chore: remove explicit URL decoding that causes crashes on K8s parameters

chore: fixed all failing sites where double decoding is happening in infra monitoring
feat(authz): update openapi spec (#10382 )
2026-02-21 16:13:37 +00:00 · 2026-02-21 11:21:37 +05:30 · 2026-02-21 11:07:50 +05:30 · 2026-02-20 17:06:33 +00:00 · 2026-02-20 22:12:24 +05:30 · 2026-02-20 19:30:09 +05:30
79 changed files with 1504 additions and 2925 deletions
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
@@ -92,6 +92,19 @@ components:
        tokenType:
          type: string
      type: object
+    AuthtypesGettableTransaction:
+      properties:
+        authorized:
+          type: boolean
+        object:
+          $ref: '#/components/schemas/AuthtypesObject'
+        relation:
+          type: string
+      required:
+      - relation
+      - object
+      - authorized
+      type: object
    AuthtypesGoogleConfig:
      properties:
        allowedGroups:
@@ -117,6 +130,8 @@ components:
        serviceAccountJson:
          type: string
      type: object
+    AuthtypesName:
+      type: object
    AuthtypesOIDCConfig:
      properties:
        claimMapping:
@@ -134,6 +149,16 @@ components:
        issuerAlias:
          type: string
      type: object
+    AuthtypesObject:
+      properties:
+        resource:
+          $ref: '#/components/schemas/AuthtypesResource'
+        selector:
+          $ref: '#/components/schemas/AuthtypesSelector'
+      required:
+      - resource
+      - selector
+      type: object
    AuthtypesOrgSessionContext:
      properties:
        authNSupport:
@@ -171,6 +196,16 @@ components:
        refreshToken:
          type: string
      type: object
+    AuthtypesResource:
+      properties:
+        name:
+          $ref: '#/components/schemas/AuthtypesName'
+        type:
+          type: string
+      required:
+      - name
+      - type
+      type: object
    AuthtypesRoleMapping:
      properties:
        defaultRole:
@@ -196,6 +231,8 @@ components:
        samlIdp:
          type: string
      type: object
+    AuthtypesSelector:
+      type: object
    AuthtypesSessionContext:
      properties:
        exists:
@@ -206,6 +243,18 @@ components:
          nullable: true
          type: array
      type: object
+    AuthtypesTransaction:
+      properties:
+        id:
+          type: string
+        object:
+          $ref: '#/components/schemas/AuthtypesObject'
+        relation:
+          type: string
+      required:
+      - relation
+      - object
+      type: object
    AuthtypesUpdateableAuthDomain:
      properties:
        config:
@@ -749,14 +798,6 @@ components:
      - temporality
      - isMonotonic
      type: object
-    MetrictypesComparisonSpaceAggregationParam:
-      properties:
-        operator:
-          type: string
-        threshold:
-          format: double
-          type: number
-      type: object
    MetrictypesSpaceAggregation:
      enum:
      - sum
@@ -769,7 +810,6 @@ components:
      - p90
      - p95
      - p99
-      - histogram_count
      type: string
    MetrictypesTemporality:
      enum:
@@ -1054,8 +1094,6 @@ components:
      type: object
    Querybuildertypesv5MetricAggregation:
      properties:
-        comparisonSpaceAggregationParam:
-          $ref: '#/components/schemas/MetrictypesComparisonSpaceAggregationParam'
        metricName:
          type: string
        reduceTo:
@@ -1624,6 +1662,56 @@ components:
        status:
          type: string
      type: object
+    RoletypesGettableResources:
+      properties:
+        relations:
+          additionalProperties:
+            items:
+              type: string
+            type: array
+          nullable: true
+          type: object
+        resources:
+          items:
+            $ref: '#/components/schemas/AuthtypesResource'
+          nullable: true
+          type: array
+      required:
+      - resources
+      - relations
+      type: object
+    RoletypesPatchableObjects:
+      properties:
+        additions:
+          items:
+            $ref: '#/components/schemas/AuthtypesObject'
+          nullable: true
+          type: array
+        deletions:
+          items:
+            $ref: '#/components/schemas/AuthtypesObject'
+          nullable: true
+          type: array
+      required:
+      - additions
+      - deletions
+      type: object
+    RoletypesPatchableRole:
+      properties:
+        description:
+          type: string
+      required:
+      - description
+      type: object
+    RoletypesPostableRole:
+      properties:
+        description:
+          type: string
+        name:
+          type: string
+      required:
+      - name
+      type: object
    RoletypesRole:
      properties:
        createdAt:
@@ -1642,6 +1730,11 @@ components:
        updatedAt:
          format: date-time
          type: string
+      required:
+      - name
+      - description
+      - type
+      - orgId
      type: object
    TelemetrytypesFieldContext:
      enum:
@@ -2033,6 +2126,41 @@ info:
  version: ""
 openapi: 3.0.3
 paths:
+  /api/v1/authz/check:
+    post:
+      deprecated: false
+      description: Checks if the authenticated user has permissions for given transactions
+      operationId: AuthzCheck
+      requestBody:
+        content:
+          application/json:
+            schema:
+              items:
+                $ref: '#/components/schemas/AuthtypesTransaction'
+              type: array
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    items:
+                      $ref: '#/components/schemas/AuthtypesGettableTransaction'
+                    type: array
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      summary: Check permissions
+      tags:
+      - authz
  /api/v1/changePassword/{id}:
    post:
      deprecated: false
@@ -3862,6 +3990,11 @@ paths:
      deprecated: false
      description: This endpoint creates a role
      operationId: CreateRole
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RoletypesPostableRole'
      responses:
        "201":
          content:
@@ -3874,6 +4007,12 @@ paths:
                    type: string
                type: object
          description: Created
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
        "401":
          content:
            application/json:
@@ -3886,12 +4025,30 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
+        "409":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Conflict
+        "451":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unavailable For Legal Reasons
        "500":
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Internal Server Error
+        "501":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Implemented
      security:
      - api_key:
        - ADMIN
@@ -3930,12 +4087,30 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "451":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unavailable For Legal Reasons
        "500":
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Internal Server Error
+        "501":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Implemented
      security:
      - api_key:
        - ADMIN
@@ -4002,6 +4177,11 @@ paths:
        required: true
        schema:
          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RoletypesPatchableRole'
      responses:
        "204":
          content:
@@ -4021,6 +4201,220 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "451":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unavailable For Legal Reasons
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+        "501":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Implemented
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Patch role
+      tags:
+      - role
+  /api/v1/roles/{id}/relation/{relation}/objects:
+    get:
+      deprecated: false
+      description: Gets all objects connected to the specified role via a given relation
+        type
+      operationId: GetObjects
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      - in: path
+        name: relation
+        required: true
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    items:
+                      $ref: '#/components/schemas/AuthtypesObject'
+                    type: array
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "451":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unavailable For Legal Reasons
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+        "501":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Implemented
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Get objects for a role by relation
+      tags:
+      - role
+    patch:
+      deprecated: false
+      description: Patches the objects connected to the specified role via a given
+        relation type
+      operationId: PatchObjects
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      - in: path
+        name: relation
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RoletypesPatchableObjects'
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "451":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unavailable For Legal Reasons
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+        "501":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Implemented
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Patch objects for a role by relation
+      tags:
+      - role
+  /api/v1/roles/resources:
+    get:
+      deprecated: false
+      description: Gets all the available resources for role assignment
+      operationId: GetResources
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/RoletypesGettableResources'
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
        "500":
          content:
            application/json:
@@ -4032,7 +4426,7 @@ paths:
        - ADMIN
      - tokenizer:
        - ADMIN
-      summary: Patch role
+      summary: Get resources
      tags:
      - role
  /api/v1/user:
--- a/ee/authz/openfgaauthz/provider.go
+++ b/ee/authz/openfgaauthz/provider.go
@@ -62,10 +62,6 @@ func (provider *provider) Stop(ctx context.Context) error {
 	return provider.openfgaServer.Stop(ctx)
 }

-func (provider *provider) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return provider.openfgaServer.Check(ctx, tuple)
-}
-
 func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
 	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
 }
@@ -74,8 +70,8 @@ func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Contex
 	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
 }

-func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return provider.openfgaServer.BatchCheck(ctx, tuples)
+func (provider *provider) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
+	return provider.openfgaServer.BatchCheck(ctx, tupleReq)
 }

 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
@@ -187,6 +183,11 @@ func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource
 }

 func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
 	storableRole, err := provider.store.Get(ctx, orgID, id)
 	if err != nil {
 		return nil, err
@@ -198,7 +199,7 @@ func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id
 			resourceObjects, err := provider.
 				ListObjects(
 					ctx,
-					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
+					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.Name, orgID, &authtypes.RelationAssignee),
 					relation,
 					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
 				)
--- a/ee/authz/openfgaserver/server.go
+++ b/ee/authz/openfgaserver/server.go
@@ -2,8 +2,10 @@ package openfgaserver

 import (
 	"context"
+	"strconv"

 	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
@@ -28,27 +30,34 @@ func (server *Server) Stop(ctx context.Context) error {
 	return server.pkgAuthzService.Stop(ctx)
 }

-func (server *Server) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return server.pkgAuthzService.Check(ctx, tuple)
-}
-
 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
 	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
 	if err != nil {
 		return err
 	}

-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
+	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	err = server.BatchCheck(ctx, tuples)
+	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
+	for idx, tuple := range tupleSlice {
+		tuples[strconv.Itoa(idx)] = tuple
+	}
+
+	response, err := server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	return nil
+	for _, resp := range response {
+		if resp.Authorized {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
 }

 func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
@@ -57,21 +66,32 @@ func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, o
 		return err
 	}

-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
+	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	err = server.BatchCheck(ctx, tuples)
+	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
+	for idx, tuple := range tupleSlice {
+		tuples[strconv.Itoa(idx)] = tuple
+	}
+
+	response, err := server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	return nil
+	for _, resp := range response {
+		if resp.Authorized {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
 }

-func (server *Server) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return server.pkgAuthzService.BatchCheck(ctx, tuples)
+func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
+	return server.pkgAuthzService.BatchCheck(ctx, tupleReq)
 }

 func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
--- a/ee/modules/dashboard/impldashboard/module.go
+++ b/ee/modules/dashboard/impldashboard/module.go
@@ -220,6 +220,7 @@ func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.T
 	return map[string][]*authtypes.Transaction{
 		roletypes.SigNozAnonymousRoleName: {
 			{
+				ID:       valuer.GenerateUUID(),
 				Relation: authtypes.RelationRead,
 				Object: *authtypes.MustNewObject(
 					authtypes.Resource{
--- a/ee/query-service/app/api/api.go
+++ b/ee/query-service/app/api/api.go
@@ -2,11 +2,9 @@ package api

 import (
 	"net/http"
-	"net/http/httputil"
 	"time"

 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
-	"github.com/SigNoz/signoz/ee/query-service/integrations/gateway"
 	"github.com/SigNoz/signoz/ee/query-service/usage"
 	"github.com/SigNoz/signoz/pkg/alertmanager"
 	"github.com/SigNoz/signoz/pkg/global"
@@ -31,7 +29,6 @@ type APIHandlerOptions struct {
 	IntegrationsController        *integrations.Controller
 	CloudIntegrationsController   *cloudintegrations.Controller
 	LogsParsingPipelineController *logparsingpipeline.LogParsingPipelineController
-	Gateway                       *httputil.ReverseProxy
 	GatewayUrl                    string
 	// Querier Influx Interval
 	FluxInterval time.Duration
@@ -77,10 +74,6 @@ func (ah *APIHandler) UM() *usage.Manager {
 	return ah.opts.UsageManager
 }

-func (ah *APIHandler) Gateway() *httputil.ReverseProxy {
-	return ah.opts.Gateway
-}
-
 // RegisterRoutes registers routes for this handler on the given router
 func (ah *APIHandler) RegisterRoutes(router *mux.Router, am *middleware.AuthZ) {
 	// note: add ee override methods first
@@ -103,9 +96,6 @@ func (ah *APIHandler) RegisterRoutes(router *mux.Router, am *middleware.AuthZ) {
 	// v4
 	router.HandleFunc("/api/v4/query_range", am.ViewAccess(ah.queryRangeV4)).Methods(http.MethodPost)

-	// Gateway
-	router.PathPrefix(gateway.RoutePrefix).HandlerFunc(am.EditAccess(ah.ServeGatewayHTTP))
-
 	ah.APIHandler.RegisterRoutes(router, am)

 }
--- a/ee/query-service/app/api/gateway.go
+++ b/ee/query-service/app/api/gateway.go
@@ -1,58 +0,0 @@
-package api
-
-import (
-	"net/http"
-	"strings"
-
-	"github.com/SigNoz/signoz/ee/query-service/integrations/gateway"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-func (ah *APIHandler) ServeGatewayHTTP(rw http.ResponseWriter, req *http.Request) {
-	ctx := req.Context()
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	orgID, err := valuer.NewUUID(claims.OrgID)
-	if err != nil {
-		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "orgId is invalid"))
-		return
-	}
-
-	validPath := false
-	for _, allowedPrefix := range gateway.AllowedPrefix {
-		if strings.HasPrefix(req.URL.Path, gateway.RoutePrefix+allowedPrefix) {
-			validPath = true
-			break
-		}
-	}
-
-	if !validPath {
-		rw.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	license, err := ah.Signoz.Licensing.GetActive(ctx, orgID)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	//Create headers
-	var licenseKey string
-	if license != nil {
-		licenseKey = license.Key
-	}
-
-	req.Header.Set("X-Signoz-Cloud-Api-Key", licenseKey)
-	req.Header.Set("X-Consumer-Username", "lid:00000000-0000-0000-0000-000000000000")
-	req.Header.Set("X-Consumer-Groups", "ns:default")
-
-	ah.Gateway().ServeHTTP(rw, req)
-}
--- a/ee/query-service/app/server.go
+++ b/ee/query-service/app/server.go
@@ -19,7 +19,6 @@ import (
 	"github.com/gorilla/handlers"

 	"github.com/SigNoz/signoz/ee/query-service/app/api"
-	"github.com/SigNoz/signoz/ee/query-service/integrations/gateway"
 	"github.com/SigNoz/signoz/ee/query-service/rules"
 	"github.com/SigNoz/signoz/ee/query-service/usage"
 	"github.com/SigNoz/signoz/pkg/alertmanager"
@@ -72,11 +71,6 @@ type Server struct {

