feat(sa): made service account role selection multiselect, handling multiple api calls parallely

docs/api/openapi.yml

@@ -4463,19 +4463,18 @@ components:
           $ref: '#/components/schemas/RuletypesEvaluationKind'
         spec:
           $ref: '#/components/schemas/RuletypesCumulativeWindow'
-      required:
-      - kind
-      - spec
       type: object
     RuletypesEvaluationEnvelope:
-      discriminator:
-        mapping:
-          cumulative: '#/components/schemas/RuletypesEvaluationCumulative'
-          rolling: '#/components/schemas/RuletypesEvaluationRolling'
-        propertyName: kind
       oneOf:
       - $ref: '#/components/schemas/RuletypesEvaluationRolling'
       - $ref: '#/components/schemas/RuletypesEvaluationCumulative'
+      properties:
+        kind:
+          $ref: '#/components/schemas/RuletypesEvaluationKind'
+        spec: {}
+      required:
+      - kind
+      - spec
       type: object
     RuletypesEvaluationKind:
       enum:
@@ -4488,9 +4487,6 @@ components:
           $ref: '#/components/schemas/RuletypesEvaluationKind'
         spec:
           $ref: '#/components/schemas/RuletypesRollingWindow'
-      required:
-      - kind
-      - spec
       type: object
     RuletypesGettableTestRule:
       properties:
@@ -4798,12 +4794,15 @@ components:
       - compositeQuery
       type: object
     RuletypesRuleThresholdData:
-      discriminator:
-        mapping:
-          basic: '#/components/schemas/RuletypesThresholdBasic'
-        propertyName: kind
       oneOf:
       - $ref: '#/components/schemas/RuletypesThresholdBasic'
+      properties:
+        kind:
+          $ref: '#/components/schemas/RuletypesThresholdKind'
+        spec: {}
+      required:
+      - kind
+      - spec
       type: object
     RuletypesRuleType:
       enum:
@@ -4845,9 +4844,6 @@ components:
           $ref: '#/components/schemas/RuletypesThresholdKind'
         spec:
           $ref: '#/components/schemas/RuletypesBasicRuleThresholds'
-      required:
-      - kind
-      - spec
       type: object
     RuletypesThresholdKind:
       enum:

frontend/src/AppRoutes/__tests__/Private.test.tsx

@@ -165,8 +165,6 @@ function createMockAppContext(
 		orgPreferences: createMockOrgPreferences(),
 		userPreferences: [],
 		isLoggedIn: true,
-		isNoAuthMode: false,
-		isPreflightLoading: false,
 		org: [{ createdAt: 0, id: 'org-id', displayName: 'Test Org' }],
 		isFetchingUser: false,
 		isFetchingActiveLicense: false,

frontend/src/AppRoutes/index.tsx

@@ -58,7 +58,6 @@ function App(): JSX.Element {
 		isLoggedIn: isLoggedInState,
 		featureFlags,
 		org,
-		isPreflightLoading,
 	} = useAppContext();
 	const [routes, setRoutes] = useState<AppRoutes[]>(defaultRoutes);
 
@@ -328,11 +327,6 @@ function App(): JSX.Element {
 					replaysSessionSampleRate: 0.1, // This sets the sample rate at 10%. You may want to change it to 100% while in development and then sample at a lower rate in production.
 					replaysOnErrorSampleRate: 1.0, // If you're not already sampling the entire session, change the sample rate to 100% when sampling sessions where errors occur.
 					beforeSend(event) {
-						// Drop the event if its level is 'warning' or 'info'
-						if (event.level === 'warning' || event.level === 'info') {
-							return null;
-						}
-
 						const sessionReplayUrl = posthog.get_session_replay_url?.({
 							withTimestamp: true,
 						});
@@ -356,10 +350,6 @@ function App(): JSX.Element {
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, [isCloudUser, isEnterpriseSelfHostedUser]);
 
-	if (isPreflightLoading) {
-		return <Spinner tip="Loading..." />;
-	}
-
 	// if the user is in logged in state
 	if (isLoggedInState) {
 		// if the setup calls are loading then return a spinner

frontend/src/api/__tests__/interceptorRejected.no-auth.test.ts

@@ -1,72 +0,0 @@
-import axios from 'axios';
-import { getIsNoAuthMode } from 'utils/noAuthMode';
-
-import { interceptorRejected } from '../index';
-
-jest.mock('utils/noAuthMode', () => ({
-	getIsNoAuthMode: jest.fn(),
-}));
-
-jest.mock('api/v2/sessions/rotate/post', () => ({
-	__esModule: true,
-	default: jest.fn(),
-}));
-
-jest.mock('AppRoutes/utils', () => ({
-	__esModule: true,
-	default: jest.fn(),
-}));
-
-jest.mock('../utils', () => ({
-	Logout: jest.fn(),
-}));
-
-// oxlint-disable-next-line typescript/no-require-imports typescript/no-var-requires
-const post = require('api/v2/sessions/rotate/post').default;
-// oxlint-disable-next-line typescript/no-require-imports typescript/no-var-requires
-const { Logout } = require('../utils');
-
-describe('interceptorRejected — no-auth mode', () => {
-	beforeEach(() => {
-		jest.clearAllMocks();
-		jest.spyOn(axios, 'isAxiosError').mockReturnValue(true);
-	});
-
-	it('does NOT call rotate or Logout when no-auth mode is enabled on 401', async () => {
-		(getIsNoAuthMode as jest.Mock).mockReturnValue(true);
-
-		const error = {
-			isAxiosError: true,
-			response: {
-				status: 401,
-				config: { url: '/dashboards', method: 'get' },
-			},
-			config: { url: '/dashboards', headers: {} },
-		};
-
-		await interceptorRejected(error as any).catch(() => {});
-
-		expect(post).not.toHaveBeenCalled();
-		expect(Logout).not.toHaveBeenCalled();
-	});
-
-	it('DOES attempt rotate when no-auth mode is disabled on 401', async () => {
-		(getIsNoAuthMode as jest.Mock).mockReturnValue(false);
-		(post as jest.Mock).mockResolvedValue({
-			data: { accessToken: 'a', refreshToken: 'b' },
-		});
-
-		const error = {
-			isAxiosError: true,
-			response: {
-				status: 401,
-				config: { url: '/dashboards', method: 'get' },
-			},
-			config: { url: '/dashboards', headers: {} },
-		};
-
-		await interceptorRejected(error as any).catch(() => {});
-
-		expect(post).toHaveBeenCalled();
-	});
-});

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -6676,36 +6676,28 @@ export interface RuletypesCumulativeWindowDTO {
 	timezone: string;
 }
 
-export enum RuletypesEvaluationCumulativeDTOKind {
-	cumulative = 'cumulative',
-}
 export interface RuletypesEvaluationCumulativeDTO {
-	/**
-	 * @type string
-	 * @enum cumulative
-	 */
-	kind: RuletypesEvaluationCumulativeDTOKind;
-	spec: RuletypesCumulativeWindowDTO;
+	kind?: RuletypesEvaluationKindDTO;
+	spec?: RuletypesCumulativeWindowDTO;
 }
 
 export type RuletypesEvaluationEnvelopeDTO =
-	| RuletypesEvaluationRollingDTO
-	| RuletypesEvaluationCumulativeDTO;
+	| (RuletypesEvaluationRollingDTO & {
+			kind: RuletypesEvaluationKindDTO;
+			spec: unknown;
+	  })
+	| (RuletypesEvaluationCumulativeDTO & {
+			kind: RuletypesEvaluationKindDTO;
+			spec: unknown;
+	  });
 
 export enum RuletypesEvaluationKindDTO {
 	rolling = 'rolling',
 	cumulative = 'cumulative',
 }
-export enum RuletypesEvaluationRollingDTOKind {
-	rolling = 'rolling',
-}
 export interface RuletypesEvaluationRollingDTO {
-	/**
-	 * @type string
-	 * @enum rolling
-	 */
-	kind: RuletypesEvaluationRollingDTOKind;
-	spec: RuletypesRollingWindowDTO;
+	kind?: RuletypesEvaluationKindDTO;
+	spec?: RuletypesRollingWindowDTO;
 }
 
 export interface RuletypesGettableTestRuleDTO {
@@ -7060,7 +7052,10 @@ export interface RuletypesRuleConditionDTO {
 	thresholds?: RuletypesRuleThresholdDataDTO;
 }
 
-export type RuletypesRuleThresholdDataDTO = RuletypesThresholdBasicDTO;
+export type RuletypesRuleThresholdDataDTO = RuletypesThresholdBasicDTO & {
+	kind: RuletypesThresholdKindDTO;
+	spec: unknown;
+};
 
 export enum RuletypesRuleTypeDTO {
 	threshold_rule = 'threshold_rule',
@@ -7096,16 +7091,9 @@ export enum RuletypesSeasonalityDTO {
 	daily = 'daily',
 	weekly = 'weekly',
 }
-export enum RuletypesThresholdBasicDTOKind {
-	basic = 'basic',
-}
 export interface RuletypesThresholdBasicDTO {
-	/**
-	 * @type string
-	 * @enum basic
-	 */
-	kind: RuletypesThresholdBasicDTOKind;
-	spec: RuletypesBasicRuleThresholdsDTO;
+	kind?: RuletypesThresholdKindDTO;
+	spec?: RuletypesBasicRuleThresholdsDTO;
 }
 
 export enum RuletypesThresholdKindDTO {

frontend/src/api/index.ts

@@ -13,7 +13,6 @@ import { Events } from 'constants/events';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import { getBasePath } from 'utils/basePath';
 import { eventEmitter } from 'utils/getEventEmitter';
-import { getIsNoAuthMode } from 'utils/noAuthMode';
 
 import apiV1, { apiAlertManager, apiV2, apiV3, apiV4, apiV5 } from './apiV1';
 import { Logout } from './utils';
@@ -109,10 +108,7 @@ export const interceptorRejected = async (
 		if (axios.isAxiosError(value) && value.response) {
 			const { response } = value;
 
-			const isNoAuthMode = getIsNoAuthMode();
-
 			if (
-				!isNoAuthMode &&
 				response.status === 401 &&
 				// if the session rotate call or the create session errors out with 401 or the delete sessions call returns 401 then we do not retry!
 				response.config.url !== '/sessions/rotate' &&
@@ -144,20 +140,16 @@ export const interceptorRejected = async (
 						return await Promise.resolve(reResponse);
 					} catch (error) {
 						if ((error as AxiosError)?.response?.status === 401) {
-							void Logout();
+							Logout();
 						}
 					}
 				} catch (error) {
-					void Logout();
+					Logout();
 				}
 			}
 
-			if (
-				!isNoAuthMode &&
-				response.status === 401 &&
-				response.config.url === '/sessions/rotate'
-			) {
-				void Logout();
+			if (response.status === 401 && response.config.url === '/sessions/rotate') {
+				Logout();
 			}
 		}
 		return await Promise.reject(value);

frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx

@@ -15,7 +15,6 @@ import {
 } from 'api/generated/services/users';
 import { AxiosError } from 'axios';
 import { MemberRow } from 'components/MembersTable/MembersTable';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import RolesSelect, { useRoles } from 'components/RolesSelect';
 import SaveErrorItem from 'components/ServiceAccountDrawer/SaveErrorItem';
 import type { SaveError } from 'components/ServiceAccountDrawer/utils';
@@ -593,43 +592,39 @@ function EditMemberDrawer({
 					<div className="edit-member-drawer__footer-left">
 						<Tooltip title={getDeleteTooltip(isRootUser, isSelf)}>
 							<span className="edit-member-drawer__tooltip-wrapper">
-								<NoAuthGuard>
-									<Button
-										onClick={(): void => setShowDeleteConfirm(true)}
-										disabled={isRootUser || isSelf}
-										variant="link"
-										color="destructive"
-									>
-										<Trash2 size={12} />
-										{isInvited ? 'Revoke Invite' : 'Delete Member'}
-									</Button>
-								</NoAuthGuard>
+								<Button
+									onClick={(): void => setShowDeleteConfirm(true)}
+									disabled={isRootUser || isSelf}
+									variant="link"
+									color="destructive"
+								>
+									<Trash2 size={12} />
+									{isInvited ? 'Revoke Invite' : 'Delete Member'}
+								</Button>
 							</span>
 						</Tooltip>
 
 						<div className="edit-member-drawer__footer-divider" />
 						<Tooltip title={isRootUser ? ROOT_USER_TOOLTIP : undefined}>
 							<span className="edit-member-drawer__tooltip-wrapper">
-								<NoAuthGuard>
-									<Button
-										onClick={handleGenerateResetLink}
-										disabled={isGeneratingLink || isRootUser || isLoadingTokenStatus}
-										variant="link"
-										color="warning"
-									>
-										<RefreshCw size={12} />
-										{isGeneratingLink
-											? 'Generating...'
-											: isInvited
-												? getInviteButtonLabel(
-														isLoadingTokenStatus,
-														existingToken,
-														isTokenExpired,
-														tokenNotFound,
-													)
-												: 'Generate Password Reset Link'}
-									</Button>
-								</NoAuthGuard>
+								<Button
+									onClick={handleGenerateResetLink}
+									disabled={isGeneratingLink || isRootUser || isLoadingTokenStatus}
+									variant="link"
+									color="warning"
+								>
+									<RefreshCw size={12} />
+									{isGeneratingLink
+										? 'Generating...'
+										: isInvited
+											? getInviteButtonLabel(
+													isLoadingTokenStatus,
+													existingToken,
+													isTokenExpired,
+													tokenNotFound,
+												)
+											: 'Generate Password Reset Link'}
+								</Button>
 							</span>
 						</Tooltip>
 					</div>
@@ -640,17 +635,15 @@ function EditMemberDrawer({
 							Cancel
 						</Button>
 
-						<NoAuthGuard>
-							<Button
-								variant="solid"
-								color="primary"
-								disabled={!isDirty || isSaving || isRootUser}
-								onClick={handleSave}
-								loading={isSaving}
-							>
-								{isSaving ? 'Saving...' : 'Save Member Details'}
-							</Button>
-						</NoAuthGuard>
+						<Button
+							variant="solid"
+							color="primary"
+							disabled={!isDirty || isSaving || isRootUser}
+							onClick={handleSave}
+							loading={isSaving}
+						>
+							{isSaving ? 'Saving...' : 'Save Member Details'}
+						</Button>
 					</div>
 				</>
 			)}

frontend/src/components/NoAuthBanner/NoAuthBanner.module.scss

@@ -1,3 +0,0 @@
-.banner {
-	height: var(--spacing-20);
-}

frontend/src/components/NoAuthBanner/NoAuthBanner.tsx

@@ -1,18 +0,0 @@
-import { PersistedAnnouncementBanner } from '@signozhq/ui';
-
-import styles from './NoAuthBanner.module.scss';
-
-export function NoAuthBanner(): JSX.Element {
-	return (
-		<PersistedAnnouncementBanner
-			type="warning"
-			storageKey="no-auth-banner-v1"
-			testId="no-auth-banner"
-			className={styles.banner}
-		>
-			No-auth mode: authentication is disabled, network is the trust boundary.
-		</PersistedAnnouncementBanner>
-	);
-}
-
-export default NoAuthBanner;

frontend/src/components/NoAuthBanner/__tests__/NoAuthBanner.test.tsx

@@ -1,17 +0,0 @@
-import { render, screen } from 'tests/test-utils';
-
-import { NoAuthBanner } from '../NoAuthBanner';
-
-describe('NoAuthBanner', () => {
-	it('renders the no-auth message', () => {
-		render(<NoAuthBanner />);
-		expect(
-			screen.getByText(/No-auth mode: authentication is disabled/i),
-		).toBeInTheDocument();
-	});
-
-	it('renders with the warning test id', () => {
-		render(<NoAuthBanner />);
-		expect(screen.getByTestId('no-auth-banner')).toBeInTheDocument();
-	});
-});

frontend/src/components/NoAuthGuard/NoAuthGuard.tsx

@@ -1,36 +0,0 @@
-import React from 'react';
-import { Tooltip, TooltipProvider } from '@signozhq/ui';
-import { useAppContext } from 'providers/App/App';
-
-export const DEFAULT_MESSAGE = 'Not available in no-auth mode';
-
-interface NoAuthGuardProps {
-	children: React.ReactElement;
-	message?: string;
-}
-
-export function NoAuthGuard({
-	children,
-	message = DEFAULT_MESSAGE,
-}: NoAuthGuardProps): JSX.Element {
-	const { isNoAuthMode } = useAppContext();
-
-	if (!isNoAuthMode) {
-		return children;
-	}
-
-	const disabledChild = React.cloneElement(children, { disabled: true });
-
-	return (
-		<TooltipProvider>
-			<Tooltip title={message} arrow>
-				<span
-					data-no-auth-trigger
-					style={{ display: 'inline-flex', cursor: 'not-allowed' }}
-				>
-					{disabledChild}
-				</span>
-			</Tooltip>
-		</TooltipProvider>
-	);
-}

