ON "users" ("email") WHERE "deleted_at" IS NULL`,
+		},
+		{
+			name: "PartialUnique_WhereWithParentheses",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `("deleted_at" IS NULL)`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_94610c77" ON "users" ("email") WHERE ("deleted_at" IS NULL)`,
+		},
+		{
+			name: "PartialUnique_WhereWithQuotedIdentifier",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"order" IS NULL`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_14c5f5f2" ON "users" ("email") WHERE "order" IS NULL`,
+		},
+		{
+			name: "PartialUnique_WhereWithQuotedLiteral",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `status = 'somewhere'`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_9817c709" ON "users" ("email") WHERE status = 'somewhere'`,
+		},
+		{
+			name: "PartialUnique_WhereWith2Columns",
+			index: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email", "status"},
+				Where:       `email = 'test@example.com' AND status = 'active'`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_status_e70e78c3" ON "users" ("email", "status") WHERE email = 'test@example.com' AND status = 'active'`,
+		},
+		// postgres docs example
+		{
+			name: "PartialUnique_WhereWithPostgresDocsExample_1",
+			index: &PartialUniqueIndex{
+				TableName:   "access_log",
+				ColumnNames: []ColumnName{"client_ip"},
+				Where:       `NOT (client_ip > inet '192.168.100.0' AND client_ip < inet '192.168.100.255')`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_access_log_client_ip_5a596410" ON "access_log" ("client_ip") WHERE NOT (client_ip > inet '192.168.100.0' AND client_ip < inet '192.168.100.255')`,
+		},
+		// postgres docs example
+		{
+			name: "PartialUnique_WhereWithPostgresDocsExample_2",
+			index: &PartialUniqueIndex{
+				TableName:   "orders",
+				ColumnNames: []ColumnName{"order_nr"},
+				Where:       `billed is not true`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_orders_order_nr_6d31bb0e" ON "orders" ("order_nr") WHERE billed is not true`,
+		},
+		// sqlite docs example
+		{
+			name: "PartialUnique_WhereWithSqliteDocsExample_1",
+			index: &PartialUniqueIndex{
+				TableName:   "person",
+				ColumnNames: []ColumnName{"team_id"},
+				Where:       `is_team_leader`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_person_team_id_c8604a29" ON "person" ("team_id") WHERE is_team_leader`,
+		},
+		// sqlite docs example
+		{
+			name: "PartialUnique_WhereWithSqliteDocsExample_2",
+			index: &PartialUniqueIndex{
+				TableName:   "purchaseorder",
+				ColumnNames: []ColumnName{"parent_po"},
+				Where:       `parent_po IS NOT NULL`,
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "puq_purchaseorder_parent_po_dbe2929d" ON "purchaseorder" ("parent_po") WHERE parent_po IS NOT NULL`,
+		},
 	}