 // NewServer creates and initializes Server
 func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
-	gatewayProxy, err := gateway.NewProxy(config.Gateway.URL.String(), gateway.RoutePrefix)
-	if err != nil {
-		return nil, err
-	}
-
 	cacheForTraceDetail, err := memorycache.New(context.TODO(), signoz.Instrumentation.ToProviderSettings(), cache.Config{
 		Provider: "memory",
 		Memory: cache.Memory{
@@ -170,7 +164,6 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 		CloudIntegrationsController:   cloudIntegrationsController,
 		LogsParsingPipelineController: logParsingPipelineController,
 		FluxInterval:                  config.Querier.FluxInterval,
-		Gateway:                       gatewayProxy,
 		GatewayUrl:                    config.Gateway.URL.String(),
 		GlobalConfig:                  config.Global,
 	}
--- a/ee/query-service/integrations/gateway/noop.go
+++ b/ee/query-service/integrations/gateway/noop.go
@@ -1,9 +0,0 @@
-package gateway
-
-import (
-	"net/http/httputil"
-)
-
-func NewNoopProxy() (*httputil.ReverseProxy, error) {
-	return &httputil.ReverseProxy{}, nil
-}
--- a/ee/query-service/integrations/gateway/proxy.go
+++ b/ee/query-service/integrations/gateway/proxy.go
@@ -1,66 +0,0 @@
-package gateway
-
-import (
-	"net/http"
-	"net/http/httputil"
-	"net/url"
-	"path"
-	"strings"
-)
-
-var (
-	RoutePrefix   string   = "/api/gateway"
-	AllowedPrefix []string = []string{"/v1/workspaces/me", "/v2/profiles/me", "/v2/deployments/me"}
-)
-
-type proxy struct {
-	url       *url.URL
-	stripPath string
-}
-
-func NewProxy(u string, stripPath string) (*httputil.ReverseProxy, error) {
-	url, err := url.Parse(u)
-	if err != nil {
-		return nil, err
-	}
-
-	proxy := &proxy{url: url, stripPath: stripPath}
-
-	return &httputil.ReverseProxy{
-		Rewrite:        proxy.rewrite,
-		ModifyResponse: proxy.modifyResponse,
-		ErrorHandler:   proxy.errorHandler,
-	}, nil
-}
-
-func (p *proxy) rewrite(pr *httputil.ProxyRequest) {
-	pr.SetURL(p.url)
-	pr.SetXForwarded()
-	pr.Out.URL.Path = cleanPath(strings.ReplaceAll(pr.Out.URL.Path, p.stripPath, ""))
-}
-
-func (p *proxy) modifyResponse(res *http.Response) error {
-	return nil
-}
-
-func (p *proxy) errorHandler(rw http.ResponseWriter, req *http.Request, err error) {
-	rw.WriteHeader(http.StatusBadGateway)
-}
-
-func cleanPath(p string) string {
-	if p == "" {
-		return "/"
-	}
-	if p[0] != '/' {
-		p = "/" + p
-	}
-	np := path.Clean(p)
-	if p[len(p)-1] == '/' && np != "/" {
-		if len(p) == len(np)+1 && strings.HasPrefix(p, np) {
-			np = p
-		} else {
-			np += "/"
-		}
-	}
-	return np
-}
--- a/ee/query-service/integrations/gateway/proxy_test.go
+++ b/ee/query-service/integrations/gateway/proxy_test.go
@@ -1,61 +0,0 @@
-package gateway
-
-import (
-	"context"
-	"net/http"
-	"net/http/httputil"
-	"net/url"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestProxyRewrite(t *testing.T) {
-	testCases := []struct {
-		name      string
-		url       *url.URL
-		stripPath string
-		in        *url.URL
-		expected  *url.URL
-	}{
-		{
-			name:      "SamePathAdded",
-			url:       &url.URL{Scheme: "http", Host: "backend", Path: "/path1"},
-			stripPath: "/strip",
-			in:        &url.URL{Scheme: "http", Host: "localhost", Path: "/strip/path1"},
-			expected:  &url.URL{Scheme: "http", Host: "backend", Path: "/path1/path1"},
-		},
-		{
-			name:      "NoStripPathInput",
-			url:       &url.URL{Scheme: "http", Host: "backend"},
-			stripPath: "",
-			in:        &url.URL{Scheme: "http", Host: "localhost", Path: "/strip/path1"},
-			expected:  &url.URL{Scheme: "http", Host: "backend", Path: "/strip/path1"},
-		},
-		{
-			name:      "NoStripPathPresentInReq",
-			url:       &url.URL{Scheme: "http", Host: "backend"},
-			stripPath: "/not-found",
-			in:        &url.URL{Scheme: "http", Host: "localhost", Path: "/strip/path1"},
-			expected:  &url.URL{Scheme: "http", Host: "backend", Path: "/strip/path1"},
-		},
-	}
-
-	for _, tc := range testCases {
-		proxy, err := NewProxy(tc.url.String(), tc.stripPath)
-		require.NoError(t, err)
-		inReq, err := http.NewRequest(http.MethodGet, tc.in.String(), nil)
-		require.NoError(t, err)
-		proxyReq := &httputil.ProxyRequest{
-			In:  inReq,
-			Out: inReq.Clone(context.Background()),
-		}
-		proxy.Rewrite(proxyReq)
-
-		assert.Equal(t, tc.expected.Host, proxyReq.Out.URL.Host)
-		assert.Equal(t, tc.expected.Scheme, proxyReq.Out.URL.Scheme)
-		assert.Equal(t, tc.expected.Path, proxyReq.Out.URL.Path)
-		assert.Equal(t, tc.expected.Query(), proxyReq.Out.URL.Query())
-	}
-}
--- a/frontend/src/api/IngestionKeys/createIngestionKey.ts
+++ b/frontend/src/api/IngestionKeys/createIngestionKey.ts
@@ -1,29 +0,0 @@
-import { GatewayApiV1Instance } from 'api';
-import { ErrorResponseHandler } from 'api/ErrorResponseHandler';
-import { AxiosError } from 'axios';
-import { ErrorResponse, SuccessResponse } from 'types/api';
-import {
-	CreateIngestionKeyProps,
-	IngestionKeyProps,
-} from 'types/api/ingestionKeys/types';
-
-const createIngestionKey = async (
-	props: CreateIngestionKeyProps,
-): Promise<SuccessResponse<IngestionKeyProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.post('/workspaces/me/keys', {
-			...props,
-		});
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		return ErrorResponseHandler(error as AxiosError);
-	}
-};
-
-export default createIngestionKey;
--- a/frontend/src/api/IngestionKeys/deleteIngestionKey.ts
+++ b/frontend/src/api/IngestionKeys/deleteIngestionKey.ts
@@ -1,26 +0,0 @@
-import { GatewayApiV1Instance } from 'api';
-import { ErrorResponseHandler } from 'api/ErrorResponseHandler';
-import { AxiosError } from 'axios';
-import { ErrorResponse, SuccessResponse } from 'types/api';
-import { AllIngestionKeyProps } from 'types/api/ingestionKeys/types';
-
-const deleteIngestionKey = async (
-	id: string,
-): Promise<SuccessResponse<AllIngestionKeyProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.delete(
-			`/workspaces/me/keys/${id}`,
-		);
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		return ErrorResponseHandler(error as AxiosError);
-	}
-};
-
-export default deleteIngestionKey;
--- a/frontend/src/api/IngestionKeys/getAllIngestionKeys.ts
+++ b/frontend/src/api/IngestionKeys/getAllIngestionKeys.ts
@@ -1,21 +0,0 @@
-import { GatewayApiV1Instance } from 'api';
-import { AxiosResponse } from 'axios';
-import {
-	AllIngestionKeyProps,
-	GetIngestionKeyProps,
-} from 'types/api/ingestionKeys/types';
-
-export const getAllIngestionKeys = (
-	props: GetIngestionKeyProps,
-): Promise<AxiosResponse<AllIngestionKeyProps>> => {
-	// eslint-disable-next-line @typescript-eslint/naming-convention
-	const { search, per_page, page } = props;
-
-	const BASE_URL = '/workspaces/me/keys';
-	const URL_QUERY_PARAMS =
-		search && search.length > 0
-			? `/search?name=${search}&page=1&per_page=100`
-			: `?page=${page}&per_page=${per_page}`;
-
-	return GatewayApiV1Instance.get(`${BASE_URL}${URL_QUERY_PARAMS}`);
-};
--- a/frontend/src/api/IngestionKeys/limits/createLimitsForKey.ts
+++ b/frontend/src/api/IngestionKeys/limits/createLimitsForKey.ts
@@ -1,65 +0,0 @@
-/* eslint-disable @typescript-eslint/no-throw-literal */
-import { GatewayApiV1Instance } from 'api';
-import axios from 'axios';
-import {
-	AddLimitProps,
-	LimitSuccessProps,
-} from 'types/api/ingestionKeys/limits/types';
-
-interface SuccessResponse<T> {
-	statusCode: number;
-	error: null;
-	message: string;
-	payload: T;
-}
-
-interface ErrorResponse {
-	statusCode: number;
-	error: string;
-	message: string;
-	payload: null;
-}
-
-const createLimitForIngestionKey = async (
-	props: AddLimitProps,
-): Promise<SuccessResponse<LimitSuccessProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.post(
-			`/workspaces/me/keys/${props.keyID}/limits`,
-			{
-				...props,
-			},
-		);
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		if (axios.isAxiosError(error)) {
-			// Axios error
-			const errResponse: ErrorResponse = {
-				statusCode: error.response?.status || 500,
-				error: error.response?.data?.error,
-				message: error.response?.data?.status || 'An error occurred',
-				payload: null,
-			};
-
-			throw errResponse;
-		} else {
-			// Non-Axios error
-			const errResponse: ErrorResponse = {
-				statusCode: 500,
-				error: 'Unknown error',
-				message: 'An unknown error occurred',
-				payload: null,
-			};
-
-			throw errResponse;
-		}
-	}
-};
-
-export default createLimitForIngestionKey;
--- a/frontend/src/api/IngestionKeys/limits/deleteLimitsForIngestionKey.ts
+++ b/frontend/src/api/IngestionKeys/limits/deleteLimitsForIngestionKey.ts
@@ -1,26 +0,0 @@
-import { GatewayApiV1Instance } from 'api';
-import { ErrorResponseHandler } from 'api/ErrorResponseHandler';
-import { AxiosError } from 'axios';
-import { ErrorResponse, SuccessResponse } from 'types/api';
-import { AllIngestionKeyProps } from 'types/api/ingestionKeys/types';
-
-const deleteLimitsForIngestionKey = async (
-	id: string,
-): Promise<SuccessResponse<AllIngestionKeyProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.delete(
-			`/workspaces/me/limits/${id}`,
-		);
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		return ErrorResponseHandler(error as AxiosError);
-	}
-};
-
-export default deleteLimitsForIngestionKey;
--- a/frontend/src/api/IngestionKeys/limits/updateLimitsForIngestionKey.ts
+++ b/frontend/src/api/IngestionKeys/limits/updateLimitsForIngestionKey.ts
@@ -1,65 +0,0 @@
-/* eslint-disable @typescript-eslint/no-throw-literal */
-import { GatewayApiV1Instance } from 'api';
-import axios from 'axios';
-import {
-	LimitSuccessProps,
-	UpdateLimitProps,
-} from 'types/api/ingestionKeys/limits/types';
-
-interface SuccessResponse<T> {
-	statusCode: number;
-	error: null;
-	message: string;
-	payload: T;
-}
-
-interface ErrorResponse {
-	statusCode: number;
-	error: string;
-	message: string;
-	payload: null;
-}
-
-const updateLimitForIngestionKey = async (
-	props: UpdateLimitProps,
-): Promise<SuccessResponse<LimitSuccessProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.patch(
-			`/workspaces/me/limits/${props.limitID}`,
-			{
-				config: props.config,
-			},
-		);
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		if (axios.isAxiosError(error)) {
-			// Axios error
-			const errResponse: ErrorResponse = {
-				statusCode: error.response?.status || 500,
-				error: error.response?.data?.error,
-				message: error.response?.data?.status || 'An error occurred',
-				payload: null,
-			};
-
-			throw errResponse;
-		} else {
-			// Non-Axios error
-			const errResponse: ErrorResponse = {
-				statusCode: 500,
-				error: 'Unknown error',
-				message: 'An unknown error occurred',
-				payload: null,
-			};
-
-			throw errResponse;
-		}
-	}
-};
-
-export default updateLimitForIngestionKey;
--- a/frontend/src/api/IngestionKeys/updateIngestionKey.ts
+++ b/frontend/src/api/IngestionKeys/updateIngestionKey.ts
@@ -1,32 +0,0 @@
-import { GatewayApiV1Instance } from 'api';
-import { ErrorResponseHandler } from 'api/ErrorResponseHandler';
-import { AxiosError } from 'axios';
-import { ErrorResponse, SuccessResponse } from 'types/api';
-import {
-	IngestionKeysPayloadProps,
-	UpdateIngestionKeyProps,
-} from 'types/api/ingestionKeys/types';
-
-const updateIngestionKey = async (
-	props: UpdateIngestionKeyProps,
-): Promise<SuccessResponse<IngestionKeysPayloadProps> | ErrorResponse> => {
-	try {
-		const response = await GatewayApiV1Instance.patch(
-			`/workspaces/me/keys/${props.id}`,
-			{
-				...props.data,
-			},
-		);
-
-		return {
-			statusCode: 200,
-			error: null,
-			message: response.data.status,
-			payload: response.data.data,
-		};
-	} catch (error) {
-		return ErrorResponseHandler(error as AxiosError);
-	}
-};
-
-export default updateIngestionKey;
--- a/frontend/src/api/apiV1.ts
+++ b/frontend/src/api/apiV1.ts
@@ -4,8 +4,6 @@ export const apiV2 = '/api/v2/';
 export const apiV3 = '/api/v3/';
 export const apiV4 = '/api/v4/';
 export const apiV5 = '/api/v5/';
-export const gatewayApiV1 = '/api/gateway/v1/';
-export const gatewayApiV2 = '/api/gateway/v2/';
 export const apiAlertManager = '/api/alertmanager/';

 export default apiV1;
--- a/frontend/src/api/generated/services/authz/index.ts
+++ b/frontend/src/api/generated/services/authz/index.ts
@@ -0,0 +1,107 @@
+/**
+ * ! Do not edit manually
+ * * The file has been auto-generated using Orval for SigNoz
+ * * regenerate with 'yarn generate:api'
+ * SigNoz
+ */
+import type {
+	MutationFunction,
+	UseMutationOptions,
+	UseMutationResult,
+} from 'react-query';
+import { useMutation } from 'react-query';
+
+import { GeneratedAPIInstance } from '../../../index';
+import type {
+	AuthtypesTransactionDTO,
+	AuthzCheck200,
+	RenderErrorResponseDTO,
+} from '../sigNoz.schemas';
+
+type AwaitedInput<T> = PromiseLike<T> | T;
+
+type Awaited<O> = O extends AwaitedInput<infer T> ? T : never;
+
+/**
+ * Checks if the authenticated user has permissions for given transactions
+ * @summary Check permissions
+ */
+export const authzCheck = (
+	authtypesTransactionDTO: AuthtypesTransactionDTO[],
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<AuthzCheck200>({
+		url: `/api/v1/authz/check`,
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		data: authtypesTransactionDTO,
+		signal,
+	});
+};
+
+export const getAuthzCheckMutationOptions = <
+	TError = RenderErrorResponseDTO,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof authzCheck>>,
+		TError,
+		{ data: AuthtypesTransactionDTO[] },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof authzCheck>>,
+	TError,
+	{ data: AuthtypesTransactionDTO[] },
+	TContext
+> => {
+	const mutationKey = ['authzCheck'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof authzCheck>>,
+		{ data: AuthtypesTransactionDTO[] }
+	> = (props) => {
+		const { data } = props ?? {};
+
+		return authzCheck(data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type AuthzCheckMutationResult = NonNullable<
+	Awaited<ReturnType<typeof authzCheck>>
+>;
+export type AuthzCheckMutationBody = AuthtypesTransactionDTO[];
+export type AuthzCheckMutationError = RenderErrorResponseDTO;
+
+/**
+ * @summary Check permissions
+ */
+export const useAuthzCheck = <
+	TError = RenderErrorResponseDTO,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof authzCheck>>,
+		TError,
+		{ data: AuthtypesTransactionDTO[] },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof authzCheck>>,
+	TError,
+	{ data: AuthtypesTransactionDTO[] },
+	TContext
+> => {
+	const mutationOptions = getAuthzCheckMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
--- a/frontend/src/api/generated/services/role/index.ts
+++ b/frontend/src/api/generated/services/role/index.ts
@@ -21,11 +21,18 @@ import { GeneratedAPIInstance } from '../../../index';
 import type {
 	CreateRole201,
 	DeleteRolePathParameters,
+	GetObjects200,
+	GetObjectsPathParameters,
+	GetResources200,
 	GetRole200,
 	GetRolePathParameters,
 	ListRoles200,
+	PatchObjectsPathParameters,
 	PatchRolePathParameters,
 	RenderErrorResponseDTO,
+	RoletypesPatchableObjectsDTO,
+	RoletypesPatchableRoleDTO,
+	RoletypesPostableRoleDTO,
 } from '../sigNoz.schemas';

 type AwaitedInput<T> = PromiseLike<T> | T;
@@ -114,10 +121,15 @@ export const invalidateListRoles = async (
 * This endpoint creates a role
 * @summary Create role
 */
-export const createRole = (signal?: AbortSignal) => {
+export const createRole = (
+	roletypesPostableRoleDTO: RoletypesPostableRoleDTO,
+	signal?: AbortSignal,
+) => {
 	return GeneratedAPIInstance<CreateRole201>({
 		url: `/api/v1/roles`,
 		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		data: roletypesPostableRoleDTO,
 		signal,
 	});
 };
@@ -129,13 +141,13 @@ export const getCreateRoleMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		void,
+		{ data: RoletypesPostableRoleDTO },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	void,
+	{ data: RoletypesPostableRoleDTO },
 	TContext
 > => {
 	const mutationKey = ['createRole'];
@@ -149,9 +161,11 @@ export const getCreateRoleMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createRole>>,
-		void
-	> = () => {
-		return createRole();
+		{ data: RoletypesPostableRoleDTO }
+	> = (props) => {
+		const { data } = props ?? {};
+
+		return createRole(data);
 	};

 	return { mutationFn, ...mutationOptions };
@@ -160,7 +174,7 @@ export const getCreateRoleMutationOptions = <
 export type CreateRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createRole>>
 >;
-
+export type CreateRoleMutationBody = RoletypesPostableRoleDTO;
 export type CreateRoleMutationError = RenderErrorResponseDTO;

 /**
@@ -173,13 +187,13 @@ export const useCreateRole = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		void,
+		{ data: RoletypesPostableRoleDTO },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	void,
+	{ data: RoletypesPostableRoleDTO },
 	TContext
 > => {
 	const mutationOptions = getCreateRoleMutationOptions(options);
@@ -358,10 +372,15 @@ export const invalidateGetRole = async (
 * This endpoint patches a role
 * @summary Patch role
 */
-export const patchRole = ({ id }: PatchRolePathParameters) => {
+export const patchRole = (
+	{ id }: PatchRolePathParameters,
+	roletypesPatchableRoleDTO: RoletypesPatchableRoleDTO,
+) => {
 	return GeneratedAPIInstance<string>({
 		url: `/api/v1/roles/${id}`,
 		method: 'PATCH',
+		headers: { 'Content-Type': 'application/json' },
+		data: roletypesPatchableRoleDTO,
 	});
 };

@@ -372,13 +391,13 @@ export const getPatchRoleMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof patchRole>>,
 		TError,
-		{ pathParams: PatchRolePathParameters },
+		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof patchRole>>,
 	TError,
-	{ pathParams: PatchRolePathParameters },
+	{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
 	TContext
 > => {
 	const mutationKey = ['patchRole'];
@@ -392,11 +411,11 @@ export const getPatchRoleMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof patchRole>>,
-		{ pathParams: PatchRolePathParameters }
+		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO }
 	> = (props) => {
-		const { pathParams } = props ?? {};
+		const { pathParams, data } = props ?? {};

-		return patchRole(pathParams);
+		return patchRole(pathParams, data);
 	};

 	return { mutationFn, ...mutationOptions };
@@ -405,7 +424,7 @@ export const getPatchRoleMutationOptions = <
 export type PatchRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof patchRole>>
 >;
-
+export type PatchRoleMutationBody = RoletypesPatchableRoleDTO;
 export type PatchRoleMutationError = RenderErrorResponseDTO;