frontend/src/components/NoAuthGuard/__tests__/NoAuthGuard.test.tsx

@@ -1,75 +0,0 @@
-import React from 'react';
-import { render } from 'tests/test-utils';
-
-import { DEFAULT_MESSAGE, NoAuthGuard } from '..';
-
-describe('NoAuthGuard', () => {
-	it('renders children unchanged when isNoAuthMode is false', () => {
-		const { getByRole } = render(
-			<NoAuthGuard>
-				<button type="button">Action</button>
-			</NoAuthGuard>,
-			undefined,
-			{ appContextOverrides: { isNoAuthMode: false } },
-		);
-		expect(getByRole('button', { name: 'Action' })).not.toBeDisabled();
-	});
-
-	it('does not intercept onClick when isNoAuthMode is false', () => {
-		const handleClick = jest.fn();
-		const { getByRole } = render(
-			<NoAuthGuard>
-				<button type="button" onClick={handleClick}>
-					Action
-				</button>
-			</NoAuthGuard>,
-			undefined,
-			{ appContextOverrides: { isNoAuthMode: false } },
-		);
-		getByRole('button', { name: 'Action' }).click();
-		expect(handleClick).toHaveBeenCalledTimes(1);
-	});
-
-	it('disables children when isNoAuthMode is true', () => {
-		const { getByRole } = render(
-			<NoAuthGuard>
-				<button type="button">Action</button>
-			</NoAuthGuard>,
-			undefined,
-			{ appContextOverrides: { isNoAuthMode: true } },
-		);
-		expect(getByRole('button', { name: 'Action' })).toBeDisabled();
-	});
-
-	it('renders a tooltip trigger wrapper when isNoAuthMode is true', () => {
-		const { container } = render(
-			<NoAuthGuard>
-				<button type="button">Action</button>
-			</NoAuthGuard>,
-			undefined,
-			{ appContextOverrides: { isNoAuthMode: true } },
-		);
-		expect(
-			container.querySelector('span[data-no-auth-trigger]'),
-		).toBeInTheDocument();
-	});
-
-	it('overrides existing disabled prop — no-auth always wins', () => {
-		const { getByRole } = render(
-			// eslint-disable-next-line react/button-has-type
-			<NoAuthGuard>
-				<button type="button" disabled={false}>
-					Action
-				</button>
-			</NoAuthGuard>,
-			undefined,
-			{ appContextOverrides: { isNoAuthMode: true } },
-		);
-		expect(getByRole('button', { name: 'Action' })).toBeDisabled();
-	});
-
-	it('exports DEFAULT_MESSAGE as a non-empty string', () => {
-		expect(typeof DEFAULT_MESSAGE).toBe('string');
-		expect(DEFAULT_MESSAGE.length).toBeGreaterThan(0);
-	});
-});

frontend/src/components/NoAuthGuard/index.ts

@@ -1 +0,0 @@
-export { DEFAULT_MESSAGE, NoAuthGuard } from './NoAuthGuard';

frontend/src/components/ServiceAccountDrawer/KeysTab.tsx

@@ -2,8 +2,6 @@ import { useCallback, useMemo } from 'react';
 import { KeyRound, X } from '@signozhq/icons';
 import { Button } from '@signozhq/ui';
 import { Skeleton, Table, Tooltip } from 'antd';
-import { DEFAULT_MESSAGE, NoAuthGuard } from 'components/NoAuthGuard';
-import { useAppContext } from 'providers/App/App';
 import type { ColumnsType } from 'antd/es/table/interface';
 import type { ServiceaccounttypesGettableFactorAPIKeyDTO } from 'api/generated/services/sigNoz.schemas';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
@@ -25,7 +23,6 @@ interface KeysTabProps {
 
 interface BuildColumnsParams {
 	isDisabled: boolean;
-	isNoAuthMode: boolean;
 	onRevokeClick: (keyId: string) => void;
 	handleformatLastObservedAt: (
 		lastObservedAt: Date | null | undefined,
@@ -45,7 +42,6 @@ function formatExpiry(expiresAt: number): JSX.Element {
 
 function buildColumns({
 	isDisabled,
-	isNoAuthMode,
 	onRevokeClick,
 	handleformatLastObservedAt,
 }: BuildColumnsParams): ColumnsType<ServiceaccounttypesGettableFactorAPIKeyDTO> {
@@ -96,30 +92,23 @@ function buildColumns({
 			key: 'action',
 			width: 48,
 			align: 'right' as const,
-			render: (_, record): JSX.Element => {
-				const tooltipTitle = isDisabled
-					? 'Service account disabled'
-					: isNoAuthMode
-						? DEFAULT_MESSAGE
-						: 'Revoke Key';
-				return (
-					<Tooltip title={tooltipTitle}>
-						<Button
-							variant="ghost"
-							size="sm"
-							color="destructive"
-							disabled={isDisabled || isNoAuthMode}
-							onClick={(e): void => {
-								e.stopPropagation();
-								onRevokeClick(record.id);
-							}}
-							className="keys-tab__revoke-btn"
-						>
-							<X size={12} />
-						</Button>
-					</Tooltip>
-				);
-			},
+			render: (_, record): JSX.Element => (
+				<Tooltip title={isDisabled ? 'Service account disabled' : 'Revoke Key'}>
+					<Button
+						variant="ghost"
+						size="sm"
+						color="destructive"
+						disabled={isDisabled}
+						onClick={(e): void => {
+							e.stopPropagation();
+							onRevokeClick(record.id);
+						}}
+						className="keys-tab__revoke-btn"
+					>
+						<X size={12} />
+					</Button>
+				</Tooltip>
+			),
 		},
 	];
 }
@@ -145,7 +134,6 @@ function KeysTab({
 		parseAsString.withDefault(''),
 	);
 	const editKey = keys.find((k) => k.id === editKeyId) ?? null;
-	const { isNoAuthMode } = useAppContext();
 
 	const handleformatLastObservedAt = useCallback(
 		(lastObservedAt: Date | null | undefined): string =>
@@ -161,14 +149,8 @@ function KeysTab({
 	);
 
 	const columns = useMemo(
-		() =>
-			buildColumns({
-				isDisabled,
-				isNoAuthMode,
-				onRevokeClick,
-				handleformatLastObservedAt,
-			}),
-		[isDisabled, isNoAuthMode, onRevokeClick, handleformatLastObservedAt],
+		() => buildColumns({ isDisabled, onRevokeClick, handleformatLastObservedAt }),
+		[isDisabled, onRevokeClick, handleformatLastObservedAt],
 	);
 
 	if (isLoading) {
@@ -194,18 +176,16 @@ function KeysTab({
 						Learn more
 					</a>
 				</p>
-				<NoAuthGuard>
-					<Button
-						variant="link"
-						color="primary"
-						onClick={async (): Promise<void> => {
-							await setIsAddKeyOpen(true);
-						}}
-						disabled={isDisabled}
-					>
-						+ Add your first key
-					</Button>
-				</NoAuthGuard>
+				<Button
+					variant="link"
+					color="primary"
+					onClick={async (): Promise<void> => {
+						await setIsAddKeyOpen(true);
+					}}
+					disabled={isDisabled}
+				>
+					+ Add your first key
+				</Button>
 			</div>
 		);
 	}

frontend/src/components/ServiceAccountDrawer/OverviewTab.tsx

@@ -15,8 +15,8 @@ interface OverviewTabProps {
 	account: ServiceAccountRow;
 	localName: string;
 	onNameChange: (v: string) => void;
-	localRole: string;
-	onRoleChange: (v: string | undefined) => void;
+	localRoles: string[];
+	onRolesChange: (v: string[]) => void;
 	isDisabled: boolean;
 	availableRoles: AuthtypesRoleDTO[];
 	rolesLoading?: boolean;
@@ -30,8 +30,8 @@ function OverviewTab({
 	account,
 	localName,
 	onNameChange,
-	localRole,
-	onRoleChange,
+	localRoles,
+	onRolesChange,
 	isDisabled,
 	availableRoles,
 	rolesLoading,
@@ -94,10 +94,15 @@ function OverviewTab({
 				{isDisabled ? (
 					<div className="sa-drawer__input-wrapper sa-drawer__input-wrapper--disabled">
 						<div className="sa-drawer__disabled-roles">
-							{localRole ? (
-								<Badge color="vanilla">
-									{availableRoles.find((r) => r.id === localRole)?.name ?? localRole}
-								</Badge>
+							{localRoles.length > 0 ? (
+								localRoles.map((roleId) => {
+									const role = availableRoles.find((r) => r.id === roleId);
+									return (
+										<Badge key={roleId} color="vanilla">
+											{role?.name ?? roleId}
+										</Badge>
+									);
+								})
 							) : (
 								<span className="sa-drawer__input-text">—</span>
 							)}
@@ -107,14 +112,15 @@ function OverviewTab({
 				) : (
 					<RolesSelect
 						id="sa-roles"
+						mode="multiple"
 						roles={availableRoles}
 						loading={rolesLoading}
 						isError={rolesError}
 						error={rolesErrorObj}
 						onRefetch={onRefetchRoles}
-						value={localRole}
-						onChange={onRoleChange}
-						placeholder="Select role"
+						value={localRoles}
+						onChange={onRolesChange}
+						placeholder="Select roles"
 					/>
 				)}
 			</div>

frontend/src/components/ServiceAccountDrawer/ServiceAccountDrawer.tsx

@@ -11,9 +11,7 @@ import {
 import { Pagination, Skeleton } from 'antd';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import {
-	getGetServiceAccountRolesQueryKey,
 	getListServiceAccountsQueryKey,
-	useDeleteServiceAccountRole,
 	useGetServiceAccount,
 	useListServiceAccountKeys,
 	useUpdateServiceAccount,
@@ -40,9 +38,8 @@ import {
 	useQueryState,
 } from 'nuqs';
 import APIError from 'types/api/error';
-import { retryOn429, toAPIError } from 'utils/errorUtils';
+import { toAPIError } from 'utils/errorUtils';
 
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import AddKeyModal from './AddKeyModal';
 import DeleteAccountModal from './DeleteAccountModal';
 import KeysTab from './KeysTab';
@@ -96,7 +93,7 @@ function ServiceAccountDrawer({
 		parseAsBoolean.withDefault(false),
 	);
 	const [localName, setLocalName] = useState('');
-	const [localRole, setLocalRole] = useState('');
+	const [localRoles, setLocalRoles] = useState<string[]>([]);
 	const [isSaving, setIsSaving] = useState(false);
 	const [saveErrors, setSaveErrors] = useState<SaveError[]>([]);
 
@@ -144,7 +141,7 @@ function ServiceAccountDrawer({
 		if (!account?.id) {
 			roleSessionRef.current = null;
 		} else if (account.id !== roleSessionRef.current && !isRolesLoading) {
-			setLocalRole(currentRoles[0]?.id ?? '');
+			setLocalRoles(currentRoles.map((r) => r.id).filter(Boolean) as string[]);
 			roleSessionRef.current = account.id;
 		}
 	}, [account?.id, currentRoles, isRolesLoading]);
@@ -155,7 +152,13 @@ function ServiceAccountDrawer({
 	const isDirty =
 		account !== null &&
 		(localName !== (account.name ?? '') ||
-			localRole !== (currentRoles[0]?.id ?? ''));
+			JSON.stringify([...localRoles].sort()) !==
+				JSON.stringify(
+					currentRoles
+						.map((r) => r.id)
+						.filter(Boolean)
+						.sort(),
+				));
 
 	const {
 		roles: availableRoles,
@@ -183,27 +186,6 @@ function ServiceAccountDrawer({
 
 	// the retry for this mutation is safe due to the api being idempotent on backend
 	const { mutateAsync: updateMutateAsync } = useUpdateServiceAccount();
-	const { mutateAsync: deleteRole } = useDeleteServiceAccountRole({
-		mutation: {
-			retry: retryOn429,
-		},
-	});
-
-	const executeRolesOperation = useCallback(
-		async (accountId: string): Promise<RoleUpdateFailure[]> => {
-			if (localRole === '' && currentRoles[0]?.id) {
-				await deleteRole({
-					pathParams: { id: accountId, rid: currentRoles[0].id },
-				});
-				await queryClient.invalidateQueries(
-					getGetServiceAccountRolesQueryKey({ id: accountId }),
-				);
-				return [];
-			}
-			return applyDiff([localRole].filter(Boolean), availableRoles);
-		},
-		[localRole, currentRoles, availableRoles, applyDiff, deleteRole, queryClient],
-	);
 
 	const retryNameUpdate = useCallback(async (): Promise<void> => {
 		if (!account) {
@@ -271,7 +253,7 @@ function ServiceAccountDrawer({
 
 	const retryRolesUpdate = useCallback(async (): Promise<void> => {
 		try {
-			const failures = await executeRolesOperation(selectedAccountId ?? '');
+			const failures = await applyDiff([...localRoles], availableRoles);
 			if (failures.length === 0) {
 				setSaveErrors((prev) => prev.filter((e) => e.context !== 'Roles update'));
 			} else {
@@ -287,7 +269,7 @@ function ServiceAccountDrawer({
 				),
 			);
 		}
-	}, [selectedAccountId, executeRolesOperation, failuresToSaveErrors]);
+	}, [localRoles, availableRoles, applyDiff, failuresToSaveErrors]);
 
 	const handleSave = useCallback(async (): Promise<void> => {
 		if (!account || !isDirty) {
@@ -306,7 +288,7 @@ function ServiceAccountDrawer({
 
 			const [nameResult, rolesResult] = await Promise.allSettled([
 				namePromise,
-				executeRolesOperation(account.id),
+				applyDiff([...localRoles], availableRoles),
 			]);
 
 			const errors: SaveError[] = [];
@@ -347,8 +329,10 @@ function ServiceAccountDrawer({
 		account,
 		isDirty,
 		localName,
+		localRoles,
+		availableRoles,
 		updateMutateAsync,
-		executeRolesOperation,
+		applyDiff,
 		refetchAccount,
 		onSuccess,
 		queryClient,
@@ -411,20 +395,18 @@ function ServiceAccountDrawer({
 					</ToggleGroupItem>
 				</ToggleGroup>
 				{activeTab === ServiceAccountDrawerTab.Keys && (
-					<NoAuthGuard>
-						<Button
-							variant="outlined"
-							size="sm"
-							color="secondary"
-							disabled={isDeleted}
-							onClick={(): void => {
-								void setIsAddKeyOpen(true);
-							}}
-						>
-							<Plus size={12} />
-							Add Key
-						</Button>
-					</NoAuthGuard>
+					<Button
+						variant="outlined"
+						size="sm"
+						color="secondary"
+						disabled={isDeleted}
+						onClick={(): void => {
+							void setIsAddKeyOpen(true);
+						}}
+					>
+						<Plus size={12} />
+						Add Key
+					</Button>
 				)}
 			</div>
 
@@ -449,9 +431,9 @@ function ServiceAccountDrawer({
 								account={account}
 								localName={localName}
 								onNameChange={handleNameChange}
-								localRole={localRole}
-								onRoleChange={(role): void => {
-									setLocalRole(role ?? '');
+								localRoles={localRoles}
+								onRolesChange={(roles): void => {
+									setLocalRoles(roles);
 									clearRoleErrors();
 								}}
 								isDisabled={isDeleted}
@@ -503,18 +485,16 @@ function ServiceAccountDrawer({
 			) : (
 				<>
 					{!isDeleted && (
-						<NoAuthGuard>
-							<Button
-								variant="link"
-								color="destructive"
-								onClick={(): void => {
-									void setIsDeleteOpen(true);
-								}}
-							>
-								<Trash2 size={12} />
-								Delete Service Account
-							</Button>
-						</NoAuthGuard>
+						<Button
+							variant="link"
+							color="destructive"
+							onClick={(): void => {
+								void setIsDeleteOpen(true);
+							}}
+						>
+							<Trash2 size={12} />
+							Delete Service Account
+						</Button>
 					)}
 					{!isDeleted && (
 						<div className="sa-drawer__footer-right">
@@ -522,17 +502,15 @@ function ServiceAccountDrawer({
 								<X size={14} />
 								Cancel
 							</Button>
-							<NoAuthGuard>
-								<Button
-									variant="solid"
-									color="primary"
-									loading={isSaving}
-									disabled={!isDirty}
-									onClick={handleSave}
-								>
-									Save Changes
-								</Button>
-							</NoAuthGuard>
+							<Button
+								variant="solid"
+								color="primary"
+								loading={isSaving}
+								disabled={!isDirty}
+								onClick={handleSave}
+							>
+								Save Changes
+							</Button>
 						</div>
 					)}
 				</>

frontend/src/components/ServiceAccountDrawer/__tests__/ServiceAccountDrawer.test.tsx

@@ -147,7 +147,7 @@ describe('ServiceAccountDrawer', () => {
 		});
 	});
 
-	it('changing roles enables Save; clicking Save sends role add request without delete', async () => {
+	it('adding a role fires POST for the new role and no DELETE for existing roles', async () => {
 		const roleSpy = jest.fn();
 		const deleteSpy = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });
@@ -167,6 +167,7 @@ describe('ServiceAccountDrawer', () => {
 
 		await screen.findByDisplayValue('CI Bot');
 
+		// Add signoz-viewer while keeping signoz-admin selected
 		await user.click(screen.getByLabelText('Roles'));
 		await user.click(await screen.findByTitle('signoz-viewer'));
 
@@ -184,6 +185,43 @@ describe('ServiceAccountDrawer', () => {
 		});
 	});
 