 	for _, testCase := range testCases {
@@ -49,3 +153,109 @@ func TestIndexToCreateSQL(t *testing.T) {
 		})
 	}
 }
+
+func TestIndexEquals(t *testing.T) {
+	testCases := []struct {
+		name   string
+		a      Index
+		b      Index
+		equals bool
+	}{
+		{
+			name: "PartialUnique_Same",
+			a: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			b: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			equals: true,
+		},
+		{
+			name: "PartialUnique_NormalizedPostgresWhere",
+			a: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			b: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `(deleted_at IS NULL)`,
+			},
+			equals: true,
+		},
+		{
+			name: "PartialUnique_DifferentWhere",
+			a: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			b: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"active" = true`,
+			},
+			equals: false,
+		},
+		{
+			name: "PartialUnique_NotEqual_Unique",
+			a: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			b: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+			},
+			equals: false,
+		},
+		{
+			name: "Unique_NotEqual_PartialUnique",
+			a: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+			},
+			b: &PartialUniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Where:       `"deleted_at" IS NULL`,
+			},
+			equals: false,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			assert.Equal(t, testCase.equals, testCase.a.Equals(testCase.b))
+		})
+	}
+}
+
+func TestPartialUniqueIndexName(t *testing.T) {
+	a := &PartialUniqueIndex{
+		TableName:   "users",
+		ColumnNames: []ColumnName{"email"},
+		Where:       `"deleted_at" IS NULL`,
+	}
+	b := &PartialUniqueIndex{
+		TableName:   "users",
+		ColumnNames: []ColumnName{"email"},
+		Where:       `(deleted_at IS NULL)`,
+	}
+	c := &PartialUniqueIndex{
+		TableName:   "users",
+		ColumnNames: []ColumnName{"email"},
+		Where:       `"active" = true`,
+	}
+
+	assert.Equal(t, "puq_users_email_94610c77", a.Name())
+	assert.Equal(t, a.Name(), b.Name())
+	assert.NotEqual(t, a.Name(), c.Name())
+}
--- a/pkg/sqlschema/normalizer.go
+++ b/pkg/sqlschema/normalizer.go
@@ -0,0 +1,162 @@
+package sqlschema
+
+import (
+	"fmt"
+	"hash/fnv"
+	"strings"
+)
+
+type whereNormalizer struct {
+	input string
+}
+
+func (n *whereNormalizer) hash() string {
+	hasher := fnv.New32a()
+	_, _ = hasher.Write([]byte(n.normalize()))
+	return fmt.Sprintf("%08x", hasher.Sum32())
+}
+
+func (n *whereNormalizer) normalize() string {
+	where := strings.TrimSpace(n.input)
+	where = n.stripOuterParentheses(where)
+
+	var output strings.Builder
+	output.Grow(len(where))
+
+	for i := 0; i < len(where); i++ {
+		switch where[i] {
+		case ' ', '\t', '\n', '\r':
+			if output.Len() > 0 {
+				last := output.String()[output.Len()-1]
+				if last != ' ' {
+					output.WriteByte(' ')
+				}
+			}
+		case '\'':
+			end := n.consumeSingleQuotedLiteral(where, i, &output)
+			i = end
+		case '"':
+			token, end := n.consumeDoubleQuotedToken(where, i)
+			output.WriteString(token)
+			i = end
+		default:
+			output.WriteByte(where[i])
+		}
+	}
+
+	return strings.TrimSpace(output.String())
+}
+
+func (n *whereNormalizer) stripOuterParentheses(s string) string {
+	for {
+		s = strings.TrimSpace(s)
+		if len(s) < 2 || s[0] != '(' || s[len(s)-1] != ')' || !n.hasWrappingParentheses(s) {
+			return s
+		}
+		s = s[1 : len(s)-1]
+	}
+}
+
+func (n *whereNormalizer) hasWrappingParentheses(s string) bool {
+	depth := 0
+	inSingleQuotedLiteral := false
+	inDoubleQuotedToken := false
+
+	for i := 0; i < len(s); i++ {
+		switch s[i] {
+		case '\'':
+			if inDoubleQuotedToken {
+				continue
+			}
+			if inSingleQuotedLiteral && i+1 < len(s) && s[i+1] == '\'' {
+				i++
+				continue
+			}
+			inSingleQuotedLiteral = !inSingleQuotedLiteral
+		case '"':
+			if inSingleQuotedLiteral {
+				continue
+			}
+			if inDoubleQuotedToken && i+1 < len(s) && s[i+1] == '"' {
+				i++
+				continue
+			}
+			inDoubleQuotedToken = !inDoubleQuotedToken
+		case '(':
+			if inSingleQuotedLiteral || inDoubleQuotedToken {
+				continue
+			}
+			depth++
+		case ')':
+			if inSingleQuotedLiteral || inDoubleQuotedToken {
+				continue
+			}
+			depth--
+			if depth == 0 && i != len(s)-1 {
+				return false
+			}
+		}
+	}
+
+	return depth == 0
+}
+
+func (n *whereNormalizer) consumeSingleQuotedLiteral(s string, start int, output *strings.Builder) int {
+	output.WriteByte(s[start])
+	for i := start + 1; i < len(s); i++ {
+		output.WriteByte(s[i])
+		if s[i] == '\'' {
+			if i+1 < len(s) && s[i+1] == '\'' {
+				i++
+				output.WriteByte(s[i])
+				continue
+			}
+			return i
+		}
+	}
+
+	return len(s) - 1
+}
+
+func (n *whereNormalizer) consumeDoubleQuotedToken(s string, start int) (string, int) {
+	var ident strings.Builder
+
+	for i := start + 1; i < len(s); i++ {
+		if s[i] == '"' {
+			if i+1 < len(s) && s[i+1] == '"' {
+				ident.WriteByte('"')
+				i++
+				continue
+			}
+
+			if n.isSimpleUnquotedIdentifier(ident.String()) {
+				return ident.String(), i
+			}
+
+			return s[start : i+1], i
+		}
+
+		ident.WriteByte(s[i])
+	}
+
+	return s[start:], len(s) - 1
+}
+
+func (n *whereNormalizer) isSimpleUnquotedIdentifier(s string) bool {
+	if s == "" || strings.ToLower(s) != s {
+		return false
+	}
+
+	for i := 0; i < len(s); i++ {
+		ch := s[i]
+		if (ch >= 'a' && ch <= 'z') || ch == '_' {
+			continue
+		}
+		if i > 0 && ch >= '0' && ch <= '9' {
+			continue
+		}
+		return false
+	}
+
+	return true
+}
--- a/pkg/sqlschema/normalizer_test.go
+++ b/pkg/sqlschema/normalizer_test.go
@@ -0,0 +1,57 @@
+package sqlschema
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestWhereNormalizerNormalize(t *testing.T) {
+	testCases := []struct {
+		name   string
+		input  string
+		output string
+	}{
+		{
+			name:   "BooleanComparison",
+			input:  `"active" = true`,
+			output: `active = true`,
+		},
+		{
+			name:   "QuotedStringLiteralPreserved",
+			input:  `status = 'somewhere'`,
+			output: `status = 'somewhere'`,
+		},
+		{
+			name:   "EscapedStringLiteralPreserved",
+			input:  `status = 'it''s active'`,
+			output: `status = 'it''s active'`,
+		},
+		{
+			name:   "OuterParenthesesRemoved",
+			input:  `(("deleted_at" IS NULL))`,
+			output: `deleted_at IS NULL`,
+		},
+		{
+			name:   "InnerParenthesesPreserved",
+			input:  `("deleted_at" IS NULL OR ("active" = true AND "status" = 'open'))`,
+			output: `deleted_at IS NULL OR (active = true AND status = 'open')`,
+		},
+		{
+			name:   "MultipleClausesWhitespaceCollapsed",
+			input:  "  (  \"deleted_at\" IS NULL  \n AND\t\"active\" = true  AND status = 'open' )  ",
+			output: `deleted_at IS NULL AND active = true AND status = 'open'`,
+		},
+		{
+			name:   "ComplexBooleanClauses",
+			input:  `NOT ("deleted_at" IS NOT NULL AND ("active" = false OR "status" = 'archived'))`,
+			output: `NOT (deleted_at IS NOT NULL AND (active = false OR status = 'archived'))`,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			assert.Equal(t, testCase.output, (&whereNormalizer{input: testCase.input}).normalize())
+		})
+	}
+}
--- a/pkg/sqlschema/operator_test.go
+++ b/pkg/sqlschema/operator_test.go
@@ -1146,3 +1146,100 @@ func TestOperatorAlterTable(t *testing.T) {
 		})
 	}
 }
+
+func TestOperatorDiffIndices(t *testing.T) {
+	testCases := []struct {
+		name         string
+		oldIndices   []Index
+		newIndices   []Index
+		expectedSQLs [][]byte
+	}{
+		{
+			name: "UniqueToPartialUnique_DropAndCreate",
+			oldIndices: []Index{
+				&UniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+				},
+			},
+			newIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"deleted_at" IS NULL`,
+				},
+			},
+			expectedSQLs: [][]byte{
+				[]byte(`DROP INDEX IF EXISTS "uq_users_email"`),
+				[]byte(`CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_94610c77" ON "users" ("email") WHERE "deleted_at" IS NULL`),
+			},
+		},
+		{
+			name: "PartialUnique_SameWhere_NoOp",
+			oldIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"deleted_at" IS NULL`,
+				},
+			},
+			newIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"deleted_at" IS NULL`,
+				},
+			},
+			expectedSQLs: [][]byte{},
+		},
+		{
+			name: "PartialUnique_NormalizedWhere_NoOp",
+			oldIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `(deleted_at IS NULL)`,
+				},
+			},
+			newIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"deleted_at" IS NULL`,
+				},
+			},
+			expectedSQLs: [][]byte{},
+		},
+		{
+			name: "PartialUnique_DifferentWhere_DropAndCreate",
+			oldIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"deleted_at" IS NULL`,
+				},
+			},
+			newIndices: []Index{
+				&PartialUniqueIndex{
+					TableName:   "users",
+					ColumnNames: []ColumnName{"email"},
+					Where:       `"active" = true`,
+				},
+			},
+			expectedSQLs: [][]byte{
+				[]byte(`DROP INDEX IF EXISTS "puq_users_email_94610c77"`),
+				[]byte(`CREATE UNIQUE INDEX IF NOT EXISTS "puq_users_email_202121f8" ON "users" ("email") WHERE "active" = true`),
+			},
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			fmter := NewFormatter(schema.NewNopFormatter().Dialect())
+			operator := NewOperator(fmter, OperatorSupport{})
+
+			actuals := operator.DiffIndices(testCase.oldIndices, testCase.newIndices)
+			assert.Equal(t, testCase.expectedSQLs, actuals)
+		})
+	}
+}
--- a/pkg/sqlschema/sqlitesqlschema/provider.go
+++ b/pkg/sqlschema/sqlitesqlschema/provider.go
@@ -3,6 +3,7 @@ package sqlitesqlschema
 import (
 	"context"
 	"strconv"
+	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
@@ -114,7 +115,29 @@ func (provider *provider) GetIndices(ctx context.Context, tableName sqlschema.Ta
 			return nil, err
 		}

-		if unique {
+		if unique && partial {
+			var indexSQL string
+			if err := provider.
+				sqlstore.
+				BunDB().
+				NewRaw("SELECT sql FROM sqlite_master WHERE type = 'index' AND name = ?", name).
+				Scan(ctx, &indexSQL); err != nil {
+				return nil, err
+			}
+
+			where := extractWhereClause(indexSQL)
+			index := &sqlschema.PartialUniqueIndex{
+				TableName:   tableName,
+				ColumnNames: columns,
+				Where:       where,
+			}
+
+			if index.Name() == name {
+				indices = append(indices, index)
+			} else {
+				indices = append(indices, index.Named(name))
+			}
+		} else if unique {
 			index := &sqlschema.UniqueIndex{
 				TableName:   tableName,
 				ColumnNames: columns,
@@ -148,3 +171,73 @@ func (provider *provider) ToggleFKEnforcement(ctx context.Context, db bun.IDB, o

