feat(no-auth): fixes and refactor after rebase

frontend/src/AppRoutes/__tests__/Private.test.tsx

@@ -166,6 +166,8 @@ function createMockAppContext(
 		userPreferences: [],
 		hostsData: null,
 		isLoggedIn: true,
+		isNoAuthMode: false,
+		isPreflightLoading: false,
 		org: [{ createdAt: 0, id: 'org-id', displayName: 'Test Org' }],
 		isFetchingUser: false,
 		isFetchingActiveLicense: false,

frontend/src/AppRoutes/index.tsx

@@ -59,6 +59,7 @@ function App(): JSX.Element {
 		isLoggedIn: isLoggedInState,
 		featureFlags,
 		org,
+		isPreflightLoading,
 	} = useAppContext();
 	const [routes, setRoutes] = useState<AppRoutes[]>(defaultRoutes);
 	const isAIAssistantEnabled = useIsAIAssistantEnabled();
@@ -386,6 +387,10 @@ function App(): JSX.Element {
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, [isCloudUser, isEnterpriseSelfHostedUser]);
 
+	if (isPreflightLoading) {
+		return <Spinner tip="Loading..." />;
+	}
+
 	// if the user is in logged in state
 	if (isLoggedInState) {
 		// if the setup calls are loading then return a spinner

frontend/src/api/__tests__/interceptorRejected.no-auth.test.ts

@@ -0,0 +1,72 @@
+import axios from 'axios';
+import { getIsNoAuthMode } from 'utils/noAuthMode';
+
+import { interceptorRejected } from '../index';
+
+jest.mock('utils/noAuthMode', () => ({
+	getIsNoAuthMode: jest.fn(),
+}));
+
+jest.mock('api/v2/sessions/rotate/post', () => ({
+	__esModule: true,
+	default: jest.fn(),
+}));
+
+jest.mock('AppRoutes/utils', () => ({
+	__esModule: true,
+	default: jest.fn(),
+}));
+
+jest.mock('../utils', () => ({
+	Logout: jest.fn(),
+}));
+
+// oxlint-disable-next-line typescript/no-require-imports typescript/no-var-requires
+const post = require('api/v2/sessions/rotate/post').default;
+// oxlint-disable-next-line typescript/no-require-imports typescript/no-var-requires
+const { Logout } = require('../utils');
+
+describe('interceptorRejected — no-auth mode', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		jest.spyOn(axios, 'isAxiosError').mockReturnValue(true);
+	});
+
+	it('does NOT call rotate or Logout when no-auth mode is enabled on 401', async () => {
+		(getIsNoAuthMode as jest.Mock).mockReturnValue(true);
+
+		const error = {
+			isAxiosError: true,
+			response: {
+				status: 401,
+				config: { url: '/dashboards', method: 'get' },
+			},
+			config: { url: '/dashboards', headers: {} },
+		};
+
+		await interceptorRejected(error as any).catch(() => {});
+
+		expect(post).not.toHaveBeenCalled();
+		expect(Logout).not.toHaveBeenCalled();
+	});
+
+	it('DOES attempt rotate when no-auth mode is disabled on 401', async () => {
+		(getIsNoAuthMode as jest.Mock).mockReturnValue(false);
+		(post as jest.Mock).mockResolvedValue({
+			data: { accessToken: 'a', refreshToken: 'b' },
+		});
+
+		const error = {
+			isAxiosError: true,
+			response: {
+				status: 401,
+				config: { url: '/dashboards', method: 'get' },
+			},
+			config: { url: '/dashboards', headers: {} },
+		};
+
+		await interceptorRejected(error as any).catch(() => {});
+
+		expect(post).toHaveBeenCalled();
+	});
+});

frontend/src/api/index.ts

@@ -13,6 +13,7 @@ import { Events } from 'constants/events';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import { getBasePath } from 'utils/basePath';
 import { eventEmitter } from 'utils/getEventEmitter';
+import { getIsNoAuthMode } from 'utils/noAuthMode';
 
 import apiV1, { apiAlertManager, apiV2, apiV3, apiV4, apiV5 } from './apiV1';
 import { Logout } from './utils';
@@ -108,7 +109,10 @@ export const interceptorRejected = async (
 		if (axios.isAxiosError(value) && value.response) {
 			const { response } = value;
 
+			const isNoAuthMode = getIsNoAuthMode();
+
 			if (
+				!isNoAuthMode &&
 				response.status === 401 &&
 				// if the session rotate call or the create session errors out with 401 or the delete sessions call returns 401 then we do not retry!
 				response.config.url !== '/sessions/rotate' &&
@@ -140,16 +144,20 @@ export const interceptorRejected = async (
 						return await Promise.resolve(reResponse);
 					} catch (error) {
 						if ((error as AxiosError)?.response?.status === 401) {
-							Logout();
+							void Logout();
 						}
 					}
 				} catch (error) {
-					Logout();
+					void Logout();
 				}
 			}
 
-			if (response.status === 401 && response.config.url === '/sessions/rotate') {
-				Logout();
+			if (
+				!isNoAuthMode &&
+				response.status === 401 &&
+				response.config.url === '/sessions/rotate'
+			) {
+				void Logout();
 			}
 		}
 		return await Promise.reject(value);

frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx

@@ -19,6 +19,7 @@ import {
 } from 'api/generated/services/users';
 import { AxiosError } from 'axios';
 import { MemberRow } from 'components/MembersTable/MembersTable';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import RolesSelect, { useRoles } from 'components/RolesSelect';
 import SaveErrorItem from 'components/ServiceAccountDrawer/SaveErrorItem';
 import type { SaveError } from 'components/ServiceAccountDrawer/utils';
@@ -613,39 +614,43 @@ function EditMemberDrawer({
 					<div className="edit-member-drawer__footer-left">
 						<Tooltip title={getDeleteTooltip(isRootUser, isSelf)}>
 							<span className="edit-member-drawer__tooltip-wrapper">
-								<Button
-									onClick={(): void => setShowDeleteConfirm(true)}
-									disabled={isRootUser || isSelf}
-									variant="link"
-									color="destructive"
-								>
-									<Trash2 size={12} />
-									{isInvited ? 'Revoke Invite' : 'Delete Member'}
-								</Button>
+								<NoAuthGuard>
+									<Button
+										onClick={(): void => setShowDeleteConfirm(true)}
+										disabled={isRootUser || isSelf}
+										variant="link"
+										color="destructive"
+									>
+										<Trash2 size={12} />
+										{isInvited ? 'Revoke Invite' : 'Delete Member'}
+									</Button>
+								</NoAuthGuard>
 							</span>
 						</Tooltip>
 
 						<div className="edit-member-drawer__footer-divider" />
 						<Tooltip title={isRootUser ? ROOT_USER_TOOLTIP : undefined}>
 							<span className="edit-member-drawer__tooltip-wrapper">
-								<Button
-									onClick={handleGenerateResetLink}
-									disabled={isGeneratingLink || isRootUser || isLoadingTokenStatus}
-									variant="link"
-									color="warning"
-								>
-									<RefreshCw size={12} />
-									{isGeneratingLink
-										? 'Generating...'
-										: isInvited
-											? getInviteButtonLabel(
-													isLoadingTokenStatus,
-													existingToken,
-													isTokenExpired,
-													tokenNotFound,
-												)
-											: 'Generate Password Reset Link'}
-								</Button>
+								<NoAuthGuard>
+									<Button
+										onClick={handleGenerateResetLink}
+										disabled={isGeneratingLink || isRootUser || isLoadingTokenStatus}
+										variant="link"
+										color="warning"
+									>
+										<RefreshCw size={12} />
+										{isGeneratingLink
+											? 'Generating...'
+											: isInvited
+												? getInviteButtonLabel(
+														isLoadingTokenStatus,
+														existingToken,
+														isTokenExpired,
+														tokenNotFound,
+													)
+												: 'Generate Password Reset Link'}
+									</Button>
+								</NoAuthGuard>
 							</span>
 						</Tooltip>
 					</div>
@@ -656,15 +661,17 @@ function EditMemberDrawer({
 							Cancel
 						</Button>
 
-						<Button
-							variant="solid"
-							color="primary"
-							disabled={!isDirty || isSaving || isRootUser}
-							onClick={handleSave}
-							loading={isSaving}
-						>
-							{isSaving ? 'Saving...' : 'Save Member Details'}
-						</Button>
+						<NoAuthGuard>
+							<Button
+								variant="solid"
+								color="primary"
+								disabled={!isDirty || isSaving || isRootUser}
+								onClick={handleSave}
+								loading={isSaving}
+							>
+								{isSaving ? 'Saving...' : 'Save Member Details'}
+							</Button>
+						</NoAuthGuard>
 					</div>
 				</>
 			)}

frontend/src/components/NoAuthBanner/NoAuthBanner.module.scss

@@ -0,0 +1,3 @@
+.banner {
+	height: var(--spacing-20);
+}

frontend/src/components/NoAuthBanner/NoAuthBanner.tsx

@@ -0,0 +1,18 @@
+import { PersistedAnnouncementBanner } from '@signozhq/ui/announcement-banner';
+
+import styles from './NoAuthBanner.module.scss';
+
+export function NoAuthBanner(): JSX.Element {
+	return (
+		<PersistedAnnouncementBanner
+			type="warning"
+			storageKey="no-auth-banner-v1"
+			testId="no-auth-banner"
+			className={styles.banner}
+		>
+			No-auth mode: authentication is disabled, network is the trust boundary.
+		</PersistedAnnouncementBanner>
+	);
+}
+
+export default NoAuthBanner;

frontend/src/components/NoAuthBanner/__tests__/NoAuthBanner.test.tsx

@@ -0,0 +1,17 @@
+import { render, screen } from 'tests/test-utils';
+
+import { NoAuthBanner } from '../NoAuthBanner';
+
+describe('NoAuthBanner', () => {
+	it('renders the no-auth message', () => {
+		render(<NoAuthBanner />);
+		expect(
+			screen.getByText(/No-auth mode: authentication is disabled/i),
+		).toBeInTheDocument();
+	});
+
+	it('renders with the warning test id', () => {
+		render(<NoAuthBanner />);
+		expect(screen.getByTestId('no-auth-banner')).toBeInTheDocument();
+	});
+});

frontend/src/components/NoAuthGuard/NoAuthGuard.tsx

@@ -0,0 +1,46 @@
+import React from 'react';
+import {
+	TooltipRoot,
+	TooltipContent,
+	TooltipProvider,
+	TooltipTrigger,
+} from '@signozhq/ui/tooltip';
+import { useAppContext } from 'providers/App/App';
+
+export const DEFAULT_MESSAGE = 'Not available in no-auth mode';
+
+interface NoAuthGuardProps {
+	children: React.ReactElement;
+	message?: string;
+	disabled?: boolean;
+}
+
+export function NoAuthGuard({
+	children,
+	message = DEFAULT_MESSAGE,
+	disabled,
+}: NoAuthGuardProps): JSX.Element {
+	const { isNoAuthMode } = useAppContext();
+
+	if (!isNoAuthMode) {
+		return disabled ? React.cloneElement(children, { disabled: true }) : children;
+	}
+
+	const disabledChild = React.cloneElement(children, { disabled: true });
+
+	return (
+		<TooltipProvider>
+			<TooltipRoot>
+				<TooltipTrigger asChild>
+					<span
+						data-no-auth-trigger
+						style={{ display: 'inline-flex', cursor: 'not-allowed' }}
+					>
+						{disabledChild}
+					</span>
+				</TooltipTrigger>
+				<TooltipContent>{message}</TooltipContent>
+			</TooltipRoot>
+		</TooltipProvider>
+	);
+}