+	it('removing a role fires DELETE for the removed role and no POST', async () => {
+		const roleSpy = jest.fn();
+		const deleteSpy = jest.fn();
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+		server.use(
+			rest.post(SA_ROLES_ENDPOINT, async (req, res, ctx) => {
+				roleSpy(await req.json());
+				return res(ctx.status(200), ctx.json({ status: 'success', data: {} }));
+			}),
+			rest.delete(SA_ROLE_DELETE_ENDPOINT, (_, res, ctx) => {
+				deleteSpy();
+				return res(ctx.status(200), ctx.json({ status: 'success', data: {} }));
+			}),
+		);
+
+		renderDrawer();
+
+		await screen.findByDisplayValue('CI Bot');
+
+		// Remove the signoz-admin tag from the multi-select
+		const adminTag = await screen.findByTitle('signoz-admin');
+		const removeBtn = adminTag.querySelector(
+			'.ant-select-selection-item-remove',
+		) as Element;
+		await user.click(removeBtn);
+
+		const saveBtn = screen.getByRole('button', { name: /Save Changes/i });
+		await waitFor(() => expect(saveBtn).not.toBeDisabled());
+		await user.click(saveBtn);
+
+		await waitFor(() => {
+			expect(deleteSpy).toHaveBeenCalled();
+			expect(roleSpy).not.toHaveBeenCalled();
+		});
+	});
+
 	it('"Delete Service Account" opens confirm dialog; confirming sends delete request', async () => {
 		const deleteSpy = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });

frontend/src/container/Home/Home.tsx

@@ -10,7 +10,6 @@ import { useGetMetricsOnboardingStatus } from 'api/generated/services/metrics';
 import listUserPreferences from 'api/v1/user/preferences/list';
 import updateUserPreferenceAPI from 'api/v1/user/preferences/name/update';
 import Header from 'components/Header/Header';
-import NoAuthBanner from 'components/NoAuthBanner/NoAuthBanner';
 import { ENTITY_VERSION_V5 } from 'constants/app';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import { initialQueriesMap, PANEL_TYPES } from 'constants/queryBuilder';
@@ -57,7 +56,7 @@ const homeInterval = 30 * 60 * 1000;
 
 // eslint-disable-next-line sonarjs/cognitive-complexity
 export default function Home(): JSX.Element {
-	const { user, isNoAuthMode } = useAppContext();
+	const { user } = useAppContext();
 	const { safeNavigate } = useSafeNavigate();
 	const isDarkMode = useIsDarkMode();
 
@@ -271,7 +270,6 @@ export default function Home(): JSX.Element {
 
 	return (
 		<div className="home-container">
-			{isNoAuthMode && <NoAuthBanner />}
 			<div className="sticky-header">
 				<Header
 					leftComponent={

frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx

@@ -70,7 +70,6 @@ import {
 	TriangleAlert,
 	X,
 } from 'lucide-react';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useAppContext } from 'providers/App/App';
 import { useTimezone } from 'providers/Timezone';
 import {
@@ -1680,16 +1679,14 @@ function MultiIngestionSettings(): JSX.Element {
 						onChange={handleSearch}
 					/>
 
-					<NoAuthGuard>
-						<Button
-							variant="solid"
-							className="add-new-ingestion-key-btn"
-							prefix={<Plus size={14} />}
-							onClick={showAddModal}
-						>
-							New Ingestion key
-						</Button>
-					</NoAuthGuard>
+					<Button
+						variant="solid"
+						className="add-new-ingestion-key-btn"
+						prefix={<Plus size={14} />}
+						onClick={showAddModal}
+					>
+						New Ingestion key
+					</Button>
 				</div>
 
 				<Table

frontend/src/container/MembersSettings/MembersSettings.tsx

@@ -8,7 +8,6 @@ import { useListUsers } from 'api/generated/services/users';
 import EditMemberDrawer from 'components/EditMemberDrawer/EditMemberDrawer';
 import InviteMembersModal from 'components/InviteMembersModal/InviteMembersModal';
 import MembersTable, { MemberRow } from 'components/MembersTable/MembersTable';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import useUrlQuery from 'hooks/useUrlQuery';
 import { toISOString } from 'utils/app';
 
@@ -21,6 +20,7 @@ const PAGE_SIZE = 20;
 function MembersSettings(): JSX.Element {
 	const history = useHistory();
 	const urlQuery = useUrlQuery();
+
 	const pageParam = parseInt(urlQuery.get('page') ?? '1', 10);
 	const currentPage = Number.isNaN(pageParam) || pageParam < 1 ? 1 : pageParam;
 
@@ -145,7 +145,7 @@ function MembersSettings(): JSX.Element {
 				: `Deleted ⎯ ${deletedCount}`;
 
 	const handleInviteComplete = useCallback((): void => {
-		void refetchUsers();
+		refetchUsers();
 	}, [refetchUsers]);
 
 	const handleRowClick = useCallback((member: MemberRow): void => {
@@ -157,7 +157,7 @@ function MembersSettings(): JSX.Element {
 	}, []);
 
 	const handleMemberEditComplete = useCallback((): void => {
-		void refetchUsers();
+		refetchUsers();
 	}, [refetchUsers]);
 
 	return (
@@ -200,16 +200,14 @@ function MembersSettings(): JSX.Element {
 						/>
 					</div>
 
-					<NoAuthGuard>
-						<Button
-							variant="solid"
-							color="primary"
-							onClick={(): void => setIsInviteModalOpen(true)}
-						>
-							<Plus size={12} />
-							Invite member
-						</Button>
-					</NoAuthGuard>
+					<Button
+						variant="solid"
+						color="primary"
+						onClick={(): void => setIsInviteModalOpen(true)}
+					>
+						<Plus size={12} />
+						Invite member
+					</Button>
 				</div>
 			</div>
 			<MembersTable

frontend/src/container/MySettings/UserInfo/index.tsx

@@ -7,7 +7,6 @@ import {
 	updateMyPassword,
 	useUpdateMyUserV2,
 } from 'api/generated/services/users';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useNotifications } from 'hooks/useNotifications';
 import { Check, FileTerminal, MailIcon, UserIcon } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
@@ -81,10 +80,10 @@ function UserInfo(): JSX.Element {
 		currentPassword === updatePassword;
 
 	const onSaveHandler = async (): Promise<void> => {
-		void logEvent('Account Settings: Name Updated', {
+		logEvent('Account Settings: Name Updated', {
 			name: changedName,
 		});
-		void logEvent(
+		logEvent(
 			'Account Settings: Name Updated',
 			{
 				name: changedName,
@@ -145,16 +144,14 @@ function UserInfo(): JSX.Element {
 					Update name
 				</Button>
 
-				<NoAuthGuard>
-					<Button
-						type="default"
-						className="periscope-btn secondary"
-						icon={<FileTerminal size={16} />}
-						onClick={(): void => setIsResetPasswordModalOpen(true)}
-					>
-						Reset password
-					</Button>
-				</NoAuthGuard>
+				<Button
+					type="default"
+					className="periscope-btn secondary"
+					icon={<FileTerminal size={16} />}
+					onClick={(): void => setIsResetPasswordModalOpen(true)}
+				>
+					Reset password
+				</Button>
 			</div>
 
 			<Modal

frontend/src/container/OrganizationSettings/AuthDomain/CreateEdit/CreateEdit.tsx

@@ -16,7 +16,6 @@ import {
 import { AxiosError } from 'axios';
 import { FeatureKeys } from 'constants/features';
 import { defaultTo } from 'lodash-es';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useAppContext } from 'providers/App/App';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import { ErrorV2Resp } from 'types/api';
@@ -257,16 +256,14 @@ function CreateOrEdit(props: CreateOrEditProps): JSX.Element {
 									Cancel
 								</Button>
 							)}
-							<NoAuthGuard>
-								<Button
-									onClick={onSubmitHandler}
-									variant="solid"
-									color="primary"
-									loading={isCreating || isUpdating}
-								>
-									Save Changes
-								</Button>
-							</NoAuthGuard>
+							<Button
+								onClick={onSubmitHandler}
+								variant="solid"
+								color="primary"
+								loading={isCreating || isUpdating}
+							>
+								Save Changes
+							</Button>
 						</section>
 					</div>
 				)}

frontend/src/container/OrganizationSettings/AuthDomain/SSOEnforcementToggle.tsx

@@ -1,6 +1,5 @@
 import { useEffect, useState } from 'react';
 import { Switch } from '@signozhq/ui';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
 import { useUpdateAuthDomain } from 'api/generated/services/authdomains';
 import {
@@ -66,9 +65,7 @@ function SSOEnforcementToggle({
 	};
 
 	return (
-		<NoAuthGuard>
-			<Switch disabled={isLoading} value={isChecked} onChange={onChangeHandler} />
-		</NoAuthGuard>
+		<Switch disabled={isLoading} value={isChecked} onChange={onChangeHandler} />
 	);
 }
 

frontend/src/container/OrganizationSettings/AuthDomain/index.tsx

@@ -14,7 +14,6 @@ import {
 } from 'api/generated/services/sigNoz.schemas';
 import { AxiosError } from 'axios';
 import ErrorContent from 'components/ErrorModal/components/ErrorContent';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import CopyToClipboard from 'periscope/components/CopyToClipboard';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import APIError from 'types/api/error';
@@ -154,24 +153,20 @@ function AuthDomain(): JSX.Element {
 				width: 100,
 				render: (_, record: AuthtypesGettableAuthDomainDTO): JSX.Element => (
 					<section className="auth-domain-list-column-action">
-						<NoAuthGuard>
-							<Button
-								className="auth-domain-list-action-link"
-								onClick={(): void => setRecord(record)}
-								variant="link"
-							>
-								Configure {SSOType.get(record.config?.ssoType || '')}
-							</Button>
-						</NoAuthGuard>
-						<NoAuthGuard>
-							<Button
-								className="auth-domain-list-action-link delete"
-								onClick={(): void => showDeleteModal(record)}
-								variant="link"
-							>
-								Delete
-							</Button>
-						</NoAuthGuard>
+						<Button
+							className="auth-domain-list-action-link"
+							onClick={(): void => setRecord(record)}
+							variant="link"
+						>
+							Configure {SSOType.get(record.config?.ssoType || '')}
+						</Button>
+						<Button
+							className="auth-domain-list-action-link delete"
+							onClick={(): void => showDeleteModal(record)}
+							variant="link"
+						>
+							Delete
+						</Button>
 					</section>
 				),
 			},
@@ -183,19 +178,17 @@ function AuthDomain(): JSX.Element {
 		<div className="auth-domain">
 			<section className="auth-domain-header">
 				<h3 className="auth-domain-title">Authenticated Domains</h3>
-				<NoAuthGuard>
-					<Button
-						prefix={<PlusOutlined />}
-						onClick={(): void => {
-							setAddDomain(true);
-						}}
-						variant="solid"
-						size="sm"
-						color="primary"
-					>
-						Add Domain
-					</Button>
-				</NoAuthGuard>
+				<Button
+					prefix={<PlusOutlined />}
+					onClick={(): void => {
+						setAddDomain(true);
+					}}
+					variant="solid"
+					size="sm"
+					color="primary"
+				>
+					Add Domain
+				</Button>
 			</section>
 			{formattedError && <ErrorContent error={formattedError} />}
 			{!errorFetchingAuthDomainListResponse && (
@@ -238,16 +231,15 @@ function AuthDomain(): JSX.Element {
 					>
 						Cancel
 					</Button>,
-					<NoAuthGuard key="submit">
-						<Button
-							prefix={<Trash2 size={16} />}
-							onClick={handleDeleteDomain}
-							className="delete-btn"
-							loading={isLoading}
-						>
-							Delete Domain
-						</Button>
-					</NoAuthGuard>,
+					<Button
+						key="submit"
+						prefix={<Trash2 size={16} />}
+						onClick={handleDeleteDomain}
+						className="delete-btn"
+						loading={isLoading}
+					>
+						Delete Domain
+					</Button>,
 				]}
 			>
 				<p className="delete-text">

frontend/src/container/RolesSettings/RolesComponents/CreateRoleModal.tsx

@@ -16,7 +16,6 @@ import {
 } from 'api/generated/services/sigNoz.schemas';
 import { ErrorType } from 'api/generatedAPIInstance';
 import ROUTES from 'constants/routes';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import { handleApiError } from 'utils/errorUtils';
 
@@ -147,17 +146,16 @@ function CreateRoleModal({
 					<X size={14} />
 					Cancel
 				</Button>,
-				<NoAuthGuard key="submit">
-					<Button
-						variant="solid"
-						color="primary"
-						onClick={onSubmit}
-						loading={isLoading}
-						size="sm"
-					>
-						{isEditMode ? 'Save Changes' : 'Create Role'}
-					</Button>
-				</NoAuthGuard>,
+				<Button
+					key="submit"
+					variant="solid"
+					color="primary"
+					onClick={onSubmit}
+					loading={isLoading}
+					size="sm"
+				>
+					{isEditMode ? 'Save Changes' : 'Create Role'}
+				</Button>,
 			]}
 			destroyOnClose
 			className="create-role-modal"

frontend/src/container/RolesSettings/RolesSettings.tsx

@@ -1,7 +1,6 @@
 import { useState } from 'react';
 import { Plus } from '@signozhq/icons';
 import { Button, Input } from '@signozhq/ui';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 
 import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from './config';
 import CreateRoleModal from './RolesComponents/CreateRoleModal';
@@ -30,17 +29,15 @@ function RolesSettings(): JSX.Element {
 						onChange={(e): void => setSearchQuery(e.target.value)}
 					/>
 					{IS_ROLE_DETAILS_AND_CRUD_ENABLED && (
-						<NoAuthGuard>
-							<Button
-								variant="solid"
-								color="primary"
-								className="role-settings-toolbar-button"
-								onClick={(): void => setIsCreateModalOpen(true)}
-							>
-								<Plus size={14} />
-								Custom role
-							</Button>
-						</NoAuthGuard>
+						<Button
+							variant="solid"
+							color="primary"
+							className="role-settings-toolbar-button"
+							onClick={(): void => setIsCreateModalOpen(true)}
+						>
+							<Plus size={14} />
+							Custom role
+						</Button>
 					)}
 				</div>
 				<RolesListingTable searchQuery={searchQuery} />

frontend/src/container/RoutingPolicies/__tests__/testUtils.ts

@@ -100,8 +100,6 @@ export function getAppContextMockState(
 		orgPreferences: null,
 		userPreferences: null,
 		isLoggedIn: false,
-		isNoAuthMode: false,
-		isPreflightLoading: false,
 		org: null,
 		isFetchingUser: false,
 		isFetchingActiveLicense: false,

frontend/src/container/ServiceAccountsSettings/ServiceAccountsSettings.tsx

@@ -5,7 +5,6 @@ import type { MenuProps } from 'antd';
 import { Dropdown } from 'antd';
 import { useListServiceAccounts } from 'api/generated/services/serviceaccount';
 import CreateServiceAccountModal from 'components/CreateServiceAccountModal/CreateServiceAccountModal';
-import { NoAuthGuard } from 'components/NoAuthGuard';
 import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
 import ServiceAccountDrawer from 'components/ServiceAccountDrawer/ServiceAccountDrawer';
 import ServiceAccountsTable, {
@@ -239,18 +238,16 @@ function ServiceAccountsSettings(): JSX.Element {
 						/>
 					</div>
 
-					<NoAuthGuard>
-						<Button
-							variant="solid"
-							color="primary"
-							onClick={async (): Promise<void> => {
-								await setIsCreateModalOpen(true);
-							}}
-						>
-							<Plus size={12} />
-							New Service Account
-						</Button>
-					</NoAuthGuard>
+					<Button
+						variant="solid"
+						color="primary"
+						onClick={async (): Promise<void> => {
+							await setIsCreateModalOpen(true);
+						}}
+					>
+						<Plus size={12} />
+						New Service Account
+					</Button>
 				</div>
 			</div>
 

frontend/src/container/SideNav/SideNav.styles.scss

@@ -1116,7 +1116,6 @@
 
 		.user-settings-dropdown-logout-section {
 			color: var(--danger-background);
-			pointer-events: auto;
 		}
 	}
 }

frontend/src/container/SideNav/SideNav.tsx

@@ -131,7 +131,6 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		featureFlags,
 		trialInfo,
 		isLoggedIn,
-		isNoAuthMode,
 		userPreferences,
 		changelog,
 		toggleChangelogModal,
@@ -402,7 +401,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 	);
 
 	const handleReorderShortcutNavItems = (): void => {
-		void logEvent('Sidebar V2: Save shortcuts clicked', {
+		logEvent('Sidebar V2: Save shortcuts clicked', {
 			shortcuts: tempPinnedMenuItems.map((item) => item.key),
 		});
 		setPinnedMenuItems(tempPinnedMenuItems);
@@ -430,7 +429,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 	const isWorkspaceBlocked = trialInfo?.workSpaceBlock || false;
 
 	const onClickGetStarted = (event: MouseEvent): void => {
-		void logEvent('Sidebar: Menu clicked', {
+		logEvent('Sidebar: Menu clicked', {
 			menuRoute: '/get-started',
 			menuLabel: 'Get Started',
 		});
@@ -483,14 +482,12 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				isWorkspaceBlocked,
 				isEnterpriseSelfHostedUser,
 				isCommunityEnterpriseUser,
-				isNoAuthMode,
 			}),
 		[
 			isEnterpriseSelfHostedUser,
 			isCommunityEnterpriseUser,
 			user.email,
 			isWorkspaceBlocked,
-			isNoAuthMode,
 		],
 	);
 