 	return errors.NewInternalf(errors.CodeInternal, "foreign_keys(actual: %s, expected: %s), maybe a transaction is in progress?", strconv.FormatBool(val), strconv.FormatBool(on))
 }
+
+func extractWhereClause(sql string) string {
+	lastWhere := -1
+	inSingleQuotedLiteral := false
+	inDoubleQuotedIdentifier := false
+	inBacktickQuotedIdentifier := false
+	inBracketQuotedIdentifier := false
+
+	for i := 0; i < len(sql); i++ {
+		switch sql[i] {
+		case '\'':
+			if inDoubleQuotedIdentifier || inBacktickQuotedIdentifier || inBracketQuotedIdentifier {
+				continue
+			}
+			if inSingleQuotedLiteral && i+1 < len(sql) && sql[i+1] == '\'' {
+				i++
+				continue
+			}
+			inSingleQuotedLiteral = !inSingleQuotedLiteral
+		case '"':
+			if inSingleQuotedLiteral || inBacktickQuotedIdentifier || inBracketQuotedIdentifier {
+				continue
+			}
+			if inDoubleQuotedIdentifier && i+1 < len(sql) && sql[i+1] == '"' {
+				i++
+				continue
+			}
+			inDoubleQuotedIdentifier = !inDoubleQuotedIdentifier
+		case '`':
+			if inSingleQuotedLiteral || inDoubleQuotedIdentifier || inBracketQuotedIdentifier {
+				continue
+			}
+			inBacktickQuotedIdentifier = !inBacktickQuotedIdentifier
+		case '[':
+			if inSingleQuotedLiteral || inDoubleQuotedIdentifier || inBacktickQuotedIdentifier || inBracketQuotedIdentifier {
+				continue
+			}
+			inBracketQuotedIdentifier = true
+		case ']':
+			if inBracketQuotedIdentifier {
+				inBracketQuotedIdentifier = false
+			}
+		}
+
+		if inSingleQuotedLiteral || inDoubleQuotedIdentifier || inBacktickQuotedIdentifier || inBracketQuotedIdentifier {
+			continue
+		}
+
+		if strings.EqualFold(sql[i:min(i+5, len(sql))], "WHERE") &&
+			(i == 0 || !isSQLiteIdentifierChar(sql[i-1])) &&
+			(i+5 == len(sql) || !isSQLiteIdentifierChar(sql[i+5])) {
+			lastWhere = i
+			i += 4
+		}
+	}
+
+	if lastWhere == -1 {
+		return ""
+	}
+
+	return strings.TrimSpace(sql[lastWhere+len("WHERE"):])
+}
+
+func isSQLiteIdentifierChar(ch byte) bool {
+	return (ch >= 'a' && ch <= 'z') ||
+		(ch >= 'A' && ch <= 'Z') ||
+		(ch >= '0' && ch <= '9') ||
+		ch == '_'
+}
+
--- a/pkg/sqlschema/sqlitesqlschema/provider_test.go
+++ b/pkg/sqlschema/sqlitesqlschema/provider_test.go
@@ -0,0 +1,52 @@
+package sqlitesqlschema
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestExtractWhereClause(t *testing.T) {
+	testCases := []struct {
+		name  string
+		sql   string
+		where string
+	}{
+		{
+			name:  "UppercaseWhere",
+			sql:   `CREATE UNIQUE INDEX "idx" ON "users" ("email") WHERE "deleted_at" IS NULL`,
+			where: `"deleted_at" IS NULL`,
+		},
+		{
+			name:  "LowercaseWhere",
+			sql:   `CREATE UNIQUE INDEX "idx" ON "users" ("email") where "deleted_at" IS NULL`,
+			where: `"deleted_at" IS NULL`,
+		},
+		{
+			name:  "NewlineBeforeWhere",
+			sql:   "CREATE UNIQUE INDEX \"idx\" ON \"users\" (\"email\")\nWHERE \"deleted_at\" IS NULL",
+			where: `"deleted_at" IS NULL`,
+		},
+		{
+			name:  "ExtraWhitespace",
+			sql:   "CREATE UNIQUE INDEX \"idx\" ON \"users\" (\"email\")   \n \t where   \"deleted_at\" IS NULL  ",
+			where: `"deleted_at" IS NULL`,
+		},
+		{
+			name:  "WhereInStringLiteral",
+			sql:   `CREATE UNIQUE INDEX "idx" ON "users" ("email") WHERE status = 'somewhere'`,
+			where: `status = 'somewhere'`,
+		},
+		{
+			name:  "BooleanLiteral",
+			sql:   `CREATE UNIQUE INDEX "idx" ON "users" ("email") WHERE active = true`,
+			where: `active = true`,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			assert.Equal(t, testCase.where, extractWhereClause(testCase.sql))
+		})
+	}
+}
--- a/pkg/statsreporter/analyticsstatsreporter/provider.go
+++ b/pkg/statsreporter/analyticsstatsreporter/provider.go
@@ -13,9 +13,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/statsreporter"
 	"github.com/SigNoz/signoz/pkg/telemetrystore"
 	"github.com/SigNoz/signoz/pkg/tokenizer"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/SigNoz/signoz/pkg/version"
 	"go.opentelemetry.io/otel/attribute"
@@ -175,7 +175,7 @@ func (provider *provider) Report(ctx context.Context) error {
 		}

 		for _, user := range users {
-			traits := usertypes.NewTraitsFromUser(user)
+			traits := types.NewTraitsFromUser(user)
 			if maxLastObservedAt, ok := maxLastObservedAtPerUserID[user.ID]; ok {
 				traits["auth_token.last_observed_at.max.time"] = maxLastObservedAt.UTC()
 				traits["auth_token.last_observed_at.max.time_unix"] = maxLastObservedAt.Unix()
--- a/pkg/telemetrymetadata/metadata.go
+++ b/pkg/telemetrymetadata/metadata.go
@@ -1928,3 +1928,37 @@ func (t *telemetryMetaStore) GetFirstSeenFromMetricMetadata(ctx context.Context,

 	return result, nil
 }
+
+func (t *telemetryMetaStore) FetchLastSeenInfoMulti(ctx context.Context, metricNames ...string) (map[string]int64, error) {
+	sb := sqlbuilder.Select(
+		"metric_name",
+		"max(unix_milli)",
+	).
+		From(t.metricsDBName + "." + telemetrymetrics.TimeseriesV4TableName)
+	sb.Where(sb.In("metric_name", metricNames))
+	sb.GroupBy("metric_name")
+
+	query, args := sb.BuildWithFlavor(sqlbuilder.ClickHouse)
+
+	t.logger.DebugContext(ctx, "fetching metric last seen timestamp", "query", query, "args", args)
+
+	rows, err := t.telemetrystore.ClickhouseDB().Query(ctx, query, args...)
+	if err != nil {
+		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to fetch metric last seen info")
+	}
+	defer rows.Close()
+
+	lastSeenInfo := make(map[string]int64)
+	for rows.Next() {
+		var metricName string
+		var unix_milli int64
+		if err := rows.Scan(&metricName, &unix_milli); err != nil {
+			return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to scan last seen info result")
+		}
+		lastSeenInfo[metricName] = unix_milli
+	}
+	if err := rows.Err(); err != nil {
+		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "error iterating over metrics temporality rows")
+	}
+	return lastSeenInfo, nil
+}
--- a/pkg/tokenizer/jwttokenizer/claims.go
+++ b/pkg/tokenizer/jwttokenizer/claims.go
@@ -2,7 +2,7 @@ package jwttokenizer

 import (
 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/golang-jwt/jwt/v5"
 )

@@ -10,10 +10,10 @@ var _ jwt.ClaimsValidator = (*Claims)(nil)

 type Claims struct {
 	jwt.RegisteredClaims
-	UserID string               `json:"id"`
-	Email  string               `json:"email"`
-	Role   authtypes.LegacyRole `json:"role"`
-	OrgID  string               `json:"orgId"`
+	UserID string     `json:"id"`
+	Email  string     `json:"email"`
+	Role   types.Role `json:"role"`
+	OrgID  string     `json:"orgId"`
 }

 func (c *Claims) Validate() error {
--- a/pkg/tokenizer/jwttokenizer/provider_test.go
+++ b/pkg/tokenizer/jwttokenizer/provider_test.go
@@ -14,6 +14,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlstore/sqlstoretest"
 	"github.com/SigNoz/signoz/pkg/tokenizer"
 	"github.com/SigNoz/signoz/pkg/tokenizer/tokenizerstore/sqltokenizerstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/stretchr/testify/assert"
@@ -61,7 +62,7 @@ func TestLastObservedAt_Concurrent(t *testing.T) {
 		&authtypes.Identity{
 			UserID: valuer.GenerateUUID(),
 			OrgID:  orgID,
-			Role:   authtypes.RoleAdmin,
+			Role:   types.RoleAdmin,
 			Email:  valuer.MustNewEmail("test@test.com"),
 		},
 		map[string]string{},
@@ -73,7 +74,7 @@ func TestLastObservedAt_Concurrent(t *testing.T) {
 		&authtypes.Identity{
 			UserID: valuer.GenerateUUID(),
 			OrgID:  orgID,
-			Role:   authtypes.RoleAdmin,
+			Role:   types.RoleAdmin,
 			Email:  valuer.MustNewEmail("test@test.com"),
 		},
 		map[string]string{},
--- a/pkg/tokenizer/tokenizerstore/sqltokenizerstore/store.go
+++ b/pkg/tokenizer/tokenizerstore/sqltokenizerstore/store.go
@@ -4,8 +4,8 @@ import (
 	"context"