 /**
@@ -418,16 +437,292 @@ export const usePatchRole = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof patchRole>>,
 		TError,
-		{ pathParams: PatchRolePathParameters },
+		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof patchRole>>,
 	TError,
-	{ pathParams: PatchRolePathParameters },
+	{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
 	TContext
 > => {
 	const mutationOptions = getPatchRoleMutationOptions(options);

 	return useMutation(mutationOptions);
 };
+/**
+ * Gets all objects connected to the specified role via a given relation type
+ * @summary Get objects for a role by relation
+ */
+export const getObjects = (
+	{ id, relation }: GetObjectsPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<GetObjects200>({
+		url: `/api/v1/roles/${id}/relation/${relation}/objects`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getGetObjectsQueryKey = ({
+	id,
+	relation,
+}: GetObjectsPathParameters) => {
+	return ['getObjects'] as const;
+};
+
+export const getGetObjectsQueryOptions = <
+	TData = Awaited<ReturnType<typeof getObjects>>,
+	TError = RenderErrorResponseDTO
+>(
+	{ id, relation }: GetObjectsPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getObjects>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey =
+		queryOptions?.queryKey ?? getGetObjectsQueryKey({ id, relation });
+
+	const queryFn: QueryFunction<Awaited<ReturnType<typeof getObjects>>> = ({
+		signal,
+	}) => getObjects({ id, relation }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!(id && relation),
+		...queryOptions,
+	} as UseQueryOptions<Awaited<ReturnType<typeof getObjects>>, TError, TData> & {
+		queryKey: QueryKey;
+	};
+};
+
+export type GetObjectsQueryResult = NonNullable<
+	Awaited<ReturnType<typeof getObjects>>
+>;
+export type GetObjectsQueryError = RenderErrorResponseDTO;
+
+/**
+ * @summary Get objects for a role by relation
+ */
+
+export function useGetObjects<
+	TData = Awaited<ReturnType<typeof getObjects>>,
+	TError = RenderErrorResponseDTO
+>(
+	{ id, relation }: GetObjectsPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getObjects>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getGetObjectsQueryOptions({ id, relation }, options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Get objects for a role by relation
+ */
+export const invalidateGetObjects = async (
+	queryClient: QueryClient,
+	{ id, relation }: GetObjectsPathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getGetObjectsQueryKey({ id, relation }) },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * Patches the objects connected to the specified role via a given relation type
+ * @summary Patch objects for a role by relation
+ */
+export const patchObjects = (
+	{ id, relation }: PatchObjectsPathParameters,
+	roletypesPatchableObjectsDTO: RoletypesPatchableObjectsDTO,
+) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/roles/${id}/relation/${relation}/objects`,
+		method: 'PATCH',
+		headers: { 'Content-Type': 'application/json' },
+		data: roletypesPatchableObjectsDTO,
+	});
+};
+
+export const getPatchObjectsMutationOptions = <
+	TError = RenderErrorResponseDTO,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof patchObjects>>,
+		TError,
+		{
+			pathParams: PatchObjectsPathParameters;
+			data: RoletypesPatchableObjectsDTO;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof patchObjects>>,
+	TError,
+	{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO },
+	TContext
+> => {
+	const mutationKey = ['patchObjects'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof patchObjects>>,
+		{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO }
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return patchObjects(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type PatchObjectsMutationResult = NonNullable<
+	Awaited<ReturnType<typeof patchObjects>>
+>;
+export type PatchObjectsMutationBody = RoletypesPatchableObjectsDTO;
+export type PatchObjectsMutationError = RenderErrorResponseDTO;
+
+/**
+ * @summary Patch objects for a role by relation
+ */
+export const usePatchObjects = <
+	TError = RenderErrorResponseDTO,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof patchObjects>>,
+		TError,
+		{
+			pathParams: PatchObjectsPathParameters;
+			data: RoletypesPatchableObjectsDTO;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof patchObjects>>,
+	TError,
+	{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO },
+	TContext
+> => {
+	const mutationOptions = getPatchObjectsMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * Gets all the available resources for role assignment
+ * @summary Get resources
+ */
+export const getResources = (signal?: AbortSignal) => {
+	return GeneratedAPIInstance<GetResources200>({
+		url: `/api/v1/roles/resources`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getGetResourcesQueryKey = () => {
+	return ['getResources'] as const;
+};
+
+export const getGetResourcesQueryOptions = <
+	TData = Awaited<ReturnType<typeof getResources>>,
+	TError = RenderErrorResponseDTO
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof getResources>>,
+		TError,
+		TData
+	>;
+}) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey = queryOptions?.queryKey ?? getGetResourcesQueryKey();
+
+	const queryFn: QueryFunction<Awaited<ReturnType<typeof getResources>>> = ({
+		signal,
+	}) => getResources(signal);
+
+	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+		Awaited<ReturnType<typeof getResources>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type GetResourcesQueryResult = NonNullable<
+	Awaited<ReturnType<typeof getResources>>
+>;
+export type GetResourcesQueryError = RenderErrorResponseDTO;
+
+/**
+ * @summary Get resources
+ */
+
+export function useGetResources<
+	TData = Awaited<ReturnType<typeof getResources>>,
+	TError = RenderErrorResponseDTO
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof getResources>>,
+		TError,
+		TData
+	>;
+}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getGetResourcesQueryOptions(options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Get resources
+ */
+export const invalidateGetResources = async (
+	queryClient: QueryClient,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getGetResourcesQueryKey() },
+		options,
+	);
+
+	return queryClient;
+};
--- a/frontend/src/api/generated/services/sigNoz.schemas.ts
+++ b/frontend/src/api/generated/services/sigNoz.schemas.ts
@@ -127,6 +127,18 @@ export interface AuthtypesGettableTokenDTO {
 	tokenType?: string;
 }

+export interface AuthtypesGettableTransactionDTO {
+	/**
+	 * @type boolean
+	 */
+	authorized: boolean;
+	object: AuthtypesObjectDTO;
+	/**
+	 * @type string
+	 */
+	relation: string;
+}
+
 export type AuthtypesGoogleConfigDTODomainToAdminEmail = {
 	[key: string]: string;
 };
@@ -170,6 +182,10 @@ export interface AuthtypesGoogleConfigDTO {
 	serviceAccountJson?: string;
 }

+export interface AuthtypesNameDTO {
+	[key: string]: unknown;
+}
+
 export interface AuthtypesOIDCConfigDTO {
 	claimMapping?: AuthtypesAttributeMappingDTO;
 	/**
@@ -198,6 +214,11 @@ export interface AuthtypesOIDCConfigDTO {
 	issuerAlias?: string;
 }

+export interface AuthtypesObjectDTO {
+	resource: AuthtypesResourceDTO;
+	selector: AuthtypesSelectorDTO;
+}
+
 export interface AuthtypesOrgSessionContextDTO {
 	authNSupport?: AuthtypesAuthNSupportDTO;
 	/**
@@ -248,6 +269,14 @@ export interface AuthtypesPostableRotateTokenDTO {
 	refreshToken?: string;
 }

+export interface AuthtypesResourceDTO {
+	name: AuthtypesNameDTO;
+	/**
+	 * @type string
+	 */
+	type: string;
+}
+
 /**
 * @nullable
 */
@@ -291,6 +320,10 @@ export interface AuthtypesSamlConfigDTO {
 	samlIdp?: string;
 }

+export interface AuthtypesSelectorDTO {
+	[key: string]: unknown;
+}
+
 export interface AuthtypesSessionContextDTO {
 	/**
 	 * @type boolean
@@ -303,6 +336,18 @@ export interface AuthtypesSessionContextDTO {
 	orgs?: AuthtypesOrgSessionContextDTO[] | null;
 }

+export interface AuthtypesTransactionDTO {
+	/**
+	 * @type string
+	 */
+	id?: string;
+	object: AuthtypesObjectDTO;
+	/**
+	 * @type string
+	 */
+	relation: string;
+}
+
 export interface AuthtypesUpdateableAuthDomainDTO {
 	config?: AuthtypesAuthDomainConfigDTO;
 }
@@ -927,18 +972,6 @@ export interface MetricsexplorertypesUpdateMetricMetadataRequestDTO {
 	unit: string;
 }

-export interface MetrictypesComparisonSpaceAggregationParamDTO {
-	/**
-	 * @type string
-	 */
-	operator?: string;
-	/**
-	 * @type number
-	 * @format double
-	 */
-	threshold?: number;
-}
-
 export enum MetrictypesSpaceAggregationDTO {
 	sum = 'sum',
 	avg = 'avg',
@@ -950,7 +983,6 @@ export enum MetrictypesSpaceAggregationDTO {
 	p90 = 'p90',
 	p95 = 'p95',
 	p99 = 'p99',
-	histogram_count = 'histogram_count',
 }
 export enum MetrictypesTemporalityDTO {
 	delta = 'delta',
@@ -1301,7 +1333,6 @@ export interface Querybuildertypesv5LogAggregationDTO {
 }

 export interface Querybuildertypesv5MetricAggregationDTO {
-	comparisonSpaceAggregationParam?: MetrictypesComparisonSpaceAggregationParamDTO;
 	/**
 	 * @type string
 	 */
@@ -1961,6 +1992,57 @@ export interface RenderErrorResponseDTO {
 	status?: string;
 }

+/**
+ * @nullable
+ */
+export type RoletypesGettableResourcesDTORelations = {
+	[key: string]: string[];
+} | null;
+
+export interface RoletypesGettableResourcesDTO {
+	/**
+	 * @type object
+	 * @nullable true
+	 */
+	relations: RoletypesGettableResourcesDTORelations;
+	/**
+	 * @type array
+	 * @nullable true
+	 */
+	resources: AuthtypesResourceDTO[] | null;
+}
+
+export interface RoletypesPatchableObjectsDTO {
+	/**
+	 * @type array
+	 * @nullable true
+	 */
+	additions: AuthtypesObjectDTO[] | null;
+	/**
+	 * @type array
+	 * @nullable true
+	 */
+	deletions: AuthtypesObjectDTO[] | null;
+}
+
+export interface RoletypesPatchableRoleDTO {
+	/**
+	 * @type string
+	 */
+	description: string;
+}
+
+export interface RoletypesPostableRoleDTO {
+	/**
+	 * @type string
+	 */
+	description?: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+}
+
 export interface RoletypesRoleDTO {
 	/**
 	 * @type string
@@ -1970,7 +2052,7 @@ export interface RoletypesRoleDTO {
 	/**
 	 * @type string
 	 */
-	description?: string;
+	description: string;
 	/**
 	 * @type string
 	 */
@@ -1978,15 +2060,15 @@ export interface RoletypesRoleDTO {
 	/**
 	 * @type string
 	 */
-	name?: string;
+	name: string;
 	/**
 	 * @type string
 	 */
-	orgId?: string;
+	orgId: string;
 	/**
 	 * @type string
 	 */
-	type?: string;
+	type: string;
 	/**
 	 * @type string
 	 * @format date-time
@@ -2513,6 +2595,17 @@ export interface ZeustypesPostableProfileDTO {
 	where_did_you_discover_signoz: string;
 }

+export type AuthzCheck200 = {
+	/**
+	 * @type array
+	 */
+	data?: AuthtypesGettableTransactionDTO[];
+	/**
+	 * @type string
+	 */
+	status?: string;
+};
+
 export type ChangePasswordPathParameters = {
 	id: string;
 };
@@ -2916,6 +3009,33 @@ export type GetRole200 = {
 export type PatchRolePathParameters = {
 	id: string;
 };
+export type GetObjectsPathParameters = {
+	id: string;
+	relation: string;
+};
+export type GetObjects200 = {
+	/**
+	 * @type array
+	 */
+	data?: AuthtypesObjectDTO[];
+	/**
+	 * @type string
+	 */
+	status?: string;
+};
+
+export type PatchObjectsPathParameters = {
+	id: string;
+	relation: string;
+};
+export type GetResources200 = {
+	data?: RoletypesGettableResourcesDTO;
+	/**
+	 * @type string
+	 */
+	status?: string;
+};
+
 export type ListUsers200 = {
 	/**
 	 * @type array
--- a/frontend/src/api/index.ts
+++ b/frontend/src/api/index.ts
@@ -15,15 +15,7 @@ import { Events } from 'constants/events';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import { eventEmitter } from 'utils/getEventEmitter';

-import apiV1, {
-	apiAlertManager,
-	apiV2,
-	apiV3,
-	apiV4,
-	apiV5,
-	gatewayApiV1,
-	gatewayApiV2,
-} from './apiV1';
+import apiV1, { apiAlertManager, apiV2, apiV3, apiV4, apiV5 } from './apiV1';
 import { Logout } from './utils';

 const RESPONSE_TIMEOUT_THRESHOLD = 5000; // 5 seconds
@@ -211,24 +203,6 @@ LogEventAxiosInstance.interceptors.response.use(
 LogEventAxiosInstance.interceptors.request.use(interceptorsRequestResponse);
 //

-// gateway Api V1
-export const GatewayApiV1Instance = axios.create({
-	baseURL: `${ENVIRONMENT.baseURL}${gatewayApiV1}`,
-});
-
-GatewayApiV1Instance.interceptors.response.use(
-	interceptorsResponse,
-	interceptorRejected,
-);
-
-GatewayApiV1Instance.interceptors.request.use(interceptorsRequestResponse);
-//
-
-// gateway Api V2
-export const GatewayApiV2Instance = axios.create({
-	baseURL: `${ENVIRONMENT.baseURL}${gatewayApiV2}`,
-});
-
 // generated API Instance
 export const GeneratedAPIInstance = axios.create({
 	baseURL: ENVIRONMENT.baseURL,
@@ -240,14 +214,6 @@ GeneratedAPIInstance.interceptors.response.use(
 	interceptorRejected,
 );

-GatewayApiV2Instance.interceptors.response.use(
-	interceptorsResponse,
-	interceptorRejected,
-);
-
-GatewayApiV2Instance.interceptors.request.use(interceptorsRequestResponse);
-//
-
 AxiosAlertManagerInstance.interceptors.response.use(
 	interceptorsResponse,
 	interceptorRejected,
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/AllEndPoints.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/AllEndPoints.tsx
@@ -202,7 +202,7 @@ function AllEndPoints({

 	const onRowClick = useCallback(
 		(props: any): void => {
-			setSelectedEndPointName(props[SPAN_ATTRIBUTES.URL_PATH] as string);
+			setSelectedEndPointName(props[SPAN_ATTRIBUTES.HTTP_URL] as string);
 			setSelectedView(VIEWS.ENDPOINT_STATS);
 			const initialItems = [
 				...(filters?.items || []),
@@ -213,7 +213,7 @@ function AllEndPoints({
 				op: 'AND',
 			});
 			setParams({
-				selectedEndPointName: props[SPAN_ATTRIBUTES.URL_PATH] as string,
+				selectedEndPointName: props[SPAN_ATTRIBUTES.HTTP_URL] as string,
 				selectedView: VIEWS.ENDPOINT_STATS,
 				endPointDetailsLocalFilters: {
 					items: initialItems,
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/EndPointDetails.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/EndPointDetails.tsx
@@ -33,7 +33,7 @@ import { SPAN_ATTRIBUTES } from './constants';

 const httpUrlKey = {
 	dataType: DataTypes.String,
-	key: SPAN_ATTRIBUTES.URL_PATH,
+	key: SPAN_ATTRIBUTES.HTTP_URL,
 	type: 'tag',
 };

@@ -93,7 +93,7 @@ function EndPointDetails({
 				return currentFilters; // No change needed, prevents loop
 			}

-			// Rebuild filters: Keep non-http.url filters and add/update http.url filter based on prop
+			// Rebuild filters: Keep non-http_url filters and add/update http_url filter based on prop
 			const otherFilters = currentFilters?.items?.filter(
 				(item) => item.key?.key !== httpUrlKey.key,
 			);
@@ -125,7 +125,7 @@ function EndPointDetails({
 		(newFilters: IBuilderQuery['filters']): void => {
 			// 1. Update local filters state immediately
 			setFilters(newFilters);
-			// Filter out http.url filter before saving to params
+			// Filter out http_url filter before saving to params
 			const filteredNewFilters = {
 				op: 'AND',
 				items:
@@ -299,7 +299,6 @@ function EndPointDetails({
 					endPointStatusCodeLatencyBarChartsDataQuery
 				}
 				domainName={domainName}
-				endPointName={endPointName}
 				filters={filters}
 				timeRange={timeRange}
 				onDragSelect={onDragSelect}
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/TopErrors.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/TopErrors.tsx
@@ -56,15 +56,15 @@ function TopErrors({
 				{
 					items: endPointName
 						? [
-								// Remove any existing http.url filters from initialFilters to avoid duplicates
+								// Remove any existing http_url filters from initialFilters to avoid duplicates
 								...(initialFilters?.items?.filter(
-									(item) => item.key?.key !== SPAN_ATTRIBUTES.URL_PATH,
+									(item) => item.key?.key !== SPAN_ATTRIBUTES.HTTP_URL,
 								) || []),
 								{
 									id: '92b8a1c1',
 									key: {
 										dataType: DataTypes.String,
-										key: SPAN_ATTRIBUTES.URL_PATH,
+										key: SPAN_ATTRIBUTES.HTTP_URL,
 										type: 'tag',
 									},
 									op: '=',
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/DomainMetrics.test.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/DomainMetrics.test.tsx
@@ -9,6 +9,7 @@ import { ENTITY_VERSION_V5 } from 'constants/app';
 import { GetMetricQueryRange } from 'lib/dashboard/getQueryResults';
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';

+import { SPAN_ATTRIBUTES } from '../constants';
 import DomainMetrics from './DomainMetrics';

 // Mock the API call
@@ -126,11 +127,9 @@ describe('DomainMetrics - V5 Query Payload Tests', () => {
 				'count()',
 			);
 			// Verify exact domain filter expression structure
+			expect(queryA.filter.expression).toContain("http_host = '0.0.0.0'");
 			expect(queryA.filter.expression).toContain(
-				"(net.peer.name = '0.0.0.0' OR server.address = '0.0.0.0')",
-			);
-			expect(queryA.filter.expression).toContain(
-				'url.full EXISTS OR http.url EXISTS',
+				`${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);

 			// Verify Query B - p99 latency
@@ -142,17 +141,13 @@ describe('DomainMetrics - V5 Query Payload Tests', () => {
 				'p99(duration_nano)',
 			);
 			// Verify exact domain filter expression structure
-			expect(queryB.filter.expression).toContain(
-				"(net.peer.name = '0.0.0.0' OR server.address = '0.0.0.0')",
-			);
+			expect(queryB.filter.expression).toContain("http_host = '0.0.0.0'");

 			// Verify Query C - error count (disabled)
 			const queryC = queryData.find((q: any) => q.queryName === 'C');
 			expect(queryC).toBeDefined();
 			expect(queryC.disabled).toBe(true);
-			expect(queryC.filter.expression).toContain(
-				"(net.peer.name = '0.0.0.0' OR server.address = '0.0.0.0')",
-			);
+			expect(queryC.filter.expression).toContain("http_host = '0.0.0.0'");
 			expect(queryC.aggregations?.[0]).toBeDefined();
 			expect((queryC.aggregations?.[0] as TraceAggregation)?.expression).toBe(
 				'count()',
@@ -169,9 +164,7 @@ describe('DomainMetrics - V5 Query Payload Tests', () => {
 				'max(timestamp)',
 			);
 			// Verify exact domain filter expression structure
-			expect(queryD.filter.expression).toContain(
-				"(net.peer.name = '0.0.0.0' OR server.address = '0.0.0.0')",
-			);
+			expect(queryD.filter.expression).toContain("http_host = '0.0.0.0'");