frontend/src/components/NoAuthGuard/__tests__/NoAuthGuard.test.tsx

@@ -0,0 +1,75 @@
+import React from 'react';
+import { render } from 'tests/test-utils';
+
+import { DEFAULT_MESSAGE, NoAuthGuard } from '..';
+
+describe('NoAuthGuard', () => {
+	it('renders children unchanged when isNoAuthMode is false', () => {
+		const { getByRole } = render(
+			<NoAuthGuard>
+				<button type="button">Action</button>
+			</NoAuthGuard>,
+			undefined,
+			{ appContextOverrides: { isNoAuthMode: false } },
+		);
+		expect(getByRole('button', { name: 'Action' })).not.toBeDisabled();
+	});
+
+	it('does not intercept onClick when isNoAuthMode is false', () => {
+		const handleClick = jest.fn();
+		const { getByRole } = render(
+			<NoAuthGuard>
+				<button type="button" onClick={handleClick}>
+					Action
+				</button>
+			</NoAuthGuard>,
+			undefined,
+			{ appContextOverrides: { isNoAuthMode: false } },
+		);
+		getByRole('button', { name: 'Action' }).click();
+		expect(handleClick).toHaveBeenCalledTimes(1);
+	});
+
+	it('disables children when isNoAuthMode is true', () => {
+		const { getByRole } = render(
+			<NoAuthGuard>
+				<button type="button">Action</button>
+			</NoAuthGuard>,
+			undefined,
+			{ appContextOverrides: { isNoAuthMode: true } },
+		);
+		expect(getByRole('button', { name: 'Action' })).toBeDisabled();
+	});
+
+	it('renders a tooltip trigger wrapper when isNoAuthMode is true', () => {
+		const { container } = render(
+			<NoAuthGuard>
+				<button type="button">Action</button>
+			</NoAuthGuard>,
+			undefined,
+			{ appContextOverrides: { isNoAuthMode: true } },
+		);
+		expect(
+			container.querySelector('span[data-no-auth-trigger]'),
+		).toBeInTheDocument();
+	});
+
+	it('overrides existing disabled prop — no-auth always wins', () => {
+		const { getByRole } = render(
+			// eslint-disable-next-line react/button-has-type
+			<NoAuthGuard>
+				<button type="button" disabled={false}>
+					Action
+				</button>
+			</NoAuthGuard>,
+			undefined,
+			{ appContextOverrides: { isNoAuthMode: true } },
+		);
+		expect(getByRole('button', { name: 'Action' })).toBeDisabled();
+	});
+
+	it('exports DEFAULT_MESSAGE as a non-empty string', () => {
+		expect(typeof DEFAULT_MESSAGE).toBe('string');
+		expect(DEFAULT_MESSAGE.length).toBeGreaterThan(0);
+	});
+});

frontend/src/components/NoAuthGuard/index.ts

@@ -0,0 +1 @@
+export { DEFAULT_MESSAGE, NoAuthGuard } from './NoAuthGuard';

frontend/src/components/ServiceAccountDrawer/KeysTab.tsx

@@ -1,7 +1,9 @@
 import React, { useCallback, useMemo } from 'react';
 import { KeyRound, X } from '@signozhq/icons';
 import { Button } from '@signozhq/ui/button';
-import { Skeleton, Table } from 'antd';
+import { Skeleton, Table, Tooltip } from 'antd';
+import { DEFAULT_MESSAGE, NoAuthGuard } from 'components/NoAuthGuard';
+import { useAppContext } from 'providers/App/App';
 import type { ColumnsType } from 'antd/es/table/interface';
 import type { ServiceaccounttypesGettableFactorAPIKeyDTO } from 'api/generated/services/sigNoz.schemas';
 import AuthZTooltip from 'components/AuthZTooltip/AuthZTooltip';
@@ -33,6 +35,7 @@ interface KeysTabProps {
 interface BuildColumnsParams {
 	isDisabled: boolean;
 	accountId: string;
+	isNoAuthMode: boolean;
 	onRevokeClick: (keyId: string) => void;
 	handleformatLastObservedAt: (
 		lastObservedAt: Date | null | undefined,
@@ -53,6 +56,7 @@ function formatExpiry(expiresAt: number): JSX.Element {
 function buildColumns({
 	isDisabled,
 	accountId,
+	isNoAuthMode,
 	onRevokeClick,
 	handleformatLastObservedAt,
 }: BuildColumnsParams): ColumnsType<ServiceaccounttypesGettableFactorAPIKeyDTO> {
@@ -110,28 +114,38 @@ function buildColumns({
 				onClick: (e): void => e.stopPropagation(),
 				style: { cursor: 'default' },
 			}),
-			render: (_, record): JSX.Element => (
-				<AuthZTooltip
-					checks={[
-						buildAPIKeyDeletePermission(record.id),
-						buildSADetachPermission(accountId),
-					]}
-					enabled={!isDisabled && !!accountId}
-				>
-					<Button
-						variant="ghost"
-						size="sm"
-						color="destructive"
-						disabled={isDisabled}
-						onClick={(): void => {
-							onRevokeClick(record.id);
-						}}
-						className="keys-tab__revoke-btn"
+			render: (_, record): JSX.Element => {
+				const tooltipTitle = isDisabled
+					? 'Service account disabled'
+					: isNoAuthMode
+						? DEFAULT_MESSAGE
+						: 'Revoke Key';
+				return (
+					<AuthZTooltip
+						checks={[
+							buildAPIKeyDeletePermission(record.id),
+							buildSADetachPermission(accountId),
+						]}
+						enabled={!isDisabled && !!accountId}
 					>
-						<X size={12} />
-					</Button>
-				</AuthZTooltip>
-			),
+						<Tooltip title={tooltipTitle}>
+							<Button
+								variant="ghost"
+								size="sm"
+								color="destructive"
+								disabled={isDisabled || isNoAuthMode}
+								onClick={(e): void => {
+									e.stopPropagation();
+									onRevokeClick(record.id);
+								}}
+								className="keys-tab__revoke-btn"
+							>
+								<X size={12} />
+							</Button>
+						</Tooltip>
+					</AuthZTooltip>
+				);
+			},
 		},
 	];
 }
@@ -158,6 +172,7 @@ function KeysTab({
 		parseAsString.withDefault(''),
 	);
 	const editKey = keys.find((k) => k.id === editKeyId) ?? null;
+	const { isNoAuthMode } = useAppContext();
 
 	const handleformatLastObservedAt = useCallback(
 		(lastObservedAt: Date | null | undefined): string =>
@@ -177,10 +192,17 @@ function KeysTab({
 			buildColumns({
 				isDisabled,
 				accountId,
+				isNoAuthMode,
 				onRevokeClick,
 				handleformatLastObservedAt,
 			}),
-		[isDisabled, accountId, onRevokeClick, handleformatLastObservedAt],
+		[
+			isDisabled,
+			accountId,
+			isNoAuthMode,
+			onRevokeClick,
+			handleformatLastObservedAt,
+		],
 	);
 
 	if (isLoading) {
@@ -210,16 +232,18 @@ function KeysTab({
 					checks={[APIKeyCreatePermission, buildSAAttachPermission(accountId)]}
 					enabled={!isDisabled && !!accountId}
 				>
-					<Button
-						variant="link"
-						color="primary"
-						onClick={async (): Promise<void> => {
-							await setIsAddKeyOpen(true);
-						}}
-						disabled={isDisabled}
-					>
-						+ Add your first key
-					</Button>
+					<NoAuthGuard>
+						<Button
+							variant="link"
+							color="primary"
+							onClick={async (): Promise<void> => {
+								await setIsAddKeyOpen(true);
+							}}
+							disabled={isDisabled}
+						>
+							+ Add your first key
+						</Button>
+					</NoAuthGuard>
 				</AuthZTooltip>
 			</div>
 		);

frontend/src/components/ServiceAccountDrawer/ServiceAccountDrawer.tsx

@@ -49,6 +49,7 @@ import APIError from 'types/api/error';
 import { toAPIError } from 'utils/errorUtils';
 
 import AuthZTooltip from 'components/AuthZTooltip/AuthZTooltip';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import AddKeyModal from './AddKeyModal';
 import DeleteAccountModal from './DeleteAccountModal';
 import KeysTab from './KeysTab';
@@ -436,18 +437,20 @@ function ServiceAccountDrawer({
 						]}
 						enabled={!isDeleted && !!selectedAccountId}
 					>
-						<Button
-							variant="outlined"
-							size="sm"
-							color="secondary"
-							disabled={isDeleted}
-							onClick={(): void => {
-								void setIsAddKeyOpen(true);
-							}}
-						>
-							<Plus size={12} />
-							Add Key
-						</Button>
+						<NoAuthGuard>
+							<Button
+								variant="outlined"
+								size="sm"
+								color="secondary"
+								disabled={isDeleted}
+								onClick={(): void => {
+									void setIsAddKeyOpen(true);
+								}}
+							>
+								<Plus size={12} />
+								Add Key
+							</Button>
+						</NoAuthGuard>
 					</AuthZTooltip>
 				)}
 			</div>
@@ -550,16 +553,18 @@ function ServiceAccountDrawer({
 							checks={[buildSADeletePermission(selectedAccountId ?? '')]}
 							enabled={!!selectedAccountId}
 						>
-							<Button
-								variant="link"
-								color="destructive"
-								onClick={(): void => {
-									void setIsDeleteOpen(true);
-								}}
-							>
-								<Trash2 size={12} />
-								Delete Service Account
-							</Button>
+							<NoAuthGuard>
+								<Button
+									variant="link"
+									color="destructive"
+									onClick={(): void => {
+										void setIsDeleteOpen(true);
+									}}
+								>
+									<Trash2 size={12} />
+									Delete Service Account
+								</Button>
+							</NoAuthGuard>
 						</AuthZTooltip>
 					)}
 					{!isDeleted && (
@@ -568,15 +573,17 @@ function ServiceAccountDrawer({
 								<X size={14} />
 								Cancel
 							</Button>
-							<Button
-								variant="solid"
-								color="primary"
-								loading={isSaving}
-								disabled={!isDirty}
-								onClick={handleSave}
-							>
-								Save Changes
-							</Button>
+							<NoAuthGuard>
+								<Button
+									variant="solid"
+									color="primary"
+									loading={isSaving}
+									disabled={!isDirty}
+									onClick={handleSave}
+								>
+									Save Changes
+								</Button>
+							</NoAuthGuard>
 						</div>
 					)}
 				</>

frontend/src/container/AllAlertChannels/Delete.tsx

@@ -4,6 +4,7 @@ import { useQueryClient } from 'react-query';
 import { Button } from 'antd';
 import type { NotificationInstance } from 'antd/es/notification/interface';
 import deleteChannel from 'api/channels/delete';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import APIError from 'types/api/error';
 
 function Delete({ notifications, id }: DeleteProps): JSX.Element {
@@ -35,14 +36,16 @@ function Delete({ notifications, id }: DeleteProps): JSX.Element {
 	};
 
 	return (
-		<Button
-			loading={loading}
-			disabled={loading}
-			type="link"
-			onClick={onClickHandler}
-		>
-			Delete
-		</Button>
+		<NoAuthGuard>
+			<Button
+				loading={loading}
+				disabled={loading}
+				type="link"
+				onClick={onClickHandler}
+			>
+				Delete
+			</Button>
+		</NoAuthGuard>
 	);
 }
 

frontend/src/container/Home/Home.tsx

@@ -18,6 +18,7 @@ import listUserPreferences from 'api/v1/user/preferences/list';
 import updateUserPreferenceAPI from 'api/v1/user/preferences/name/update';
 import Header from 'components/Header/Header';
 import HeaderRightSection from 'components/HeaderRightSection/HeaderRightSection';
+import NoAuthBanner from 'components/NoAuthBanner/NoAuthBanner';
 import { ENTITY_VERSION_V5 } from 'constants/app';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import { initialQueriesMap, PANEL_TYPES } from 'constants/queryBuilder';
@@ -62,7 +63,7 @@ const homeInterval = 30 * 60 * 1000;
 