 	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 	"github.com/uptrace/bun/dialect"
@@ -34,7 +34,7 @@ func (store *store) Create(ctx context.Context, token *authtypes.StorableToken)
 }

 func (store *store) GetIdentityByUserID(ctx context.Context, userID valuer.UUID) (*authtypes.Identity, error) {
-	user := new(usertypes.User)
+	user := new(types.User)

 	err := store.
 		sqlstore.
@@ -44,10 +44,10 @@ func (store *store) GetIdentityByUserID(ctx context.Context, userID valuer.UUID)
 		Where("id = ?", userID).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, usertypes.ErrCodeUserNotFound, "user with id: %s does not exist", userID)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrCodeUserNotFound, "user with id: %s does not exist", userID)
 	}

-	return authtypes.NewIdentity(userID, user.OrgID, user.Email, authtypes.LegacyRole(user.Role), authtypes.IdentNProviderTokenizer), nil
+	return authtypes.NewIdentity(userID, user.OrgID, user.Email, types.Role(user.Role), authtypes.IdentNProviderTokenizer), nil
 }

 func (store *store) GetByAccessToken(ctx context.Context, accessToken string) (*authtypes.StorableToken, error) {
--- a/pkg/types/authtypes/authn.go
+++ b/pkg/types/authtypes/authn.go
@@ -7,6 +7,7 @@ import (
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

@@ -28,7 +29,7 @@ type Identity struct {
 	OrgID         valuer.UUID    `json:"orgId"`
 	IdenNProvider IdentNProvider `json:"identNProvider"`
 	Email         valuer.Email   `json:"email"`
-	Role          LegacyRole     `json:"role"`
+	Role          types.Role     `json:"role"`
 }

 type CallbackIdentity struct {
@@ -78,7 +79,7 @@ func NewStateFromString(state string) (State, error) {
 	}, nil
 }

-func NewIdentity(userID valuer.UUID, orgID valuer.UUID, email valuer.Email, role LegacyRole, identNProvider IdentNProvider) *Identity {
+func NewIdentity(userID valuer.UUID, orgID valuer.UUID, email valuer.Email, role types.Role, identNProvider IdentNProvider) *Identity {
 	return &Identity{
 		UserID:        userID,
 		OrgID:         orgID,
@@ -126,6 +127,9 @@ func (typ *Identity) ToClaims() Claims {
 }

 type AuthNStore interface {
+	// Get user and factor password by email and orgID.
+	GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*types.User, *types.FactorPassword, error)
+
 	// Get org domain from id.
 	GetAuthDomainFromID(ctx context.Context, domainID valuer.UUID) (*AuthDomain, error)
 }
--- a/pkg/types/authtypes/claims.go
+++ b/pkg/types/authtypes/claims.go
@@ -6,6 +6,7 @@ import (
 	"slices"

 	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
 )

 type claimsKey struct{}
@@ -14,7 +15,7 @@ type accessTokenKey struct{}
 type Claims struct {
 	UserID         string
 	Email          string
-	Role           LegacyRole
+	Role           types.Role
 	OrgID          string
 	IdentNProvider string
 }
@@ -58,7 +59,7 @@ func (c *Claims) LogValue() slog.Value {
 }

 func (c *Claims) IsViewer() error {
-	if slices.Contains([]LegacyRole{RoleViewer, RoleEditor, RoleAdmin}, c.Role) {
+	if slices.Contains([]types.Role{types.RoleViewer, types.RoleEditor, types.RoleAdmin}, c.Role) {
 		return nil
 	}

@@ -66,7 +67,7 @@ func (c *Claims) IsViewer() error {
 }

 func (c *Claims) IsEditor() error {
-	if slices.Contains([]LegacyRole{RoleEditor, RoleAdmin}, c.Role) {
+	if slices.Contains([]types.Role{types.RoleEditor, types.RoleAdmin}, c.Role) {
 		return nil
 	}

@@ -74,7 +75,7 @@ func (c *Claims) IsEditor() error {
 }

 func (c *Claims) IsAdmin() error {
-	if c.Role == RoleAdmin {
+	if c.Role == types.RoleAdmin {
 		return nil
 	}

@@ -86,7 +87,7 @@ func (c *Claims) IsSelfAccess(id string) error {
 		return nil
 	}

-	if c.Role == RoleAdmin {
+	if c.Role == types.RoleAdmin {
 		return nil
 	}

--- a/pkg/types/authtypes/mapping.go
+++ b/pkg/types/authtypes/mapping.go
@@ -5,6 +5,7 @@ import (
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
 )

 type AttributeMapping struct {
@@ -67,13 +68,13 @@ func (typ *RoleMapping) UnmarshalJSON(data []byte) error {
 	}

 	if temp.DefaultRole != "" {
-		if _, err := NewLegacyRole(strings.ToUpper(temp.DefaultRole)); err != nil {
+		if _, err := types.NewRole(strings.ToUpper(temp.DefaultRole)); err != nil {
 			return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "invalid default role %s", temp.DefaultRole)
 		}
 	}

 	for group, role := range temp.GroupMappings {
-		if _, err := NewLegacyRole(strings.ToUpper(role)); err != nil {
+		if _, err := types.NewRole(strings.ToUpper(role)); err != nil {
 			return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "invalid role %s for group %s", role, group)
 		}
 	}
@@ -82,25 +83,25 @@ func (typ *RoleMapping) UnmarshalJSON(data []byte) error {
 	return nil
 }

-func (roleMapping *RoleMapping) NewRoleFromCallbackIdentity(callbackIdentity *CallbackIdentity) LegacyRole {
+func (roleMapping *RoleMapping) NewRoleFromCallbackIdentity(callbackIdentity *CallbackIdentity) types.Role {
 	if roleMapping == nil {
-		return RoleViewer
+		return types.RoleViewer
 	}

 	if roleMapping.UseRoleAttribute && callbackIdentity.Role != "" {
-		if role, err := NewLegacyRole(strings.ToUpper(callbackIdentity.Role)); err == nil {
+		if role, err := types.NewRole(strings.ToUpper(callbackIdentity.Role)); err == nil {
 			return role
 		}
 	}

 	if len(roleMapping.GroupMappings) > 0 && len(callbackIdentity.Groups) > 0 {
-		highestRole := RoleViewer
+		highestRole := types.RoleViewer
 		found := false

 		for _, group := range callbackIdentity.Groups {
 			if mappedRole, exists := roleMapping.GroupMappings[group]; exists {
 				found = true
-				if role, err := NewLegacyRole(strings.ToUpper(mappedRole)); err == nil {
+				if role, err := types.NewRole(strings.ToUpper(mappedRole)); err == nil {
 					if compareRoles(role, highestRole) > 0 {
 						highestRole = role
 					}
@@ -114,19 +115,19 @@ func (roleMapping *RoleMapping) NewRoleFromCallbackIdentity(callbackIdentity *Ca
 	}

 	if roleMapping.DefaultRole != "" {
-		if role, err := NewLegacyRole(strings.ToUpper(roleMapping.DefaultRole)); err == nil {
+		if role, err := types.NewRole(strings.ToUpper(roleMapping.DefaultRole)); err == nil {
 			return role
 		}
 	}