@@ -631,7 +628,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		} else if (item) {
 			onClickHandler(item?.key as string, event);
 		}
-		void logEvent('Sidebar V2: Menu clicked', {
+		logEvent('Sidebar V2: Menu clicked', {
 			menuRoute: item?.key,
 			menuLabel: item?.label,
 		});
@@ -774,7 +771,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 					onTogglePin={
 						allowPin
 							? (item): void => {
-									void logEvent(
+									logEvent(
 										`Sidebar V2: Menu item ${item.isPinned ? 'unpinned' : 'pinned'}`,
 										{
 											menuRoute: item.key,
@@ -821,7 +818,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 		const event = (info as SidebarItem & { domEvent?: MouseEvent }).domEvent;
 
 		if (item && !('type' in item)) {
-			void logEvent('Help Popover: Item clicked', {
+			logEvent('Help Popover: Item clicked', {
 				menuRoute: item.key,
 				menuLabel: String(item.label),
 			});
@@ -870,7 +867,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 			menuLabel = item.label;
 		}
 
-		void logEvent('Settings Popover: Item clicked', {
+		logEvent('Settings Popover: Item clicked', {
 			menuRoute: item?.key,
 			menuLabel,
 		});
@@ -907,7 +904,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				}
 				break;
 			case 'logout':
-				void Logout();
+				Logout();
 				break;
 			default:
 		}
@@ -1061,7 +1058,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 													<div
 														className="nav-section-title-icon reorder"
 														onClick={(): void => {
-															void logEvent('Sidebar V2: Manage shortcuts clicked', {});
+															logEvent('Sidebar V2: Manage shortcuts clicked', {});
 															setIsReorderShortcutNavItemsModalOpen(true);
 														}}
 													>
@@ -1108,7 +1105,7 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 													return;
 												}
 												const newCollapsedState = !isMoreMenuCollapsed;
-												void logEvent('Sidebar V2: More menu clicked', {
+												logEvent('Sidebar V2: More menu clicked', {
 													action: isMoreMenuCollapsed ? 'expand' : 'collapse',
 												});
 												setIsMoreMenuCollapsed(newCollapsedState);
@@ -1212,14 +1209,14 @@ function SideNav({ isPinned }: { isPinned: boolean }): JSX.Element {
 				open={isReorderShortcutNavItemsModalOpen}
 				closable
 				onCancel={(): void => {
-					void logEvent('Sidebar V2: Manage shortcuts dismissed', {});
+					logEvent('Sidebar V2: Manage shortcuts dismissed', {});
 					hideReorderShortcutNavItemsModal();
 				}}
 				footer={[
 					<Button
 						key="cancel"
 						onClick={(): void => {
-							void logEvent('Sidebar V2: Manage shortcuts dismissed', {});
+							logEvent('Sidebar V2: Manage shortcuts dismissed', {});
 							hideReorderShortcutNavItemsModal();
 						}}
 						className="periscope-btn cancel-btn secondary-btn"

frontend/src/container/SideNav/__tests__/menuItems.test.tsx

@@ -5,7 +5,6 @@ const BASE_PARAMS = {
 	isWorkspaceBlocked: false,
 	isEnterpriseSelfHostedUser: false,
 	isCommunityEnterpriseUser: false,
-	isNoAuthMode: false,
 };
 
 describe('getUserSettingsDropdownMenuItems', () => {
@@ -72,15 +71,4 @@ describe('getUserSettingsDropdownMenuItems', () => {
 		expect(keys[3]).toBe('account');
 		expect(keys[keys.length - 1]).toBe('logout');
 	});
-
-	it('omits sign out and its preceding divider when isNoAuthMode=true', () => {
-		const items =
-			getUserSettingsDropdownMenuItems({ ...BASE_PARAMS, isNoAuthMode: true }) ??
-			[];
-		const keys = items.map((item: any) => item.key ?? item.type);
-
-		expect(keys).not.toContain('logout');
-		// the trailing divider before logout should also be gone
-		expect(keys[keys.length - 1]).toBe('keyboard-shortcuts');
-	});
 });

frontend/src/container/SideNav/menuItems.tsx

@@ -1,13 +1,6 @@
 import { RocketOutlined } from '@ant-design/icons';
 import { Style } from '@signozhq/design-tokens';
-import {
-	Tooltip,
-	TooltipContent,
-	TooltipProvider,
-	TooltipTrigger,
-} from '@signozhq/ui';
 import { MenuProps } from 'antd';
-import { DEFAULT_MESSAGE } from 'components/NoAuthGuard';
 import ROUTES from 'constants/routes';
 import {
 	ArrowUpRight,
@@ -477,7 +470,6 @@ export interface UserSettingsMenuItemsParams {
 	isWorkspaceBlocked: boolean;
 	isEnterpriseSelfHostedUser: boolean;
 	isCommunityEnterpriseUser: boolean;
-	isNoAuthMode: boolean;
 }
 
 export const getUserSettingsDropdownMenuItems = ({
@@ -485,7 +477,6 @@ export const getUserSettingsDropdownMenuItems = ({
 	isWorkspaceBlocked,
 	isEnterpriseSelfHostedUser,
 	isCommunityEnterpriseUser,
-	isNoAuthMode,
 }: UserSettingsMenuItemsParams): MenuProps['items'] =>
 	[
 		{
@@ -532,19 +523,7 @@ export const getUserSettingsDropdownMenuItems = ({
 		{ type: 'divider' as const },
 		{
 			key: 'logout',
-			disabled: isNoAuthMode,
-			label: isNoAuthMode ? (
-				<TooltipProvider>
-					<Tooltip>
-						<TooltipTrigger asChild>
-							<span className="user-settings-dropdown-logout-section">Sign out</span>
-						</TooltipTrigger>
-						<TooltipContent style={{ zIndex: 1100 }}>
-							{DEFAULT_MESSAGE}
-						</TooltipContent>
-					</Tooltip>
-				</TooltipProvider>
-			) : (
+			label: (
 				<span className="user-settings-dropdown-logout-section">Sign out</span>
 			),
 			icon: (

frontend/src/hooks/serviceAccount/useServiceAccountRoleManager.ts

@@ -3,6 +3,7 @@ import { useQueryClient } from 'react-query';
 import {
 	getGetServiceAccountRolesQueryKey,
 	useCreateServiceAccountRole,
+	useDeleteServiceAccountRole,
 	useGetServiceAccountRoles,
 } from 'api/generated/services/serviceaccount';
 import type { AuthtypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
@@ -44,6 +45,9 @@ export function useServiceAccountRoleManager(
 	const { mutateAsync: createRole } = useCreateServiceAccountRole({
 		mutation: { retry: retryOn429 },
 	});
+	const { mutateAsync: deleteRole } = useDeleteServiceAccountRole({
+		mutation: { retry: retryOn429 },
+	});
 
 	const invalidateRoles = useCallback(
 		() =>
@@ -68,14 +72,21 @@ export function useServiceAccountRoleManager(
 			const addedRoles = availableRoles.filter(
 				(r) => r.id && desiredRoleIds.has(r.id) && !currentRoleIds.has(r.id),
 			);
+			const removedRoles = currentRoles.filter(
+				(r) => r.id && !desiredRoleIds.has(r.id),
+			);
 
-			// TODO: re-enable deletes once BE for this is streamlined
 			const allOperations = [
 				...addedRoles.map((role) => ({
 					role,
 					run: (): ReturnType<typeof createRole> =>
 						createRole({ pathParams: { id: accountId }, data: { id: role.id } }),
 				})),
+				...removedRoles.map((role) => ({
+					role,
+					run: (): ReturnType<typeof deleteRole> =>
+						deleteRole({ pathParams: { id: accountId, rid: role.id ?? '' } }),
+				})),
 			];
 
 			const results = await Promise.allSettled(
@@ -106,7 +117,7 @@ export function useServiceAccountRoleManager(
 
 			return failures;
 		},
-		[accountId, currentRoles, createRole, invalidateRoles],
+		[accountId, currentRoles, createRole, deleteRole, invalidateRoles],
 	);
 
 	return {

frontend/src/pages/Settings/Settings.tsx

@@ -298,7 +298,7 @@ function SettingsPage(): JSX.Element {
 										isDisabled={false}
 										showIcon={false}
 										onClick={(event): void => {
-											void logEvent('Settings V2: Menu clicked', {
+											logEvent('Settings V2: Menu clicked', {
 												menuLabel: item.label,
 												menuRoute: item.key,
 											});

frontend/src/providers/App/App.tsx

@@ -12,11 +12,8 @@ import {
 import { useQuery } from 'react-query';
 import getLocalStorageApi from 'api/browser/localstorage/get';
 import setLocalStorageApi from 'api/browser/localstorage/set';
-import { useGetGlobalConfig } from 'api/generated/services/global';
 import { useGetMyUser } from 'api/generated/services/users';
 import listOrgPreferences from 'api/v1/org/preferences/list';
-import { clearAuthStorage } from 'utils/clearAuthStorage';
-import { setNoAuthMode } from 'utils/noAuthMode';
 import listUserPreferences from 'api/v1/user/preferences/list';
 import getUserVersion from 'api/v1/version/get';
 import { LOCALSTORAGE } from 'constants/localStorage';
@@ -71,50 +68,11 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	const [isLoggedIn, setIsLoggedIn] = useState<boolean>(
 		(): boolean => getLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN) === 'true',
 	);
-	const [isNoAuthMode, setIsNoAuthMode] = useState<boolean>(false);
-	const [isPreflightLoading, setIsPreflightLoading] = useState<boolean>(true);
 	const [org, setOrg] = useState<Organization[] | null>(null);
 	const [changelog, setChangelog] = useState<ChangelogSchema | null>(null);
 
 	const [showChangelogModal, setShowChangelogModal] = useState<boolean>(false);
 
-	// Pre-flight: discover auth mode from public global config.
-	// On success: in impersonation mode → clear stale tokens, force isLoggedIn=true,
-	//             set noAuthMode singleton so the axios interceptor (outside React)
-	//             can skip the rotate-logout chain.
-	// On failure: fail-safe to normal auth flow (treat as not no-auth).
-	const { data: globalConfigData, isLoading: isFetchingGlobalConfig } =
-		useGetGlobalConfig({
-			query: {
-				retry: 2,
-				retryDelay: 1000,
-				refetchOnWindowFocus: false,
-				staleTime: Infinity,
-			},
-		});
-
-	useEffect(() => {
-		if (isFetchingGlobalConfig) {
-			return;
-		}
-
-		const impersonationEnabled =
-			globalConfigData?.data?.identN?.impersonation?.enabled === true;
-
-		if (impersonationEnabled) {
-			clearAuthStorage();
-			setLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN, 'true');
-			setNoAuthMode(true);
-			setIsNoAuthMode(true);
-			setIsLoggedIn(true);
-		} else {
-			setNoAuthMode(false);
-			setIsNoAuthMode(false);
-		}
-
-		setIsPreflightLoading(false);
-	}, [globalConfigData, isFetchingGlobalConfig]);
-
 	// fetcher for current user
 	// user will only be fetched if the user id and token is present
 	// if logged out and trying to hit any route none of these calls will trigger
@@ -384,9 +342,6 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 
 	// global event listener for LOGOUT event to clean the app context state
 	useGlobalEventListener('LOGOUT', () => {
-		if (isNoAuthMode) {
-			return;
-		} // logout is meaningless in no-auth; defensively no-op
 		setIsLoggedIn(false);
 		setDefaultUser(getUserDefaults());
 		setActiveLicense(null);
@@ -405,8 +360,6 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 			trialInfo,
 			orgPreferences,
 			isLoggedIn,
-			isNoAuthMode,
-			isPreflightLoading,
 			org,
 			isFetchingUser,
 			isFetchingActiveLicense,
@@ -442,8 +395,6 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 			isFetchingOrgPreferences,
 			isFetchingUser,
 			isLoggedIn,
-			isNoAuthMode,
-			isPreflightLoading,
 			org,
 			orgPreferences,
 			activeLicenseRefetch,

frontend/src/providers/App/__tests__/App.test.tsx

@@ -2,7 +2,6 @@ import { ReactElement } from 'react';
 import { QueryClient, QueryClientProvider } from 'react-query';
 import { renderHook, waitFor } from '@testing-library/react';
 import setLocalStorageApi from 'api/browser/localstorage/set';
-import { getIsNoAuthMode, setNoAuthMode } from 'utils/noAuthMode';
 import type {
 	AuthtypesGettableTransactionDTO,
 	AuthtypesTransactionDTO,
@@ -18,7 +17,6 @@ import { AppProvider, useAppContext } from '../App';
 const AUTHZ_CHECK_URL = 'http://localhost/api/v1/authz/check';
 const MY_USER_URL = 'http://localhost/api/v2/users/me';
 const MY_ORG_URL = 'http://localhost/api/v2/orgs/me';
-const GLOBAL_CONFIG_URL = 'http://localhost/api/v1/global/config';
 
 jest.mock('constants/env', () => ({
 	ENVIRONMENT: { baseURL: 'http://localhost', wsURL: '' },
@@ -359,89 +357,3 @@ describe('AppProvider when authz/check fails', () => {
 		);
 	});
 });
-
-describe('AppProvider no-auth preflight', () => {
-	beforeEach(() => {
-		queryClient.clear();
-	});
-
-	afterEach(() => {
-		setNoAuthMode(false);
-	});
-
-	it('sets isNoAuthMode=true and noAuthMode singleton when impersonation is enabled', async () => {
-		server.use(
-			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
-				res(
-					ctx.status(200),
-					ctx.json({
-						data: { identN: { impersonation: { enabled: true } } },
-					}),
-				),
-			),
-		);
-
-		const wrapper = createWrapper();
-		const { result } = renderHook(() => useAppContext(), { wrapper });
-
-		await waitFor(
-			() => {
-				expect(result.current.isNoAuthMode).toBe(true);
-			},
-			{ timeout: 3000 },
-		);
-
-		expect(getIsNoAuthMode()).toBe(true);
-	});
-
-	it('leaves isNoAuthMode=false and clears noAuthMode singleton when impersonation is disabled', async () => {
-		server.use(
-			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
-				res(
-					ctx.status(200),
-					ctx.json({
-						data: { identN: { impersonation: { enabled: false } } },
-					}),
-				),
-			),
-		);
-
-		const wrapper = createWrapper();
-		const { result } = renderHook(() => useAppContext(), { wrapper });
-
-		await waitFor(
-			() => {
-				expect(result.current.isPreflightLoading).toBe(false);
-			},
-			{ timeout: 3000 },
-		);
-
-		expect(result.current.isNoAuthMode).toBe(false);
-		expect(getIsNoAuthMode()).toBe(false);
-	});
-
-	it('transitions isPreflightLoading from true to false once preflight resolves', async () => {
-		server.use(
-			rest.get(GLOBAL_CONFIG_URL, (_, res, ctx) =>
-				res(
-					ctx.status(200),
-					ctx.json({
-						data: { identN: { impersonation: { enabled: false } } },
-					}),
-				),
-			),
-		);
-
-		const wrapper = createWrapper();
-		const { result } = renderHook(() => useAppContext(), { wrapper });
-
-		expect(result.current.isPreflightLoading).toBe(true);
-
-		await waitFor(
-			() => {
-				expect(result.current.isPreflightLoading).toBe(false);
-			},
-			{ timeout: 3000 },
-		);
-	});
-});

frontend/src/providers/App/types.ts

@@ -18,8 +18,6 @@ export interface IAppContext {
 	orgPreferences: OrgPreference[] | null;
 	userPreferences: UserPreference[] | null;
 	isLoggedIn: boolean;
-	isNoAuthMode: boolean;
-	isPreflightLoading: boolean;
 	org: Organization[] | null;
 	isFetchingUser: boolean;
 	isFetchingActiveLicense: boolean;

frontend/src/tests/test-utils.tsx

@@ -237,8 +237,6 @@ export function getAppContextMock(
 		isFetchingOrgPreferences: false,
 		orgPreferencesFetchError: null,
 		isLoggedIn: true,
-		isNoAuthMode: false,
-		isPreflightLoading: false,
 		showChangelogModal: false,
 		updateUser: jest.fn(),
 		updateOrg: jest.fn(),