 			// Verify Formula F1 - error rate calculation
 			const formulas = payload.query.builder.queryFormulas;
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/EndPointMetrics.test.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/EndPointMetrics.test.tsx
@@ -153,7 +153,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 				// Verify exact domain filter expression structure
 				if (queryA.filter) {
 					expect(queryA.filter.expression).toContain(
-						"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com')",
+						`http_host = 'api.example.com'`,
 					);
 					expect(queryA.filter.expression).toContain("kind_string = 'Client'");
 				}
@@ -171,7 +171,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 				// Verify exact domain filter expression structure
 				if (queryB.filter) {
 					expect(queryB.filter.expression).toContain(
-						"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com')",
+						`http_host = 'api.example.com'`,
 					);
 					expect(queryB.filter.expression).toContain("kind_string = 'Client'");
 				}
@@ -185,7 +185,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 				expect(queryC.aggregateOperator).toBe('count');
 				if (queryC.filter) {
 					expect(queryC.filter.expression).toContain(
-						"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com')",
+						`http_host = 'api.example.com'`,
 					);
 					expect(queryC.filter.expression).toContain("kind_string = 'Client'");
 					expect(queryC.filter.expression).toContain('has_error = true');
@@ -204,7 +204,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 				// Verify exact domain filter expression structure
 				if (queryD.filter) {
 					expect(queryD.filter.expression).toContain(
-						"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com')",
+						`http_host = 'api.example.com'`,
 					);
 					expect(queryD.filter.expression).toContain("kind_string = 'Client'");
 				}
@@ -221,7 +221,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 				}
 				if (queryE.filter) {
 					expect(queryE.filter.expression).toContain(
-						"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com')",
+						`http_host = 'api.example.com'`,
 					);
 					expect(queryE.filter.expression).toContain("kind_string = 'Client'");
 				}
@@ -291,7 +291,7 @@ describe('EndPointMetrics - V5 Query Payload Tests', () => {
 					expect(query.filter.expression).toContain('staging');
 					// Also verify domain filter is still present
 					expect(query.filter.expression).toContain(
-						"(net.peer.name = 'api.internal.com' OR server.address = 'api.internal.com')",
+						"http_host = 'api.internal.com'",
 					);
 					// Verify client kind filter is present
 					expect(query.filter.expression).toContain("kind_string = 'Client'");
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/StatusCodeBarCharts.tsx
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/StatusCodeBarCharts.tsx
@@ -34,7 +34,6 @@ function StatusCodeBarCharts({
 	endPointStatusCodeBarChartsDataQuery,
 	endPointStatusCodeLatencyBarChartsDataQuery,
 	domainName,
-	endPointName,
 	filters,
 	timeRange,
 	onDragSelect,
@@ -48,7 +47,6 @@ function StatusCodeBarCharts({
 		unknown
 	>;
 	domainName: string;
-	endPointName: string;
 	filters: IBuilderQuery['filters'];
 	timeRange: {
 		startTime: number;
@@ -144,11 +142,11 @@ function StatusCodeBarCharts({

 	const widget = useMemo<Widgets>(
 		() =>
-			getStatusCodeBarChartWidgetData(domainName, endPointName, {
+			getStatusCodeBarChartWidgetData(domainName, {
 				items: [...(filters?.items || [])],
 				op: filters?.op || 'AND',
 			}),
-		[domainName, endPointName, filters],
+		[domainName, filters],
 	);

 	const graphClickHandler = useCallback(
@@ -166,6 +164,7 @@ function StatusCodeBarCharts({
 				xValue,
 				TWO_AND_HALF_MINUTES_IN_MILLISECONDS,
 			);
+
 			handleGraphClick({
 				xValue,
 				yValue,
--- a/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/constants.ts
+++ b/frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/constants.ts
@@ -12,7 +12,7 @@ export const VIEW_TYPES = {

 // Span attribute keys - these are the source of truth for all attribute keys
 export const SPAN_ATTRIBUTES = {
-	URL_PATH: 'http.url',
+	HTTP_URL: 'http_url',
 	RESPONSE_STATUS_CODE: 'response_status_code',
 	SERVER_NAME: 'http_host',
 	SERVER_PORT: 'net.peer.port',
--- a/frontend/src/container/ApiMonitoring/tests/APIMonitoringUtils.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/APIMonitoringUtils.test.tsx
@@ -280,7 +280,7 @@ describe('API Monitoring Utils', () => {
 			const endpointFilter = result?.items?.find(
 				(item) =>
 					item.key &&
-					item.key.key === SPAN_ATTRIBUTES.URL_PATH &&
+					item.key.key === SPAN_ATTRIBUTES.HTTP_URL &&
 					item.value === endPointName,
 			);
 			expect(endpointFilter).toBeDefined();
@@ -344,13 +344,12 @@ describe('API Monitoring Utils', () => {
 	describe('getFormattedEndPointDropDownData', () => {
 		it('should format endpoint dropdown data correctly', () => {
 			// Arrange
-			const URL_PATH_KEY = SPAN_ATTRIBUTES.URL_PATH;
+			const URL_PATH_KEY = SPAN_ATTRIBUTES.HTTP_URL;
 			const mockData = [
 				{
 					data: {
 						// eslint-disable-next-line sonarjs/no-duplicate-string
 						[URL_PATH_KEY]: '/api/users',
-						'url.full': 'http://example.com/api/users',
 						A: 150, // count or other metric
 					},
 				},
@@ -358,7 +357,6 @@ describe('API Monitoring Utils', () => {
 					data: {
 						// eslint-disable-next-line sonarjs/no-duplicate-string
 						[URL_PATH_KEY]: '/api/orders',
-						'url.full': 'http://example.com/api/orders',
 						A: 75,
 					},
 				},
@@ -406,7 +404,7 @@ describe('API Monitoring Utils', () => {

 		it('should handle items without URL path', () => {
 			// Arrange
-			const URL_PATH_KEY = SPAN_ATTRIBUTES.URL_PATH;
+			const URL_PATH_KEY = SPAN_ATTRIBUTES.HTTP_URL;
 			type MockDataType = {
 				data: {
 					[key: string]: string | number;
@@ -712,13 +710,11 @@ describe('API Monitoring Utils', () => {
 		it('should generate widget configuration for status code bar chart', () => {
 			// Arrange
 			const domainName = 'test-domain';
-			const endPointName = '/api/test';
 			const filters = { items: [], op: 'AND' };

 			// Act
 			const result = getStatusCodeBarChartWidgetData(
 				domainName,
-				endPointName,
 				filters as IBuilderQuery['filters'],
 			);

@@ -741,21 +737,11 @@ describe('API Monitoring Utils', () => {
 			if (domainFilter) {
 				expect(domainFilter.value).toBe(domainName);
 			}
-
-			// Should have endpoint filter if provided
-			const endpointFilter = queryData.filters?.items?.find(
-				(item) => item.key && item.key.key === SPAN_ATTRIBUTES.URL_PATH,
-			);
-			expect(endpointFilter).toBeDefined();
-			if (endpointFilter) {
-				expect(endpointFilter.value).toBe(endPointName);
-			}
 		});

 		it('should include custom filters in the widget configuration', () => {
 			// Arrange
 			const domainName = 'test-domain';
-			const endPointName = '/api/test';
 			const customFilter = {
 				id: 'custom-filter',
 				key: {
@@ -771,7 +757,6 @@ describe('API Monitoring Utils', () => {
 			// Act
 			const result = getStatusCodeBarChartWidgetData(
 				domainName,
-				endPointName,
 				filters as IBuilderQuery['filters'],
 			);

--- a/frontend/src/container/ApiMonitoring/tests/AllEndPoints.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/AllEndPoints.test.tsx
@@ -25,7 +25,7 @@ jest.mock('container/GridCardLayout/GridCard', () => ({
 				type="button"
 				data-testid="row-click-button"
 				onClick={(): void =>
-					customOnRowClick({ [SPAN_ATTRIBUTES.URL_PATH]: '/api/test' })
+					customOnRowClick({ [SPAN_ATTRIBUTES.HTTP_URL]: '/api/test' })
 				}
 			>
 				Click Row
--- a/frontend/src/container/ApiMonitoring/tests/AllEndpointsWidgetV5Migration.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/AllEndpointsWidgetV5Migration.test.tsx
@@ -6,10 +6,10 @@
 * These tests validate the migration from V4 to V5 format for getAllEndpointsWidgetData:
 * - Filter format change: filters.items[] → filter.expression
 * - Aggregation format: aggregateAttribute → aggregations[] array
- * - Domain filter: (net.peer.name OR server.address)
+ * - Domain filter: http_host = '${domainName}'
 * - Kind filter: kind_string = 'Client'
 * - Four queries: A (count), B (p99 latency), C (max timestamp), D (error count - disabled)
- * - GroupBy: Both http.url AND url.full with type 'attribute'
+ * - GroupBy: http_url with type 'attribute'
 */
 import { getAllEndpointsWidgetData } from 'container/ApiMonitoring/utils';
 import {
@@ -18,6 +18,8 @@ import {
 } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';

+import { SPAN_ATTRIBUTES } from '../Explorer/Domains/DomainDetails/constants';
+
 describe('AllEndpointsWidget - V5 Migration Validation', () => {
 	const mockDomainName = 'api.example.com';
 	const emptyFilters: IBuilderQuery['filters'] = {
@@ -92,28 +94,28 @@ describe('AllEndpointsWidget - V5 Migration Validation', () => {

 			const [queryA, queryB, queryC, queryD] = widget.query.builder.queryData;

-			const baseExpression = `(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}') AND kind_string = 'Client'`;
+			const baseExpression = `http_host = '${mockDomainName}' AND kind_string = 'Client'`;

 			// Queries A, B, C have identical base filter
 			expect(queryA.filter?.expression).toBe(
-				`${baseExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+				`${baseExpression} AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);
 			expect(queryB.filter?.expression).toBe(
-				`${baseExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+				`${baseExpression} AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);
 			expect(queryC.filter?.expression).toBe(
-				`${baseExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+				`${baseExpression} AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);

 			// Query D has additional has_error filter
 			expect(queryD.filter?.expression).toBe(
-				`${baseExpression} AND has_error = true AND (http.url EXISTS OR url.full EXISTS)`,
+				`${baseExpression} AND has_error = true AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);
 		});
 	});

 	describe('2. GroupBy Structure', () => {
-		it('default groupBy includes both http.url and url.full with type attribute', () => {
+		it(`default groupBy includes ${SPAN_ATTRIBUTES.HTTP_URL} with type attribute`, () => {
 			const widget = getAllEndpointsWidgetData(
 				emptyGroupBy,
 				mockDomainName,
@@ -124,23 +126,13 @@ describe('AllEndpointsWidget - V5 Migration Validation', () => {

 			// All queries should have the same default groupBy
 			queryData.forEach((query) => {
-				expect(query.groupBy).toHaveLength(2);
+				expect(query.groupBy).toHaveLength(1);

-				// http.url
 				expect(query.groupBy).toContainEqual({
 					dataType: DataTypes.String,
 					isColumn: false,
 					isJSON: false,
-					key: 'http.url',
-					type: 'attribute',
-				});
-
-				// url.full
-				expect(query.groupBy).toContainEqual({
-					dataType: DataTypes.String,
-					isColumn: false,
-					isJSON: false,
-					key: 'url.full',
+					key: SPAN_ATTRIBUTES.HTTP_URL,
 					type: 'attribute',
 				});
 			});
@@ -170,19 +162,18 @@ describe('AllEndpointsWidget - V5 Migration Validation', () => {

 			// All queries should have defaults + custom groupBy
 			queryData.forEach((query) => {
-				expect(query.groupBy).toHaveLength(4); // 2 defaults + 2 custom
+				expect(query.groupBy).toHaveLength(3); // 1 default + 2 custom

-				// First two should be defaults (http.url, url.full)
-				expect(query.groupBy[0].key).toBe('http.url');
-				expect(query.groupBy[1].key).toBe('url.full');
+				// First two should be defaults (http_url)
+				expect(query.groupBy[0].key).toBe(SPAN_ATTRIBUTES.HTTP_URL);

 				// Last two should be custom (matching subset of properties)
-				expect(query.groupBy[2]).toMatchObject({
+				expect(query.groupBy[1]).toMatchObject({
 					dataType: DataTypes.String,
 					key: 'service.name',
 					type: 'resource',
 				});
-				expect(query.groupBy[3]).toMatchObject({
+				expect(query.groupBy[2]).toMatchObject({
 					dataType: DataTypes.String,
 					key: 'deployment.environment',
 					type: 'resource',
--- a/frontend/src/container/ApiMonitoring/tests/EndPointDetails.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/EndPointDetails.test.tsx
@@ -258,7 +258,7 @@ describe('EndPointDetails Component', () => {
 			expect.objectContaining({
 				items: expect.arrayContaining([
 					expect.objectContaining({
-						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.URL_PATH }),
+						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.HTTP_URL }),
 						value: '/api/test',
 					}),
 				]),
@@ -278,7 +278,7 @@ describe('EndPointDetails Component', () => {
 			expect.objectContaining({
 				items: expect.arrayContaining([
 					expect.objectContaining({
-						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.URL_PATH }),
+						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.HTTP_URL }),
 						value: '/api/test',
 					}),
 				]),
@@ -360,7 +360,7 @@ describe('EndPointDetails Component', () => {
 			expect.objectContaining({
 				items: expect.arrayContaining([
 					expect.objectContaining({
-						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.URL_PATH }),
+						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.HTTP_URL }),
 						value: '/api/test',
 					}),
 				]),
@@ -373,7 +373,7 @@ describe('EndPointDetails Component', () => {
 			expect.objectContaining({
 				items: expect.arrayContaining([
 					expect.objectContaining({
-						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.URL_PATH }),
+						key: expect.objectContaining({ key: SPAN_ATTRIBUTES.HTTP_URL }),
 						value: '/api/test',
 					}),
 				]),
--- a/frontend/src/container/ApiMonitoring/tests/EndPointsDropDown.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/EndPointsDropDown.test.tsx
@@ -191,7 +191,7 @@ describe('EndPointsDropDown Component', () => {

 	it('formats data using the utility function', () => {
 		const mockRows = [
-			{ data: { [SPAN_ATTRIBUTES.URL_PATH]: '/api/test', A: 10 } },
+			{ data: { [SPAN_ATTRIBUTES.HTTP_URL]: '/api/test', A: 10 } },
 		];

 		const dataProps = {
--- a/frontend/src/container/ApiMonitoring/tests/EndpointDropdownV5Migration.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/EndpointDropdownV5Migration.test.tsx
@@ -6,15 +6,18 @@
 * These tests validate the migration from V4 to V5 format for the third payload
 * in getEndPointDetailsQueryPayload (endpoint dropdown data):
 * - Filter format change: filters.items[] → filter.expression
- * - Domain handling: (net.peer.name OR server.address)
+ * - Domain handling: http_host = '${domainName}'
 * - Kind filter: kind_string = 'Client'
- * - Existence check: (http.url EXISTS OR url.full EXISTS)
+ * - Existence check: http_url EXISTS
 * - Aggregation: count() expression
- * - GroupBy: Both http.url AND url.full with type 'attribute'
+ * - GroupBy: http_url with type 'attribute'
 */
 import { getEndPointDetailsQueryPayload } from 'container/ApiMonitoring/utils';
+import { DataTypes } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';

+import { SPAN_ATTRIBUTES } from '../Explorer/Domains/DomainDetails/constants';
+
 describe('EndpointDropdown - V5 Migration Validation', () => {
 	const mockDomainName = 'api.example.com';
 	const mockStartTime = 1000;
@@ -43,9 +46,9 @@ describe('EndpointDropdown - V5 Migration Validation', () => {
 			expect(typeof queryA.filter?.expression).toBe('string');
 			expect(queryA).not.toHaveProperty('filters');

-			// Base filter 1: Domain (net.peer.name OR server.address)
+			// Base filter 1: Domain http_host = '${domainName}'
 			expect(queryA.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Base filter 2: Kind
@@ -53,7 +56,7 @@ describe('EndpointDropdown - V5 Migration Validation', () => {

 			// Base filter 3: Existence check
 			expect(queryA.filter?.expression).toContain(
-				'(http.url EXISTS OR url.full EXISTS)',
+				`${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 			);

 			// V5 Aggregation format: aggregations array (not aggregateAttribute)
@@ -64,16 +67,11 @@ describe('EndpointDropdown - V5 Migration Validation', () => {
 			});
 			expect(queryA).not.toHaveProperty('aggregateAttribute');

-			// GroupBy: Both http.url and url.full
-			expect(queryA.groupBy).toHaveLength(2);
+			// GroupBy: http_url
+			expect(queryA.groupBy).toHaveLength(1);
 			expect(queryA.groupBy).toContainEqual({
-				key: 'http.url',
-				dataType: 'string',
-				type: 'attribute',
-			});
-			expect(queryA.groupBy).toContainEqual({
-				key: 'url.full',
-				dataType: 'string',
+				key: SPAN_ATTRIBUTES.HTTP_URL,
+				dataType: DataTypes.String,
 				type: 'attribute',
 			});
 		});
@@ -120,53 +118,7 @@ describe('EndpointDropdown - V5 Migration Validation', () => {

 			// Exact filter expression with custom filters merged
 			expect(expression).toBe(
-				"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com') AND kind_string = 'Client' AND (http.url EXISTS OR url.full EXISTS) service.name = 'user-service' AND deployment.environment = 'production'",
-			);
-		});
-	});
-
-	describe('3. HTTP URL Filter Special Handling', () => {
-		it('converts http.url filter to (http.url OR url.full) expression', () => {
-			const filtersWithHttpUrl: IBuilderQuery['filters'] = {
-				items: [
-					{
-						id: 'http-url-filter',
-						key: {
-							key: 'http.url',
-							dataType: 'string' as any,
-							type: 'tag',
-						},
-						op: '=',
-						value: '/api/users',
-					},
-					{
-						id: 'service-filter',
-						key: {
-							key: 'service.name',
-							dataType: 'string' as any,
-							type: 'resource',
-						},
-						op: '=',
-						value: 'user-service',
-					},
-				],
-				op: 'AND',
-			};
-
-			const payload = getEndPointDetailsQueryPayload(
-				mockDomainName,
-				mockStartTime,
-				mockEndTime,
-				filtersWithHttpUrl,
-			);
-
-			const dropdownQuery = payload[2];
-			const expression =
-				dropdownQuery.query.builder.queryData[0].filter?.expression;
-
-			// CRITICAL: Exact filter expression with http.url converted to OR logic
-			expect(expression).toBe(
-				"(net.peer.name = 'api.example.com' OR server.address = 'api.example.com') AND kind_string = 'Client' AND (http.url EXISTS OR url.full EXISTS) service.name = 'user-service' AND (http.url = '/api/users' OR url.full = '/api/users')",
+				`${SPAN_ATTRIBUTES.SERVER_NAME} = 'api.example.com' AND kind_string = 'Client' AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS service.name = 'user-service' AND deployment.environment = 'production'`,
 			);
 		});
 	});
--- a/frontend/src/container/ApiMonitoring/tests/MetricOverTimeV5Migration.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/MetricOverTimeV5Migration.test.tsx
@@ -33,7 +33,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {
 			expect(queryData).not.toHaveProperty('filters.items');
 		});

-		it('uses new domain filter format: (net.peer.name OR server.address)', () => {
+		it('uses new domain filter format: (http_host)', () => {
 			const widget = getRateOverTimeWidgetData(
 				mockDomainName,
 				mockEndpointName,
@@ -44,7 +44,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {

 			// Verify EXACT new filter format with OR operator
 			expect(queryData?.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Endpoint name is used in legend, not filter
@@ -90,7 +90,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {

 			// Verify domain filter is present
 			expect(queryData?.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Verify custom filters are merged into the expression
@@ -120,7 +120,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {
 			expect(queryData).not.toHaveProperty('filters.items');
 		});

-		it('uses new domain filter format: (net.peer.name OR server.address)', () => {
+		it('uses new domain filter format: (http_host)', () => {
 			const widget = getLatencyOverTimeWidgetData(
 				mockDomainName,
 				mockEndpointName,
@@ -132,7 +132,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {
 			// Verify EXACT new filter format with OR operator
 			expect(queryData.filter).toBeDefined();
 			expect(queryData?.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Endpoint name is used in legend, not filter
@@ -166,7 +166,7 @@ describe('MetricOverTime - V5 Migration Validation', () => {

 			// Verify domain filter is present
 			expect(queryData?.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}') service.name = 'user-service'`,
+				`http_host = '${mockDomainName}' service.name = 'user-service'`,
 			);
 		});
 	});
--- a/frontend/src/container/ApiMonitoring/tests/StatusCodeBarCharts.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/StatusCodeBarCharts.test.tsx
@@ -142,7 +142,6 @@ describe('StatusCodeBarCharts', () => {
 		endTime: 1609545600000,
 	};
 	const mockDomainName = 'test-domain';
-	const mockEndPointName = '/api/test';
 	const onDragSelectMock = jest.fn();
 	const refetchFn = jest.fn();

@@ -232,7 +231,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockFilters}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -268,7 +266,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockFilters}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -311,7 +308,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockFilters}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -356,7 +352,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockFilters}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -404,7 +399,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockFilters}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -419,7 +413,6 @@ describe('StatusCodeBarCharts', () => {
 		// but we've confirmed the function is mocked and ready to be tested
 		expect(getStatusCodeBarChartWidgetData).toHaveBeenCalledWith(
 			mockDomainName,
-			mockEndPointName,
 			expect.objectContaining({
 				items: [],
 				op: 'AND',
@@ -467,7 +460,6 @@ describe('StatusCodeBarCharts', () => {
 				endPointStatusCodeBarChartsDataQuery={mockStatusCodeQuery as any}
 				endPointStatusCodeLatencyBarChartsDataQuery={mockLatencyQuery as any}
 				domainName={mockDomainName}
-				endPointName={mockEndPointName}
 				filters={mockCustomFilters as IBuilderQuery['filters']}
 				timeRange={mockTimeRange}
 				onDragSelect={onDragSelectMock}
@@ -477,7 +469,6 @@ describe('StatusCodeBarCharts', () => {
 		// Assert widget creation was called with the correct parameters
 		expect(getStatusCodeBarChartWidgetData).toHaveBeenCalledWith(
 			mockDomainName,
-			mockEndPointName,
 			expect.objectContaining({
 				items: expect.arrayContaining([
 					expect.objectContaining({ id: 'custom-filter' }),
--- a/frontend/src/container/ApiMonitoring/tests/StatusCodeBarChartsV5Migration.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/StatusCodeBarChartsV5Migration.test.tsx
@@ -10,7 +10,7 @@
 *
 * V5 Changes:
 * - Filter format change: filters.items[] → filter.expression
- * - Domain filter: (net.peer.name OR server.address)
+ * - Domain filter: (http_host)
 * - Kind filter: kind_string = 'Client'
 * - stepInterval: 60 → null
 * - Grouped by response_status_code
@@ -47,9 +47,9 @@ describe('StatusCodeBarCharts - V5 Migration Validation', () => {
 			expect(typeof queryA.filter?.expression).toBe('string');
 			expect(queryA).not.toHaveProperty('filters.items');

-			// Base filter 1: Domain (net.peer.name OR server.address)
+			// Base filter 1: Domain (http_host)
 			expect(queryA.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Base filter 2: Kind
@@ -96,9 +96,9 @@ describe('StatusCodeBarCharts - V5 Migration Validation', () => {
 			expect(typeof queryA.filter?.expression).toBe('string');
 			expect(queryA).not.toHaveProperty('filters.items');

-			// Base filter 1: Domain (net.peer.name OR server.address)
+			// Base filter 1: Domain (http_host)
 			expect(queryA.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Base filter 2: Kind
@@ -177,7 +177,7 @@ describe('StatusCodeBarCharts - V5 Migration Validation', () => {
 			expect(callsExpression).toBe(latencyExpression);

 			// Verify base filters
-			expect(callsExpression).toContain('net.peer.name');
+			expect(callsExpression).toContain('http_host');
 			expect(callsExpression).toContain("kind_string = 'Client'");

 			// Verify custom filters are merged
@@ -187,51 +187,4 @@ describe('StatusCodeBarCharts - V5 Migration Validation', () => {
 			expect(callsExpression).toContain('production');
 		});
 	});
-
-	describe('4. HTTP URL Filter Handling', () => {
-		it('converts http.url filter to (http.url OR url.full) expression in both charts', () => {
-			const filtersWithHttpUrl: IBuilderQuery['filters'] = {
-				items: [
-					{
-						id: 'http-url-filter',
-						key: {
-							key: 'http.url',
-							dataType: 'string' as any,
-							type: 'tag',
-						},
-						op: '=',
-						value: '/api/metrics',
-					},
-				],
-				op: 'AND',
-			};
-
-			const payload = getEndPointDetailsQueryPayload(
-				mockDomainName,
-				mockStartTime,
-				mockEndTime,
-				filtersWithHttpUrl,
-			);
-
-			const callsChartQuery = payload[4];
-			const latencyChartQuery = payload[5];
-
-			const callsExpression =
-				callsChartQuery.query.builder.queryData[0].filter?.expression;
-			const latencyExpression =
-				latencyChartQuery.query.builder.queryData[0].filter?.expression;
-
-			// CRITICAL: http.url converted to OR logic
-			expect(callsExpression).toContain(
-				"(http.url = '/api/metrics' OR url.full = '/api/metrics')",
-			);
-			expect(latencyExpression).toContain(
-				"(http.url = '/api/metrics' OR url.full = '/api/metrics')",
-			);
-
-			// Base filters still present
-			expect(callsExpression).toContain('net.peer.name');
-			expect(callsExpression).toContain("kind_string = 'Client'");
-		});
-	});
 });
--- a/frontend/src/container/ApiMonitoring/tests/StatusCodeTableV5Migration.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/StatusCodeTableV5Migration.test.tsx
@@ -6,8 +6,8 @@
 * These tests validate the migration from V4 to V5 format for the second payload
 * in getEndPointDetailsQueryPayload (status code table data):
 * - Filter format change: filters.items[] → filter.expression
- * - URL handling: Special logic for (http.url OR url.full)
- * - Domain filter: (net.peer.name OR server.address)
+ * - URL handling: Special logic for http_url
+ * - Domain filter: http_host = '${domainName}'
 * - Kind filter: kind_string = 'Client'
 * - Kind filter: response_status_code EXISTS
 * - Three queries: A (count), B (p99 latency), C (rate)
@@ -45,9 +45,9 @@ describe('StatusCodeTable - V5 Migration Validation', () => {
 			expect(typeof queryA.filter?.expression).toBe('string');
 			expect(queryA).not.toHaveProperty('filters.items');

-			// Base filter 1: Domain (net.peer.name OR server.address)
+			// Base filter 1: Domain (http_host)
 			expect(queryA.filter?.expression).toContain(
-				`(net.peer.name = '${mockDomainName}' OR server.address = '${mockDomainName}')`,
+				`http_host = '${mockDomainName}'`,
 			);

 			// Base filter 2: Kind
@@ -149,7 +149,7 @@ describe('StatusCodeTable - V5 Migration Validation', () => {
 				statusCodeQuery.query.builder.queryData[0].filter?.expression;

 			// Base filters present
-			expect(expression).toContain('net.peer.name');
+			expect(expression).toContain('http_host');
 			expect(expression).toContain("kind_string = 'Client'");
 			expect(expression).toContain('response_status_code EXISTS');

@@ -165,62 +165,4 @@ describe('StatusCodeTable - V5 Migration Validation', () => {
 			expect(queries[1].filter?.expression).toBe(queries[2].filter?.expression);
 		});
 	});
-
-	describe('4. HTTP URL Filter Handling', () => {
-		it('converts http.url filter to (http.url OR url.full) expression', () => {
-			const filtersWithHttpUrl: IBuilderQuery['filters'] = {
-				items: [
-					{
-						id: 'http-url-filter',
-						key: {
-							key: 'http.url',
-							dataType: 'string' as any,
-							type: 'tag',
-						},
-						op: '=',
-						value: '/api/users',
-					},
-					{
-						id: 'service-filter',
-						key: {
-							key: 'service.name',
-							dataType: 'string' as any,
-							type: 'resource',
-						},
-						op: '=',
-						value: 'user-service',
-					},
-				],
-				op: 'AND',
-			};
-
-			const payload = getEndPointDetailsQueryPayload(
-				mockDomainName,
-				mockStartTime,
-				mockEndTime,
-				filtersWithHttpUrl,
-			);
-
-			const statusCodeQuery = payload[1];
-			const expression =
-				statusCodeQuery.query.builder.queryData[0].filter?.expression;
-
-			// CRITICAL: http.url converted to OR logic
-			expect(expression).toContain(
-				"(http.url = '/api/users' OR url.full = '/api/users')",
-			);
-
-			// Other filters still present
-			expect(expression).toContain('service.name');
-			expect(expression).toContain('user-service');
-
-			// Base filters present
-			expect(expression).toContain('net.peer.name');
-			expect(expression).toContain("kind_string = 'Client'");
-			expect(expression).toContain('response_status_code EXISTS');
-
-			// All ANDed together (at least 2 ANDs: domain+kind, custom filter, url condition)
-			expect(expression?.match(/AND/g)?.length).toBeGreaterThanOrEqual(2);
-		});
-	});
 });
--- a/frontend/src/container/ApiMonitoring/tests/TopErrors.test.tsx
+++ b/frontend/src/container/ApiMonitoring/tests/TopErrors.test.tsx
@@ -84,7 +84,7 @@ describe('TopErrors', () => {
 									{
 										columns: [
 											{
-												name: 'http.url',
+												name: SPAN_ATTRIBUTES.HTTP_URL,
 												fieldDataType: 'string',
 												fieldContext: 'attribute',
 											},
@@ -124,7 +124,7 @@ describe('TopErrors', () => {
 										table: {
 											rows: [
 												{
-													'http.url': '/api/test',
+													http_url: '/api/test',
 													A: 100,
 												},
 											],
@@ -206,7 +206,7 @@ describe('TopErrors', () => {
 		expect(navigateMock).toHaveBeenCalledWith({
 			filters: expect.arrayContaining([
 				expect.objectContaining({
-					key: expect.objectContaining({ key: 'http.url' }),
+					key: expect.objectContaining({ key: SPAN_ATTRIBUTES.HTTP_URL }),
 					op: '=',
 					value: '/api/test',
 				}),
@@ -335,7 +335,7 @@ describe('TopErrors', () => {

 		// Verify all required filters are present
 		expect(filterExpression).toContain(
-			`kind_string = 'Client' AND (http.url EXISTS OR url.full EXISTS) AND (net.peer.name = 'test-domain' OR server.address = 'test-domain') AND has_error = true`,
+			`kind_string = 'Client' AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS AND ${SPAN_ATTRIBUTES.SERVER_NAME} = 'test-domain' AND has_error = true`,
 		);
 	});
 });
--- a/frontend/src/container/ApiMonitoring/utils.tsx
+++ b/frontend/src/container/ApiMonitoring/utils.tsx
@@ -15,7 +15,6 @@ import { getWidgetQueryBuilder } from 'container/MetricsApplication/MetricsAppli
 import { convertNanoToMilliseconds } from 'container/MetricsExplorer/Summary/utils';
 import dayjs from 'dayjs';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { RowData } from 'lib/query/createTableColumnsFromQuery';
 import { cloneDeep } from 'lodash-es';
 import { ArrowUpDown, ChevronDown, ChevronRight, Info } from 'lucide-react';
 import { getWidgetQuery } from 'pages/MessagingQueues/MQDetails/MetricPage/MetricPageUtil';
@@ -57,12 +56,12 @@ export const getDisplayValue = (value: unknown): string =>
 	isEmptyFilterValue(value) ? '-' : String(value);

 export const getDomainNameFilterExpression = (domainName: string): string =>
-	`(net.peer.name = '${domainName}' OR server.address = '${domainName}')`;
+	`http_host = '${domainName}'`;

 export const clientKindExpression = `kind_string = 'Client'`;

 /**
- * Converts filters to expression, handling http.url specially by creating (http.url OR url.full) condition
+ * Converts filters to expression
 * @param filters Filters to convert
 * @param baseExpression Base expression to combine with filters
 * @returns Filter expression string
@@ -75,34 +74,6 @@ export const convertFiltersWithUrlHandling = (
 		return baseExpression;
 	}

-	// Check if filters contain http.url (SPAN_ATTRIBUTES.URL_PATH)
-	const httpUrlFilter = filters.items?.find(
-		(item) => item.key?.key === SPAN_ATTRIBUTES.URL_PATH,
-	);
-
-	// If http.url filter exists, create modified filters with (http.url OR url.full)
-	if (httpUrlFilter && httpUrlFilter.value) {
-		// Remove ALL http.url filters from items (guards against duplicates)
-		const otherFilters = filters.items?.filter(
-			(item) => item.key?.key !== SPAN_ATTRIBUTES.URL_PATH,
-		);
-
-		// Convert to expression first with other filters
-		const {
-			filter: intermediateFilter,
-		} = convertFiltersToExpressionWithExistingQuery(
-			{ ...filters, items: otherFilters || [] },
-			baseExpression,
-		);
-
-		// Add the OR condition for http.url and url.full
-		const urlValue = httpUrlFilter.value;
-		const urlCondition = `(http.url = '${urlValue}' OR url.full = '${urlValue}')`;
-		return intermediateFilter.expression.trim()
-			? `${intermediateFilter.expression} AND ${urlCondition}`
-			: urlCondition;
-	}
-
 	const { filter } = convertFiltersToExpressionWithExistingQuery(
 		filters,
 		baseExpression,
@@ -371,7 +342,7 @@ export const formatDataForTable = (
 	});
 };

-const urlExpression = `(url.full EXISTS OR http.url EXISTS)`;
+const urlExpression = `${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`;

 export const getDomainMetricsQueryPayload = (
 	domainName: string,
@@ -588,14 +559,7 @@ const defaultGroupBy = [
 		dataType: DataTypes.String,
 		isColumn: false,
 		isJSON: false,
-		key: SPAN_ATTRIBUTES.URL_PATH,
-		type: 'attribute',
-	},
-	{
-		dataType: DataTypes.String,
-		isColumn: false,
-		isJSON: false,
-		key: 'url.full',
+		key: SPAN_ATTRIBUTES.HTTP_URL,
 		type: 'attribute',
 	},
 	// {
@@ -867,8 +831,8 @@ function buildFilterExpression(
 ): string {
 	const baseFilterParts = [
 		`kind_string = 'Client'`,
-		`(http.url EXISTS OR url.full EXISTS)`,
-		`(net.peer.name = '${domainName}' OR server.address = '${domainName}')`,
+		`${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
+		`${SPAN_ATTRIBUTES.SERVER_NAME} = '${domainName}'`,
 		`has_error = true`,
 	];
 	if (showStatusCodeErrors) {
@@ -910,12 +874,7 @@ export const getTopErrorsQueryPayload = (
 						filter: { expression: filterExpression },
 						groupBy: [
 							{
-								name: 'http.url',
-								fieldDataType: 'string',
-								fieldContext: 'attribute',
-							},
-							{
-								name: 'url.full',
+								name: SPAN_ATTRIBUTES.HTTP_URL,
 								fieldDataType: 'string',
 								fieldContext: 'attribute',
 							},
@@ -1134,11 +1093,11 @@ export const formatEndPointsDataForTable = (
 	if (!isGroupedByAttribute) {
 		formattedData = data?.map((endpoint) => {
 			const { port } = extractPortAndEndpoint(
-				(endpoint.data[SPAN_ATTRIBUTES.URL_PATH] as string) || '',
+				(endpoint.data[SPAN_ATTRIBUTES.HTTP_URL] as string) || '',
 			);
 			return {
 				key: v4(),
-				endpointName: (endpoint.data[SPAN_ATTRIBUTES.URL_PATH] as string) || '-',
+				endpointName: (endpoint.data[SPAN_ATTRIBUTES.HTTP_URL] as string) || '-',
 				port,
 				callCount:
 					endpoint.data.A === 'n/a' || endpoint.data.A === undefined
@@ -1262,9 +1221,7 @@ export const formatTopErrorsDataForTable = (

 		return {
 			key: v4(),
-			endpointName: getDisplayValue(
-				rowObj[SPAN_ATTRIBUTES.URL_PATH] || rowObj['url.full'],
-			),
+			endpointName: getDisplayValue(rowObj[SPAN_ATTRIBUTES.HTTP_URL]),
 			statusCode: getDisplayValue(rowObj[SPAN_ATTRIBUTES.RESPONSE_STATUS_CODE]),
 			statusMessage: getDisplayValue(rowObj.status_message),
 			count: getDisplayValue(rowObj.__result_0),
@@ -1281,10 +1238,10 @@ export const getTopErrorsCoRelationQueryFilters = (
 		{
 			id: 'ea16470b',
 			key: {
-				key: 'http.url',
+				key: SPAN_ATTRIBUTES.HTTP_URL,
 				dataType: DataTypes.String,
 				type: 'tag',
-				id: 'http.url--string--tag--false',
+				id: `${SPAN_ATTRIBUTES.HTTP_URL}--string--tag--false`,
 			},
 			op: '=',
 			value: endPointName,
@@ -1781,7 +1738,7 @@ export const getEndPointDetailsQueryPayload = (
 								filters || { items: [], op: 'AND' },
 								`${getDomainNameFilterExpression(
 									domainName,
-								)} AND ${clientKindExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+								)} AND ${clientKindExpression} AND ${SPAN_ATTRIBUTES.HTTP_URL} EXISTS`,
 							),
 						},
 						expression: 'A',
@@ -1793,12 +1750,7 @@ export const getEndPointDetailsQueryPayload = (
 						orderBy: [],
 						groupBy: [
 							{
-								key: SPAN_ATTRIBUTES.URL_PATH,
-								dataType: DataTypes.String,
-								type: 'attribute',
-							},
-							{
-								key: 'url.full',
+								key: SPAN_ATTRIBUTES.HTTP_URL,
 								dataType: DataTypes.String,
 								type: 'attribute',
 							},
@@ -2225,7 +2177,7 @@ export const getEndPointZeroStateQueryPayload = (
 						orderBy: [],
 						groupBy: [
 							{
-								key: SPAN_ATTRIBUTES.URL_PATH,
+								key: SPAN_ATTRIBUTES.HTTP_URL,
 								dataType: DataTypes.String,
 								type: 'tag',
 							},
@@ -2419,8 +2371,7 @@ export const statusCodeWidgetInfo = [

 interface EndPointDropDownResponseRow {
 	data: {
-		[SPAN_ATTRIBUTES.URL_PATH]: string;
-		'url.full': string;
+		[SPAN_ATTRIBUTES.HTTP_URL]: string;
 		A: number;
 	};
 }
@@ -2439,8 +2390,8 @@ export const getFormattedEndPointDropDownData = (
 	}
 	return data.map((row) => ({
 		key: v4(),
-		label: row.data[SPAN_ATTRIBUTES.URL_PATH] || row.data['url.full'] || '-',
-		value: row.data[SPAN_ATTRIBUTES.URL_PATH] || row.data['url.full'] || '-',
+		label: row.data[SPAN_ATTRIBUTES.HTTP_URL] || '-',
+		value: row.data[SPAN_ATTRIBUTES.HTTP_URL] || '-',
 	}));
 };