-	return RoleViewer
+	return types.RoleViewer
 }

-func compareRoles(a, b LegacyRole) int {
-	order := map[LegacyRole]int{
-		RoleViewer: 0,
-		RoleEditor: 1,
-		RoleAdmin:  2,
+func compareRoles(a, b types.Role) int {
+	order := map[types.Role]int{
+		types.RoleViewer: 0,
+		types.RoleEditor: 1,
+		types.RoleAdmin:  2,
 	}
 	return order[a] - order[b]
 }
--- a/pkg/types/authtypes/role.go
+++ b/pkg/types/authtypes/role.go
@@ -43,10 +43,10 @@ var (
 )

 var (
-	ExistingRoleToSigNozManagedRoleMap = map[LegacyRole]string{
-		RoleAdmin:  SigNozAdminRoleName,
-		RoleEditor: SigNozEditorRoleName,
-		RoleViewer: SigNozViewerRoleName,
+	ExistingRoleToSigNozManagedRoleMap = map[types.Role]string{
+		types.RoleAdmin:  SigNozAdminRoleName,
+		types.RoleEditor: SigNozEditorRoleName,
+		types.RoleViewer: SigNozViewerRoleName,
 	}
 )

@@ -246,7 +246,7 @@ func GetDeletionTuples(name string, orgID valuer.UUID, relation Relation, deleti
 	return tuples, nil
 }

-func MustGetSigNozManagedRoleFromExistingRole(role LegacyRole) string {
+func MustGetSigNozManagedRoleFromExistingRole(role types.Role) string {
 	managedRole, ok := ExistingRoleToSigNozManagedRoleMap[role]
 	if !ok {
 		panic(errors.Newf(errors.TypeInternal, errors.CodeInternal, "invalid role: %s", role.String()))
--- a/pkg/types/dashboardtypes/dashboard.go
+++ b/pkg/types/dashboardtypes/dashboard.go
@@ -284,14 +284,14 @@ func (dashboard *Dashboard) Update(ctx context.Context, updatableDashboard Updat
 	return nil
 }

-func (dashboard *Dashboard) CanLockUnlock(role authtypes.LegacyRole, updatedBy string) error {
-	if dashboard.CreatedBy != updatedBy && role != authtypes.RoleAdmin {
+func (dashboard *Dashboard) CanLockUnlock(role types.Role, updatedBy string) error {
+	if dashboard.CreatedBy != updatedBy && role != types.RoleAdmin {
 		return errors.Newf(errors.TypeForbidden, errors.CodeForbidden, "you are not authorized to lock/unlock this dashboard")
 	}
 	return nil
 }

-func (dashboard *Dashboard) LockUnlock(lock bool, role authtypes.LegacyRole, updatedBy string) error {
+func (dashboard *Dashboard) LockUnlock(lock bool, role types.Role, updatedBy string) error {
 	err := dashboard.CanLockUnlock(role, updatedBy)
 	if err != nil {
 		return err
--- a/pkg/types/usertypes/factor_api_key.go
+++ b/pkg/types/usertypes/factor_api_key.go
@@ -1,4 +1,4 @@
-package usertypes
+package types

 import (
 	"crypto/rand"
@@ -6,8 +6,6 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -15,29 +13,29 @@ import (
 var NEVER_EXPIRES = time.Unix(0, 0)

 type PostableAPIKey struct {
-	Name          string               `json:"name"`
-	Role          authtypes.LegacyRole `json:"role"`
-	ExpiresInDays int64                `json:"expiresInDays"`
+	Name          string `json:"name"`
+	Role          Role   `json:"role"`
+	ExpiresInDays int64  `json:"expiresInDays"`
 }

 type GettableAPIKey struct {
-	types.Identifiable
-	types.TimeAuditable
-	types.UserAuditable
-	Token         string               `json:"token"`
-	Role          authtypes.LegacyRole `json:"role"`
-	Name          string               `json:"name"`
-	ExpiresAt     int64                `json:"expiresAt"`
-	LastUsed      int64                `json:"lastUsed"`
-	Revoked       bool                 `json:"revoked"`
-	UserID        string               `json:"userId"`
-	CreatedByUser *User                `json:"createdByUser"`
-	UpdatedByUser *User                `json:"updatedByUser"`
+	Identifiable
+	TimeAuditable
+	UserAuditable
+	Token         string `json:"token"`
+	Role          Role   `json:"role"`
+	Name          string `json:"name"`
+	ExpiresAt     int64  `json:"expiresAt"`
+	LastUsed      int64  `json:"lastUsed"`
+	Revoked       bool   `json:"revoked"`
+	UserID        string `json:"userId"`
+	CreatedByUser *User  `json:"createdByUser"`
+	UpdatedByUser *User  `json:"updatedByUser"`
 }

 type OrgUserAPIKey struct {
-	*types.Organization `bun:",extend"`
-	Users               []*UserWithAPIKey `bun:"rel:has-many,join:id=org_id"`
+	*Organization `bun:",extend"`
+	Users         []*UserWithAPIKey `bun:"rel:has-many,join:id=org_id"`
 }

 type UserWithAPIKey struct {
@@ -55,19 +53,19 @@ type StorableAPIKeyUser struct {
 type StorableAPIKey struct {
 	bun.BaseModel `bun:"table:factor_api_key"`

-	types.Identifiable
-	types.TimeAuditable
-	types.UserAuditable
-	Token     string               `json:"token" bun:"token,type:text,notnull,unique"`
-	Role      authtypes.LegacyRole `json:"role" bun:"role,type:text,notnull,default:'ADMIN'"`
-	Name      string               `json:"name" bun:"name,type:text,notnull"`
-	ExpiresAt time.Time            `json:"-" bun:"expires_at,notnull,nullzero,type:timestamptz"`
-	LastUsed  time.Time            `json:"-" bun:"last_used,notnull,nullzero,type:timestamptz"`
-	Revoked   bool                 `json:"revoked" bun:"revoked,notnull,default:false"`
-	UserID    valuer.UUID          `json:"userId" bun:"user_id,type:text,notnull"`
+	Identifiable
+	TimeAuditable
+	UserAuditable
+	Token     string      `json:"token" bun:"token,type:text,notnull,unique"`
+	Role      Role        `json:"role" bun:"role,type:text,notnull,default:'ADMIN'"`
+	Name      string      `json:"name" bun:"name,type:text,notnull"`
+	ExpiresAt time.Time   `json:"-" bun:"expires_at,notnull,nullzero,type:timestamptz"`
+	LastUsed  time.Time   `json:"-" bun:"last_used,notnull,nullzero,type:timestamptz"`
+	Revoked   bool        `json:"revoked" bun:"revoked,notnull,default:false"`
+	UserID    valuer.UUID `json:"userId" bun:"user_id,type:text,notnull"`
 }

-func NewStorableAPIKey(name string, userID valuer.UUID, role authtypes.LegacyRole, expiresAt int64) (*StorableAPIKey, error) {
+func NewStorableAPIKey(name string, userID valuer.UUID, role Role, expiresAt int64) (*StorableAPIKey, error) {
 	// validate

 	// we allow the APIKey if expiresAt is not set, which means it never expires
@@ -103,14 +101,14 @@ func NewStorableAPIKey(name string, userID valuer.UUID, role authtypes.LegacyRol
 	encodedToken := base64.StdEncoding.EncodeToString(token)

 	return &StorableAPIKey{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
-		TimeAuditable: types.TimeAuditable{
+		TimeAuditable: TimeAuditable{
 			CreatedAt: now,
 			UpdatedAt: now,
 		},
-		UserAuditable: types.UserAuditable{
+		UserAuditable: UserAuditable{
 			CreatedBy: userID.String(),
 			UpdatedBy: userID.String(),
 		},
--- a/pkg/types/usertypes/factor_password.go
+++ b/pkg/types/usertypes/factor_password.go
@@ -1,4 +1,4 @@
-package usertypes
+package types

 import (
 	"encoding/json"
@@ -8,7 +8,6 @@ import (
 	"unicode"