 // eslint-disable-next-line sonarjs/cognitive-complexity
 export default function Home(): JSX.Element {
-	const { user } = useAppContext();
+	const { user, isNoAuthMode } = useAppContext();
 	const { safeNavigate } = useSafeNavigate();
 	const isDarkMode = useIsDarkMode();
 
@@ -196,7 +197,7 @@ export default function Home(): JSX.Element {
 	const { mutate: updateUserPreference } = useMutation(updateUserPreferenceAPI, {
 		onSuccess: () => {
 			setUpdatingUserPreferences(false);
-			refetchUserPreferences();
+			void refetchUserPreferences();
 		},
 		onError: () => {
 			setUpdatingUserPreferences(false);
@@ -204,7 +205,7 @@ export default function Home(): JSX.Element {
 	});
 
 	const handleWillDoThisLater = (): void => {
-		logEvent('Welcome Checklist: Will do this later clicked', {});
+		void logEvent('Welcome Checklist: Will do this later clicked', {});
 		setUpdatingUserPreferences(true);
 
 		updateUserPreference({
@@ -271,11 +272,12 @@ export default function Home(): JSX.Element {
 	}, [metricsOnboardingData, handleUpdateChecklistDoneItem]);
 
 	useEffect(() => {
-		logEvent('Homepage: Visited', {});
+		void logEvent('Homepage: Visited', {});
 	}, []);
 
 	return (
 		<div className="home-container">
+			{isNoAuthMode && <NoAuthBanner />}
 			<div className="sticky-header">
 				<Header
 					leftComponent={
@@ -298,9 +300,9 @@ export default function Home(): JSX.Element {
 									autoAdjustOverflow
 									onOpenChange={(visible): void => {
 										if (visible) {
-											logEvent('Welcome Checklist: Expanded', {});
+											void logEvent('Welcome Checklist: Expanded', {});
 										} else {
-											logEvent('Welcome Checklist: Minimized', {});
+											void logEvent('Welcome Checklist: Minimized', {});
 										}
 									}}
 									content={renderWelcomeChecklistModal()}
@@ -353,7 +355,7 @@ export default function Home(): JSX.Element {
 											className="active-ingestion-card-actions"
 											onClick={(e: React.MouseEvent): void => {
 												// eslint-disable-next-line sonarjs/no-duplicate-string
-												logEvent('Homepage: Ingestion Active Explore clicked', {
+												void logEvent('Homepage: Ingestion Active Explore clicked', {
 													source: 'Logs',
 												});
 												safeNavigate(ROUTES.LOGS_EXPLORER, {
@@ -362,7 +364,7 @@ export default function Home(): JSX.Element {
 											}}
 											onKeyDown={(e): void => {
 												if (e.key === 'Enter') {
-													logEvent('Homepage: Ingestion Active Explore clicked', {
+													void logEvent('Homepage: Ingestion Active Explore clicked', {
 														source: 'Logs',
 													});
 													history.push(ROUTES.LOGS_EXPLORER);
@@ -396,7 +398,7 @@ export default function Home(): JSX.Element {
 											role="button"
 											tabIndex={0}
 											onClick={(e: React.MouseEvent): void => {
-												logEvent('Homepage: Ingestion Active Explore clicked', {
+												void logEvent('Homepage: Ingestion Active Explore clicked', {
 													source: 'Traces',
 												});
 												safeNavigate(ROUTES.TRACES_EXPLORER, {
@@ -405,7 +407,7 @@ export default function Home(): JSX.Element {
 											}}
 											onKeyDown={(e): void => {
 												if (e.key === 'Enter') {
-													logEvent('Homepage: Ingestion Active Explore clicked', {
+													void logEvent('Homepage: Ingestion Active Explore clicked', {
 														source: 'Traces',
 													});
 													history.push(ROUTES.TRACES_EXPLORER);
@@ -439,7 +441,7 @@ export default function Home(): JSX.Element {
 											role="button"
 											tabIndex={0}
 											onClick={(e: React.MouseEvent): void => {
-												logEvent('Homepage: Ingestion Active Explore clicked', {
+												void logEvent('Homepage: Ingestion Active Explore clicked', {
 													source: 'Metrics',
 												});
 												safeNavigate(ROUTES.METRICS_EXPLORER, {
@@ -448,7 +450,7 @@ export default function Home(): JSX.Element {
 											}}
 											onKeyDown={(e): void => {
 												if (e.key === 'Enter') {
-													logEvent('Homepage: Ingestion Active Explore clicked', {
+													void logEvent('Homepage: Ingestion Active Explore clicked', {
 														source: 'Metrics',
 													});
 													history.push(ROUTES.METRICS_EXPLORER);
@@ -496,7 +498,7 @@ export default function Home(): JSX.Element {
 												className="periscope-btn secondary"
 												prefix={<Wrench size={14} />}
 												onClick={(e: React.MouseEvent): void => {
-													logEvent('Homepage: Explore clicked', {
+													void logEvent('Homepage: Explore clicked', {
 														source: 'Logs',
 													});
 													safeNavigate(ROUTES.LOGS_EXPLORER, {
@@ -513,7 +515,7 @@ export default function Home(): JSX.Element {
 												className="periscope-btn secondary"
 												prefix={<Wrench size={14} />}
 												onClick={(e: React.MouseEvent): void => {
-													logEvent('Homepage: Explore clicked', {
+													void logEvent('Homepage: Explore clicked', {
 														source: 'Traces',
 													});
 													safeNavigate(ROUTES.TRACES_EXPLORER, {
@@ -530,7 +532,7 @@ export default function Home(): JSX.Element {
 												className="periscope-btn secondary"
 												prefix={<Wrench size={14} />}
 												onClick={(e: React.MouseEvent): void => {
-													logEvent('Homepage: Explore clicked', {
+													void logEvent('Homepage: Explore clicked', {
 														source: 'Metrics',
 													});
 													safeNavigate(ROUTES.METRICS_EXPLORER_EXPLORER, {
@@ -569,7 +571,7 @@ export default function Home(): JSX.Element {
 												className="periscope-btn secondary"
 												prefix={<Plus size={14} />}
 												onClick={(e: React.MouseEvent): void => {
-													logEvent('Homepage: Explore clicked', {
+													void logEvent('Homepage: Explore clicked', {
 														source: 'Dashboards',
 													});
 													safeNavigate(ROUTES.ALL_DASHBOARD, {
@@ -614,7 +616,7 @@ export default function Home(): JSX.Element {
 												className="periscope-btn secondary"
 												prefix={<Plus size={14} />}
 												onClick={(e: React.MouseEvent): void => {
-													logEvent('Homepage: Explore clicked', {
+													void logEvent('Homepage: Explore clicked', {
 														source: 'Alerts',
 													});
 													safeNavigate(ROUTES.ALERTS_NEW, {

frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx

@@ -70,6 +70,7 @@ import {
 	TriangleAlert,
 	X,
 } from '@signozhq/icons';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useAppContext } from 'providers/App/App';
 import { useTimezone } from 'providers/Timezone';
 import {
@@ -1006,21 +1007,25 @@ function MultiIngestionSettings(): JSX.Element {
 									</div>
 								</div>
 								<div className="action-btn">
-									<Button
-										variant="link"
-										size="icon"
-										color="secondary"
-										suffix={<PenLine size={14} />}
-										aria-label="Edit ingestion key"
-										onClick={onEditKey}
-									/>
-									<Button
-										variant="link"
-										size="icon"
-										color="destructive"
-										suffix={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
-										onClick={onDeleteKey}
-									/>
+									<NoAuthGuard>
+										<Button
+											variant="link"
+											size="icon"
+											color="secondary"
+											suffix={<PenLine size={14} />}
+											aria-label="Edit ingestion key"
+											onClick={onEditKey}
+										/>
+									</NoAuthGuard>
+									<NoAuthGuard>
+										<Button
+											variant="link"
+											size="icon"
+											color="destructive"
+											suffix={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
+											onClick={onDeleteKey}
+										/>
+									</NoAuthGuard>
 								</div>
 							</div>
 						),
@@ -1123,28 +1128,32 @@ function MultiIngestionSettings(): JSX.Element {
 															<div className="actions">
 																{hasLimits(signalName) ? (
 																	<>
-																		<Button
-																			variant="link"
-																			size="icon"
-																			color="secondary"
-																			prefix={<PenLine size={14} />}
-																			aria-label={`Edit ${signalName} limit`}
-																			disabled={
-																				!!(activeAPIKey?.id === APIKey?.id && activeSignal)
-																			}
-																			onClick={onEditSignalLimit}
-																		/>
-																		<Button
-																			variant="link"
-																			size="icon"
-																			color="destructive"
-																			prefix={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
-																			aria-label={`Delete ${signalName} limit`}
-																			disabled={
-																				!!(activeAPIKey?.id === APIKey?.id && activeSignal)
-																			}
-																			onClick={onDeleteSignalLimit}
-																		/>
+																		<NoAuthGuard>
+																			<Button
+																				variant="link"
+																				size="icon"
+																				color="secondary"
+																				prefix={<PenLine size={14} />}
+																				aria-label={`Edit ${signalName} limit`}
+																				disabled={
+																					!!(activeAPIKey?.id === APIKey?.id && activeSignal)
+																				}
+																				onClick={onEditSignalLimit}
+																			/>
+																		</NoAuthGuard>
+																		<NoAuthGuard>
+																			<Button
+																				variant="link"
+																				size="icon"
+																				color="destructive"
+																				prefix={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
+																				aria-label={`Delete ${signalName} limit`}
+																				disabled={
+																					!!(activeAPIKey?.id === APIKey?.id && activeSignal)
+																				}
+																				onClick={onDeleteSignalLimit}
+																			/>
+																		</NoAuthGuard>
 																	</>
 																) : (
 																	<Button
@@ -1679,14 +1688,16 @@ function MultiIngestionSettings(): JSX.Element {
 						onChange={handleSearch}
 					/>
 