@@ -2769,7 +2720,6 @@ export const groupStatusCodes = (

 export const getStatusCodeBarChartWidgetData = (
 	domainName: string,
-	endPointName: string,
 	filters: IBuilderQuery['filters'],
 ): Widgets => ({
 	query: {
@@ -2798,20 +2748,6 @@ export const getStatusCodeBarChartWidgetData = (
 								op: '=',
 								value: domainName,
 							},
-							...(endPointName
-								? [
-										{
-											id: '8b1be6f0',
-											key: {
-												dataType: DataTypes.String,
-												key: SPAN_ATTRIBUTES.URL_PATH,
-												type: 'tag',
-											},
-											op: '=',
-											value: endPointName,
-										},
-								  ]
-								: []),
 							...(filters?.items || []),
 						],
 						op: 'AND',
@@ -2933,7 +2869,7 @@ export const getAllEndpointsWidgetData = (
 							filters,
 							`${getDomainNameFilterExpression(
 								domainName,
-							)} AND ${clientKindExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+							)} AND ${clientKindExpression} AND http_url EXISTS`,
 						),
 					},
 					functions: [],
@@ -2965,7 +2901,7 @@ export const getAllEndpointsWidgetData = (
 							filters,
 							`${getDomainNameFilterExpression(
 								domainName,
-							)} AND ${clientKindExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+							)} AND ${clientKindExpression} AND http_url EXISTS`,
 						),
 					},
 					functions: [],
@@ -2997,7 +2933,7 @@ export const getAllEndpointsWidgetData = (
 							filters,
 							`${getDomainNameFilterExpression(
 								domainName,
-							)} AND ${clientKindExpression} AND (http.url EXISTS OR url.full EXISTS)`,
+							)} AND ${clientKindExpression} AND http_url EXISTS`,
 						),
 					},
 					functions: [],
@@ -3029,7 +2965,7 @@ export const getAllEndpointsWidgetData = (
 							filters,
 							`${getDomainNameFilterExpression(
 								domainName,
-							)} AND ${clientKindExpression} AND has_error = true AND (http.url EXISTS OR url.full EXISTS)`,
+							)} AND ${clientKindExpression} AND has_error = true AND http_url EXISTS`,
 						),
 					},
 					functions: [],
@@ -3060,24 +2996,12 @@ export const getAllEndpointsWidgetData = (
 	);

 	widget.renderColumnCell = {
-		[SPAN_ATTRIBUTES.URL_PATH]: (
-			url: string | number,
-			record?: RowData,
-		): ReactNode => {
-			// First try to use the url from the column value
-			let urlValue = url;
-
-			// If url is empty/null and we have the record, fallback to url.full
-			if (isEmptyFilterValue(url) && record) {
-				const { 'url.full': urlFull } = record;
-				urlValue = urlFull;
-			}
-
-			if (!urlValue || urlValue === 'n/a') {
+		[SPAN_ATTRIBUTES.HTTP_URL]: (url: string | number): ReactNode => {
+			if (isEmptyFilterValue(url) || !url || url === 'n/a') {
 				return <span>-</span>;
 			}

-			const { endpoint } = extractPortAndEndpoint(String(urlValue));
+			const { endpoint } = extractPortAndEndpoint(String(url));
 			return <span>{getDisplayValue(endpoint)}</span>;
 		},
 		A: (numOfCalls: any): ReactNode => (
@@ -3132,8 +3056,8 @@ export const getAllEndpointsWidgetData = (
 	};

 	widget.customColTitles = {
-		[SPAN_ATTRIBUTES.URL_PATH]: 'Endpoint',
-		'net.peer.port': 'Port',
+		[SPAN_ATTRIBUTES.HTTP_URL]: 'Endpoint',
+		[SPAN_ATTRIBUTES.SERVER_PORT]: 'Port',
 	};

 	widget.title = (
@@ -3158,12 +3082,10 @@ export const getAllEndpointsWidgetData = (
 		</div>
 	);

-	widget.hiddenColumns = ['url.full'];
-
 	return widget;
 };

-const keysToRemove = ['http.url', 'url.full', 'A', 'B', 'C', 'F1'];
+const keysToRemove = [SPAN_ATTRIBUTES.HTTP_URL, 'A', 'B', 'C', 'F1'];

 export const getGroupByFiltersFromGroupByValues = (
 	rowData: any,
@@ -3221,7 +3143,7 @@ export const getRateOverTimeWidgetData = (
 					filter: {
 						expression: convertFiltersWithUrlHandling(
 							filters || { items: [], op: 'AND' },
-							`(net.peer.name = '${domainName}' OR server.address = '${domainName}')`,
+							`http_host = '${domainName}'`,
 						),
 					},
 					functions: [],
@@ -3272,7 +3194,7 @@ export const getLatencyOverTimeWidgetData = (
 					filter: {
 						expression: convertFiltersWithUrlHandling(
 							filters || { items: [], op: 'AND' },
-							`(net.peer.name = '${domainName}' OR server.address = '${domainName}')`,
+							`http_host = '${domainName}'`,
 						),
 					},
 					functions: [],
--- a/frontend/src/container/InfraMonitoringK8s/Clusters/K8sClustersList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Clusters/K8sClustersList.tsx
@@ -27,7 +27,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -103,9 +103,10 @@ function K8sClustersList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/DaemonSets/K8sDaemonSetsList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/DaemonSets/K8sDaemonSetsList.tsx
@@ -28,7 +28,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -105,9 +105,10 @@ function K8sDaemonSetsList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/Deployments/K8sDeploymentsList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Deployments/K8sDeploymentsList.tsx
@@ -28,7 +28,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -106,9 +106,10 @@ function K8sDeploymentsList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/Jobs/K8sJobsList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Jobs/K8sJobsList.tsx
@@ -28,7 +28,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -101,9 +101,10 @@ function K8sJobsList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/K8sHeader.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/K8sHeader.tsx
@@ -10,6 +10,7 @@ import { BaseAutocompleteData } from 'types/api/queryBuilder/queryAutocompleteRe
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';
 import { DataSource } from 'types/common/queryBuilder';

+import { safeParseJSON } from './commonUtils';
 import { INFRA_MONITORING_K8S_PARAMS_KEYS, K8sCategory } from './constants';
 import K8sFiltersSidePanel from './K8sFiltersSidePanel/K8sFiltersSidePanel';
 import { IEntityColumn } from './utils';
@@ -58,9 +59,10 @@ function K8sHeader({
 		const urlFilters = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.FILTERS);
 		let { filters } = currentQuery.builder.queryData[0];
 		if (urlFilters) {
-			const decoded = decodeURIComponent(urlFilters);
-			const parsed = JSON.parse(decoded);
-			filters = parsed;
+			const parsed = safeParseJSON<IBuilderQuery['filters']>(urlFilters);
+			if (parsed) {
+				filters = parsed;
+			}
 		}
 		return {
 			...currentQuery,
--- a/frontend/src/container/InfraMonitoringK8s/Namespaces/K8sNamespacesList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Namespaces/K8sNamespacesList.tsx
@@ -27,7 +27,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -104,9 +104,10 @@ function K8sNamespacesList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/Nodes/K8sNodesList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Nodes/K8sNodesList.tsx
@@ -27,7 +27,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -99,9 +99,10 @@ function K8sNodesList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/Pods/K8sPodLists.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Pods/K8sPodLists.tsx
@@ -29,7 +29,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -92,9 +92,10 @@ function K8sPodsList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/StatefulSets/K8sStatefulSetsList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/StatefulSets/K8sStatefulSetsList.tsx
@@ -28,7 +28,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -105,9 +105,10 @@ function K8sStatefulSetsList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/Volumes/K8sVolumesList.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/Volumes/K8sVolumesList.tsx
@@ -28,7 +28,7 @@ import { GlobalReducer } from 'types/reducer/globalTime';

 import { FeatureKeys } from '../../../constants/features';
 import { useAppContext } from '../../../providers/App/App';
-import { getOrderByFromParams } from '../commonUtils';
+import { getOrderByFromParams, safeParseJSON } from '../commonUtils';
 import {
 	GetK8sEntityToAggregateAttribute,
 	INFRA_MONITORING_K8S_PARAMS_KEYS,
@@ -105,9 +105,10 @@ function K8sVolumesList({
 	const [groupBy, setGroupBy] = useState<IBuilderQuery['groupBy']>(() => {
 		const groupBy = searchParams.get(INFRA_MONITORING_K8S_PARAMS_KEYS.GROUP_BY);
 		if (groupBy) {
-			const decoded = decodeURIComponent(groupBy);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['groupBy'];
+			const parsed = safeParseJSON<IBuilderQuery['groupBy']>(groupBy);
+			if (parsed) {
+				return parsed;
+			}
 		}
 		return [];
 	});
--- a/frontend/src/container/InfraMonitoringK8s/commonUtils.tsx
+++ b/frontend/src/container/InfraMonitoringK8s/commonUtils.tsx
@@ -5,6 +5,7 @@
 /* eslint-disable prefer-destructuring */

 import { useMemo } from 'react';
+import * as Sentry from '@sentry/react';
 import { Color } from '@signozhq/design-tokens';
 import { Table, Tooltip, Typography } from 'antd';
 import { Progress } from 'antd/lib';
@@ -260,6 +261,27 @@ export const filterDuplicateFilters = (
 	return uniqueFilters;
 };

+export const safeParseJSON = <T,>(value: string): T | null => {
+	if (!value) {
+		return null;
+	}
+
+	try {
+		// Attempting to parse potentially untrusted user input from the URL.
+		// If the user pastes a corrupted link or modifies the URL manually (e.g., ?filters=invalidJSON),
+		// JSON.parse() will throw a SyntaxError. Without this try/catch block, that unhandled
+		// exception would bubble up during the React component render cycle and crash.
+		return JSON.parse(value) as T;
+	} catch (e) {
+		// By catching the SyntaxError, we gracefully degrade the user experience.
+		// Instead of crashing, the app ignores the malformed URL parameter and cleanly
+		// falls back to the default state (e.g., no filters applied).
+		console.error('Error parsing JSON from URL parameter:', e);
+		// TODO: Should we capture this error in Sentry?
+		return null;
+	}
+};
+
 export const getOrderByFromParams = (
 	searchParams: URLSearchParams,
 	returnNullAsDefault = false,
@@ -271,9 +293,12 @@ export const getOrderByFromParams = (
 		INFRA_MONITORING_K8S_PARAMS_KEYS.ORDER_BY,
 	);
 	if (orderByFromParams) {
-		const decoded = decodeURIComponent(orderByFromParams);
-		const parsed = JSON.parse(decoded);
-		return parsed as { columnName: string; order: 'asc' | 'desc' };
+		const parsed = safeParseJSON<{ columnName: string; order: 'asc' | 'desc' }>(
+			orderByFromParams,
+		);
+		if (parsed) {
+			return parsed;
+		}
 	}
 	if (returnNullAsDefault) {
 		return null;
@@ -287,13 +312,7 @@ export const getFiltersFromParams = (
 ): IBuilderQuery['filters'] | null => {
 	const filtersFromParams = searchParams.get(queryKey);
 	if (filtersFromParams) {
-		try {
-			const decoded = decodeURIComponent(filtersFromParams);
-			const parsed = JSON.parse(decoded);
-			return parsed as IBuilderQuery['filters'];
-		} catch (error) {
-			return null;
-		}
+		return safeParseJSON<IBuilderQuery['filters']>(filtersFromParams);
 	}
 	return null;
 };
--- a/frontend/src/container/SpanDetailsDrawer/tests/AttributeActions.userflow.test.tsx
+++ b/frontend/src/container/SpanDetailsDrawer/tests/AttributeActions.userflow.test.tsx
@@ -3,6 +3,7 @@ import { MemoryRouter, Route } from 'react-router-dom';
 import { fireEvent, render, screen, waitFor } from '@testing-library/react';
 import userEvent from '@testing-library/user-event';
 import ROUTES from 'constants/routes';
+import { SPAN_ATTRIBUTES } from 'container/ApiMonitoring/Explorer/Domains/DomainDetails/constants';
 import { AppProvider } from 'providers/App/App';
 import MockQueryClientProvider from 'providers/test/MockQueryClientProvider';
 import { Span } from 'types/api/trace/getTraceV2';
@@ -108,7 +109,7 @@ const createMockSpan = (): Span => ({
 	statusMessage: '',
 	tagMap: {
 		'http.method': 'GET',
-		'http.url': '/api/users?page=1',
+		[SPAN_ATTRIBUTES.HTTP_URL]: '/api/users?page=1',
 		'http.status_code': '200',
 		'service.name': 'frontend-service',
 		'span.kind': 'server',
--- a/frontend/src/container/SpanDetailsDrawer/tests/SpanDetailsDrawer.test.tsx
+++ b/frontend/src/container/SpanDetailsDrawer/tests/SpanDetailsDrawer.test.tsx
@@ -5,6 +5,7 @@ import getSpanPercentiles from 'api/trace/getSpanPercentiles';
 import getUserPreference from 'api/v1/user/preferences/name/get';
 import { QueryParams } from 'constants/query';
 import ROUTES from 'constants/routes';
+import { SPAN_ATTRIBUTES } from 'container/ApiMonitoring/Explorer/Domains/DomainDetails/constants';
 import { GetMetricQueryRange } from 'lib/dashboard/getQueryResults';
 import { server } from 'mocks-server/server';
 import { QueryBuilderContext } from 'providers/QueryBuilder';
@@ -878,7 +879,9 @@ describe('SpanDetailsDrawer', () => {

 			// Verify only matching attributes are shown (use getAllByText for all since they appear in multiple places)
 			expect(screen.getAllByText('http.method').length).toBeGreaterThan(0);
-			expect(screen.getAllByText('http.url').length).toBeGreaterThan(0);
+			expect(screen.getAllByText(SPAN_ATTRIBUTES.HTTP_URL).length).toBeGreaterThan(
+				0,
+			);
 			expect(screen.getAllByText('http.status_code').length).toBeGreaterThan(0);
 		});

@@ -1126,7 +1129,7 @@ describe('SpanDetailsDrawer - Search Visibility User Flows', () => {

 		// User sees all attributes initially
 		expect(screen.getByText('http.method')).toBeInTheDocument();
-		expect(screen.getByText('http.url')).toBeInTheDocument();
+		expect(screen.getByText(SPAN_ATTRIBUTES.HTTP_URL)).toBeInTheDocument();
 		expect(screen.getByText('http.status_code')).toBeInTheDocument();

 		// User types "method" in search
@@ -1136,7 +1139,7 @@ describe('SpanDetailsDrawer - Search Visibility User Flows', () => {
 		// User sees only matching attributes
 		await waitFor(() => {
 			expect(screen.getByText('http.method')).toBeInTheDocument();
-			expect(screen.queryByText('http.url')).not.toBeInTheDocument();
+			expect(screen.queryByText(SPAN_ATTRIBUTES.HTTP_URL)).not.toBeInTheDocument();
 			expect(screen.queryByText('http.status_code')).not.toBeInTheDocument();
 		});
 	});
--- a/frontend/src/container/SpanDetailsDrawer/tests/mockData.ts
+++ b/frontend/src/container/SpanDetailsDrawer/tests/mockData.ts
@@ -1,3 +1,4 @@
+import { SPAN_ATTRIBUTES } from 'container/ApiMonitoring/Explorer/Domains/DomainDetails/constants';
 import { ILog } from 'types/api/logs/log';
 import { Span } from 'types/api/trace/getTraceV2';