 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/sethvargo/go-password/password"
 	"github.com/uptrace/bun"
@@ -20,6 +19,7 @@ var (
 	minPasswordLength                      int    = 12
 	ErrInvalidPassword                            = errors.Newf(errors.TypeInvalidInput, errors.MustNewCode("invalid_password"), "password must be at least %d characters long, should contain at least one uppercase letter [A-Z], one lowercase letter [a-z], one number [0-9], and one symbol [%c].", minPasswordLength, symbols)
 	ErrCodeResetPasswordTokenAlreadyExists        = errors.MustNewCode("reset_password_token_already_exists")
+	ErrCodePasswordNotFound                       = errors.MustNewCode("password_not_found")
 	ErrCodeResetPasswordTokenNotFound             = errors.MustNewCode("reset_password_token_not_found")
 	ErrCodePasswordAlreadyExists                  = errors.MustNewCode("password_already_exists")
 	ErrCodeIncorrectPassword                      = errors.MustNewCode("incorrect_password")
@@ -45,7 +45,7 @@ type PostableForgotPassword struct {
 type ResetPasswordToken struct {
 	bun.BaseModel `bun:"table:reset_password_token"`

-	types.Identifiable
+	Identifiable
 	Token      string      `bun:"token,type:text,notnull" json:"token"`
 	PasswordID valuer.UUID `bun:"password_id,type:text,notnull,unique" json:"passwordId"`
 	ExpiresAt  time.Time   `bun:"expires_at,type:timestamptz,nullzero" json:"expiresAt"`
@@ -54,11 +54,11 @@ type ResetPasswordToken struct {
 type FactorPassword struct {
 	bun.BaseModel `bun:"table:factor_password"`

-	types.Identifiable
+	Identifiable
 	Password  string `bun:"password,type:text,notnull" json:"password"`
 	Temporary bool   `bun:"temporary,type:boolean,notnull" json:"temporary"`
 	UserID    string `bun:"user_id,type:text,notnull,unique" json:"userId"`
-	types.TimeAuditable
+	TimeAuditable
 }

 func (request *ChangePasswordRequest) UnmarshalJSON(data []byte) error {
@@ -104,13 +104,13 @@ func NewFactorPassword(password string, userID string) (*FactorPassword, error)
 	}

 	return &FactorPassword{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
 		Password:  string(hashedPassword),
 		Temporary: false,
 		UserID:    userID,
-		TimeAuditable: types.TimeAuditable{
+		TimeAuditable: TimeAuditable{
 			CreatedAt: time.Now(),
 			UpdatedAt: time.Now(),
 		},
@@ -146,7 +146,7 @@ func NewHashedPassword(password string) (string, error) {

 func NewResetPasswordToken(passwordID valuer.UUID, expiresAt time.Time) (*ResetPasswordToken, error) {
 	return &ResetPasswordToken{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
 		Token:      valuer.GenerateUUID().String(),
--- a/pkg/types/usertypes/factor_password_test.go
+++ b/pkg/types/usertypes/factor_password_test.go
@@ -1,4 +1,4 @@
-package usertypes
+package types

 import (
 	"testing"
--- a/pkg/types/usertypes/invite.go
+++ b/pkg/types/usertypes/invite.go
@@ -1,12 +1,10 @@
-package usertypes
+package types

 import (
 	"encoding/json"
 	"time"

 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -21,13 +19,13 @@ type GettableInvite = Invite
 type Invite struct {
 	bun.BaseModel `bun:"table:user_invite"`

-	types.Identifiable
-	types.TimeAuditable
-	Name  string               `bun:"name,type:text" json:"name"`
-	Email valuer.Email         `bun:"email,type:text" json:"email"`
-	Token string               `bun:"token,type:text" json:"token"`
-	Role  authtypes.LegacyRole `bun:"role,type:text" json:"role"`
-	OrgID valuer.UUID          `bun:"org_id,type:text" json:"orgId"`
+	Identifiable
+	TimeAuditable
+	Name  string       `bun:"name,type:text" json:"name"`
+	Email valuer.Email `bun:"email,type:text" json:"email"`
+	Token string       `bun:"token,type:text" json:"token"`
+	Role  Role         `bun:"role,type:text" json:"role"`
+	OrgID valuer.UUID  `bun:"org_id,type:text" json:"orgId"`

 	InviteLink string `bun:"-" json:"inviteLink"`
 }
@@ -49,10 +47,10 @@ type PostableAcceptInvite struct {
 }

 type PostableInvite struct {
-	Name            string               `json:"name"`
-	Email           valuer.Email         `json:"email"`
-	Role            authtypes.LegacyRole `json:"role"`
-	FrontendBaseUrl string               `json:"frontendBaseUrl"`
+	Name            string       `json:"name"`
+	Email           valuer.Email `json:"email"`
+	Role            Role         `json:"role"`
+	FrontendBaseUrl string       `json:"frontendBaseUrl"`
 }

 type PostableBulkInviteRequest struct {
@@ -85,9 +83,9 @@ type GettableCreateInviteResponse struct {
 	InviteToken string `json:"token"`
 }

-func NewInvite(name string, role authtypes.LegacyRole, orgID valuer.UUID, email valuer.Email) (*Invite, error) {
+func NewInvite(name string, role Role, orgID valuer.UUID, email valuer.Email) (*Invite, error) {
 	invite := &Invite{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
 		Name:  name,
@@ -95,7 +93,7 @@ func NewInvite(name string, role authtypes.LegacyRole, orgID valuer.UUID, email
 		Token: valuer.GenerateUUID().String(),
 		Role:  role,
 		OrgID: orgID,
-		TimeAuditable: types.TimeAuditable{
+		TimeAuditable: TimeAuditable{
 			CreatedAt: time.Now(),
 			UpdatedAt: time.Now(),
 		},
--- a/pkg/types/authtypes/legacy_role.go
+++ b/pkg/types/authtypes/legacy_role.go
@@ -1,4 +1,4 @@
-package authtypes
+package types

 import (
 	"encoding/json"
@@ -7,15 +7,15 @@ import (
 )

 // Do not take inspiration from this. This is a hack to avoid using valuer.String and use upper case strings.
-type LegacyRole string
+type Role string

 const (
-	RoleAdmin  LegacyRole = "ADMIN"
-	RoleEditor LegacyRole = "EDITOR"
-	RoleViewer LegacyRole = "VIEWER"
+	RoleAdmin  Role = "ADMIN"
+	RoleEditor Role = "EDITOR"
+	RoleViewer Role = "VIEWER"
 )

-func NewLegacyRole(role string) (LegacyRole, error) {
+func NewRole(role string) (Role, error) {
 	switch role {
 	case "ADMIN":
 		return RoleAdmin, nil
@@ -28,17 +28,17 @@ func NewLegacyRole(role string) (LegacyRole, error) {
 	return "", errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "invalid role: %s", role)
 }

-func (r LegacyRole) String() string {
+func (r Role) String() string {
 	return string(r)
 }

-func (r *LegacyRole) UnmarshalJSON(data []byte) error {
+func (r *Role) UnmarshalJSON(data []byte) error {
 	var s string
 	if err := json.Unmarshal(data, &s); err != nil {
 		return err
 	}

-	role, err := NewLegacyRole(s)
+	role, err := NewRole(s)
 	if err != nil {
 		return err
 	}
@@ -47,6 +47,6 @@ func (r *LegacyRole) UnmarshalJSON(data []byte) error {
 	return nil
 }