-					<Button
-						variant="solid"
-						className="add-new-ingestion-key-btn"
-						prefix={<Plus size={14} />}
-						onClick={showAddModal}
-					>
-						New Ingestion key
-					</Button>
+					<NoAuthGuard>
+						<Button
+							variant="solid"
+							className="add-new-ingestion-key-btn"
+							prefix={<Plus size={14} />}
+							onClick={showAddModal}
+						>
+							New Ingestion key
+						</Button>
+					</NoAuthGuard>
 				</div>
 
 				<Table

frontend/src/container/MembersSettings/MembersSettings.tsx

@@ -9,6 +9,7 @@ import { useListUsers } from 'api/generated/services/users';
 import EditMemberDrawer from 'components/EditMemberDrawer/EditMemberDrawer';
 import InviteMembersModal from 'components/InviteMembersModal/InviteMembersModal';
 import MembersTable, { MemberRow } from 'components/MembersTable/MembersTable';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import useUrlQuery from 'hooks/useUrlQuery';
 import { toISOString } from 'utils/app';
 
@@ -21,7 +22,6 @@ const PAGE_SIZE = 20;
 function MembersSettings(): JSX.Element {
 	const history = useHistory();
 	const urlQuery = useUrlQuery();
-
 	const pageParam = parseInt(urlQuery.get('page') ?? '1', 10);
 	const currentPage = Number.isNaN(pageParam) || pageParam < 1 ? 1 : pageParam;
 
@@ -146,7 +146,7 @@ function MembersSettings(): JSX.Element {
 				: `Deleted ⎯ ${deletedCount}`;
 
 	const handleInviteComplete = useCallback((): void => {
-		refetchUsers();
+		void refetchUsers();
 	}, [refetchUsers]);
 
 	const handleRowClick = useCallback((member: MemberRow): void => {
@@ -158,7 +158,7 @@ function MembersSettings(): JSX.Element {
 	}, []);
 
 	const handleMemberEditComplete = useCallback((): void => {
-		refetchUsers();
+		void refetchUsers();
 	}, [refetchUsers]);
 
 	return (
@@ -201,14 +201,16 @@ function MembersSettings(): JSX.Element {
 						/>
 					</div>
 
-					<Button
-						variant="solid"
-						color="primary"
-						onClick={(): void => setIsInviteModalOpen(true)}
-					>
-						<Plus size={12} />
-						Invite member
-					</Button>
+					<NoAuthGuard>
+						<Button
+							variant="solid"
+							color="primary"
+							onClick={(): void => setIsInviteModalOpen(true)}
+						>
+							<Plus size={12} />
+							Invite member
+						</Button>
+					</NoAuthGuard>
 				</div>
 			</div>
 			<MembersTable

frontend/src/container/MySettings/UserInfo/index.tsx

@@ -7,6 +7,7 @@ import {
 	updateMyPassword,
 	useUpdateMyUserV2,
 } from 'api/generated/services/users';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useNotifications } from 'hooks/useNotifications';
 import { Check, FileTerminal, Mail, User } from '@signozhq/icons';
 import { useAppContext } from 'providers/App/App';
@@ -80,10 +81,10 @@ function UserInfo(): JSX.Element {
 		currentPassword === updatePassword;
 
 	const onSaveHandler = async (): Promise<void> => {
-		logEvent('Account Settings: Name Updated', {
+		void logEvent('Account Settings: Name Updated', {
 			name: changedName,
 		});
-		logEvent(
+		void logEvent(
 			'Account Settings: Name Updated',
 			{
 				name: changedName,
@@ -144,14 +145,16 @@ function UserInfo(): JSX.Element {
 					Update name
 				</Button>
 
-				<Button
-					type="default"
-					className="periscope-btn secondary"
-					icon={<FileTerminal size={16} />}
-					onClick={(): void => setIsResetPasswordModalOpen(true)}
-				>
-					Reset password
-				</Button>
+				<NoAuthGuard>
+					<Button
+						type="default"
+						className="periscope-btn secondary"
+						icon={<FileTerminal size={16} />}
+						onClick={(): void => setIsResetPasswordModalOpen(true)}
+					>
+						Reset password
+					</Button>
+				</NoAuthGuard>
 			</div>
 
 			<Modal

frontend/src/container/OrganizationSettings/AuthDomain/CreateEdit/CreateEdit.tsx

@@ -17,6 +17,7 @@ import {
 import { AxiosError } from 'axios';
 import { FeatureKeys } from 'constants/features';
 import { defaultTo } from 'lodash-es';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useAppContext } from 'providers/App/App';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import { ErrorV2Resp } from 'types/api';
@@ -257,14 +258,16 @@ function CreateOrEdit(props: CreateOrEditProps): JSX.Element {
 									Cancel
 								</Button>
 							)}
-							<Button
-								onClick={onSubmitHandler}
-								variant="solid"
-								color="primary"
-								loading={isCreating || isUpdating}
-							>
-								Save Changes
-							</Button>
+							<NoAuthGuard>
+								<Button
+									onClick={onSubmitHandler}
+									variant="solid"
+									color="primary"
+									loading={isCreating || isUpdating}
+								>
+									Save Changes
+								</Button>
+							</NoAuthGuard>
 						</section>
 					</div>
 				)}

frontend/src/container/OrganizationSettings/AuthDomain/SSOEnforcementToggle.tsx

@@ -1,5 +1,6 @@
 import { useEffect, useState } from 'react';
 import { Switch } from '@signozhq/ui/switch';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
 import { useUpdateAuthDomain } from 'api/generated/services/authdomains';
 import {
@@ -65,7 +66,9 @@ function SSOEnforcementToggle({
 	};
 
 	return (
-		<Switch disabled={isLoading} value={isChecked} onChange={onChangeHandler} />
+		<NoAuthGuard>
+			<Switch disabled={isLoading} value={isChecked} onChange={onChangeHandler} />
+		</NoAuthGuard>
 	);
 }
 

frontend/src/container/OrganizationSettings/AuthDomain/index.tsx

@@ -14,6 +14,7 @@ import {
 } from 'api/generated/services/sigNoz.schemas';
 import { AxiosError } from 'axios';
 import ErrorContent from 'components/ErrorModal/components/ErrorContent';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import CopyToClipboard from 'periscope/components/CopyToClipboard';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import APIError from 'types/api/error';
@@ -75,7 +76,7 @@ function AuthDomain(): JSX.Element {
 			{
 				onSuccess: () => {
 					toast.success('Domain deleted successfully');
-					refetchAuthDomainListResponse();
+					void refetchAuthDomainListResponse();
 					hideDeleteModal();
 				},
 				onError: (error) => {
@@ -153,20 +154,24 @@ function AuthDomain(): JSX.Element {
 				width: 100,
 				render: (_, record: AuthtypesGettableAuthDomainDTO): JSX.Element => (
 					<section className="auth-domain-list-column-action">
-						<Button
-							className="auth-domain-list-action-link"
-							onClick={(): void => setRecord(record)}
-							variant="link"
-						>
-							Configure {SSOType.get(record.config?.ssoType || '')}
-						</Button>
-						<Button
-							className="auth-domain-list-action-link delete"
-							onClick={(): void => showDeleteModal(record)}
-							variant="link"
-						>
-							Delete
-						</Button>
+						<NoAuthGuard>
+							<Button
+								className="auth-domain-list-action-link"
+								onClick={(): void => setRecord(record)}
+								variant="link"
+							>
+								Configure {SSOType.get(record.config?.ssoType || '')}
+							</Button>
+						</NoAuthGuard>
+						<NoAuthGuard>
+							<Button
+								className="auth-domain-list-action-link delete"
+								onClick={(): void => showDeleteModal(record)}
+								variant="link"
+							>
+								Delete
+							</Button>
+						</NoAuthGuard>
 					</section>
 				),
 			},
@@ -178,17 +183,19 @@ function AuthDomain(): JSX.Element {
 		<div className="auth-domain">
 			<section className="auth-domain-header">
 				<h3 className="auth-domain-title">Authenticated Domains</h3>
-				<Button
-					prefix={<Plus size="md" />}
-					onClick={(): void => {
-						setAddDomain(true);
-					}}
-					variant="solid"
-					size="sm"
-					color="primary"
-				>
-					Add Domain
-				</Button>
+				<NoAuthGuard>
+					<Button
+						prefix={<Plus size="md" />}
+						onClick={(): void => {
+							setAddDomain(true);
+						}}
+						variant="solid"
+						size="sm"
+						color="primary"
+					>
+						Add Domain
+					</Button>
+				</NoAuthGuard>
 			</section>
 			{formattedError && <ErrorContent error={formattedError} />}
 			{!errorFetchingAuthDomainListResponse && (
@@ -231,15 +238,16 @@ function AuthDomain(): JSX.Element {
 					>
 						Cancel
 					</Button>,
-					<Button
-						key="submit"
-						prefix={<Trash2 size={16} />}
-						onClick={handleDeleteDomain}
-						className="delete-btn"
-						loading={isLoading}
-					>
-						Delete Domain
-					</Button>,
+					<NoAuthGuard key="submit">
+						<Button
+							prefix={<Trash2 size={16} />}
+							onClick={handleDeleteDomain}
+							className="delete-btn"
+							loading={isLoading}
+						>
+							Delete Domain
+						</Button>
+					</NoAuthGuard>,
 				]}
 			>
 				<p className="delete-text">

frontend/src/container/RolesSettings/RolesComponents/CreateRoleModal.tsx

@@ -18,6 +18,7 @@ import {
 } from 'api/generated/services/sigNoz.schemas';
 import { ErrorType } from 'api/generatedAPIInstance';
 import ROUTES from 'constants/routes';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import { handleApiError } from 'utils/errorUtils';
 