@@ -22,7 +23,7 @@ export const mockSpan: Span = {
 	event: [],
 	tagMap: {
 		'http.method': 'GET',
-		'http.url': '/api/test',
+		[SPAN_ATTRIBUTES.HTTP_URL]: '/api/test',
 		'http.status_code': '200',
 	},
 	hasError: false,
--- a/frontend/src/hooks/IngestionKeys/useGetAllIngestionKeys.ts
+++ b/frontend/src/hooks/IngestionKeys/useGetAllIngestionKeys.ts
@@ -1,15 +0,0 @@
-import { useQuery, UseQueryResult } from 'react-query';
-import { getAllIngestionKeys } from 'api/IngestionKeys/getAllIngestionKeys';
-import { AxiosError, AxiosResponse } from 'axios';
-import {
-	AllIngestionKeyProps,
-	GetIngestionKeyProps,
-} from 'types/api/ingestionKeys/types';
-
-export const useGetAllIngestionsKeys = (
-	props: GetIngestionKeyProps,
-): UseQueryResult<AxiosResponse<AllIngestionKeyProps>, AxiosError> =>
-	useQuery<AxiosResponse<AllIngestionKeyProps>, AxiosError>({
-		queryKey: [`IngestionKeys-${props.page}-${props.search}`],
-		queryFn: () => getAllIngestionKeys(props),
-	});
--- a/frontend/src/mocks-server/mockdata/tracedetail.ts
+++ b/frontend/src/mocks-server/mockdata/tracedetail.ts
@@ -1,3 +1,5 @@
+import { SPAN_ATTRIBUTES } from 'container/ApiMonitoring/Explorer/Domains/DomainDetails/constants';
+
 /* eslint-disable sonarjs/no-duplicate-string */
 export const traceDetailResponse = [
 	{
@@ -35,7 +37,7 @@ export const traceDetailResponse = [
 					'component',
 					'host.name',
 					'http.method',
-					'http.url',
+					SPAN_ATTRIBUTES.HTTP_URL,
 					'ip',
 					'http.status_code',
 					'opencensus.exporterversion',
@@ -84,7 +86,7 @@ export const traceDetailResponse = [
 					'signoz.collector.id',
 					'component',
 					'http.method',
-					'http.url',
+					SPAN_ATTRIBUTES.HTTP_URL,
 					'ip',
 				],
 				[
@@ -741,7 +743,7 @@ export const traceDetailResponse = [
 					'component',
 					'http.method',
 					'http.status_code',
-					'http.url',
+					SPAN_ATTRIBUTES.HTTP_URL,
 					'net/http.reused',
 					'net/http.was_idle',
 					'service.name',
@@ -833,7 +835,7 @@ export const traceDetailResponse = [
 					'opencensus.exporterversion',
 					'signoz.collector.id',
 					'host.name',
-					'http.url',
+					SPAN_ATTRIBUTES.HTTP_URL,
 					'net/http.reused',
 					'net/http.was_idle',
 				],
@@ -916,7 +918,7 @@ export const traceDetailResponse = [
 					'net/http.was_idle',
 					'component',
 					'host.name',
-					'http.url',
+					SPAN_ATTRIBUTES.HTTP_URL,
 					'ip',
 					'service.name',
 					'signoz.collector.id',
--- a/frontend/src/pages/TracesExplorer/Filter/filterUtils.ts
+++ b/frontend/src/pages/TracesExplorer/Filter/filterUtils.ts
@@ -2,6 +2,7 @@
 import { Dispatch, SetStateAction, useEffect, useState } from 'react';
 import { getAttributesValues } from 'api/queryBuilder/getAttributesValues';
 import { DATA_TYPE_VS_ATTRIBUTE_VALUES_KEY } from 'constants/queryBuilder';
+import { SPAN_ATTRIBUTES } from 'container/ApiMonitoring/Explorer/Domains/DomainDetails/constants';
 import {
 	BaseAutocompleteData,
 	DataTypes,
@@ -31,7 +32,7 @@ export const AllTraceFilterKeyValue: Record<string, string> = {
 	httpRoute: 'HTTP Route',
 	'http.route': 'HTTP Route',
 	httpUrl: 'HTTP URL',
-	'http.url': 'HTTP URL',
+	[SPAN_ATTRIBUTES.HTTP_URL]: 'HTTP URL',
 	traceID: 'Trace ID',
 	trace_id: 'Trace ID',
 } as const;
--- a/pkg/apiserver/signozapiserver/authz.go
+++ b/pkg/apiserver/signozapiserver/authz.go
@@ -0,0 +1,30 @@
+package signozapiserver
+
+import (
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/http/handler"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/gorilla/mux"
+)
+
+func (provider *provider) addAuthzRoutes(router *mux.Router) error {
+	if err := router.Handle("/api/v1/authz/check", handler.New(provider.authzHandler.Check, handler.OpenAPIDef{
+		ID:                  "AuthzCheck",
+		Tags:                []string{"authz"},
+		Summary:             "Check permissions",
+		Description:         "Checks if the authenticated user has permissions for given transactions",
+		Request:             make([]*authtypes.Transaction, 0),
+		RequestContentType:  "",
+		Response:            make([]*authtypes.GettableTransaction, 0),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     nil,
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/pkg/apiserver/signozapiserver/provider.go
+++ b/pkg/apiserver/signozapiserver/provider.go
@@ -207,6 +207,10 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}

+	if err := provider.addAuthzRoutes(router); err != nil {
+		return err
+	}
+
 	if err := provider.addFieldsRoutes(router); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/role.go
+++ b/pkg/apiserver/signozapiserver/role.go
@@ -5,6 +5,7 @@ import (

 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/gorilla/mux"
 )
@@ -15,12 +16,12 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Tags:                []string{"role"},
 		Summary:             "Create role",
 		Description:         "This endpoint creates a role",
-		Request:             nil,
+		Request:             new(roletypes.PostableRole),
 		RequestContentType:  "",
 		Response:            new(types.Identifiable),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
-		ErrorStatusCodes:    []int{},
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
@@ -44,6 +45,23 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

+	if err := router.Handle("/api/v1/roles/resources", handler.New(provider.authZ.AdminAccess(provider.authzHandler.GetResources), handler.OpenAPIDef{
+		ID:                  "GetResources",
+		Tags:                []string{"role"},
+		Summary:             "Get resources",
+		Description:         "Gets all the available resources for role assignment",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(roletypes.GettableResources),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Get), handler.OpenAPIDef{
 		ID:                  "GetRole",
 		Tags:                []string{"role"},
@@ -61,17 +79,51 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

+	if err := router.Handle("/api/v1/roles/{id}/relation/{relation}/objects", handler.New(provider.authZ.AdminAccess(provider.authzHandler.GetObjects), handler.OpenAPIDef{
+		ID:                  "GetObjects",
+		Tags:                []string{"role"},
+		Summary:             "Get objects for a role by relation",
+		Description:         "Gets all objects connected to the specified role via a given relation type",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            make([]*authtypes.Object, 0),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Patch), handler.OpenAPIDef{
 		ID:                  "PatchRole",
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
 		Description:         "This endpoint patches a role",
-		Request:             nil,
+		Request:             new(roletypes.PatchableRole),
 		RequestContentType:  "",
 		Response:            nil,
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{},
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPatch).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/roles/{id}/relation/{relation}/objects", handler.New(provider.authZ.AdminAccess(provider.authzHandler.PatchObjects), handler.OpenAPIDef{
+		ID:                  "PatchObjects",
+		Tags:                []string{"role"},
+		Summary:             "Patch objects for a role by relation",
+		Description:         "Patches the objects connected to the specified role via a given relation type",
+		Request:             new(roletypes.PatchableObjects),
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
@@ -88,7 +140,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Response:            nil,
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{},
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
--- a/pkg/authz/authz.go
+++ b/pkg/authz/authz.go
@@ -14,17 +14,14 @@ import (
 type AuthZ interface {
 	factory.Service

-	// Check returns error when the upstream authorization server is unavailable or the subject (s) doesn't have relation (r) on object (o).
-	Check(context.Context, *openfgav1.TupleKey) error
-
 	// CheckWithTupleCreation takes upon the responsibility for generating the tuples alongside everything Check does.
 	CheckWithTupleCreation(context.Context, authtypes.Claims, valuer.UUID, authtypes.Relation, authtypes.Typeable, []authtypes.Selector, []authtypes.Selector) error

 	// CheckWithTupleCreationWithoutClaims checks permissions for anonymous users.
 	CheckWithTupleCreationWithoutClaims(context.Context, valuer.UUID, authtypes.Relation, authtypes.Typeable, []authtypes.Selector, []authtypes.Selector) error

-	// Batch Check returns error when the upstream authorization server is unavailable or for all the tuples of subject (s) doesn't have relation (r) on object (o).
-	BatchCheck(context.Context, []*openfgav1.TupleKey) error
+	// BatchCheck accepts a map of ID → tuple and returns a map of ID → authorization result.
+	BatchCheck(context.Context, map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error)

 	// Write accepts the insertion tuples and the deletion tuples.
 	Write(context.Context, []*openfgav1.TupleKey, []*openfgav1.TupleKey) error
@@ -102,5 +99,7 @@ type Handler interface {

 	PatchObjects(http.ResponseWriter, *http.Request)

+	Check(http.ResponseWriter, *http.Request)
+
 	Delete(http.ResponseWriter, *http.Request)
 }
--- a/pkg/authz/authzstore/sqlauthzstore/store.go
+++ b/pkg/authz/authzstore/sqlauthzstore/store.go
@@ -26,7 +26,7 @@ func (store *store) Create(ctx context.Context, role *roletypes.StorableRole) er
 		Model(role).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, errors.CodeAlreadyExists, "role with id: %s already exists", role.ID)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, errors.CodeAlreadyExists, "role with name: %s already exists", role.Name)
 	}

 	return nil
--- a/pkg/authz/openfgaauthz/provider.go
+++ b/pkg/authz/openfgaauthz/provider.go
@@ -48,11 +48,7 @@ func (provider *provider) Stop(ctx context.Context) error {
 	return provider.server.Stop(ctx)
 }

-func (provider *provider) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	return provider.server.Check(ctx, tupleReq)
-}
-
-func (provider *provider) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
+func (provider *provider) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
 	return provider.server.BatchCheck(ctx, tupleReq)
 }

@@ -181,10 +177,6 @@ func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID,
 	return nil
 }

-func (provider *provider) SetManagedRoleTransactions(context.Context, valuer.UUID) error {
-	return nil
-}
-
 func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
 	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
 }
--- a/pkg/authz/openfgaserver/server.go
+++ b/pkg/authz/openfgaserver/server.go
@@ -90,42 +90,18 @@ func (server *Server) Stop(ctx context.Context) error {
 	return nil
 }

-func (server *Server) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
+func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
 	storeID, modelID := server.getStoreIDandModelID()
-	checkResponse, err := server.openfgaServer.Check(
-		ctx,
-		&openfgav1.CheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tupleReq.User,
-				Relation: tupleReq.Relation,
-				Object:   tupleReq.Object,
-			},
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	if !checkResponse.Allowed {
-		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
-	}
-
-	return nil
-}
-
-func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	storeID, modelID := server.getStoreIDandModelID()
-	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
-	for idx, tuple := range tupleReq {
+	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0, len(tupleReq))
+	for id, tuple := range tupleReq {
 		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
 			TupleKey: &openfgav1.CheckRequestTupleKey{
 				User:     tuple.User,
 				Relation: tuple.Relation,
 				Object:   tuple.Object,
 			},
-			// the batch check response is map[string] keyed by correlationID.
-			CorrelationId: strconv.Itoa(idx),
+			// Use transaction ID as correlation ID for deterministic mapping
+			CorrelationId: id,
 		})
 	}

@@ -137,17 +113,18 @@ func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.Tupl
 			Checks:               batchCheckItems,
 		})
 	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+		return nil, errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
 	}

-	for _, checkResponse := range checkResponse.Result {
-		if checkResponse.GetAllowed() {
-			return nil
+	response := make(map[string]*authtypes.TupleKeyAuthorization, len(tupleReq))
+	for id, tuple := range tupleReq {
+		response[id] = &authtypes.TupleKeyAuthorization{
+			Tuple:      tuple,
+			Authorized: checkResponse.Result[id].GetAllowed(),
 		}
 	}

-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
-
+	return response, nil
 }

 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
@@ -156,17 +133,29 @@ func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtyp
 		return err
 	}

-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	tupleSlice, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
 	if err != nil {
 		return err
 	}

-	err = server.BatchCheck(ctx, tuples)
+	// Convert slice to map with generated IDs for internal use
+	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
+	for idx, tuple := range tupleSlice {
+		tuples[strconv.Itoa(idx)] = tuple
+	}
+
+	response, err := server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	return nil
+	for _, resp := range response {
+		if resp.Authorized {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
 }

 func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
@@ -175,17 +164,29 @@ func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, o
 		return err
 	}

-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	tupleSlice, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
 	if err != nil {
 		return err
 	}

-	err = server.BatchCheck(ctx, tuples)
+	// Convert slice to map with generated IDs for internal use
+	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
+	for idx, tuple := range tupleSlice {
+		tuples[strconv.Itoa(idx)] = tuple
+	}
+
+	response, err := server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	return nil
+	for _, resp := range response {
+		if resp.Authorized {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
 }

 func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
--- a/pkg/authz/signozauthzapi/handler.go
+++ b/pkg/authz/signozauthzapi/handler.go
@@ -7,6 +7,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -35,13 +36,14 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
+	role := roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID))
+	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), role)
 	if err != nil {
 		render.Error(rw, err)
 		return
 	}

-	render.Success(rw, http.StatusCreated, nil)
+	render.Success(rw, http.StatusCreated, types.Identifiable{ID: role.ID})
 }

 func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
@@ -112,17 +114,9 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 }

 func (handler *handler) GetResources(rw http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-	resources := handler.authz.GetResources(ctx)
+	resources := handler.authz.GetResources(r.Context())

-	var resourceRelations = struct {
-		Resources []*authtypes.Resource                   `json:"resources"`
-		Relations map[authtypes.Type][]authtypes.Relation `json:"relations"`
-	}{
-		Resources: resources,
-		Relations: authtypes.TypeableRelations,
-	}
-	render.Success(rw, http.StatusOK, resourceRelations)
+	render.Success(rw, http.StatusOK, roletypes.NewGettableResources(resources))
 }

 func (handler *handler) List(rw http.ResponseWriter, r *http.Request) {
@@ -227,7 +221,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	render.Success(rw, http.StatusAccepted, nil)
+	render.Success(rw, http.StatusNoContent, nil)
 }

 func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {
@@ -252,3 +246,39 @@ func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {

 	render.Success(rw, http.StatusNoContent, nil)
 }
+
+func (handler *handler) Check(rw http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	transactions := make([]*authtypes.Transaction, 0)
+	if err := binding.JSON.BindBody(r.Body, &transactions); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	tuples, err := authtypes.NewTuplesFromTransactions(transactions, subject, orgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	results, err := handler.authz.BatchCheck(ctx, tuples)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, authtypes.NewGettableTransaction(transactions, results))
+}
--- a/pkg/querier/builder_query.go
+++ b/pkg/querier/builder_query.go
@@ -80,16 +80,11 @@ func (q *builderQuery[T]) Fingerprint() string {
 			case qbtypes.LogAggregation:
 				aggParts = append(aggParts, a.Expression)
 			case qbtypes.MetricAggregation:
-				var spaceAggParamStr string
-				if a.ComparisonSpaceAggregationParam != nil {
-					spaceAggParamStr = a.ComparisonSpaceAggregationParam.StringValue()
-				}
-				aggParts = append(aggParts, fmt.Sprintf("%s:%s:%s:%s:%s",
+				aggParts = append(aggParts, fmt.Sprintf("%s:%s:%s:%s",
 					a.MetricName,
 					a.Temporality.StringValue(),
 					a.TimeAggregation.StringValue(),
 					a.SpaceAggregation.StringValue(),
-					spaceAggParamStr,
 				))
 			}
 		}
--- a/pkg/query-service/app/clickhouseReader/reader.go
+++ b/pkg/query-service/app/clickhouseReader/reader.go
@@ -1913,7 +1913,7 @@ func (r *ClickHouseReader) GetCustomRetentionTTL(ctx context.Context, orgID stri
 			// No V2 configuration found, return defaults
 			response.DefaultTTLDays = 15
 			response.TTLConditions = []model.CustomRetentionRule{}
-			response.Status = constants.StatusFailed
+			response.Status = constants.StatusSuccess
 			response.ColdStorageTTLDays = -1
 			return response, nil
 		}
--- a/pkg/telemetrymetrics/statement_builder.go
+++ b/pkg/telemetrymetrics/statement_builder.go
@@ -123,8 +123,7 @@ func (b *MetricQueryStatementBuilder) buildPipelineStatement(
 	origTimeAgg := query.Aggregations[0].TimeAggregation
 	origGroupBy := slices.Clone(query.GroupBy)

-	if (query.Aggregations[0].SpaceAggregation.IsPercentile() ||
-		query.Aggregations[0].SpaceAggregation == metrictypes.SpaceAggregationHistogramCount) &&
+	if query.Aggregations[0].SpaceAggregation.IsPercentile() &&
 		query.Aggregations[0].Type != metrictypes.ExpHistogramType {
 		// add le in the group by if doesn't exist
 		leExists := false
@@ -155,11 +154,7 @@ func (b *MetricQueryStatementBuilder) buildPipelineStatement(
 		}

 		// make the time aggregation rate and space aggregation sum
-		if query.Aggregations[0].SpaceAggregation.IsPercentile() {
-			query.Aggregations[0].TimeAggregation = metrictypes.TimeAggregationRate
-		} else {
-			query.Aggregations[0].TimeAggregation = metrictypes.TimeAggregationIncrease
-		}
+		query.Aggregations[0].TimeAggregation = metrictypes.TimeAggregationRate
 		query.Aggregations[0].SpaceAggregation = metrictypes.SpaceAggregationSum
 	}

@@ -529,7 +524,7 @@ func (b *MetricQueryStatementBuilder) buildSpatialAggregationCTE(
 		return "", nil, errors.Newf(
 			errors.TypeInvalidInput,
 			errors.CodeInvalidInput,
-			"invalid space aggregation, should be one of the following: [`sum`, `avg`, `min`, `max`, `count`, `p50`, `p75`, `p90`, `p95`, `p99`, `histogram_count`]",
+			"invalid space aggregation, should be one of the following: [`sum`, `avg`, `min`, `max`, `count`, `p50`, `p75`, `p90`, `p95`, `p99`]",
 		)
 	}
 	sb := sqlbuilder.NewSelectBuilder()
@@ -582,29 +577,6 @@ func (b *MetricQueryStatementBuilder) BuildFinalSelect(
 		sb.From("__spatial_aggregation_cte")
 		sb.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
 		sb.GroupBy("ts")
-		if query.Having != nil && query.Having.Expression != "" {
-			rewriter := querybuilder.NewHavingExpressionRewriter()
-			rewrittenExpr := rewriter.RewriteForMetrics(query.Having.Expression, query.Aggregations)
-			sb.Having(rewrittenExpr)
-		}
-	} else if query.Aggregations[0].SpaceAggregation == metrictypes.SpaceAggregationHistogramCount {
-		sb.Select("ts")
-
-		for _, g := range query.GroupBy {
-			sb.SelectMore(fmt.Sprintf("`%s`", g.TelemetryFieldKey.Name))
-		}
-
-		aggQuery, err := AggregationQueryForHistogramCount(query.Aggregations[0].ComparisonSpaceAggregationParam)
-		if err != nil {
-			return nil, err
-		}
-		sb.SelectMore(aggQuery)
-
-		sb.From("__spatial_aggregation_cte")
-
-		sb.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-		sb.GroupBy("ts")
-
 		if query.Having != nil && query.Having.Expression != "" {
 			rewriter := querybuilder.NewHavingExpressionRewriter()
 			rewrittenExpr := rewriter.RewriteForMetrics(query.Having.Expression, query.Aggregations)
--- a/pkg/telemetrymetrics/tables.go
+++ b/pkg/telemetrymetrics/tables.go
@@ -1,7 +1,6 @@
 package telemetrymetrics

 import (
-	"fmt"
 	"time"