-func (r LegacyRole) MarshalJSON() ([]byte, error) {
+func (r Role) MarshalJSON() ([]byte, error) {
 	return json.Marshal(r.String())
 }
--- a/pkg/types/telemetrytypes/store.go
+++ b/pkg/types/telemetrytypes/store.go
@@ -45,6 +45,8 @@ type MetadataStore interface {

 	// GetFirstSeenFromMetricMetadata gets the first seen timestamp for a metric metadata lookup key.
 	GetFirstSeenFromMetricMetadata(ctx context.Context, lookupKeys []MetricMetadataLookupKey) (map[MetricMetadataLookupKey]int64, error)
+
+	FetchLastSeenInfoMulti(ctx context.Context, metricNames ...string) (map[string]int64, error)
 }

 type MetricMetadataLookupKey struct {
--- a/pkg/types/telemetrytypes/telemetrytypestest/metadata_store.go
+++ b/pkg/types/telemetrytypes/telemetrytypestest/metadata_store.go
@@ -342,3 +342,7 @@ func (m *MockMetadataStore) SetFirstSeenFromMetricMetadata(firstSeenMap map[tele
 		m.LookupKeysMap[key] = value
 	}
 }
+
+func (m *MockMetadataStore) FetchLastSeenInfoMulti(ctx context.Context, metricNames ...string) (map[string]int64, error) {
+	return make(map[string]int64), nil
+}
--- a/pkg/types/tracefunneltypes/tracefunnel.go
+++ b/pkg/types/tracefunneltypes/tracefunnel.go
@@ -4,7 +4,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -19,12 +18,12 @@ type StorableFunnel struct {
 	types.TimeAuditable
 	types.UserAuditable
 	bun.BaseModel `bun:"table:trace_funnel"`
-	Name          string          `json:"funnel_name" bun:"name,type:text,notnull"`
-	Description   string          `json:"description" bun:"description,type:text"`
-	OrgID         valuer.UUID     `json:"org_id" bun:"org_id,type:varchar,notnull"`
-	Steps         []*FunnelStep   `json:"steps" bun:"steps,type:text,notnull"`
-	Tags          string          `json:"tags" bun:"tags,type:text"`
-	CreatedByUser *usertypes.User `json:"user" bun:"rel:belongs-to,join:created_by=id"`
+	Name          string        `json:"funnel_name" bun:"name,type:text,notnull"`
+	Description   string        `json:"description" bun:"description,type:text"`
+	OrgID         valuer.UUID   `json:"org_id" bun:"org_id,type:varchar,notnull"`
+	Steps         []*FunnelStep `json:"steps" bun:"steps,type:text,notnull"`
+	Tags          string        `json:"tags" bun:"tags,type:text"`
+	CreatedByUser *types.User   `json:"user" bun:"rel:belongs-to,join:created_by=id"`
 }

 type FunnelStep struct {
--- a/pkg/types/tracefunneltypes/utils_test.go
+++ b/pkg/types/tracefunneltypes/utils_test.go
@@ -6,7 +6,6 @@ import (

 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/usertypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/stretchr/testify/assert"
 )
@@ -444,7 +443,7 @@ func TestConstructFunnelResponse(t *testing.T) {
 				},
 				Name:  "test-funnel",
 				OrgID: orgID,
-				CreatedByUser: &usertypes.User{
+				CreatedByUser: &types.User{
 					Identifiable: types.Identifiable{
 						ID: userID,
 					},
--- a/pkg/types/usertypes/user.go
+++ b/pkg/types/usertypes/user.go
@@ -1,4 +1,4 @@
-package usertypes
+package types

 import (
 	"context"
@@ -7,8 +7,6 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -19,7 +17,7 @@ var (
 	ErrUserAlreadyExists                = errors.MustNewCode("user_already_exists")
 	ErrPasswordAlreadyExists            = errors.MustNewCode("password_already_exists")
 	ErrResetPasswordTokenAlreadyExists  = errors.MustNewCode("reset_password_token_already_exists")
-	ErrCodePasswordNotFound             = errors.MustNewCode("password_not_found")
+	ErrPasswordNotFound                 = errors.MustNewCode("password_not_found")
 	ErrResetPasswordTokenNotFound       = errors.MustNewCode("reset_password_token_not_found")
 	ErrAPIKeyAlreadyExists              = errors.MustNewCode("api_key_already_exists")
 	ErrAPIKeyNotFound                   = errors.MustNewCode("api_key_not_found")
@@ -40,15 +38,15 @@ type GettableUser = User
 type User struct {
 	bun.BaseModel `bun:"table:users"`

-	types.Identifiable
-	DisplayName string               `bun:"display_name" json:"displayName"`
-	Email       valuer.Email         `bun:"email" json:"email"`
-	Role        authtypes.LegacyRole `bun:"role" json:"role"`
-	OrgID       valuer.UUID          `bun:"org_id" json:"orgId"`
-	IsRoot      bool                 `bun:"is_root" json:"isRoot"`
-	Status      valuer.String        `bun:"status" json:"status"`
-	DeletedAt   time.Time            `bun:"deleted_at" json:"-"`
-	types.TimeAuditable
+	Identifiable
+	DisplayName string        `bun:"display_name" json:"displayName"`
+	Email       valuer.Email  `bun:"email" json:"email"`
+	Role        Role          `bun:"role" json:"role"`
+	OrgID       valuer.UUID   `bun:"org_id" json:"orgId"`
+	IsRoot      bool          `bun:"is_root" json:"isRoot"`
+	Status      valuer.String `bun:"status" json:"status"`
+	DeletedAt   time.Time     `bun:"deleted_at" json:"-"`
+	TimeAuditable
 }

 type PostableRegisterOrgAndAdmin struct {
@@ -59,7 +57,7 @@ type PostableRegisterOrgAndAdmin struct {
 	OrgName        string       `json:"orgName"`
 }

-func NewUser(displayName string, email valuer.Email, role authtypes.LegacyRole, orgID valuer.UUID, status valuer.String) (*User, error) {
+func NewUser(displayName string, email valuer.Email, role Role, orgID valuer.UUID, status valuer.String) (*User, error) {
 	if email.IsZero() {
 		return nil, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "email is required")
 	}
@@ -77,7 +75,7 @@ func NewUser(displayName string, email valuer.Email, role authtypes.LegacyRole,
 	}

 	return &User{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
 		DisplayName: displayName,
@@ -86,7 +84,7 @@ func NewUser(displayName string, email valuer.Email, role authtypes.LegacyRole,
 		OrgID:       orgID,
 		IsRoot:      false,
 		Status:      status,
-		TimeAuditable: types.TimeAuditable{
+		TimeAuditable: TimeAuditable{
 			CreatedAt: time.Now(),
 			UpdatedAt: time.Now(),
 		},
@@ -103,16 +101,16 @@ func NewRootUser(displayName string, email valuer.Email, orgID valuer.UUID) (*Us
 	}

 	return &User{
-		Identifiable: types.Identifiable{
+		Identifiable: Identifiable{
 			ID: valuer.GenerateUUID(),
 		},
 		DisplayName: displayName,
 		Email:       email,
-		Role:        authtypes.RoleAdmin,
+		Role:        RoleAdmin,
 		OrgID:       orgID,
 		IsRoot:      true,
 		Status:      UserStatusActive,
-		TimeAuditable: types.TimeAuditable{
+		TimeAuditable: TimeAuditable{
 			CreatedAt: time.Now(),
 			UpdatedAt: time.Now(),
 		},
@@ -121,7 +119,7 @@ func NewRootUser(displayName string, email valuer.Email, orgID valuer.UUID) (*Us