@@ -148,16 +149,17 @@ function CreateRoleModal({
 					<X size={14} />
 					Cancel
 				</Button>,
-				<Button
-					key="submit"
-					variant="solid"
-					color="primary"
-					onClick={onSubmit}
-					loading={isLoading}
-					size="sm"
-				>
-					{isEditMode ? 'Save Changes' : 'Create Role'}
-				</Button>,
+				<NoAuthGuard key="submit">
+					<Button
+						variant="solid"
+						color="primary"
+						onClick={onSubmit}
+						loading={isLoading}
+						size="sm"
+					>
+						{isEditMode ? 'Save Changes' : 'Create Role'}
+					</Button>
+				</NoAuthGuard>,
 			]}
 			destroyOnClose
 			className="create-role-modal"

frontend/src/container/RolesSettings/RolesSettings.tsx

@@ -4,6 +4,7 @@ import { Button } from '@signozhq/ui/button';
 import { Input } from '@signozhq/ui/input';
 import AuthZTooltip from 'components/AuthZTooltip/AuthZTooltip';
 import { RoleCreatePermission } from 'hooks/useAuthZ/permissions/role.permissions';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 
 import CreateRoleModal from './RolesComponents/CreateRoleModal';
 import RolesListingTable from './RolesComponents/RolesListingTable';
@@ -39,15 +40,17 @@ function RolesSettings(): JSX.Element {
 						onChange={(e): void => setSearchQuery(e.target.value)}
 					/>
 					<AuthZTooltip checks={[RoleCreatePermission]}>
-						<Button
-							variant="solid"
-							color="primary"
-							className="role-settings-toolbar-button"
-							onClick={(): void => setIsCreateModalOpen(true)}
-						>
-							<Plus size={14} />
-							Custom role
-						</Button>
+						<NoAuthGuard>
+							<Button
+								variant="solid"
+								color="primary"
+								className="role-settings-toolbar-button"
+								onClick={(): void => setIsCreateModalOpen(true)}
+							>
+								<Plus size={14} />
+								Custom role
+							</Button>
+						</NoAuthGuard>
 					</AuthZTooltip>
 				</div>
 				<RolesListingTable searchQuery={searchQuery} />

frontend/src/container/RoutingPolicies/__tests__/testUtils.ts

@@ -101,6 +101,8 @@ export function getAppContextMockState(
 		userPreferences: null,
 		hostsData: null,
 		isLoggedIn: false,
+		isNoAuthMode: false,
+		isPreflightLoading: false,
 		org: null,
 		isFetchingUser: false,
 		isFetchingActiveLicense: false,

frontend/src/container/ServiceAccountsSettings/ServiceAccountsSettings.tsx

@@ -37,6 +37,7 @@ import {
 } from './utils';
 
 import './ServiceAccountsSettings.styles.scss';
+import { NoAuthGuard } from 'components/NoAuthGuard';
 
 function ServiceAccountsSettings(): JSX.Element {
 	const [currentPage, setPage] = useQueryState(
@@ -264,16 +265,18 @@ function ServiceAccountsSettings(): JSX.Element {
 						</div>
 
 						<AuthZTooltip checks={[SACreatePermission]}>
-							<Button
-								variant="solid"
-								color="primary"
-								onClick={async (): Promise<void> => {
-									await setIsCreateModalOpen(true);
-								}}
-							>
-								<Plus size={12} />
-								New Service Account
-							</Button>
+							<NoAuthGuard>
+								<Button
+									variant="solid"
+									color="primary"
+									onClick={async (): Promise<void> => {
+										await setIsCreateModalOpen(true);
+									}}
+								>
+									<Plus size={12} />
+									New Service Account
+								</Button>
+							</NoAuthGuard>
 						</AuthZTooltip>
 					</div>
 

frontend/src/container/SideNav/SideNav.styles.scss

@@ -1120,6 +1120,7 @@
 
 		.user-settings-dropdown-logout-section {
 			color: var(--danger-background);
+			pointer-events: auto;
 		}
 	}
 }

frontend/src/container/SideNav/SideNav.tsx

@@ -134,6 +134,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		featureFlags,
 		trialInfo,
 		isLoggedIn,
+		isNoAuthMode,
 		userPreferences,
 		changelog,
 		toggleChangelogModal,
@@ -408,7 +409,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 	);
 
 	const handleReorderShortcutNavItems = (): void => {
-		logEvent('Sidebar V2: Save shortcuts clicked', {
+		void logEvent('Sidebar V2: Save shortcuts clicked', {
 			shortcuts: tempPinnedMenuItems.map((item) => item.key),
 		});
 		setPinnedMenuItems(tempPinnedMenuItems);
@@ -436,7 +437,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 	const isWorkspaceBlocked = trialInfo?.workSpaceBlock || false;
 
 	const onClickGetStarted = (event: MouseEvent): void => {
-		logEvent('Sidebar: Menu clicked', {
+		void logEvent('Sidebar: Menu clicked', {
 			menuRoute: '/get-started',
 			menuLabel: 'Get Started',
 		});
@@ -489,12 +490,14 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				isWorkspaceBlocked,
 				isEnterpriseSelfHostedUser,
 				isCommunityEnterpriseUser,
+				isNoAuthMode,
 			}),
 		[
 			isEnterpriseSelfHostedUser,
 			isCommunityEnterpriseUser,
 			user.email,
 			isWorkspaceBlocked,
+			isNoAuthMode,
 		],
 	);
 
@@ -651,7 +654,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		} else if (item) {
 			onClickHandler(item?.key as string, event);
 		}
-		logEvent('Sidebar V2: Menu clicked', {
+		void logEvent('Sidebar V2: Menu clicked', {
 			menuRoute: item?.key,
 			menuLabel: item?.label,
 		});
@@ -794,7 +797,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 					onTogglePin={
 						allowPin
 							? (item): void => {
-									logEvent(
+									void logEvent(
 										`Sidebar V2: Menu item ${item.isPinned ? 'unpinned' : 'pinned'}`,
 										{
 											menuRoute: item.key,
@@ -841,7 +844,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		const event = (info as SidebarItem & { domEvent?: MouseEvent }).domEvent;
 
 		if (item && !('type' in item)) {
-			logEvent('Help Popover: Item clicked', {
+			void logEvent('Help Popover: Item clicked', {
 				menuRoute: item.key,
 				menuLabel: String(item.label),
 			});
@@ -890,7 +893,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 			menuLabel = item.label;
 		}
 
-		logEvent('Settings Popover: Item clicked', {
+		void logEvent('Settings Popover: Item clicked', {
 			menuRoute: item?.key,
 			menuLabel,
 		});
@@ -927,7 +930,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				}
 				break;
 			case 'logout':
-				Logout();
+				void Logout();
 				break;
 			default:
 		}
@@ -1081,7 +1084,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 													<div
 														className="nav-section-title-icon reorder"
 														onClick={(): void => {
-															logEvent('Sidebar V2: Manage shortcuts clicked', {});
+															void logEvent('Sidebar V2: Manage shortcuts clicked', {});
 															setIsReorderShortcutNavItemsModalOpen(true);
 														}}
 													>
@@ -1128,7 +1131,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 													return;
 												}
 												const newCollapsedState = !isMoreMenuCollapsed;
-												logEvent('Sidebar V2: More menu clicked', {
+												void logEvent('Sidebar V2: More menu clicked', {
 													action: isMoreMenuCollapsed ? 'expand' : 'collapse',
 												});
 												setIsMoreMenuCollapsed(newCollapsedState);
@@ -1234,14 +1237,14 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				open={isReorderShortcutNavItemsModalOpen}
 				closable
 				onCancel={(): void => {
-					logEvent('Sidebar V2: Manage shortcuts dismissed', {});
+					void logEvent('Sidebar V2: Manage shortcuts dismissed', {});
 					hideReorderShortcutNavItemsModal();
 				}}
 				footer={[
 					<Button
 						key="cancel"
 						onClick={(): void => {
-							logEvent('Sidebar V2: Manage shortcuts dismissed', {});
+							void logEvent('Sidebar V2: Manage shortcuts dismissed', {});
 							hideReorderShortcutNavItemsModal();
 						}}
 						className="periscope-btn cancel-btn secondary-btn"

frontend/src/container/SideNav/__tests__/menuItems.test.tsx

@@ -5,6 +5,7 @@ const BASE_PARAMS = {
 	isWorkspaceBlocked: false,
 	isEnterpriseSelfHostedUser: false,
 	isCommunityEnterpriseUser: false,
+	isNoAuthMode: false,
 };
 
 describe('getUserSettingsDropdownMenuItems', () => {
@@ -71,4 +72,15 @@ describe('getUserSettingsDropdownMenuItems', () => {
 		expect(keys[3]).toBe('account');
 		expect(keys[keys.length - 1]).toBe('logout');
 	});
+
+	it('omits sign out and its preceding divider when isNoAuthMode=true', () => {
+		const items =
+			getUserSettingsDropdownMenuItems({ ...BASE_PARAMS, isNoAuthMode: true }) ??
+			[];
+		const keys = items.map((item: any) => item.key ?? item.type);
+
+		expect(keys).not.toContain('logout');
+		// the trailing divider before logout should also be gone
+		expect(keys[keys.length - 1]).toBe('keyboard-shortcuts');
+	});
 });

frontend/src/container/SideNav/menuItems.tsx

@@ -1,3 +1,5 @@
+import { MenuProps } from 'antd';
+import ROUTES from 'constants/routes';
 import {
 	ArrowUpRight,
 	BarChart,
@@ -35,15 +37,13 @@ import {
 	Users,
 	Binoculars,
 } from '@signozhq/icons';
-import { Style } from '@signozhq/design-tokens';
-import { MenuProps } from 'antd';
-import ROUTES from 'constants/routes';
 
 import {
 	SecondaryMenuItemKey,
 	SettingsNavSection,
 	SidebarItem,
 } from './sideNav.types';
+import { Style } from '@signozhq/design-tokens';
 
 export const getStartedMenuItem = {
 	key: ROUTES.GET_STARTED,
@@ -487,6 +487,7 @@ export interface UserSettingsMenuItemsParams {
 	isWorkspaceBlocked: boolean;
 	isEnterpriseSelfHostedUser: boolean;
 	isCommunityEnterpriseUser: boolean;
+	isNoAuthMode: boolean;
 }
 
 export const getUserSettingsDropdownMenuItems = ({
@@ -494,6 +495,7 @@ export const getUserSettingsDropdownMenuItems = ({
 	isWorkspaceBlocked,
 	isEnterpriseSelfHostedUser,
 	isCommunityEnterpriseUser,
+	isNoAuthMode,
 }: UserSettingsMenuItemsParams): MenuProps['items'] =>
 	[
 		{
@@ -537,21 +539,25 @@ export const getUserSettingsDropdownMenuItems = ({
 			icon: <Keyboard size={14} color={Style.L1_FOREGROUND} />,
 			dataTestId: 'keyboard-shortcuts-nav-item',
 		},
-		{ type: 'divider' as const },
-		{
-			key: 'logout',
-			label: (
-				<span className="user-settings-dropdown-logout-section">Sign out</span>
-			),
-			icon: (
-				<LogOut
-					size={14}
-					className="user-settings-dropdown-logout-section"
-					color={Style.DANGER_BACKGROUND}
-				/>
-			),
-			dataTestId: 'logout-nav-item',
-		},
+		...(isNoAuthMode
+			? []
+			: [
+					{ type: 'divider' as const },
+					{
+						key: 'logout',
+						label: (
+							<span className="user-settings-dropdown-logout-section">Sign out</span>
+						),
+						icon: (
+							<LogOut
+								size={14}
+								className="user-settings-dropdown-logout-section"
+								color={Style.DANGER_BACKGROUND}
+							/>
+						),
+						dataTestId: 'logout-nav-item',
+					},
+				]),
 	].filter(Boolean);
 