frontend/src/utils/__tests__/clearAuthStorage.test.ts

@@ -1,39 +0,0 @@
-import { LOCALSTORAGE } from 'constants/localStorage';
-
-import { clearAuthStorage } from '../clearAuthStorage';
-
-describe('clearAuthStorage', () => {
-	beforeEach(() => {
-		localStorage.clear();
-	});
-
-	it('removes all auth-related localStorage keys', () => {
-		localStorage.setItem(LOCALSTORAGE.AUTH_TOKEN, 'access');
-		localStorage.setItem(LOCALSTORAGE.REFRESH_AUTH_TOKEN, 'refresh');
-		localStorage.setItem(LOCALSTORAGE.IS_LOGGED_IN, 'true');
-		localStorage.setItem(LOCALSTORAGE.LOGGED_IN_USER_EMAIL, 'old@example.com');
-		localStorage.setItem(LOCALSTORAGE.LOGGED_IN_USER_NAME, 'old');
-		localStorage.setItem(LOCALSTORAGE.IS_IDENTIFIED_USER, 'true');
-		localStorage.setItem(LOCALSTORAGE.USER_ID, 'abc');
-
-		clearAuthStorage();
-
-		expect(localStorage.getItem(LOCALSTORAGE.AUTH_TOKEN)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.REFRESH_AUTH_TOKEN)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.IS_LOGGED_IN)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.LOGGED_IN_USER_EMAIL)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.LOGGED_IN_USER_NAME)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.IS_IDENTIFIED_USER)).toBeNull();
-		expect(localStorage.getItem(LOCALSTORAGE.USER_ID)).toBeNull();
-	});
-
-	it('preserves non-auth localStorage keys', () => {
-		localStorage.setItem(LOCALSTORAGE.THEME, 'dark');
-		localStorage.setItem(LOCALSTORAGE.AUTH_TOKEN, 'access');
-
-		clearAuthStorage();
-
-		expect(localStorage.getItem(LOCALSTORAGE.THEME)).toBe('dark');
-		expect(localStorage.getItem(LOCALSTORAGE.AUTH_TOKEN)).toBeNull();
-	});
-});

frontend/src/utils/clearAuthStorage.ts

@@ -1,16 +0,0 @@
-import deleteLocalStorageKey from 'api/browser/localstorage/remove';
-import { LOCALSTORAGE } from 'constants/localStorage';
-
-const AUTH_KEYS: LOCALSTORAGE[] = [
-	LOCALSTORAGE.AUTH_TOKEN,
-	LOCALSTORAGE.REFRESH_AUTH_TOKEN,
-	LOCALSTORAGE.IS_LOGGED_IN,
-	LOCALSTORAGE.LOGGED_IN_USER_EMAIL,
-	LOCALSTORAGE.LOGGED_IN_USER_NAME,
-	LOCALSTORAGE.IS_IDENTIFIED_USER,
-	LOCALSTORAGE.USER_ID,
-];
-
-export const clearAuthStorage = (): void => {
-	AUTH_KEYS.forEach((key) => deleteLocalStorageKey(key));
-};

frontend/src/utils/noAuthMode.ts

@@ -1,7 +0,0 @@
-let _isNoAuthMode = false;
-
-export const setNoAuthMode = (value: boolean): void => {
-	_isNoAuthMode = value;
-};
-
-export const getIsNoAuthMode = (): boolean => _isNoAuthMode;

pkg/signoz/openapi.go

@@ -44,8 +44,6 @@ import (
 	"gopkg.in/yaml.v2"
 )
 
-const signozDiscriminatorKey string = "x-signoz-discriminator"
-
 type OpenAPI struct {
 	apiserver apiserver.APIServer
 	reflector *openapi3.Reflector
@@ -144,8 +142,6 @@ func (openapi *OpenAPI) CreateAndWrite(path string) error {
 		return err
 	}
 
-	attachDiscriminators(openapi.reflector.Spec)
-
 	// The library's MarshalYAML does a JSON round-trip that converts all numbers
 	// to float64, causing large integers (e.g. epoch millisecond timestamps) to
 	// render in scientific notation (1.6409952e+12).
@@ -203,59 +199,3 @@ func convertJSONNumbers(v interface{}) {
 		}
 	}
 }
-
-// attachDiscriminators promotes x-signoz-discriminator extensions
-// into openapi3 Discriminator fields. Malformed markers are dropped.
-func attachDiscriminators(spec *openapi3.Spec) {
-	if spec.Components == nil || spec.Components.Schemas == nil {
-		return
-	}
-
-	for name, entry := range spec.Components.Schemas.MapOfSchemaOrRefValues {
-		if entry.Schema == nil {
-			continue
-		}
-
-		raw, ok := entry.Schema.MapOfAnything[signozDiscriminatorKey]
-		if !ok {
-			continue
-		}
-
-		marker, ok := raw.(map[string]any)
-		if !ok {
-			continue
-		}
-
-		propertyName, ok := marker["propertyName"].(string)
-		if !ok || propertyName == "" {
-			continue
-		}
-
-		disc := openapi3.Discriminator{PropertyName: propertyName}
-		if rawMapping, ok := marker["mapping"]; ok {
-			if mapping, ok := rawMapping.(map[string]string); ok {
-				disc.Mapping = mapping
-			} else if mapping, ok := rawMapping.(map[string]any); ok {
-				converted := make(map[string]string, len(mapping))
-				for k, v := range mapping {
-					if s, ok := v.(string); ok {
-						converted[k] = s
-					}
-				}
-				disc.Mapping = converted
-			}
-		}
-
-		entry.Schema.Discriminator = &disc
-		delete(entry.Schema.MapOfAnything, signozDiscriminatorKey)
-
-		// The parent's reflected `properties` / `required` duplicate
-		// what the oneOf variants already declare, and orval intersects
-		// the two — turning a clean discriminated union DTO into a
-		// noisy union of intersections. Drop them here.
-		entry.Schema.Properties = nil
-		entry.Schema.Required = nil
-
-		spec.Components.Schemas.MapOfSchemaOrRefValues[name] = entry
-	}
-}

pkg/types/dashboardtypes/dashboard_v2.go

@@ -0,0 +1,262 @@
+package dashboardtypes
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"slices"
+	"strings"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	qb "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/go-playground/validator/v10"
+	v1 "github.com/perses/perses/pkg/model/api/v1"
+	"github.com/perses/perses/pkg/model/api/v1/common"
+	"github.com/perses/perses/pkg/model/api/v1/dashboard"
+)
+
+// StorableDashboardDataV2 wraps v1.DashboardSpec (Perses) with additional SigNoz-specific fields.
+//
+// We embed DashboardSpec (not v1.Dashboard) to avoid carrying Perses's Metadata
+// (Name, Project, CreatedAt, UpdatedAt, Tags, Version) and Kind field. SigNoz
+// manages identity (ID), timestamps (TimeAuditable), and multi-tenancy (OrgID)
+// separately on StorableDashboardV2/DashboardV2.
+//
+// The following v1 request fields map to locations inside v1.DashboardSpec:
+//   - title       → Display.Name          (common.Display)
+//   - description → Display.Description   (common.Display)
+//
+// Fields that have no Perses equivalent will be added in this wrapper (like image, uploadGrafana, etc.)
+type StorableDashboardDataV2 = v1.DashboardSpec
+
+// UnmarshalAndValidateDashboardV2JSON unmarshals the JSON into a StorableDashboardDataV2
+// (= PostableDashboardV2 = UpdatableDashboardV2) and validates plugin kinds and specs.
+func UnmarshalAndValidateDashboardV2JSON(data []byte) (*StorableDashboardDataV2, error) {
+	var d StorableDashboardDataV2
+	// Note: DashboardSpec has a custom UnmarshalJSON which prevents
+	// DisallowUnknownFields from working at the top level. Unknown
+	// fields in plugin specs are still rejected by validateAndNormalizePluginSpec.
+	if err := json.Unmarshal(data, &d); err != nil {
+		return nil, err
+	}
+	if err := validateDashboardV2(d); err != nil {
+		return nil, err
+	}
+	return &d, nil
+}
+
+// Plugin kind → spec type factory. Each value is a pointer to the zero value of the
+// expected spec struct. validatePluginSpec marshals plugin.Spec back to JSON and
+// unmarshals into the typed struct to catch field-level errors.
+var (
+	panelPluginSpecs = map[PanelPluginKind]func() any{
+		PanelKindTimeSeries: func() any { return new(TimeSeriesPanelSpec) },
+		PanelKindBarChart:   func() any { return new(BarChartPanelSpec) },
+		PanelKindNumber:     func() any { return new(NumberPanelSpec) },
+		PanelKindPieChart:   func() any { return new(PieChartPanelSpec) },
+		PanelKindTable:      func() any { return new(TablePanelSpec) },
+		PanelKindHistogram:  func() any { return new(HistogramPanelSpec) },
+		PanelKindList:       func() any { return new(ListPanelSpec) },
+	}
+	queryPluginSpecs = map[QueryPluginKind]func() any{
+		QueryKindBuilder:       func() any { return new(BuilderQuerySpec) },
+		QueryKindComposite:     func() any { return new(CompositeQuerySpec) },
+		QueryKindFormula:       func() any { return new(FormulaSpec) },
+		QueryKindPromQL:        func() any { return new(PromQLQuerySpec) },
+		QueryKindClickHouseSQL: func() any { return new(ClickHouseSQLQuerySpec) },
+		QueryKindTraceOperator: func() any { return new(TraceOperatorSpec) },
+	}
+	variablePluginSpecs = map[VariablePluginKind]func() any{
+		VariableKindDynamic: func() any { return new(DynamicVariableSpec) },
+		VariableKindQuery:   func() any { return new(QueryVariableSpec) },
+		VariableKindCustom:  func() any { return new(CustomVariableSpec) },
+		VariableKindTextbox: func() any { return new(TextboxVariableSpec) },
+	}
+	datasourcePluginSpecs = map[DatasourcePluginKind]func() any{
+		DatasourceKindSigNoz: func() any { return new(struct{}) },
+	}
+
+	// allowedQueryKinds maps each panel plugin kind to the query plugin
+	// kinds it supports. Composite sub-query types are mapped to these
+	// same kind strings via compositeSubQueryTypeToPluginKind.
+	allowedQueryKinds = map[PanelPluginKind][]QueryPluginKind{
+		PanelKindTimeSeries: {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
+		PanelKindBarChart:   {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
+		PanelKindNumber:     {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
+		PanelKindHistogram:  {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
+		PanelKindPieChart:   {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindClickHouseSQL},
+		PanelKindTable:      {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindClickHouseSQL},
+		PanelKindList:       {QueryKindBuilder},
+	}
+
+	// compositeSubQueryTypeToPluginKind maps CompositeQuery sub-query type
+	// strings to the equivalent top-level query plugin kind for validation.
+	compositeSubQueryTypeToPluginKind = map[qb.QueryType]QueryPluginKind{
+		qb.QueryTypeBuilder:       QueryKindBuilder,
+		qb.QueryTypeFormula:       QueryKindFormula,
+		qb.QueryTypeTraceOperator: QueryKindTraceOperator,
+		qb.QueryTypePromQL:        QueryKindPromQL,
+		qb.QueryTypeClickHouseSQL: QueryKindClickHouseSQL,
+	}
+)
+
+func validateDashboardV2(d StorableDashboardDataV2) error {
+	for name, ds := range d.Datasources {
+		if err := validateDatasourcePlugin(&ds.Plugin, fmt.Sprintf("spec.datasources.%s.plugin", name)); err != nil {
+			return err
+		}
+	}
+
+	for i, v := range d.Variables {
+		if err := validateVariablePlugin(v, fmt.Sprintf("spec.variables[%d]", i)); err != nil {
+			return err
+		}
+	}
+
+	for key, panel := range d.Panels {
+		if panel == nil {
+			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "spec.panels.%s: panel must not be null", key)
+		}
+		path := fmt.Sprintf("spec.panels.%s", key)
+		if err := validatePanelPlugin(&panel.Spec.Plugin, path+".spec.plugin"); err != nil {
+			return err
+		}
+		panelKind := PanelPluginKind(panel.Spec.Plugin.Kind)
+		allowed := allowedQueryKinds[panelKind]
+		for qi := range panel.Spec.Queries {
+			queryPath := fmt.Sprintf("%s.spec.queries[%d].spec.plugin", path, qi)
+			if err := validateQueryPlugin(&panel.Spec.Queries[qi].Spec.Plugin, queryPath); err != nil {
+				return err
+			}
+			if err := validateQueryAllowedForPanel(panel.Spec.Queries[qi].Spec.Plugin, allowed, panelKind, queryPath); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+func validateDatasourcePlugin(plugin *common.Plugin, path string) error {
+	kind := DatasourcePluginKind(plugin.Kind)
+	factory, ok := datasourcePluginSpecs[kind]
+	if !ok {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+			"%s: unknown datasource plugin kind %q; allowed values: %s", path, kind, formatEnum(kind.Enum()))
+	}
+	return validateAndNormalizePluginSpec(plugin, factory, path)
+}
+
+func validateVariablePlugin(v dashboard.Variable, path string) error {
+	switch spec := v.Spec.(type) {
+	case *dashboard.ListVariableSpec:
+		pluginPath := path + ".spec.plugin"
+		kind := VariablePluginKind(spec.Plugin.Kind)
+		factory, ok := variablePluginSpecs[kind]
+		if !ok {
+			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+				"%s: unknown variable plugin kind %q; allowed values: %s", pluginPath, kind, formatEnum(kind.Enum()))
+		}
+		return validateAndNormalizePluginSpec(&spec.Plugin, factory, pluginPath)
+	case *dashboard.TextVariableSpec:
+		// TextVariables have no plugin, nothing to validate.
+		return nil
+	default:
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "%s: unsupported variable kind %q", path, v.Kind)
+	}
+}
+
+func validatePanelPlugin(plugin *common.Plugin, path string) error {
+	kind := PanelPluginKind(plugin.Kind)
+	factory, ok := panelPluginSpecs[kind]
+	if !ok {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+			"%s: unknown panel plugin kind %q; allowed values: %s", path, kind, formatEnum(kind.Enum()))
+	}
+	return validateAndNormalizePluginSpec(plugin, factory, path)
+}
+
+func validateQueryPlugin(plugin *common.Plugin, path string) error {
+	kind := QueryPluginKind(plugin.Kind)
+	factory, ok := queryPluginSpecs[kind]
+	if !ok {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+			"%s: unknown query plugin kind %q; allowed values: %s", path, kind, formatEnum(kind.Enum()))
+	}
+	return validateAndNormalizePluginSpec(plugin, factory, path)
+}
+
+func formatEnum(values []any) string {
+	parts := make([]string, len(values))
+	for i, v := range values {
+		parts[i] = fmt.Sprintf("`%v`", v)
+	}
+	return strings.Join(parts, ", ")
+}
+
+// validateAndNormalizePluginSpec validates the plugin spec and writes the typed
+// struct (with defaults) back into plugin.Spec so that DB storage and API
+// responses contain normalized values.
+func validateAndNormalizePluginSpec(plugin *common.Plugin, factory func() any, path string) error {
+	if plugin.Kind == "" {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "%s: plugin kind is required", path)
+	}
+	if plugin.Spec == nil {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "%s: plugin spec is required", path)
+	}
+	// Re-marshal the spec and unmarshal into the typed struct.
+	specJSON, err := json.Marshal(plugin.Spec)
+	if err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s.spec", path)
+	}
+	target := factory()
+	decoder := json.NewDecoder(bytes.NewReader(specJSON))
+	decoder.DisallowUnknownFields()
+	if err := decoder.Decode(target); err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s.spec", path)
+	}
+	if err := validator.New().Struct(target); err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s.spec", path)
+	}
+	// Write the typed struct back so defaults are included.
+	plugin.Spec = target
+	return nil
+}
+
+// validateQueryAllowedForPanel checks that the query plugin kind is permitted
+// for the given panel. For composite queries it recurses into sub-queries.
+func validateQueryAllowedForPanel(plugin common.Plugin, allowed []QueryPluginKind, panelKind PanelPluginKind, path string) error {
+	queryKind := QueryPluginKind(plugin.Kind)
+	if !slices.Contains(allowed, queryKind) {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+			"%s: query kind %q is not supported by panel kind %q", path, queryKind, panelKind)
+	}
+
+	// For composite queries, validate each sub-query type.
+	if queryKind == QueryKindComposite && plugin.Spec != nil {
+		specJSON, err := json.Marshal(plugin.Spec)
+		if err != nil {
+			return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s.spec", path)
+		}
+		var composite struct {
+			Queries []struct {
+				Type qb.QueryType `json:"type"`
+			} `json:"queries"`
+		}
+		if err := json.Unmarshal(specJSON, &composite); err != nil {
+			return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s.spec", path)
+		}
+		for si, sub := range composite.Queries {
+			pluginKind, ok := compositeSubQueryTypeToPluginKind[sub.Type]
+			if !ok {
+				continue
+			}
+			if !slices.Contains(allowed, pluginKind) {
+				return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
+					"%s.spec.queries[%d]: sub-query type %q is not supported by panel kind %q",
+					path, si, sub.Type, panelKind)
+			}
+		}
+	}
+	return nil
+}

pkg/types/dashboardtypes/dashboard_v2_test.go

@@ -7,75 +7,33 @@ import (
 	"testing"
 	"time"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func unmarshalDashboard(data []byte) (*DashboardData, error) {
-	var d DashboardData
-	if err := json.Unmarshal(data, &d); err != nil {
-		return nil, err
-	}
-	return &d, nil
-}
-
 func TestValidateBigExample(t *testing.T) {
 	data, err := os.ReadFile("testdata/perses.json")
 	require.NoError(t, err, "reading example file")
-	_, err = unmarshalDashboard(data)
+	_, err = UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "expected valid dashboard")
 }
 
 func TestValidateDashboardWithSections(t *testing.T) {
 	data, err := os.ReadFile("testdata/perses_with_sections.json")
 	require.NoError(t, err, "reading example file")
-	_, err = unmarshalDashboard(data)
+	_, err = UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "expected valid dashboard")
 }
 
 func TestInvalidateNotAJSON(t *testing.T) {
-	_, err := unmarshalDashboard([]byte("not json"))
+	_, err := UnmarshalAndValidateDashboardV2JSON([]byte("not json"))
 	require.Error(t, err, "expected error for invalid JSON")
 }
 