 // Update applies mutable fields from the input to the user. Immutable fields
 // (email, is_root, org_id, id) are preserved. Only non-zero input fields are applied.
-func (u *User) Update(displayName string, role authtypes.LegacyRole) {
+func (u *User) Update(displayName string, role Role) {
 	if displayName != "" {
 		u.DisplayName = displayName
 	}
@@ -151,7 +149,7 @@ func (u *User) UpdateStatus(status valuer.String) error {
 // PromoteToRoot promotes the user to a root user with admin role.
 func (u *User) PromoteToRoot() {
 	u.IsRoot = true
-	u.Role = authtypes.RoleAdmin
+	u.Role = RoleAdmin
 	u.UpdatedAt = time.Now()
 }

@@ -232,7 +230,7 @@ type UserStore interface {
 	GetUsersByEmail(ctx context.Context, email valuer.Email) ([]*User, error)

 	// Get users by role and org.
-	GetActiveUsersByRoleAndOrgID(ctx context.Context, role authtypes.LegacyRole, orgID valuer.UUID) ([]*User, error)
+	GetActiveUsersByRoleAndOrgID(ctx context.Context, role Role, orgID valuer.UUID) ([]*User, error)

 	// List users by org.
 	ListUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*User, error)
@@ -274,9 +272,6 @@ type UserStore interface {
 	// Get user by reset password token
 	GetUserByResetPasswordToken(ctx context.Context, token string) (*User, error)

-	// For AuthN - Get user and factor password by email and orgID.
-	GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx context.Context, email string, orgID valuer.UUID) (*User, *FactorPassword, error)
-
 	// Transaction
 	RunInTx(ctx context.Context, cb func(ctx context.Context) error) error
 }
--- a/tests/integration/src/dashboard/02_public_dashboard.py
+++ b/tests/integration/src/dashboard/02_public_dashboard.py
@@ -1,3 +1,4 @@
+from datetime import datetime, timedelta, timezone
 from http import HTTPStatus
 from typing import Callable, List

@@ -7,6 +8,7 @@ from sqlalchemy import sql
 from wiremock.resources.mappings import Mapping

 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
+from fixtures.metrics import Metrics
 from fixtures.types import Operation, SigNoz, TestContainerDocker


@@ -74,9 +76,37 @@ def test_public_dashboard_widget_query_range(
    signoz: SigNoz,
    create_user_admin: Operation,  # pylint: disable=unused-argument
    get_token: Callable[[str, str], str],
+    insert_metrics: Callable[[List[Metrics]], None],
 ):
    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)

+    # Insert metric data so the widget query returns results instead of 404
+    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
+    metrics: List[Metrics] = [
+        Metrics(
+            metric_name="container.cpu.time",
+            labels={"service": "test-service"},
+            timestamp=now - timedelta(minutes=5),
+            value=100.0,
+            temporality="Cumulative",
+        ),
+        Metrics(
+            metric_name="container.cpu.time",
+            labels={"service": "test-service"},
+            timestamp=now - timedelta(minutes=3),
+            value=200.0,
+            temporality="Cumulative",
+        ),
+        Metrics(
+            metric_name="container.cpu.time",
+            labels={"service": "test-service"},
+            timestamp=now - timedelta(minutes=1),
+            value=300.0,
+            temporality="Cumulative",
+        ),
+    ]
+    insert_metrics(metrics)
+
    dashboard_req = {
        "title": "Test Widget Query Range Dashboard",
        "description": "For testing widget query range",
--- a/tests/integration/src/querier/03_metrics.py
+++ b/tests/integration/src/querier/03_metrics.py
@@ -10,12 +10,16 @@ from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
 from fixtures.metrics import Metrics
 from fixtures.querier import (
    assert_minutely_bucket_values,
+    build_builder_query,
    find_named_result,
    index_series_by_label,
+    make_query_request,
 )
+from fixtures.utils import get_testdata_file_path

 FILL_GAPS = "fillGaps"
 FILL_ZERO = "fillZero"
+HISTOGRAM_FILE = get_testdata_file_path("histogram_data_1h.jsonl")


 def _build_format_options(fill_mode: str) -> Dict[str, Any]:
@@ -580,3 +584,39 @@ def test_metrics_fill_formula_with_group_by(
            expected_by_ts=expectations[group],
            context=f"metrics/{fill_mode}/F1/{group}",
        )
+
+def test_histogram_p90_returns_404_outside_data_window(
+    signoz: types.SigNoz,
+    create_user_admin: None,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+    insert_metrics: Callable[[List[Metrics]], None],
+) -> None:
+    
+    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
+    metric_name = "test_p90_last_seen_bucket"
+
+    metrics = Metrics.load_from_file(
+        HISTOGRAM_FILE,
+        base_time=now - timedelta(minutes=90),
+        metric_name_override=metric_name,
+    )
+    insert_metrics(metrics)
+
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+    query = build_builder_query(
+        "A",
+        metric_name,
+        "doesnotreallymatter",
+        "p90",
+    )
+
+    end_ms = int(now.timestamp() * 1000)
+
+    start_2h = int((now - timedelta(hours=2)).timestamp() * 1000)
+    response = make_query_request(signoz, token, start_2h, end_ms, [query])
+    assert response.status_code == HTTPStatus.OK
+    assert response.json()["status"] == "success"
+
+    start_15m = int((now - timedelta(minutes=15)).timestamp() * 1000)
+    response = make_query_request(signoz, token, start_15m, end_ms, [query])
+    assert response.status_code == HTTPStatus.NOT_FOUND
Author	SHA1	Message	Date
Vikrant Gupta	5bafdeb373	fix(user): add config for user invite token expiry (#10618 ) Some checks are pending build-staging / prepare (push) Waiting to run Details build-staging / js-build (push) Blocked by required conditions Details build-staging / go-build (push) Blocked by required conditions Details build-staging / staging (push) Blocked by required conditions Details Release Drafter / update_release_draft (push) Waiting to run Details * fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites * fix(user): increase expiry for reset password token for invites	2026-03-17 16:57:29 +00:00
Naman Verma	24b72084ac	fix: return not-found error with diagnostic info for absent metrics (#10560 ) * fix: check for metric type without query range constraint * revert: revert check for metric type without query range constraint * chore: move temporality+type fetcher to the case where it is actually used * fix: don't send absent metrics to query builder * chore: better package import name * test: unit test add mock for metadata call (which is expected in the test's scenario) * revert: revert seeding of absent metrics * fix: throw a not found err if metric data is missing * test: unit test add mock for metadata call (which is expected in the test's scenario) * revert: no need for special err handling in threshold rule * chore: add last seen info in err message * test: fix broken dashboard test * test: integration test for short time range query * chore: python lint issue	2026-03-17 16:15:32 +00:00
Pandey	2db83b453d	refactor: merge roletypes into authtypes (#10614 ) * refactor: merge roletypes into authtypes * refactor: merge roletypes into authtypes * refactor: update openapi spec * feat: split CI * fix: fix tsc of frontend	2026-03-17 15:43:58 +00:00
Amaresh S M	2f012715b4	fix(frontend/vite): avoid inlining whole process.env into bundle (#10605 )	2026-03-17 11:51:30 +00:00
Vikrant Gupta	aa05a7bf14	chore(identn): add me as codeowner for identn (#10612 )	2026-03-17 11:29:34 +00:00
Vikrant Gupta	99327960b0	feat(authn): move identn to factory and config (#10608 ) * feat(authn): move identn to factory and config * feat(authn): add support for enabling identNs * feat(authn): add support for enabling identNs	2026-03-17 11:22:26 +00:00
Pandey	12b02a1002	feat(sqlschema): add support for partial unique indexes (#10604 ) * feat(sqlschema): add support for partial unique indexes * feat(sqlschema): add support for multiple indexes * feat(sqlschema): add support for multiple indexes * feat(sqlschema): move normalizer to its own struct * feat(sqlschema): move normalizer tests to normalizer * feat(sqlschema): move normalizer tests to normalizer * feat(sqlschema): add more index tests from docs	2026-03-17 11:22:11 +00:00