 /** Mapping of some newly added routes and their corresponding active sidebar menu key */

frontend/src/pages/Settings/Settings.tsx

@@ -321,7 +321,7 @@ function SettingsPage(): JSX.Element {
 										isDisabled={false}
 										showIcon={false}
 										onClick={(event): void => {
-											logEvent('Settings V2: Menu clicked', {
+											void logEvent('Settings V2: Menu clicked', {
 												menuLabel: item.label,
 												menuRoute: item.key,
 											});

frontend/src/providers/App/App.tsx

@@ -13,8 +13,11 @@ import { useQuery } from 'react-query';
 import getLocalStorageApi from 'api/browser/localstorage/get';
 import setLocalStorageApi from 'api/browser/localstorage/set';
 import { useGetHosts } from 'api/generated/services/zeus';
+import { useGetGlobalConfig } from 'api/generated/services/global';
 import { useGetMyUser } from 'api/generated/services/users';
 import listOrgPreferences from 'api/v1/org/preferences/list';
+import { clearAuthStorage } from 'utils/clearAuthStorage';
+import { setNoAuthMode } from 'utils/noAuthMode';
 import listUserPreferences from 'api/v1/user/preferences/list';
 import getUserVersion from 'api/v1/version/get';
 import { LOCALSTORAGE } from 'constants/localStorage';
@@ -70,11 +73,50 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	const [isLoggedIn, setIsLoggedIn] = useState<boolean>(
 		(): boolean => getLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN) === 'true',
 	);
+	const [isNoAuthMode, setIsNoAuthMode] = useState<boolean>(false);
+	const [isPreflightLoading, setIsPreflightLoading] = useState<boolean>(true);
 	const [org, setOrg] = useState<Organization[] | null>(null);
 	const [changelog, setChangelog] = useState<ChangelogSchema | null>(null);
 
 	const [showChangelogModal, setShowChangelogModal] = useState<boolean>(false);
 
+	// Pre-flight: discover auth mode from public global config.
+	// On success: in impersonation mode → clear stale tokens, force isLoggedIn=true,
+	//             set noAuthMode singleton so the axios interceptor (outside React)
+	//             can skip the rotate-logout chain.
+	// On failure: fail-safe to normal auth flow (treat as not no-auth).
+	const { data: globalConfigData, isLoading: isFetchingGlobalConfig } =
+		useGetGlobalConfig({
+			query: {
+				retry: 2,
+				retryDelay: 1000,
+				refetchOnWindowFocus: false,
+				staleTime: Infinity,
+			},
+		});
+
+	useEffect(() => {
+		if (isFetchingGlobalConfig) {
+			return;
+		}
+
+		const impersonationEnabled =
+			globalConfigData?.data?.identN?.impersonation?.enabled === true;
+
+		if (impersonationEnabled) {
+			clearAuthStorage();
+			setLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN, 'true');
+			setNoAuthMode(true);
+			setIsNoAuthMode(true);
+			setIsLoggedIn(true);
+		} else {
+			setNoAuthMode(false);
+			setIsNoAuthMode(false);
+		}
+
+		setIsPreflightLoading(false);
+	}, [globalConfigData, isFetchingGlobalConfig]);
+
 	// fetcher for current user
 	// user will only be fetched if the user id and token is present
 	// if logged out and trying to hit any route none of these calls will trigger
@@ -366,6 +408,9 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 
 	// global event listener for LOGOUT event to clean the app context state
 	useGlobalEventListener('LOGOUT', () => {
+		if (isNoAuthMode) {
+			return;
+		} // logout is meaningless in no-auth; defensively no-op
 		setIsLoggedIn(false);
 		setDefaultUser(getUserDefaults());
 		setActiveLicense(null);
@@ -385,6 +430,8 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 			orgPreferences,
 			hostsData,
 			isLoggedIn,
+			isNoAuthMode,
+			isPreflightLoading,
 			org,
 			isFetchingUser,
 			isFetchingActiveLicense,
@@ -425,6 +472,8 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 			isLoggedIn,
 			hostsData,
 			hostsFetchError,
+			isNoAuthMode,
+			isPreflightLoading,
 			org,
 			orgPreferences,
 			activeLicenseRefetch,

frontend/src/providers/App/__tests__/App.test.tsx

@@ -2,6 +2,7 @@ import { ReactElement } from 'react';
 import { QueryClient, QueryClientProvider } from 'react-query';
 import { renderHook, waitFor } from '@testing-library/react';
 import setLocalStorageApi from 'api/browser/localstorage/set';
+import { getIsNoAuthMode, setNoAuthMode } from 'utils/noAuthMode';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import { SINGLE_FLIGHT_WAIT_TIME_MS } from 'hooks/useAuthZ/constants';
 import { server } from 'mocks-server/server';
@@ -13,6 +14,7 @@ import { AppProvider, useAppContext } from '../App';
 
 const MY_USER_URL = 'http://localhost/api/v2/users/me';
 const MY_ORG_URL = 'http://localhost/api/v2/orgs/me';
+const GLOBAL_CONFIG_URL = 'http://localhost/api/v1/global/config';
 
 jest.mock('constants/env', () => ({
 	ENVIRONMENT: { baseURL: 'http://localhost', wsURL: '' },
@@ -336,3 +338,89 @@ describe('AppProvider when authz/check fails', () => {
 		);
 	});
 });
+
+describe('AppProvider no-auth preflight', () => {
+	beforeEach(() => {
+		queryClient.clear();
+	});
+
+	afterEach(() => {
+		setNoAuthMode(false);
+	});
+
+	it('sets isNoAuthMode=true and noAuthMode singleton when impersonation is enabled', async () => {
+		server.use(
+			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({
+						data: { identN: { impersonation: { enabled: true } } },
+					}),
+				),
+			),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitFor(
+			() => {
+				expect(result.current.isNoAuthMode).toBe(true);
+			},
+			{ timeout: 3000 },
+		);
+
+		expect(getIsNoAuthMode()).toBe(true);
+	});
+
+	it('leaves isNoAuthMode=false and clears noAuthMode singleton when impersonation is disabled', async () => {
+		server.use(
+			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({
+						data: { identN: { impersonation: { enabled: false } } },
+					}),
+				),
+			),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitFor(
+			() => {
+				expect(result.current.isPreflightLoading).toBe(false);
+			},
+			{ timeout: 3000 },
+		);
+
+		expect(result.current.isNoAuthMode).toBe(false);
+		expect(getIsNoAuthMode()).toBe(false);
+	});
+
+	it('transitions isPreflightLoading from true to false once preflight resolves', async () => {
+		server.use(
+			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({
+						data: { identN: { impersonation: { enabled: false } } },
+					}),
+				),
+			),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		expect(result.current.isPreflightLoading).toBe(true);
+
+		await waitFor(
+			() => {
+				expect(result.current.isPreflightLoading).toBe(false);
+			},
+			{ timeout: 3000 },
+		);
+	});
+});

frontend/src/providers/App/types.ts

@@ -20,6 +20,8 @@ export interface IAppContext {
 	userPreferences: UserPreference[] | null;
 	hostsData: GetHosts200 | null;
 	isLoggedIn: boolean;
+	isNoAuthMode: boolean;
+	isPreflightLoading: boolean;
 	org: Organization[] | null;
 	isFetchingUser: boolean;
 	isFetchingActiveLicense: boolean;

frontend/src/tests/test-utils.tsx

@@ -240,6 +240,8 @@ export function getAppContextMock(
 		isFetchingOrgPreferences: false,
 		orgPreferencesFetchError: null,
 		isLoggedIn: true,
+		isNoAuthMode: false,
+		isPreflightLoading: false,
 		showChangelogModal: false,
 		updateUser: jest.fn(),
 		updateOrg: jest.fn(),

frontend/src/utils/__tests__/clearAuthStorage.test.ts

@@ -0,0 +1,39 @@
+import { LOCALSTORAGE } from 'constants/localStorage';
+
+import { clearAuthStorage } from '../clearAuthStorage';
+
+describe('clearAuthStorage', () => {
+	beforeEach(() => {
+		localStorage.clear();
+	});
+
+	it('removes all auth-related localStorage keys', () => {
+		localStorage.setItem(LOCALSTORAGE.AUTH_TOKEN, 'access');
+		localStorage.setItem(LOCALSTORAGE.REFRESH_AUTH_TOKEN, 'refresh');
+		localStorage.setItem(LOCALSTORAGE.IS_LOGGED_IN, 'true');
+		localStorage.setItem(LOCALSTORAGE.LOGGED_IN_USER_EMAIL, 'old@example.com');
+		localStorage.setItem(LOCALSTORAGE.LOGGED_IN_USER_NAME, 'old');
+		localStorage.setItem(LOCALSTORAGE.IS_IDENTIFIED_USER, 'true');
+		localStorage.setItem(LOCALSTORAGE.USER_ID, 'abc');
+
+		clearAuthStorage();
+
+		expect(localStorage.getItem(LOCALSTORAGE.AUTH_TOKEN)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.REFRESH_AUTH_TOKEN)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.IS_LOGGED_IN)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.LOGGED_IN_USER_EMAIL)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.LOGGED_IN_USER_NAME)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.IS_IDENTIFIED_USER)).toBeNull();
+		expect(localStorage.getItem(LOCALSTORAGE.USER_ID)).toBeNull();
+	});
+
+	it('preserves non-auth localStorage keys', () => {
+		localStorage.setItem(LOCALSTORAGE.THEME, 'dark');
+		localStorage.setItem(LOCALSTORAGE.AUTH_TOKEN, 'access');
+
+		clearAuthStorage();
+
+		expect(localStorage.getItem(LOCALSTORAGE.THEME)).toBe('dark');
+		expect(localStorage.getItem(LOCALSTORAGE.AUTH_TOKEN)).toBeNull();
+	});
+});

frontend/src/utils/clearAuthStorage.ts

@@ -0,0 +1,16 @@
+import deleteLocalStorageKey from 'api/browser/localstorage/remove';
+import { LOCALSTORAGE } from 'constants/localStorage';
+
+const AUTH_KEYS: LOCALSTORAGE[] = [
+	LOCALSTORAGE.AUTH_TOKEN,
+	LOCALSTORAGE.REFRESH_AUTH_TOKEN,
+	LOCALSTORAGE.IS_LOGGED_IN,
+	LOCALSTORAGE.LOGGED_IN_USER_EMAIL,
+	LOCALSTORAGE.LOGGED_IN_USER_NAME,
+	LOCALSTORAGE.IS_IDENTIFIED_USER,
+	LOCALSTORAGE.USER_ID,
+];
+
+export const clearAuthStorage = (): void => {
+	AUTH_KEYS.forEach((key) => deleteLocalStorageKey(key));
+};

frontend/src/utils/noAuthMode.ts

@@ -0,0 +1,7 @@
+let _isNoAuthMode = false;
+
+export const setNoAuthMode = (value: boolean): void => {
+	_isNoAuthMode = value;
+};
+
+export const getIsNoAuthMode = (): boolean => _isNoAuthMode;

go.mod

@@ -23,7 +23,6 @@ require (
 	github.com/go-playground/validator/v10 v10.27.0
 	github.com/go-redis/redismock/v9 v9.2.0
 	github.com/go-viper/mapstructure/v2 v2.5.0
-	github.com/goccy/go-yaml v1.19.2
 	github.com/gojek/heimdall/v7 v7.0.3
 	github.com/golang-jwt/jwt/v5 v5.3.1
 	github.com/google/uuid v1.6.0
@@ -132,6 +131,7 @@ require (
 	github.com/go-openapi/swag/yamlutils v0.25.5 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/goccy/go-yaml v1.19.2 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/hashicorp/go-metrics v0.5.4 // indirect
 	github.com/huandu/go-clone v1.7.3 // indirect

pkg/modules/spanmapper/implspanmapper/module.go

@@ -2,17 +2,12 @@ package implspanmapper
 
 import (
 	"context"
-	"encoding/json"
 