-// TestUnmarshalErrorPreservesNestedMessage guards the wrap on dec.Decode in
-// DashboardData.UnmarshalJSON. The wrap stamps a consistent type/code on
-// decode failures, but must not smother the rich messages produced by nested
-// UnmarshalJSON methods (panel/query/variable/datasource plugin envelopes).
-func TestUnmarshalErrorPreservesNestedMessage(t *testing.T) {
-	data := []byte(`{
-		"panels": {
-			"p1": {
-				"kind": "Panel",
-				"spec": {
-					"plugin": {"kind": "NonExistentPanel", "spec": {}}
-				}
-			}
-		},
-		"layouts": []
-	}`)
-
-	_, err := unmarshalDashboard(data)
-	require.Error(t, err)
-
-	require.Contains(t, err.Error(), "unknown panel plugin kind",
-		"outer wrap should not smother the inner UnmarshalJSON message")
-	require.Contains(t, err.Error(), `"NonExistentPanel"`,
-		"the offending value should still appear in the error")
-	require.Contains(t, err.Error(), "allowed values:",
-		"the allowed-values hint should still appear in the error")
-
-	assert.True(t, errors.Ast(err, errors.TypeInvalidInput),
-		"outer wrap should classify the error as TypeInvalidInput")
-	assert.True(t, errors.Asc(err, ErrCodeDashboardInvalidInput),
-		"outer wrap should stamp ErrCodeDashboardInvalidInput")
-}
-
 func TestValidateEmptySpec(t *testing.T) {
 	// no variables no panels
 	data := []byte(`{}`)
-	_, err := unmarshalDashboard(data)
+	_, err := UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "expected valid")
 }
 
@@ -101,13 +59,17 @@ func TestValidateOnlyVariables(t *testing.T) {
 				"kind": "TextVariable",
 				"spec": {
 					"name": "mytext",
-					"value": "default"
+					"value": "default",
+					"plugin": {
+						"kind": "signoz/TextboxVariable",
+						"spec": {}
+					}
 				}
 			}
 		],
 		"layouts": []
 	}`)
-	_, err := unmarshalDashboard(data)
+	_, err := UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "expected valid")
 }
 
@@ -186,7 +148,7 @@ func TestInvalidateUnknownPluginKind(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := unmarshalDashboard([]byte(tt.data))
+			_, err := UnmarshalAndValidateDashboardV2JSON([]byte(tt.data))
 			require.Error(t, err, "expected error containing %q, got nil", tt.wantContain)
 			require.Contains(t, err.Error(), tt.wantContain, "error should mention %q", tt.wantContain)
 		})
@@ -207,7 +169,7 @@ func TestInvalidateOneInvalidPanel(t *testing.T) {
 		},
 		"layouts": []
 	}`)
-	_, err := unmarshalDashboard(data)
+	_, err := UnmarshalAndValidateDashboardV2JSON(data)
 	require.Error(t, err, "expected error for invalid panel plugin kind")
 	require.Contains(t, err.Error(), "FakePanel", "error should mention FakePanel")
 }
@@ -283,7 +245,7 @@ func TestRejectUnknownFieldsInPluginSpec(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := unmarshalDashboard([]byte(tt.data))
+			_, err := UnmarshalAndValidateDashboardV2JSON([]byte(tt.data))
 			require.Error(t, err, "expected error for unknown field")
 			require.Contains(t, err.Error(), tt.wantContain, "error should mention %q", tt.wantContain)
 		})
@@ -361,7 +323,7 @@ func TestInvalidateWrongFieldTypeInPluginSpec(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := unmarshalDashboard([]byte(tt.data))
+			_, err := UnmarshalAndValidateDashboardV2JSON([]byte(tt.data))
 			require.Error(t, err, "expected validation error")
 			if tt.wantContain != "" {
 				require.Contains(t, err.Error(), tt.wantContain, "error should mention %q", tt.wantContain)
@@ -569,69 +531,13 @@ func TestInvalidateBadPanelSpecValues(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := unmarshalDashboard([]byte(tt.data))
+			_, err := UnmarshalAndValidateDashboardV2JSON([]byte(tt.data))
 			require.Error(t, err, "expected error containing %q, got nil", tt.wantContain)
 			require.Contains(t, err.Error(), tt.wantContain, "error should mention %q", tt.wantContain)
 		})
 	}
 }
 
-func TestInvalidatePanelWithoutQueries(t *testing.T) {
-	data := []byte(`{
-		"panels": {
-			"p1": {
-				"kind": "Panel",
-				"spec": {"plugin": {"kind": "signoz/TimeSeriesPanel", "spec": {}}}
-			}
-		},
-		"layouts": []
-	}`)
-	_, err := unmarshalDashboard(data)
-	require.Error(t, err, "expected panel-without-queries to be rejected")
-	require.Contains(t, err.Error(), "panel must have one query")
-}
-
-func TestInvalidatePanelWithEmptyQueriesArray(t *testing.T) {
-	data := []byte(`{
-		"panels": {
-			"p1": {
-				"kind": "Panel",
-				"spec": {
-					"plugin": {"kind": "signoz/TimeSeriesPanel", "spec": {}},
-					"queries": []
-				}
-			}
-		},
-		"layouts": []
-	}`)
-	_, err := unmarshalDashboard(data)
-	require.Error(t, err, "expected panel with explicit empty queries array to be rejected")
-	require.Contains(t, err.Error(), "panel must have one query")
-}
-
-// Rendering multiple data sources in a single panel is supported via
-// signoz/CompositeQuery, not by listing multiple top-level queries.
-func TestInvalidatePanelWithMultipleDirectQueries(t *testing.T) {
-	data := []byte(`{
-		"panels": {
-			"p1": {
-				"kind": "Panel",
-				"spec": {
-					"plugin": {"kind": "signoz/TimeSeriesPanel", "spec": {}},
-					"queries": [
-						{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {"name": "A", "signal": "metrics"}}}},
-						{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {"name": "B", "signal": "metrics"}}}}
-					]
-				}
-			}
-		},
-		"layouts": []
-	}`)
-	_, err := unmarshalDashboard(data)
-	require.Error(t, err, "expected panel with two top-level queries to be rejected")
-	require.Contains(t, err.Error(), "panel must have one query")
-}
-
 func TestValidateRequiredFields(t *testing.T) {
 	wrapVariable := func(pluginKind, pluginSpec string) string {
 		return `{
@@ -720,7 +626,7 @@ func TestValidateRequiredFields(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := unmarshalDashboard([]byte(tt.data))
+			_, err := UnmarshalAndValidateDashboardV2JSON([]byte(tt.data))
 			require.Error(t, err, "expected error containing %q, got nil", tt.wantContain)
 			require.Contains(t, err.Error(), tt.wantContain, "error should mention %q", tt.wantContain)
 		})
@@ -736,14 +642,13 @@ func TestTimeSeriesPanelDefaults(t *testing.T) {
 					"plugin": {
 						"kind": "signoz/TimeSeriesPanel",
 						"spec": {}
-					},
-					"queries": [{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/PromQLQuery", "spec": {"name": "A", "query": "up"}}}}]
+					}
 				}
 			}
 		},
 		"layouts": []
 	}`)
-	d, err := unmarshalDashboard(data)
+	d, err := UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "unmarshal and validate failed")
 
 	// After validation+normalization, the plugin spec should be a typed struct.
@@ -784,14 +689,13 @@ func TestNumberPanelDefaults(t *testing.T) {
 					"plugin": {
 						"kind": "signoz/NumberPanel",
 						"spec": {"thresholds": [{"value": 100, "color": "Red"}]}
-					},
-					"queries": [{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/PromQLQuery", "spec": {"name": "A", "query": "up"}}}}]
+					}
 				}
 			}
 		},
 		"layouts": []
 	}`)
-	d, err := unmarshalDashboard(data)
+	d, err := UnmarshalAndValidateDashboardV2JSON(data)
 	require.NoError(t, err, "unmarshal and validate failed")
 
 	require.IsType(t, &NumberPanelSpec{}, d.Panels["p1"].Spec.Plugin.Spec)
@@ -812,30 +716,6 @@ func TestNumberPanelDefaults(t *testing.T) {
 		"expected stored/response JSON to contain operator:>, got: %s", outputStr)
 }
 
-// TestPersesFixtureStorageRoundTrip exercises the typed → map[string]any →
-// typed cycle that the create/get path performs against the kitchen-sink
-// fixture. Catches plugin specs whose UnmarshalJSON expects a different shape
-// than the default MarshalJSON emits.
-func TestPersesFixtureStorageRoundTrip(t *testing.T) {
-	raw, err := os.ReadFile("testdata/perses.json")
-	require.NoError(t, err)
-
-	var data DashboardData
-	require.NoError(t, json.Unmarshal(raw, &data), "initial unmarshal")
-
-	marshaled, err := json.Marshal(data)
-	require.NoError(t, err, "marshal typed → JSON")
-
-	var asMap map[string]any
-	require.NoError(t, json.Unmarshal(marshaled, &asMap), "JSON → map (storage shape)")
-
-	remarshaled, err := json.Marshal(asMap)
-	require.NoError(t, err, "map → JSON (read-back shape)")
-
-	var roundtripped DashboardData
-	require.NoError(t, json.Unmarshal(remarshaled, &roundtripped), "JSON → typed (the failure mode)")
-}
-
 // TestStorageRoundTrip simulates the future DB store/load cycle:
 // marshal the normalized dashboard to JSON (what would be written to DB),
 // then unmarshal it back (what would be read from DB), and verify defaults survive.
@@ -848,8 +728,7 @@ func TestStorageRoundTrip(t *testing.T) {
 					"plugin": {
 						"kind": "signoz/TimeSeriesPanel",
 						"spec": {}
-					},
-					"queries": [{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/PromQLQuery", "spec": {"name": "A", "query": "up"}}}}]
+					}
 				}
 			},
 			"p2": {
@@ -858,8 +737,7 @@ func TestStorageRoundTrip(t *testing.T) {
 					"plugin": {
 						"kind": "signoz/NumberPanel",
 						"spec": {"thresholds": [{"value": 100, "color": "Red"}]}
-					},
-					"queries": [{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/PromQLQuery", "spec": {"name": "A", "query": "up"}}}}]
+					}
 				}
 			}
 		},
@@ -867,7 +745,7 @@ func TestStorageRoundTrip(t *testing.T) {
 	}`)
 
 	// Step 1: Unmarshal + validate + normalize (what the API handler does).
-	d, err := unmarshalDashboard(input)
+	d, err := UnmarshalAndValidateDashboardV2JSON(input)
 	require.NoError(t, err, "unmarshal and validate failed")
 
 	// Step 1.5: Verify struct fields have correct defaults (extra validation before storing).
@@ -887,7 +765,7 @@ func TestStorageRoundTrip(t *testing.T) {
 	require.NoError(t, err, "marshal for storage failed")
 
 	// Step 3: Unmarshal from JSON (simulates reading from DB).
-	loaded, err := unmarshalDashboard(stored)
+	loaded, err := UnmarshalAndValidateDashboardV2JSON(stored)
 	require.NoError(t, err, "unmarshal from storage failed")
 
 	// Step 3.5: Verify struct fields have correct defaults after loading (before returning in API).
@@ -1000,7 +878,7 @@ func TestPanelTypeQueryTypeCompatibility(t *testing.T) {
 
 	for _, tc := range cases {
 		t.Run(tc.name, func(t *testing.T) {
-			_, err := unmarshalDashboard(tc.data)
+			_, err := UnmarshalAndValidateDashboardV2JSON(tc.data)
 			if tc.wantErr {
 				require.Error(t, err)
 			} else {

pkg/types/dashboardtypes/perses_dashboard_data.go

@@ -1,107 +0,0 @@
-package dashboardtypes
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"slices"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	qb "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	v1 "github.com/perses/perses/pkg/model/api/v1"
-	"github.com/perses/perses/pkg/model/api/v1/common"
-)
-
-// DashboardData is the SigNoz dashboard v2 spec shape. It mirrors
-// v1.DashboardSpec (Perses) field-for-field, except every common.Plugin
-// occurrence is replaced with a typed SigNoz plugin whose OpenAPI schema is a
-// per-site discriminated oneOf.
-type DashboardData struct {
-	Display         *common.Display            `json:"display,omitempty"`
-	Datasources     map[string]*DatasourceSpec `json:"datasources,omitempty"`
-	Variables       []Variable                 `json:"variables,omitempty"`
-	Panels          map[string]*Panel          `json:"panels"`
-	Layouts         []Layout                   `json:"layouts"`
-	Duration        common.DurationString      `json:"duration"`
-	RefreshInterval common.DurationString      `json:"refreshInterval,omitempty"`
-	Links           []v1.Link                  `json:"links,omitempty"`
-}
-
-// ══════════════════════════════════════════════
-// Unmarshal + validate entry point
-// ══════════════════════════════════════════════
-
-func (d *DashboardData) UnmarshalJSON(data []byte) error {
-	dec := json.NewDecoder(bytes.NewReader(data))
-	dec.DisallowUnknownFields()
-	type alias DashboardData
-	var tmp alias
-	if err := dec.Decode(&tmp); err != nil {
-		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "invalid dashboard spec")
-	}
-	*d = DashboardData(tmp)
-	return d.Validate()
-}
-
-// ══════════════════════════════════════════════
-// Cross-field validation
-// ══════════════════════════════════════════════
-
-func (d *DashboardData) Validate() error {
-	for key, panel := range d.Panels {
-		if panel == nil {
-			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "spec.panels.%s: panel must not be null", key)
-		}
-		path := fmt.Sprintf("spec.panels.%s", key)
-		panelKind := panel.Spec.Plugin.Kind
-		if len(panel.Spec.Queries) != 1 {
-			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "%s.spec.queries: panel must have one query", path)
-		}
-		allowed := allowedQueryKinds[panelKind]
-		for qi, q := range panel.Spec.Queries {
-			queryPath := fmt.Sprintf("%s.spec.queries[%d].spec.plugin", path, qi)
-			if err := validateQueryAllowedForPanel(q.Spec.Plugin, allowed, panelKind, queryPath); err != nil {
-				return err
-			}
-		}
-	}
-	return nil
-}
-
-func validateQueryAllowedForPanel(plugin QueryPlugin, allowed []QueryPluginKind, panelKind PanelPluginKind, path string) error {
-	if !slices.Contains(allowed, plugin.Kind) {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
-			"%s: query kind %q is not supported by panel kind %q", path, plugin.Kind, panelKind)
-	}
-
-	if plugin.Kind != QueryKindComposite {
-		return nil
-	}
-	composite, ok := plugin.Spec.(*CompositeQuerySpec)
-	if !ok || composite == nil {
-		// Unreachable via UnmarshalJSON; reaching here means a Go caller broke the Kind/Spec pairing.
-		return errors.NewInternalf(errors.CodeInternal, "%s: composite query plugin has unexpected spec type %T", path, plugin.Spec)
-	}
-	for si, sub := range composite.Queries {
-		subKind, ok := compositeSubQueryTypeToPluginKind[sub.Type]
-		if !ok {
-			continue
-		}
-		if !slices.Contains(allowed, subKind) {
-			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput,
-				"%s.spec.queries[%d]: sub-query type %q is not supported by panel kind %q",
-				path, si, sub.Type, panelKind)
-		}
-	}
-	return nil
-}
-
-var (
-	compositeSubQueryTypeToPluginKind = map[qb.QueryType]QueryPluginKind{
-		qb.QueryTypeBuilder:       QueryKindBuilder,
-		qb.QueryTypeFormula:       QueryKindFormula,
-		qb.QueryTypeTraceOperator: QueryKindTraceOperator,
-		qb.QueryTypePromQL:        QueryKindPromQL,
-		qb.QueryTypeClickHouseSQL: QueryKindClickHouseSQL,
-	}
-)