 	"github.com/SigNoz/signoz/pkg/modules/spanmapper"
-	"github.com/SigNoz/signoz/pkg/query-service/agentConf"
-	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/types/spantypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
-var _ spanmapper.Module = (*module)(nil)
-
 type module struct {
 	store spantypes.SpanMapperStore
 }
@@ -39,22 +34,11 @@ func (module *module) UpdateGroup(ctx context.Context, orgID, id valuer.UUID, na
 		return err
 	}
 	group.Update(name, condition, enabled, updatedBy)
-
-	err = module.store.UpdateGroup(ctx, group)
-	if err != nil {
-		return err
-	}
-	agentConf.NotifyConfigUpdate(ctx)
-	return nil
+	return module.store.UpdateGroup(ctx, group)
 }
 
 func (module *module) DeleteGroup(ctx context.Context, orgID, id valuer.UUID) error {
-	err := module.store.DeleteGroup(ctx, orgID, id)
-	if err != nil {
-		return err
-	}
-	agentConf.NotifyConfigUpdate(ctx)
-	return nil
+	return module.store.DeleteGroup(ctx, orgID, id)
 }
 
 func (module *module) ListMappers(ctx context.Context, orgID, groupID valuer.UUID) ([]*spantypes.SpanMapper, error) {
@@ -70,12 +54,7 @@ func (module *module) CreateMapper(ctx context.Context, orgID, groupID valuer.UU
 	if _, err := module.store.GetGroup(ctx, orgID, groupID); err != nil {
 		return err
 	}
-	err := module.store.CreateMapper(ctx, mapper)
-	if err != nil {
-		return err
-	}
-	agentConf.NotifyConfigUpdate(ctx)
-	return nil
+	return module.store.CreateMapper(ctx, mapper)
 }
 
 func (module *module) UpdateMapper(ctx context.Context, orgID, groupID, id valuer.UUID, fieldContext spantypes.FieldContext, config *spantypes.SpanMapperConfig, enabled *bool, updatedBy string) error {
@@ -87,72 +66,9 @@ func (module *module) UpdateMapper(ctx context.Context, orgID, groupID, id value
 		return err
 	}
 	mapper.Update(fieldContext, config, enabled, updatedBy)
-	err = module.store.UpdateMapper(ctx, mapper)
-	if err != nil {
-		return err
-	}
-	agentConf.NotifyConfigUpdate(ctx)
-	return nil
+	return module.store.UpdateMapper(ctx, mapper)
 }
 
 func (module *module) DeleteMapper(ctx context.Context, orgID, groupID, id valuer.UUID) error {
-	err := module.store.DeleteMapper(ctx, orgID, groupID, id)
-	if err != nil {
-		return err
-	}
-	agentConf.NotifyConfigUpdate(ctx)
-	return nil
-}
-
-func (module *module) AgentFeatureType() agentConf.AgentFeatureType {
-	return spantypes.SpanAttrMappingFeatureType
-}
-
-func (module *module) RecommendAgentConfig(orgID valuer.UUID, currentConfYaml []byte, configVersion *opamptypes.AgentConfigVersion) ([]byte, string, error) {
-	ctx := context.Background()
-
-	enabled, err := module.listEnabledGroupsWithMappers(ctx, orgID)
-	if err != nil {
-		return nil, "", err
-	}
-
-	updatedConf, err := spantypes.GenerateCollectorConfigWithSpanMapperProcessor(currentConfYaml, enabled)
-	if err != nil {
-		return nil, "", err
-	}
-
-	serialized, err := json.Marshal(enabled)
-	if err != nil {
-		return nil, "", err
-	}
-
-	return updatedConf, string(serialized), nil
-}
-
-// listEnabledGroupsWithMappers returns groups with their mappers.
-func (module *module) listEnabledGroupsWithMappers(ctx context.Context, orgID valuer.UUID) ([]*spantypes.SpanMapperGroupWithMappers, error) {
-	enabled := true
-	groups, err := module.store.ListGroups(ctx, orgID, &spantypes.ListSpanMapperGroupsQuery{Enabled: &enabled})
-	if err != nil {
-		return nil, err
-	}
-
-	out := make([]*spantypes.SpanMapperGroupWithMappers, 0, len(groups))
-	for _, g := range groups {
-		mappers, err := module.store.ListMappers(ctx, orgID, g.ID)
-		if err != nil {
-			return nil, err
-		}
-		if len(mappers) == 0 {
-			continue
-		}
-		enabledMappers := make([]*spantypes.SpanMapper, 0, len(mappers))
-		for _, m := range mappers {
-			if m.Enabled {
-				enabledMappers = append(enabledMappers, m)
-			}
-		}
-		out = append(out, &spantypes.SpanMapperGroupWithMappers{Group: g, Mappers: enabledMappers})
-	}
-	return out, nil
+	return module.store.DeleteMapper(ctx, orgID, groupID, id)
 }

pkg/modules/spanmapper/spanmapper.go

@@ -4,16 +4,12 @@ import (
 	"context"
 	"net/http"
 
-	"github.com/SigNoz/signoz/pkg/query-service/agentConf"
 	"github.com/SigNoz/signoz/pkg/types/spantypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 // Module defines the business logic for span attribute mapping groups and mappers.
 type Module interface {
-	// Since this module interacts with OpAMP, it must implement the AgentFeature interface.
-	agentConf.AgentFeature
-
 	// Group operations
 	ListGroups(ctx context.Context, orgID valuer.UUID, q *spantypes.ListSpanMapperGroupsQuery) ([]*spantypes.SpanMapperGroup, error)
 	GetGroup(ctx context.Context, orgID, id valuer.UUID) (*spantypes.SpanMapperGroup, error)

pkg/types/spantypes/mappergroup.go

@@ -13,9 +13,7 @@ var (
 	ErrCodeMappingGroupAlreadyExists = errors.MustNewCode("span_attribute_mapping_group_already_exists")
 )
 
-// SpanMapperGroupCondition gates whether a group's rules run for a given span.
-// A group runs when any attribute or resource key on the span CONTAINS one of
-// the listed substrings (plain substring match — no glob syntax).
+// A group runs when any of the listed attribute/resource key patterns match.
 type SpanMapperGroupCondition struct {
 	Attributes []string `json:"attributes" required:"true" nullable:"true"`
 	Resource   []string `json:"resource" required:"true" nullable:"true"`

pkg/types/spantypes/spanmapperprocessor.go

@@ -1,144 +0,0 @@
-package spantypes
-
-import (
-	"sort"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/query-service/agentConf"
-	"github.com/goccy/go-yaml"
-)
-
-const (
-	SpanAttrMappingFeatureType agentConf.AgentFeatureType = "span_attr_mapping"
-
-	ProcessorName = "signozspanmapper"
-)
-
-var (
-	ErrCodeInvalidCollectorConfig      = errors.MustNewCode("invalid_collector_config")
-	ErrCodeBuildMappingProcessorConfig = errors.MustNewCode("build_mapping_processor_config")
-)
-
-type SpanMapperGroupWithMappers struct {
-	Group   *SpanMapperGroup `json:"group"`
-	Mappers []*SpanMapper    `json:"mappers"`
-}
-
-// spanMapperProcessorConfig is the collector config for signozspanmapper.
-type spanMapperProcessorConfig struct {
-	Groups []spanMapperProcessorGroup `yaml:"groups" json:"groups"`
-}
-
-type spanMapperProcessorGroup struct {
-	ID         string                         `yaml:"id" json:"id"`
-	ExistsAny  spanMapperProcessorExistsAny   `yaml:"exists_any" json:"exists_any"`
-	Attributes []spanMapperProcessorAttribute `yaml:"attributes" json:"attributes"`
-}
-
-type spanMapperProcessorExistsAny struct {
-	Attributes []string `yaml:"attributes,omitempty" json:"attributes,omitempty"`
-	Resource   []string `yaml:"resource,omitempty" json:"resource,omitempty"`
-}
-
-type spanMapperProcessorAttribute struct {
-	Target  string   `yaml:"target" json:"target"`
-	Context string   `yaml:"context,omitempty" json:"context,omitempty"`
-	Action  string   `yaml:"action,omitempty" json:"action,omitempty"`
-	Sources []string `yaml:"sources" json:"sources"`
-}
-
-func GenerateCollectorConfigWithSpanMapperProcessor(currentConfYaml []byte, groups []*SpanMapperGroupWithMappers) ([]byte, error) {
-	var collectorConf map[string]any
-	if err := yaml.Unmarshal(currentConfYaml, &collectorConf); err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInvalidInput, ErrCodeInvalidCollectorConfig, "failed to unmarshal collector config")
-	}
-	// rare but don't do anything in this case, also means it's just comments.
-	if collectorConf == nil {
-		collectorConf = map[string]any{}
-	}
-
-	processors := map[string]any{}
-	if existing, ok := collectorConf["processors"]; ok && existing != nil {
-		p, ok := existing.(map[string]any)
-		if !ok {
-			return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidCollectorConfig, "collector config 'processors' must be a mapping, got %T", existing)
-		}
-		processors = p
-	}
-
-	procConfig := buildProcessorConfig(groups)
-	configBytes, err := yaml.Marshal(procConfig)
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, ErrCodeBuildMappingProcessorConfig, "failed to marshal span mapper processor config")
-	}
-	var configMap any
-	if err := yaml.Unmarshal(configBytes, &configMap); err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, ErrCodeBuildMappingProcessorConfig, "failed to re-unmarshal span mapper processor config")
-	}
-
-	processors[ProcessorName] = configMap
-	collectorConf["processors"] = processors
-
-	out, err := yaml.Marshal(collectorConf)
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, ErrCodeBuildMappingProcessorConfig, "failed to marshal collector config")
-	}
-	return out, nil
-}
-
-func buildProcessorConfig(groups []*SpanMapperGroupWithMappers) *spanMapperProcessorConfig {
-	out := make([]spanMapperProcessorGroup, 0, len(groups))
-
-	for _, gm := range groups {
-		rules := make([]spanMapperProcessorAttribute, 0, len(gm.Mappers))
-		for _, m := range gm.Mappers {
-			rules = append(rules, buildAttributeRule(m))
-		}
-
-		out = append(out, spanMapperProcessorGroup{
-			ID: gm.Group.Name,
-			ExistsAny: spanMapperProcessorExistsAny{
-				Attributes: gm.Group.Condition.Attributes,
-				Resource:   gm.Group.Condition.Resource,
-			},
-			Attributes: rules,
-		})
-	}
-
-	return &spanMapperProcessorConfig{Groups: out}
-}
-
-// buildAttributeRule maps a single SpanMapper to a collector attribute rule.
-// Sources are sorted by Priority DESC (highest-priority first), and read-from-
-// resource sources are encoded via the "resource." prefix.
-func buildAttributeRule(m *SpanMapper) spanMapperProcessorAttribute {
-	sources := make([]SpanMapperSource, len(m.Config.Sources))
-	copy(sources, m.Config.Sources)
-	sort.SliceStable(sources, func(i, j int) bool { return sources[i].Priority > sources[j].Priority })
-
-	keys := make([]string, 0, len(sources))
-	for _, s := range sources {
-		if s.Context == FieldContextResource {
-			keys = append(keys, FieldContextResource.StringValue()+"."+s.Key)
-		} else {
-			keys = append(keys, s.Key)
-		}
-	}
-
-	action := SpanMapperOperationCopy
-	if len(sources) > 0 && sources[0].Operation == SpanMapperOperationMove {
-		action = SpanMapperOperationMove
-	}
-
-	ctx := FieldContextSpanAttribute
-	if m.FieldContext == FieldContextResource {
-		ctx = FieldContextResource
-	}
-
-	return spanMapperProcessorAttribute{
-		Target:  m.Name,
-		Context: ctx.StringValue(),
-		Action:  action.StringValue(),
-		Sources: keys,
-	}
-}

pkg/types/spantypes/spanmapperprocessor_test.go

@@ -1,193 +0,0 @@
-package spantypes
-
-import (
-	"os"
-	"path/filepath"
-	"testing"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"gopkg.in/yaml.v3"
-)
-
-func TestGenerateCollectorConfigWithSpanMapperProcessor(t *testing.T) {
-	t.Parallel()
-
-	baseline := loadFixture(t, "collector_baseline.yaml")
-
-	tests := []struct {
-		name   string
-		groups []*SpanMapperGroupWithMappers
-		want   string
-	}{
-		{
-			name: "no_groups",
-			want: "collector_no_groups.yaml",
-		},
-		{
-			name: "with_groups",
-			groups: []*SpanMapperGroupWithMappers{
-				{
-					Group: newGroup("llm", []string{"model"}, []string{"service.name"}),
-					Mappers: []*SpanMapper{
-						newMapper("gen_ai.request.model", FieldContextResource,
-							attrSrc("gen_ai.llm.model", SpanMapperOperationCopy, 3),
-							attrSrc("llm.model", SpanMapperOperationCopy, 2),
-							resSrc("service.name", SpanMapperOperationCopy, 1),
-						),
-						newMapper("gen_ai.request.tokens", FieldContextSpanAttribute,
-							attrSrc("gen_ai.request_tokens", SpanMapperOperationCopy, 2),
-							attrSrc("llm.tokens", SpanMapperOperationCopy, 1),
-						),
-						newMapper("gen_ai.request.input", FieldContextSpanAttribute,
-							attrSrc("gen_ai.input", SpanMapperOperationMove, 2),
-							attrSrc("llm.input", SpanMapperOperationMove, 1),
-						),
-					},
-				},
-				{
-					Group: newGroup("agent", []string{"agent."}, nil),
-					Mappers: []*SpanMapper{
-						newMapper("gen_ai.agent.name", FieldContextSpanAttribute,
-							attrSrc("agent.name", SpanMapperOperationCopy, 2),
-							attrSrc("llm.agent.name", SpanMapperOperationCopy, 1),
-						),
-						newMapper("gen_ai.agent.id", FieldContextSpanAttribute,
-							attrSrc("gen_ai.agent.id", SpanMapperOperationCopy, 2),
-							attrSrc("llm.agent.id", SpanMapperOperationCopy, 1),
-						),
-					},
-				},
-				{
-					Group: newGroup("tool", []string{"agent."}, nil),
-					Mappers: []*SpanMapper{
-						newMapper("gen_ai.tool.name", FieldContextSpanAttribute,
-							attrSrc("ai.tool.name", SpanMapperOperationCopy, 2),
-							attrSrc("llm.tool.name", SpanMapperOperationCopy, 1),
-						),
-					},
-				},
-			},
-			want: "collector_with_groups.yaml",
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			t.Parallel()
-			got, err := GenerateCollectorConfigWithSpanMapperProcessor(baseline, tc.groups)
-			require.NoError(t, err)
-			assertYAMLEqual(t, loadFixture(t, tc.want), got)
-		})
-	}
-}
-
-func TestGenerateCollectorConfigWithSpanMapperProcessor_Errors(t *testing.T) {
-	t.Parallel()
-
-	tests := []struct {
-		name string
-		in   []byte
-	}{
-		{"processors_not_a_map", []byte("processors: not-a-map\n")},
-		{"malformed_yaml", []byte(": :")},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			t.Parallel()
-			_, err := GenerateCollectorConfigWithSpanMapperProcessor(tc.in, nil)
-			require.Error(t, err)
-			assert.True(t, errors.Ast(err, errors.TypeInvalidInput), "want TypeInvalidInput, got %v", err)
-			assert.True(t, errors.Asc(err, ErrCodeInvalidCollectorConfig), "want ErrCodeInvalidCollectorConfig, got %v", err)
-		})
-	}
-}
-
-func TestBuildAttributeRule(t *testing.T) {
-	t.Parallel()
-
-	tests := []struct {
-		name   string
-		mapper *SpanMapper
-		want   spanMapperProcessorAttribute
-	}{
-		{
-			name: "priority_sort_and_resource_prefix",
-			mapper: newMapper("gen_ai.request.model", FieldContextResource,
-				attrSrc("llm.model", SpanMapperOperationCopy, 20),
-				resSrc("service.name", SpanMapperOperationCopy, 10),
-				attrSrc("gen_ai.llm.model", SpanMapperOperationCopy, 30),
-			),
-			want: spanMapperProcessorAttribute{
-				Target:  "gen_ai.request.model",
-				Context: FieldContextResource.StringValue(),
-				Action:  SpanMapperOperationCopy.StringValue(),
-				Sources: []string{"gen_ai.llm.model", "llm.model", "resource.service.name"},
-			},
-		},
-		{
-			name: "move_action_follows_highest_priority_source",
-			mapper: newMapper("gen_ai.request.input", FieldContextSpanAttribute,
-				attrSrc("gen_ai.input", SpanMapperOperationMove, 20),
-				attrSrc("llm.input", SpanMapperOperationMove, 10),
-			),
-			want: spanMapperProcessorAttribute{
-				Target:  "gen_ai.request.input",
-				Context: FieldContextSpanAttribute.StringValue(),
-				Action:  SpanMapperOperationMove.StringValue(),
-				Sources: []string{"gen_ai.input", "llm.input"},
-			},
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			t.Parallel()
-			assert.Equal(t, tc.want, buildAttributeRule(tc.mapper))
-		})
-	}
-}
-
-func loadFixture(t *testing.T, name string) []byte {
-	t.Helper()
-	b, err := os.ReadFile(filepath.Join("testdata", name))
-	require.NoError(t, err)
-	return b
-}
-
-// assertYAMLEqual compares two YAML documents structurally so key order and
-// slice formatting do not matter.
-func assertYAMLEqual(t *testing.T, want, got []byte) {
-	t.Helper()
-	var w, g any
-	require.NoError(t, yaml.Unmarshal(want, &w))
-	require.NoError(t, yaml.Unmarshal(got, &g))
-	assert.Equal(t, w, g)
-}
-
-func newGroup(name string, attrs, res []string) *SpanMapperGroup {
-	return &SpanMapperGroup{
-		Name:      name,
-		Condition: SpanMapperGroupCondition{Attributes: attrs, Resource: res},
-		Enabled:   true,
-	}
-}
-
-func newMapper(name string, target FieldContext, sources ...SpanMapperSource) *SpanMapper {
-	return &SpanMapper{
-		Name:         name,
-		FieldContext: target,
-		Config:       SpanMapperConfig{Sources: sources},
-		Enabled:      true,
-	}
-}
-
-func attrSrc(key string, op SpanMapperOperation, priority int) SpanMapperSource {
-	return SpanMapperSource{Key: key, Context: FieldContextSpanAttribute, Operation: op, Priority: priority}
-}
-
-func resSrc(key string, op SpanMapperOperation, priority int) SpanMapperSource {
-	return SpanMapperSource{Key: key, Context: FieldContextResource, Operation: op, Priority: priority}
-}

pkg/types/spantypes/testdata/collector_baseline.yaml

@@ -1,17 +0,0 @@
-receivers:
-  otlp:
-    protocols:
-      grpc:
-processors:
-  signozspanmapper:
-    groups: []
-  batch: {}
-exporters:
-  otlp:
-    endpoint: localhost:4317
-service:
-  pipelines:
-    traces:
-      receivers: [otlp]
-      processors: [signozspanmapper, batch]
-      exporters: [otlp]

pkg/types/spantypes/testdata/collector_no_groups.yaml

@@ -1,17 +0,0 @@
-receivers:
-  otlp:
-    protocols:
-      grpc:
-processors:
-  signozspanmapper:
-    groups: []
-  batch: {}
-exporters:
-  otlp:
-    endpoint: localhost:4317
-service:
-  pipelines:
-    traces:
-      receivers: [otlp]
-      processors: [signozspanmapper, batch]
-      exporters: [otlp]

pkg/types/spantypes/testdata/collector_with_groups.yaml

@@ -1,71 +0,0 @@
-receivers:
-  otlp:
-    protocols:
-      grpc:
-processors:
-  signozspanmapper:
-    groups:
-      - id: llm
-        exists_any:
-          attributes:
-            - model
-          resource:
-            - service.name
-        attributes:
-          - target: gen_ai.request.model
-            context: resource
-            action: copy
-            sources:
-              - gen_ai.llm.model
-              - llm.model
-              - resource.service.name
-          - target: gen_ai.request.tokens
-            context: attribute
-            action: copy
-            sources:
-              - gen_ai.request_tokens
-              - llm.tokens
-          - target: gen_ai.request.input
-            context: attribute
-            action: move
-            sources:
-              - gen_ai.input
-              - llm.input
-      - id: agent
-        exists_any:
-          attributes:
-            - agent.
-        attributes:
-          - target: gen_ai.agent.name
-            context: attribute
-            action: copy
-            sources:
-              - agent.name
-              - llm.agent.name
-          - target: gen_ai.agent.id
-            context: attribute
-            action: copy
-            sources:
-              - gen_ai.agent.id
-              - llm.agent.id
-      - id: tool
-        exists_any:
-          attributes:
-            - agent.
-        attributes:
-          - target: gen_ai.tool.name
-            context: attribute
-            action: copy
-            sources:
-              - ai.tool.name
-              - llm.tool.name
-  batch: {}
-exporters:
-  otlp:
-    endpoint: localhost:4317
-service:
-  pipelines:
-    traces:
-      receivers: [otlp]
-      processors: [signozspanmapper, batch]
-      exporters: [otlp]