pkg/types/dashboardtypes/perses_drift_test.go

@@ -1,170 +0,0 @@
-package dashboardtypes
-
-// TestDashboardDataMatchesPerses asserts that DashboardData
-// and every nested SigNoz-owned type cover the JSON field set of their Perses
-// counterpart.
-
-import (
-	"reflect"
-	"sort"
-	"strings"
-	"testing"
-
-	v1 "github.com/perses/perses/pkg/model/api/v1"
-	"github.com/perses/perses/pkg/model/api/v1/dashboard"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestDashboardDataMatchesPerses(t *testing.T) {
-	cases := []struct {
-		name   string
-		ours   reflect.Type
-		perses reflect.Type
-	}{
-		{"DashboardSpec", typeOf[DashboardData](), typeOf[v1.DashboardSpec]()},
-		{"Panel", typeOf[Panel](), typeOf[v1.Panel]()},
-		{"PanelSpec", typeOf[PanelSpec](), typeOf[v1.PanelSpec]()},
-		{"Query", typeOf[Query](), typeOf[v1.Query]()},
-		{"QuerySpec", typeOf[QuerySpec](), typeOf[v1.QuerySpec]()},
-		{"DatasourceSpec", typeOf[DatasourceSpec](), typeOf[v1.DatasourceSpec]()},
-		{"Variable", typeOf[Variable](), typeOf[dashboard.Variable]()},
-		{"ListVariableSpec", typeOf[ListVariableSpec](), typeOf[dashboard.ListVariableSpec]()},
-		{"Layout", typeOf[Layout](), typeOf[dashboard.Layout]()},
-	}
-
-	for _, c := range cases {
-		t.Run(c.name, func(t *testing.T) {
-			missing, extra := drift(c.ours, c.perses)
-
-			assert.Empty(t, missing,
-				"DashboardData (%s) is missing json fields present on Perses %s — upstream likely added or renamed a field",
-				c.ours.Name(), c.perses.Name())
-			assert.Empty(t, extra,
-				"DashboardData (%s) has json fields absent on Perses %s — upstream likely removed a field or we added one without the counterpart",
-				c.ours.Name(), c.perses.Name())
-		})
-	}
-}
-
-func TestDriftDetectionMechanics(t *testing.T) {
-	t.Run("upstream added a field", func(t *testing.T) {
-		type ours struct {
-			Name string `json:"name"`
-		}
-		type perses struct {
-			Name        string `json:"name"`
-			Description string `json:"description"`
-		}
-		missing, extra := drift(typeOf[ours](), typeOf[perses]())
-		assert.Equal(t, []string{"description"}, missing, "missing fires: upstream has a field we don't")
-		assert.Empty(t, extra)
-	})
-
-	t.Run("upstream removed a field", func(t *testing.T) {
-		type ours struct {
-			Name        string `json:"name"`
-			Description string `json:"description"`
-		}
-		type perses struct {
-			Name string `json:"name"`
-		}
-		missing, extra := drift(typeOf[ours](), typeOf[perses]())
-		assert.Empty(t, missing)
-		assert.Equal(t, []string{"description"}, extra, "extra fires: we kept a field upstream removed")
-	})
-
-	t.Run("upstream renamed a field", func(t *testing.T) {
-		type ours struct {
-			Name string `json:"name"`
-		}
-		type perses struct {
-			Name string `json:"title"`
-		}
-		missing, extra := drift(typeOf[ours](), typeOf[perses]())
-		assert.Equal(t, []string{"title"}, missing, "missing fires for the new name")
-		assert.Equal(t, []string{"name"}, extra, "extra fires for the old name — both fire on a rename")
-	})
-
-	t.Run("we added a field upstream does not have", func(t *testing.T) {
-		type ours struct {
-			Name     string `json:"name"`
-			Internal string `json:"internal"`
-		}
-		type perses struct {
-			Name string `json:"name"`
-		}
-		missing, extra := drift(typeOf[ours](), typeOf[perses]())
-		assert.Empty(t, missing)
-		assert.Equal(t, []string{"internal"}, extra, "extra fires: we added a field with no upstream counterpart")
-	})
-
-	t.Run("embedded struct flattens — drift inside the embed is caught", func(t *testing.T) {
-		type embedded struct {
-			Display string `json:"display"`
-			NewBit  string `json:"newBit"` // upstream added this inside the embed
-		}
-		type ours struct {
-			Display string `json:"display"`
-			Name    string `json:"name"`
-		}
-		type perses struct {
-			embedded `json:",inline"`
-			Name     string `json:"name"`
-		}
-		missing, extra := drift(typeOf[ours](), typeOf[perses]())
-		assert.Equal(t, []string{"newBit"}, missing, "field added inside an inlined embed surfaces at the parent level")
-		assert.Empty(t, extra)
-	})
-}
-
-func drift(ours, perses reflect.Type) (missing, extra []string) {
-	o, p := jsonFields(ours), jsonFields(perses)
-	return sortedDiff(p, o), sortedDiff(o, p)
-}
-
-// jsonFields returns the set of json tag names for a struct, flattening
-// anonymous embedded fields (matching encoding/json behavior).
-func jsonFields(t reflect.Type) map[string]struct{} {
-	out := map[string]struct{}{}
-	if t.Kind() != reflect.Struct {
-		return out
-	}
-	for i := 0; i < t.NumField(); i++ {
-		f := t.Field(i)
-		// Skip unexported fields (e.g., dashboard.ListVariableSpec has an
-		// unexported `variableSpec` interface tag).
-		if !f.IsExported() && !f.Anonymous {
-			continue
-		}
-		tag := f.Tag.Get("json")
-		name := strings.Split(tag, ",")[0]
-		// Anonymous embed with empty json name (no tag, or `json:",inline"` /
-		// `json:",omitempty"`-style options-only tag) is flattened by encoding/json.
-		if f.Anonymous && name == "" {
-			for k := range jsonFields(f.Type) {
-				out[k] = struct{}{}
-			}
-			continue
-		}
-		if tag == "-" || name == "" {
-			continue
-		}
-		out[name] = struct{}{}
-	}
-	return out
-}
-
-// sortedDiff returns keys in a but not in b, sorted.
-func sortedDiff(a, b map[string]struct{}) []string {
-	var diff []string
-	for k := range a {
-		if _, ok := b[k]; !ok {
-			diff = append(diff, k)
-		}
-	}
-	sort.Strings(diff)
-	return diff
-}
-
-func typeOf[T any]() reflect.Type { return reflect.TypeOf((*T)(nil)).Elem() }

pkg/types/dashboardtypes/perses_plugin_types.go

@@ -8,7 +8,6 @@ import (
 	qb "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/swaggest/jsonschema-go"
 )
 
 // ══════════════════════════════════════════════
@@ -21,10 +20,11 @@ const (
 	VariableKindDynamic VariablePluginKind = "signoz/DynamicVariable"
 	VariableKindQuery   VariablePluginKind = "signoz/QueryVariable"
 	VariableKindCustom  VariablePluginKind = "signoz/CustomVariable"
+	VariableKindTextbox VariablePluginKind = "signoz/TextboxVariable"
 )
 
 func (VariablePluginKind) Enum() []any {
-	return []any{VariableKindDynamic, VariableKindQuery, VariableKindCustom}
+	return []any{VariableKindDynamic, VariableKindQuery, VariableKindCustom, VariableKindTextbox}
 }
 
 type DynamicVariableSpec struct {
@@ -42,6 +42,8 @@ type CustomVariableSpec struct {
 	CustomValue string `json:"customValue" validate:"required" required:"true"`
 }
 
+type TextboxVariableSpec struct{}
+
 // ══════════════════════════════════════════════
 // SigNoz query plugin specs — aliased from querybuildertypesv5
 // ══════════════════════════════════════════════
@@ -85,30 +87,6 @@ func (b *BuilderQuerySpec) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
-// MarshalJSON delegates to the inner Spec so the on-wire shape matches what
-// UnmarshalJSON expects (a flat builder-query payload with `signal` at the top
-// level). Without this, Go's default would wrap it as {"Spec": {...}} and the
-// signal-dispatch on read would fail.
-func (b BuilderQuerySpec) MarshalJSON() ([]byte, error) {
-	return json.Marshal(b.Spec)
-}
-
-// PrepareJSONSchema drops the reflected struct shape so only the
-// JSONSchemaOneOf result binds.
-func (BuilderQuerySpec) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-// JSONSchemaOneOf exposes the three signal-dispatched shapes a builder query
-// can take. Mirrors qb.UnmarshalBuilderQueryBySignal's runtime dispatch.
-func (BuilderQuerySpec) JSONSchemaOneOf() []any {
-	return []any{
-		qb.QueryBuilderQuery[qb.LogAggregation]{},
-		qb.QueryBuilderQuery[qb.MetricAggregation]{},
-		qb.QueryBuilderQuery[qb.TraceAggregation]{},
-	}
-}
-
 // ══════════════════════════════════════════════
 // SigNoz panel plugin specs
 // ══════════════════════════════════════════════

pkg/types/dashboardtypes/perses_plugin_wrappers.go

@@ -1,312 +0,0 @@
-package dashboardtypes
-
-import (
-	"bytes"
-	"encoding/json"
-	"maps"
-	"slices"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-
-	"github.com/go-playground/validator/v10"
-	"github.com/swaggest/jsonschema-go"
-)
-
-// ══════════════════════════════════════════════
-// Panel plugin
-// ══════════════════════════════════════════════
-
-type PanelPlugin struct {
-	Kind PanelPluginKind `json:"kind"`
-	Spec any             `json:"spec"`
-}
-
-// PrepareJSONSchema drops the reflected struct shape (type: object, properties)
-// from the envelope so that only the JSONSchemaOneOf result binds.
-func (PanelPlugin) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (p *PanelPlugin) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	factory, ok := panelPluginSpecs[PanelPluginKind(kind)]
-	if !ok {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown panel plugin kind %q; allowed values: %s", kind, allowedValuesForKind(slices.Sorted(maps.Keys(panelPluginSpecs))))
-	}
-	spec, err := decodeSpec(specJSON, factory(), kind)
-	if err != nil {
-		return err
-	}
-	p.Kind = PanelPluginKind(kind)
-	p.Spec = spec
-	return nil
-}
-
-func (PanelPlugin) JSONSchemaOneOf() []any {
-	return []any{
-		PanelPluginVariant[TimeSeriesPanelSpec]{Kind: string(PanelKindTimeSeries)},
-		PanelPluginVariant[BarChartPanelSpec]{Kind: string(PanelKindBarChart)},
-		PanelPluginVariant[NumberPanelSpec]{Kind: string(PanelKindNumber)},
-		PanelPluginVariant[PieChartPanelSpec]{Kind: string(PanelKindPieChart)},
-		PanelPluginVariant[TablePanelSpec]{Kind: string(PanelKindTable)},
-		PanelPluginVariant[HistogramPanelSpec]{Kind: string(PanelKindHistogram)},
-		PanelPluginVariant[ListPanelSpec]{Kind: string(PanelKindList)},
-	}
-}
-
-type PanelPluginVariant[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v PanelPluginVariant[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}
-
-// ══════════════════════════════════════════════
-// Query plugin
-// ══════════════════════════════════════════════
-
-type QueryPlugin struct {
-	Kind QueryPluginKind `json:"kind"`
-	Spec any             `json:"spec"`
-}
-
-func (QueryPlugin) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (p *QueryPlugin) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	factory, ok := queryPluginSpecs[QueryPluginKind(kind)]
-	if !ok {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown query plugin kind %q; allowed values: %s", kind, allowedValuesForKind(slices.Sorted(maps.Keys(queryPluginSpecs))))
-	}
-	spec, err := decodeSpec(specJSON, factory(), kind)
-	if err != nil {
-		return err
-	}
-	p.Kind = QueryPluginKind(kind)
-	p.Spec = spec
-	return nil
-}
-
-func (QueryPlugin) JSONSchemaOneOf() []any {
-	return []any{
-		QueryPluginVariant[BuilderQuerySpec]{Kind: string(QueryKindBuilder)},
-		QueryPluginVariant[CompositeQuerySpec]{Kind: string(QueryKindComposite)},
-		QueryPluginVariant[FormulaSpec]{Kind: string(QueryKindFormula)},
-		QueryPluginVariant[PromQLQuerySpec]{Kind: string(QueryKindPromQL)},
-		QueryPluginVariant[ClickHouseSQLQuerySpec]{Kind: string(QueryKindClickHouseSQL)},
-		QueryPluginVariant[TraceOperatorSpec]{Kind: string(QueryKindTraceOperator)},
-	}
-}
-
-type QueryPluginVariant[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v QueryPluginVariant[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}
-
-// ══════════════════════════════════════════════
-// Variable plugin
-// ══════════════════════════════════════════════
-
-type VariablePlugin struct {
-	Kind VariablePluginKind `json:"kind"`
-	Spec any                `json:"spec"`
-}
-
-func (VariablePlugin) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (p *VariablePlugin) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	factory, ok := variablePluginSpecs[VariablePluginKind(kind)]
-	if !ok {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown variable plugin kind %q; allowed values: %s", kind, allowedValuesForKind(slices.Sorted(maps.Keys(variablePluginSpecs))))
-	}
-	spec, err := decodeSpec(specJSON, factory(), kind)
-	if err != nil {
-		return err
-	}
-	p.Kind = VariablePluginKind(kind)
-	p.Spec = spec
-	return nil
-}
-
-func (VariablePlugin) JSONSchemaOneOf() []any {
-	return []any{
-		VariablePluginVariant[DynamicVariableSpec]{Kind: string(VariableKindDynamic)},
-		VariablePluginVariant[QueryVariableSpec]{Kind: string(VariableKindQuery)},
-		VariablePluginVariant[CustomVariableSpec]{Kind: string(VariableKindCustom)},
-	}
-}
-
-type VariablePluginVariant[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v VariablePluginVariant[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}
-
-// ══════════════════════════════════════════════
-// Datasource plugin
-// ══════════════════════════════════════════════
-
-type DatasourcePlugin struct {
-	Kind DatasourcePluginKind `json:"kind"`
-	Spec any                  `json:"spec"`
-}
-
-func (DatasourcePlugin) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (p *DatasourcePlugin) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	factory, ok := datasourcePluginSpecs[DatasourcePluginKind(kind)]
-	if !ok {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown datasource plugin kind %q; allowed values: %s", kind, allowedValuesForKind(slices.Sorted(maps.Keys(datasourcePluginSpecs))))
-	}
-	spec, err := decodeSpec(specJSON, factory(), kind)
-	if err != nil {
-		return err
-	}
-	p.Kind = DatasourcePluginKind(kind)
-	p.Spec = spec
-	return nil
-}
-
-func (DatasourcePlugin) JSONSchemaOneOf() []any {
-	return []any{
-		DatasourcePluginVariant[struct{}]{Kind: string(DatasourceKindSigNoz)},
-	}
-}
-
-type DatasourcePluginVariant[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v DatasourcePluginVariant[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}
-
-// ══════════════════════════════════════════════
-// Helpers
-// ══════════════════════════════════════════════
-
-var (
-	panelPluginSpecs = map[PanelPluginKind]func() any{
-		PanelKindTimeSeries: func() any { return new(TimeSeriesPanelSpec) },
-		PanelKindBarChart:   func() any { return new(BarChartPanelSpec) },
-		PanelKindNumber:     func() any { return new(NumberPanelSpec) },
-		PanelKindPieChart:   func() any { return new(PieChartPanelSpec) },
-		PanelKindTable:      func() any { return new(TablePanelSpec) },
-		PanelKindHistogram:  func() any { return new(HistogramPanelSpec) },
-		PanelKindList:       func() any { return new(ListPanelSpec) },
-	}
-	queryPluginSpecs = map[QueryPluginKind]func() any{
-		QueryKindBuilder:       func() any { return new(BuilderQuerySpec) },
-		QueryKindComposite:     func() any { return new(CompositeQuerySpec) },
-		QueryKindFormula:       func() any { return new(FormulaSpec) },
-		QueryKindPromQL:        func() any { return new(PromQLQuerySpec) },
-		QueryKindClickHouseSQL: func() any { return new(ClickHouseSQLQuerySpec) },
-		QueryKindTraceOperator: func() any { return new(TraceOperatorSpec) },
-	}
-	variablePluginSpecs = map[VariablePluginKind]func() any{
-		VariableKindDynamic: func() any { return new(DynamicVariableSpec) },
-		VariableKindQuery:   func() any { return new(QueryVariableSpec) },
-		VariableKindCustom:  func() any { return new(CustomVariableSpec) },
-	}
-	datasourcePluginSpecs = map[DatasourcePluginKind]func() any{
-		DatasourceKindSigNoz: func() any { return new(struct{}) },
-	}
-
-	allowedQueryKinds = map[PanelPluginKind][]QueryPluginKind{
-		PanelKindTimeSeries: {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
-		PanelKindBarChart:   {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
-		PanelKindNumber:     {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
-		PanelKindHistogram:  {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindPromQL, QueryKindClickHouseSQL},
-		PanelKindPieChart:   {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindClickHouseSQL},
-		PanelKindTable:      {QueryKindBuilder, QueryKindComposite, QueryKindFormula, QueryKindTraceOperator, QueryKindClickHouseSQL},
-		PanelKindList:       {QueryKindBuilder},
-	}
-)
-
-func allowedValuesForKind[K ~string](kinds []K) string {
-	parts := make([]string, len(kinds))
-	for i, k := range kinds {
-		parts[i] = "`" + string(k) + "`"
-	}
-	return strings.Join(parts, ", ")
-}
-
-// extractKindAndSpec parses a {"kind": "...", "spec": {...}} envelope and returns
-// kind and the raw spec bytes for typed decoding.
-func extractKindAndSpec(data []byte) (string, []byte, error) {
-	var head struct {
-		Kind string          `json:"kind"`
-		Spec json.RawMessage `json:"spec"`
-	}
-	if err := json.Unmarshal(data, &head); err != nil {
-		return "", nil, errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "invalid plugin envelope")
-	}
-	return head.Kind, head.Spec, nil
-}
-
-// decodeSpec strict-decodes a spec JSON into target and runs struct-tag validation (go-playground/validator).
-func decodeSpec(specJSON []byte, target any, kind string) (any, error) {
-	if len(specJSON) == 0 {
-		return nil, errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "kind %q: spec is required", kind)
-	}
-	dec := json.NewDecoder(bytes.NewReader(specJSON))
-	dec.DisallowUnknownFields()
-	if err := dec.Decode(target); err != nil {
-		return nil, errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "kind %q: invalid spec JSON", kind)
-	}
-	if err := validator.New().Struct(target); err != nil {
-		return nil, errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "kind %q: spec failed validation", kind)
-	}
-	return target, nil
-}
-
-// clearOneOfParentShape drops Type and Properties on a schema that also has a JSONSchemaOneOf.
-func clearOneOfParentShape(s *jsonschema.Schema) error {
-	s.Type = nil
-	s.Properties = nil
-	return nil
-}
-
-// restrictKindToOneValue ensures that the schema only allows one Kind value for a type.
-// For eg. PanelPluginVariant[TimeSeriesPanelSpec]{Kind: string(PanelKindTimeSeries)} should
-// only allow "signoz/TimeSeriesPanel" in its kind field.
-func restrictKindToOneValue(schema *jsonschema.Schema, kind string) error {
-	kindProp, ok := schema.Properties["kind"]
-	if !ok || kindProp.TypeObject == nil {
-		return errors.NewInternalf(errors.CodeInternal, "variant schema missing `kind` property")
-	}
-	kindProp.TypeObject.WithEnum(kind)
-	schema.Properties["kind"] = kindProp
-	return nil
-}

pkg/types/dashboardtypes/perses_replicas.go

@@ -1,182 +0,0 @@
-package dashboardtypes
-
-import (
-	"maps"
-	"slices"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	v1 "github.com/perses/perses/pkg/model/api/v1"
-	"github.com/perses/perses/pkg/model/api/v1/common"
-	"github.com/perses/perses/pkg/model/api/v1/dashboard"
-	"github.com/perses/perses/pkg/model/api/v1/variable"
-	"github.com/swaggest/jsonschema-go"
-)
-
-// ══════════════════════════════════════════════
-// Datasource
-// ══════════════════════════════════════════════
-
-type DatasourceSpec struct {
-	Display *common.Display  `json:"display,omitempty"`
-	Default bool             `json:"default"`
-	Plugin  DatasourcePlugin `json:"plugin"`
-}
-
-// ══════════════════════════════════════════════
-// Panel
-// ══════════════════════════════════════════════
-
-type Panel struct {
-	Kind string    `json:"kind"`
-	Spec PanelSpec `json:"spec"`
-}
-
-type PanelSpec struct {
-	Display *v1.PanelDisplay `json:"display,omitempty"`
-	Plugin  PanelPlugin      `json:"plugin"`
-	Queries []Query          `json:"queries,omitempty"`
-	Links   []v1.Link        `json:"links,omitempty"`
-}
-
-// ══════════════════════════════════════════════
-// Query
-// ══════════════════════════════════════════════
-
-type Query struct {
-	Kind string    `json:"kind"`
-	Spec QuerySpec `json:"spec"`
-}
-
-type QuerySpec struct {
-	Name   string      `json:"name,omitempty"`
-	Plugin QueryPlugin `json:"plugin"`
-}
-
-// ══════════════════════════════════════════════
-// Variable
-// ══════════════════════════════════════════════
-
-// Variable is the list/text sum type. Spec is set to *ListVariableSpec or
-// *dashboard.TextVariableSpec by UnmarshalJSON based on Kind. The schema is a
-// discriminated oneOf (see JSONSchemaOneOf).
-type Variable struct {
-	Kind variable.Kind `json:"kind"`
-	Spec any           `json:"spec"`
-}
-
-func (Variable) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (v *Variable) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	switch kind {
-	case string(variable.KindList):
-		spec, err := decodeSpec(specJSON, new(ListVariableSpec), kind)
-		if err != nil {
-			return err
-		}
-		v.Kind = variable.KindList
-		v.Spec = spec
-	case string(variable.KindText):
-		spec, err := decodeSpec(specJSON, new(dashboard.TextVariableSpec), kind)
-		if err != nil {
-			return err
-		}
-		v.Kind = variable.KindText
-		v.Spec = spec
-	default:
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown variable kind %q; allowed values: %s", kind, allowedValuesForKind([]variable.Kind{variable.KindList, variable.KindText}))
-	}
-	return nil
-}
-
-func (Variable) JSONSchemaOneOf() []any {
-	return []any{
-		VariableEnvelope[ListVariableSpec]{Kind: string(variable.KindList)},
-		VariableEnvelope[dashboard.TextVariableSpec]{Kind: string(variable.KindText)},
-	}
-}
-
-type VariableEnvelope[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v VariableEnvelope[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}
-
-// ListVariableSpec mirrors dashboard.ListVariableSpec (variable.ListSpec
-// fields + Name) but with a typed VariablePlugin replacing common.Plugin.
-type ListVariableSpec struct {
-	Display         *variable.Display      `json:"display,omitempty"`
-	DefaultValue    *variable.DefaultValue `json:"defaultValue,omitempty"`
-	AllowAllValue   bool                   `json:"allowAllValue"`
-	AllowMultiple   bool                   `json:"allowMultiple"`
-	CustomAllValue  string                 `json:"customAllValue,omitempty"`
-	CapturingRegexp string                 `json:"capturingRegexp,omitempty"`
-	Sort            *variable.Sort         `json:"sort,omitempty"`
-	Plugin          VariablePlugin         `json:"plugin"`
-	Name            string                 `json:"name"`
-}
-
-// ══════════════════════════════════════════════
-// Layout
-// ══════════════════════════════════════════════
-
-// Layout is the dashboard layout sum type. Spec is populated by UnmarshalJSON
-// with the concrete layout spec struct (today only dashboard.GridLayoutSpec)
-// based on Kind. No plugin is involved, so we reuse the Perses spec types as
-// leaf imports.
-type Layout struct {
-	Kind dashboard.LayoutKind `json:"kind"`
-	Spec any                  `json:"spec"`
-}
-
-// layoutSpecs is the layout sum type factory. Perses only defines
-// KindGridLayout today; adding a new kind upstream surfaces as an
-// "unknown layout kind" runtime error here until we add it.
-var layoutSpecs = map[dashboard.LayoutKind]func() any{
-	dashboard.KindGridLayout: func() any { return new(dashboard.GridLayoutSpec) },
-}
-
-func (Layout) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return clearOneOfParentShape(s)
-}
-
-func (l *Layout) UnmarshalJSON(data []byte) error {
-	kind, specJSON, err := extractKindAndSpec(data)
-	if err != nil {
-		return err
-	}
-	factory, ok := layoutSpecs[dashboard.LayoutKind(kind)]
-	if !ok {
-		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "unknown layout kind %q; allowed values: %s", kind, allowedValuesForKind(slices.Sorted(maps.Keys(layoutSpecs))))
-	}
-	spec, err := decodeSpec(specJSON, factory(), kind)
-	if err != nil {
-		return err
-	}
-	l.Kind = dashboard.LayoutKind(kind)
-	l.Spec = spec
-	return nil
-}
-
-func (Layout) JSONSchemaOneOf() []any {
-	return []any{
-		LayoutEnvelope[dashboard.GridLayoutSpec]{Kind: string(dashboard.KindGridLayout)},
-	}
-}
-
-type LayoutEnvelope[S any] struct {
-	Kind string `json:"kind" required:"true"`
-	Spec S      `json:"spec" required:"true"`
-}
-
-func (v LayoutEnvelope[S]) PrepareJSONSchema(s *jsonschema.Schema) error {
-	return restrictKindToOneValue(s, v.Kind)
-}

pkg/types/dashboardtypes/testdata/perses.json

@@ -76,7 +76,11 @@
                 "display": {
                     "name": "textboxvar"
                 },
-                "value": "defaultvaluegoeshere"
+                "value": "defaultvaluegoeshere",
+                "plugin": {
+                    "kind": "signoz/TextboxVariable",
+                    "spec": {}
+                }
             }
         }
     ],

pkg/types/querybuildertypes/querybuildertypesv5/validation.go

@@ -47,13 +47,12 @@ const (
 type ValidationOption func(*validationConfig)
 
 type validationConfig struct {
-	skipLimitOffsetValidation      bool
-	skipAggregationValidation      bool
-	skipHavingValidation           bool
-	skipAggregationOrderBy         bool
-	skipSelectFieldValidation      bool
-	skipGroupByValidation          bool
-	withTimestampGroupByValidation bool
+	skipLimitOffsetValidation bool
+	skipAggregationValidation bool
+	skipHavingValidation      bool
+	skipAggregationOrderBy    bool
+	skipSelectFieldValidation bool
+	skipGroupByValidation     bool
 }
 
 func applyValidationOptions(opts []ValidationOption) validationConfig {
@@ -112,13 +111,6 @@ func WithSkipGroupByValidation() ValidationOption {
 	}
 }
 
-// WithTimestampGroupByValidation enables validation to disallow grouping by timestamp field.
-func WithTimestampGroupByValidation() ValidationOption {
-	return func(cfg *validationConfig) {
-		cfg.withTimestampGroupByValidation = true
-	}
-}
-
 // Validate performs preliminary validation on QueryBuilderQuery.
 func (q *QueryBuilderQuery[T]) Validate(opts ...ValidationOption) error {
 	cfg := applyValidationOptions(opts)
@@ -185,11 +177,6 @@ func (q *QueryBuilderQuery[T]) validateGroupBy(cfg validationConfig) error {
 				errors.CodeInvalidInput, "invalid empty key name for group by at index %d", idx,
 			)
 		}
-		if cfg.withTimestampGroupByValidation && item.Name == "timestamp" {
-			return errors.NewInvalidInputf(
-				errors.CodeInvalidInput, "group by on timestamp is not allowed",
-			)
-		}
 	}
 	return nil
 }
@@ -678,9 +665,7 @@ func validateQueryEnvelope(envelope QueryEnvelope, opts ...ValidationOption) err
 
 func GetValidationOptions(requestType RequestType) []ValidationOption {
 	switch requestType {
-	case RequestTypeTimeSeries:
-		return []ValidationOption{WithSkipSelectFieldValidation(), WithTimestampGroupByValidation()}
-	case RequestTypeScalar:
+	case RequestTypeTimeSeries, RequestTypeScalar:
 		return []ValidationOption{WithSkipSelectFieldValidation()}
 	case RequestTypeRaw, RequestTypeRawStream, RequestTypeTrace:
 		return []ValidationOption{WithSkipAggregationValidation(), WithSkipHavingValidation(), WithSkipAggregationOrderBy(), WithSkipGroupByValidation()}

pkg/types/querybuildertypes/querybuildertypesv5/validation_test.go

@@ -695,59 +695,6 @@ func TestQueryRangeRequest_ValidateCompositeQuery(t *testing.T) {
 			wantErr: true,
 			errMsg:  "raw request type is not supported for metric queries",
 		},
-		{
-			name: "timeseries request with group by timestamp should return error",
-			request: QueryRangeRequest{
-				Start:       1640995200000,
-				End:         1640998800000,
-				RequestType: RequestTypeTimeSeries,
-				CompositeQuery: CompositeQuery{
-					Queries: []QueryEnvelope{
-						{
-							Type: QueryTypeBuilder,
-							Spec: QueryBuilderQuery[LogAggregation]{
-								Name:   "A",
-								Signal: telemetrytypes.SignalLogs,
-								Aggregations: []LogAggregation{
-									{Expression: "count()"},
-								},
-								GroupBy: []GroupByKey{
-									{TelemetryFieldKey: telemetrytypes.TelemetryFieldKey{Name: "timestamp"}},
-								},
-							},
-						},
-					},
-				},
-			},
-			wantErr: true,
-			errMsg:  "group by on timestamp is not allowed",
-		},
-		{
-			name: "scalar request with group by timestamp should pass",
-			request: QueryRangeRequest{
-				Start:       1640995200000,
-				End:         1640998800000,
-				RequestType: RequestTypeScalar,
-				CompositeQuery: CompositeQuery{
-					Queries: []QueryEnvelope{
-						{
-							Type: QueryTypeBuilder,
-							Spec: QueryBuilderQuery[LogAggregation]{
-								Name:   "A",
-								Signal: telemetrytypes.SignalLogs,
-								Aggregations: []LogAggregation{
-									{Expression: "count()"},
-								},
-								GroupBy: []GroupByKey{
-									{TelemetryFieldKey: telemetrytypes.TelemetryFieldKey{Name: "timestamp"}},
-								},
-							},
-						},
-					},
-				},
-			},
-			wantErr: false,
-		},
 		{
 			name: "raw request with log query without aggregations should pass",
 			request: QueryRangeRequest{

pkg/types/ruletypes/evaluation.go

@@ -250,20 +250,17 @@ type EvaluationEnvelope struct {
 
 // evaluationRolling is the OpenAPI schema for an EvaluationEnvelope with kind=rolling.
 type evaluationRolling struct {
-	Kind EvaluationKind `json:"kind" description:"The kind of evaluation." required:"true"`
-	Spec RollingWindow  `json:"spec" description:"The rolling window evaluation specification." required:"true"`
+	Kind EvaluationKind `json:"kind" description:"The kind of evaluation."`
+	Spec RollingWindow  `json:"spec" description:"The rolling window evaluation specification."`
 }
 
 // evaluationCumulative is the OpenAPI schema for an EvaluationEnvelope with kind=cumulative.
 type evaluationCumulative struct {
-	Kind EvaluationKind   `json:"kind" description:"The kind of evaluation." required:"true"`
-	Spec CumulativeWindow `json:"spec" description:"The cumulative window evaluation specification." required:"true"`
+	Kind EvaluationKind   `json:"kind" description:"The kind of evaluation."`
+	Spec CumulativeWindow `json:"spec" description:"The cumulative window evaluation specification."`
 }
 
-var (
-	_ jsonschema.OneOfExposer = EvaluationEnvelope{}
-	_ jsonschema.Preparer     = EvaluationEnvelope{}
-)
+var _ jsonschema.OneOfExposer = EvaluationEnvelope{}
 
 // JSONSchemaOneOf returns the oneOf variants for the EvaluationEnvelope discriminated union.
 // Each variant represents a different evaluation kind with its corresponding spec schema.
@@ -274,22 +271,6 @@ func (EvaluationEnvelope) JSONSchemaOneOf() []any {
 	}
 }
 
-func (EvaluationEnvelope) PrepareJSONSchema(schema *jsonschema.Schema) error {
-	if schema.ExtraProperties == nil {
-		schema.ExtraProperties = map[string]any{}
-	}
-
-	schema.ExtraProperties["x-signoz-discriminator"] = map[string]any{
-		"propertyName": "kind",
-		"mapping": map[string]string{
-			"rolling":    "#/components/schemas/RuletypesEvaluationRolling",
-			"cumulative": "#/components/schemas/RuletypesEvaluationCumulative",
-		},
-	}
-
-	return nil
-}
-
 func (e *EvaluationEnvelope) UnmarshalJSON(data []byte) error {
 	var raw map[string]json.RawMessage
 	if err := json.Unmarshal(data, &raw); err != nil {

pkg/types/ruletypes/threshold.go

@@ -36,14 +36,11 @@ type RuleThresholdData struct {
 
 // thresholdBasic is the OpenAPI schema for a RuleThresholdData with kind=basic.
 type thresholdBasic struct {
-	Kind ThresholdKind       `json:"kind" description:"The kind of threshold." required:"true"`
-	Spec BasicRuleThresholds `json:"spec" description:"The basic threshold specification (array of thresholds)." required:"true"`
+	Kind ThresholdKind       `json:"kind" description:"The kind of threshold."`
+	Spec BasicRuleThresholds `json:"spec" description:"The basic threshold specification (array of thresholds)."`
 }
 
-var (
-	_ jsonschema.OneOfExposer = RuleThresholdData{}
-	_ jsonschema.Preparer     = RuleThresholdData{}
-)
+var _ jsonschema.OneOfExposer = RuleThresholdData{}
 
 // JSONSchemaOneOf returns the oneOf variants for the RuleThresholdData discriminated union.
 // Each variant represents a different threshold kind with its corresponding spec schema.
@@ -53,24 +50,6 @@ func (RuleThresholdData) JSONSchemaOneOf() []any {
 	}
 }
 
-// PrepareJSONSchema marks the schema with x-signoz-discriminator;
-// signoz.attachDiscriminators promotes it to a real OpenAPI 3
-// discriminator after reflection.
-func (RuleThresholdData) PrepareJSONSchema(schema *jsonschema.Schema) error {
-	if schema.ExtraProperties == nil {
-		schema.ExtraProperties = map[string]any{}
-	}
-
-	schema.ExtraProperties["x-signoz-discriminator"] = map[string]any{
-		"propertyName": "kind",
-		"mapping": map[string]string{
-			"basic": "#/components/schemas/RuletypesThresholdBasic",
-		},
-	}
-
-	return nil
-}
-
 func (r *RuleThresholdData) UnmarshalJSON(data []byte) error {
 	var raw map[string]json.RawMessage
 	if err := json.Unmarshal(data, &raw); err != nil {