 	"github.com/SigNoz/signoz/pkg/errors"
@@ -309,20 +308,3 @@ func AggregationColumnForSamplesTable(
 	}
 	return aggregationColumn, nil
 }
-
-func AggregationQueryForHistogramCount(param *metrictypes.ComparisonSpaceAggregationParam) (string, error) {
-	if param == nil {
-		return "", errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "no aggregation param provided for histogram count")
-	}
-	histogramCountThreshold := param.Threshold
-
-	switch param.Operater {
-	case "<=":
-		return fmt.Sprintf("argMaxIf(value, toFloat64(le), toFloat64(le) <= %f) + (argMinIf(value, toFloat64(le), toFloat64(le) > %f) - argMaxIf(value, toFloat64(le), toFloat64(le) <= %f)) * (%f - maxIf(toFloat64(le), toFloat64(le) <= %f)) / (minIf(toFloat64(le), toFloat64(le) > %f) - maxIf(toFloat64(le), toFloat64(le) <= %f)) AS value", histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold), nil
-	case ">":
-		return fmt.Sprintf("argMax(value, toFloat64(le)) - (argMaxIf(value, toFloat64(le), toFloat64(le) <= %f) + (argMinIf(value, toFloat64(le), toFloat64(le) > %f) - argMaxIf(value, toFloat64(le), toFloat64(le) <= %f)) * (%f - maxIf(toFloat64(le), toFloat64(le) <= %f)) / (minIf(toFloat64(le), toFloat64(le) > %f) - maxIf(toFloat64(le), toFloat64(le) <= %f))) AS value", histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold, histogramCountThreshold), nil
-	default:
-		return "", errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "invalid space aggregation operator, should be one of the following: [`<=`, `>`]")
-	}
-
-}
--- a/pkg/types/authtypes/relation.go
+++ b/pkg/types/authtypes/relation.go
@@ -15,15 +15,14 @@ var (
 	RelationUpdate   = Relation{valuer.NewString("update")}
 	RelationDelete   = Relation{valuer.NewString("delete")}
 	RelationList     = Relation{valuer.NewString("list")}
-	RelationBlock    = Relation{valuer.NewString("block")}
 	RelationAssignee = Relation{valuer.NewString("assignee")}
 )

 var TypeableRelations = map[Type][]Relation{
 	TypeUser:          {RelationRead, RelationUpdate, RelationDelete},
 	TypeRole:          {RelationAssignee, RelationRead, RelationUpdate, RelationDelete},
-	TypeOrganization:  {RelationCreate, RelationRead, RelationUpdate, RelationDelete, RelationList},
-	TypeMetaResource:  {RelationRead, RelationUpdate, RelationDelete, RelationBlock},
+	TypeOrganization:  {RelationRead, RelationUpdate, RelationDelete},
+	TypeMetaResource:  {RelationRead, RelationUpdate, RelationDelete},
 	TypeMetaResources: {RelationCreate, RelationList},
 }

@@ -41,8 +40,6 @@ func NewRelation(relation string) (Relation, error) {
 		return RelationDelete, nil
 	case "list":
 		return RelationList, nil
-	case "block":
-		return RelationBlock, nil
 	case "assignee":
 		return RelationAssignee, nil
 	default:
--- a/pkg/types/authtypes/transaction.go
+++ b/pkg/types/authtypes/transaction.go
@@ -6,21 +6,29 @@ import (
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type Resource struct {
-	Name Name `json:"name"`
-	Type Type `json:"type"`
+	Name Name `json:"name" required:"true"`
+	Type Type `json:"type" required:"true"`
 }

 type Object struct {
-	Resource Resource `json:"resource"`
-	Selector Selector `json:"selector"`
+	Resource Resource `json:"resource" required:"true"`
+	Selector Selector `json:"selector" required:"true"`
 }

 type Transaction struct {
-	Relation Relation `json:"relation"`
-	Object   Object   `json:"object"`
+	ID       valuer.UUID `json:"id"`
+	Relation Relation    `json:"relation" required:"true"`
+	Object   Object      `json:"object" required:"true"`
+}
+
+type GettableTransaction struct {
+	Relation   Relation `json:"relation" required:"true"`
+	Object     Object   `json:"object" required:"true"`
+	Authorized bool     `json:"authorized" required:"true"`
 }

 func NewObject(resource Resource, selector Selector) (*Object, error) {
@@ -75,7 +83,21 @@ func NewTransaction(relation Relation, object Object) (*Transaction, error) {
 		return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeAuthZInvalidRelation, "invalid relation %s for type %s", relation.StringValue(), object.Resource.Type.StringValue())
 	}

-	return &Transaction{Relation: relation, Object: object}, nil
+	return &Transaction{ID: valuer.GenerateUUID(), Relation: relation, Object: object}, nil
+}
+
+func NewGettableTransaction(transactions []*Transaction, results map[string]*TupleKeyAuthorization) []*GettableTransaction {
+	gettableTransactions := make([]*GettableTransaction, len(transactions))
+	for i, txn := range transactions {
+		result := results[txn.ID.StringValue()]
+		gettableTransactions[i] = &GettableTransaction{
+			Relation:   txn.Relation,
+			Object:     txn.Object,
+			Authorized: result.Authorized,
+		}
+	}
+
+	return gettableTransactions
 }

 func (object *Object) UnmarshalJSON(data []byte) error {
--- a/pkg/types/authtypes/tuple.go
+++ b/pkg/types/authtypes/tuple.go
@@ -0,0 +1,31 @@
+package authtypes
+
+import (
+	"github.com/SigNoz/signoz/pkg/valuer"
+	openfgav1 "github.com/openfga/api/proto/openfga/v1"
+)
+
+type TupleKeyAuthorization struct {
+	Tuple      *openfgav1.TupleKey
+	Authorized bool
+}
+
+func NewTuplesFromTransactions(transactions []*Transaction, subject string, orgID valuer.UUID) (map[string]*openfgav1.TupleKey, error) {
+	tuples := make(map[string]*openfgav1.TupleKey, len(transactions))
+	for _, txn := range transactions {
+		typeable, err := NewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
+		if err != nil {
+			return nil, err
+		}
+
+		txnTuples, err := typeable.Tuples(subject, txn.Relation, []Selector{txn.Object.Selector}, orgID)
+		if err != nil {
+			return nil, err
+		}
+
+		// Each transaction produces one tuple, keyed by transaction ID
+		tuples[txn.ID.StringValue()] = txnTuples[0]
+	}
+
+	return tuples, nil
+}
--- a/pkg/types/metrictypes/metrictypes.go
+++ b/pkg/types/metrictypes/metrictypes.go
@@ -2,7 +2,6 @@ package metrictypes

 import (
 	"database/sql/driver"
-	"fmt"
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
@@ -190,18 +189,17 @@ type SpaceAggregation struct {
 }

 var (
-	SpaceAggregationUnspecified    = SpaceAggregation{valuer.NewString("")}
-	SpaceAggregationSum            = SpaceAggregation{valuer.NewString("sum")}
-	SpaceAggregationAvg            = SpaceAggregation{valuer.NewString("avg")}
-	SpaceAggregationMin            = SpaceAggregation{valuer.NewString("min")}
-	SpaceAggregationMax            = SpaceAggregation{valuer.NewString("max")}
-	SpaceAggregationCount          = SpaceAggregation{valuer.NewString("count")}
-	SpaceAggregationPercentile50   = SpaceAggregation{valuer.NewString("p50")}
-	SpaceAggregationPercentile75   = SpaceAggregation{valuer.NewString("p75")}
-	SpaceAggregationPercentile90   = SpaceAggregation{valuer.NewString("p90")}
-	SpaceAggregationPercentile95   = SpaceAggregation{valuer.NewString("p95")}
-	SpaceAggregationPercentile99   = SpaceAggregation{valuer.NewString("p99")}
-	SpaceAggregationHistogramCount = SpaceAggregation{valuer.NewString("histogram_count")}
+	SpaceAggregationUnspecified  = SpaceAggregation{valuer.NewString("")}
+	SpaceAggregationSum          = SpaceAggregation{valuer.NewString("sum")}
+	SpaceAggregationAvg          = SpaceAggregation{valuer.NewString("avg")}
+	SpaceAggregationMin          = SpaceAggregation{valuer.NewString("min")}
+	SpaceAggregationMax          = SpaceAggregation{valuer.NewString("max")}
+	SpaceAggregationCount        = SpaceAggregation{valuer.NewString("count")}
+	SpaceAggregationPercentile50 = SpaceAggregation{valuer.NewString("p50")}
+	SpaceAggregationPercentile75 = SpaceAggregation{valuer.NewString("p75")}
+	SpaceAggregationPercentile90 = SpaceAggregation{valuer.NewString("p90")}
+	SpaceAggregationPercentile95 = SpaceAggregation{valuer.NewString("p95")}
+	SpaceAggregationPercentile99 = SpaceAggregation{valuer.NewString("p99")}
 )

 func (SpaceAggregation) Enum() []any {
@@ -216,7 +214,6 @@ func (SpaceAggregation) Enum() []any {
 		SpaceAggregationPercentile90,
 		SpaceAggregationPercentile95,
 		SpaceAggregationPercentile99,
-		SpaceAggregationHistogramCount,
 	}
 }

@@ -259,12 +256,3 @@ type MetricTableHints struct {
 type MetricValueFilter struct {
 	Value float64
 }
-
-type ComparisonSpaceAggregationParam struct {
-	Operater  string  `json:"operator"`
-	Threshold float64 `json:"threshold"`
-}
-
-func (param ComparisonSpaceAggregationParam) StringValue() string {
-	return fmt.Sprintf("{\"operator\": \"%s\", \"limit\": \"%f\"}", param.Operater, param.Threshold)
-}
--- a/pkg/types/querybuildertypes/querybuildertypesv5/builder_elements.go
+++ b/pkg/types/querybuildertypes/querybuildertypesv5/builder_elements.go
@@ -446,8 +446,6 @@ type MetricAggregation struct {
 	TimeAggregation metrictypes.TimeAggregation `json:"timeAggregation"`
 	// space aggregation to apply to the query
 	SpaceAggregation metrictypes.SpaceAggregation `json:"spaceAggregation"`
-	// param for space aggregation if needed
-	ComparisonSpaceAggregationParam *metrictypes.ComparisonSpaceAggregationParam `json:"comparisonSpaceAggregationParam"`
 	// table hints to use for the query
 	TableHints *metrictypes.MetricTableHints `json:"-"`
 	// value filter to apply to the query
--- a/pkg/types/roletypes/role.go
+++ b/pkg/types/roletypes/role.go
@@ -69,24 +69,29 @@ type StorableRole struct {
 type Role struct {
 	types.Identifiable
 	types.TimeAuditable
-	Name        string        `json:"name"`
-	Description string        `json:"description"`
-	Type        valuer.String `json:"type"`
-	OrgID       valuer.UUID   `json:"orgId"`
+	Name        string        `json:"name" required:"true"`
+	Description string        `json:"description" required:"true"`
+	Type        valuer.String `json:"type" required:"true"`
+	OrgID       valuer.UUID   `json:"orgId" required:"true"`
 }

 type PostableRole struct {
-	Name        string `json:"name"`
+	Name        string `json:"name" required:"true"`
 	Description string `json:"description"`
 }

 type PatchableRole struct {
-	Description *string `json:"description"`
+	Description string `json:"description" required:"true"`
 }

 type PatchableObjects struct {
-	Additions []*authtypes.Object `json:"additions"`
-	Deletions []*authtypes.Object `json:"deletions"`
+	Additions []*authtypes.Object `json:"additions" required:"true"`
+	Deletions []*authtypes.Object `json:"deletions" required:"true"`
+}
+
+type GettableResources struct {
+	Resources []*authtypes.Resource                   `json:"resources" required:"true"`
+	Relations map[authtypes.Type][]authtypes.Relation `json:"relations" required:"true"`
 }

 func NewStorableRoleFromRole(role *Role) *StorableRole {
@@ -137,15 +142,20 @@ func NewManagedRoles(orgID valuer.UUID) []*Role {

 }

-func (role *Role) PatchMetadata(description *string) error {
+func NewGettableResources(resources []*authtypes.Resource) *GettableResources {
+	return &GettableResources{
+		Resources: resources,
+		Relations: authtypes.TypeableRelations,
+	}
+}
+
+func (role *Role) PatchMetadata(description string) error {
 	err := role.CanEditDelete()
 	if err != nil {
 		return err
 	}

-	if description != nil {
-		role.Description = *description
-	}
+	role.Description = description
 	role.UpdatedAt = time.Now()
 	return nil
 }
@@ -210,7 +220,7 @@ func (role *PostableRole) UnmarshalJSON(data []byte) error {

 func (role *PatchableRole) UnmarshalJSON(data []byte) error {
 	type shadowPatchableRole struct {
-		Description *string `json:"description"`
+		Description string `json:"description"`
 	}

 	var shadowRole shadowPatchableRole
@@ -218,7 +228,7 @@ func (role *PatchableRole) UnmarshalJSON(data []byte) error {
 		return err
 	}

-	if shadowRole.Description == nil {
+	if shadowRole.Description == "" {
 		return errors.New(errors.TypeInvalidInput, ErrCodeRoleEmptyPatch, "empty role patch request received, description must be present")
 	}

--- a/tests/integration/fixtures/querier.py
+++ b/tests/integration/fixtures/querier.py
@@ -52,7 +52,6 @@ def build_builder_query(
    time_aggregation: str,
    space_aggregation: str,
    *,
-    comparisonSpaceAggregationParam: Optional[Dict] = None,
    temporality: Optional[str] = None,
    step_interval: int = DEFAULT_STEP_INTERVAL,
    group_by: Optional[List[str]] = None,
@@ -75,8 +74,7 @@ def build_builder_query(
    }
    if temporality:
        spec["aggregations"][0]["temporality"] = temporality
-    if comparisonSpaceAggregationParam:
-        spec["aggregations"][0]["comparisonSpaceAggregationParam"] = comparisonSpaceAggregationParam
+
    if group_by:
        spec["groupBy"] = [
            {
--- a/tests/integration/src/querier/08_metrics_histogram.py
+++ b/tests/integration/src/querier/08_metrics_histogram.py
@@ -1,259 +0,0 @@
-"""
-Look at the multi_temporality_counters_1h.jsonl file for the relevant data
-"""
-
-import random
-from datetime import datetime, timedelta, timezone
-from http import HTTPStatus
-from typing import Callable, List
-
-import pytest
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.metrics import Metrics
-from fixtures.querier import (
-    build_builder_query,
-    get_all_series,
-    get_series_values,
-    make_query_request,
-)
-from fixtures.utils import get_testdata_file_path
-
-FILE = get_testdata_file_path("histogram_data_1h.jsonl")
-
-@pytest.mark.parametrize(
-    "threshold, operator, first_value, last_value",
-    [
-        (1000, "<=", 11, 69),
-        (100, "<=", 1.1, 6.9),
-        (7500, "<=", 16.75, 74.75),
-        (8000, "<=", 17, 75),
-        (80000, "<=", 17, 75), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-        (1000, ">", 7, 7),
-        (100, ">", 16.9, 69.1),
-        (7500, ">", 1.25, 1.25),
-        (8000, ">", 1, 1),
-        (80000, ">", 1, 1), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-    ],
-)
-def test_histogram_count_for_one_endpoint(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_metrics: Callable[[List[Metrics]], None],
-    threshold: float,
-    operator: str,
-    first_value: float,
-    last_value: float,
-) -> None:
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-    start_ms = int((now - timedelta(minutes=65)).timestamp() * 1000)
-    end_ms = int(now.timestamp() * 1000)
-    metric_name = f"test_bucket"
-
-    metrics = Metrics.load_from_file(
-        FILE,
-        base_time=now - timedelta(minutes=60),
-        metric_name_override=metric_name,
-    )
-    insert_metrics(metrics)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    query = build_builder_query(
-        "A",
-        metric_name,
-        "rate",
-        "histogram_count",
-        comparisonSpaceAggregationParam={
-            "threshold": threshold,
-            "operator": operator
-        },
-        filter_expression='endpoint = "/health"',
-    )
-
-    response = make_query_request(signoz, token, start_ms, end_ms, [query])
-    assert response.status_code == HTTPStatus.OK
-
-    data = response.json()
-    result_values = sorted(get_series_values(data, "A"), key=lambda x: x["timestamp"])
-    assert len(result_values) == 59
-    assert result_values[0]["value"] == first_value
-    assert result_values[-1]["value"] == last_value
-
-@pytest.mark.parametrize(
-    "threshold, operator, first_value, last_value",
-    [
-        (1000, "<=", 22, 138),
-        (100, "<=", 2.2, 13.8),
-        (7500, "<=", 33.5, 149.5),
-        (8000, "<=", 34, 150),
-        (80000, "<=", 34, 150), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-        (1000, ">", 14, 14),
-        (100, ">", 33.8, 138.2),
-        (7500, ">", 2.5, 2.5),
-        (8000, ">", 2, 2),
-        (80000, ">", 2, 2), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-    ],
-)
-def test_histogram_count_for_one_service(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_metrics: Callable[[List[Metrics]], None],
-    threshold: float,
-    operator: str,
-    first_value: float,
-    last_value: float,
-) -> None:
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-    start_ms = int((now - timedelta(minutes=65)).timestamp() * 1000)
-    end_ms = int(now.timestamp() * 1000)
-    metric_name = f"test_bucket"
-
-    metrics = Metrics.load_from_file(
-        FILE,
-        base_time=now - timedelta(minutes=60),
-        metric_name_override=metric_name,
-    )
-    insert_metrics(metrics)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    query = build_builder_query(
-        "A",
-        metric_name,
-        "rate",
-        "histogram_count",
-        comparisonSpaceAggregationParam={
-            "threshold": threshold,
-            "operator": operator
-        },
-        filter_expression='service = "api"',
-    )
-
-    response = make_query_request(signoz, token, start_ms, end_ms, [query])
-    assert response.status_code == HTTPStatus.OK
-
-    data = response.json()
-    result_values = sorted(get_series_values(data, "A"), key=lambda x: x["timestamp"])
-    assert len(result_values) == 59
-    assert result_values[0]["value"] == first_value
-    assert result_values[-1]["value"] == last_value
-
-@pytest.mark.parametrize(
-    "threshold, operator, first_value, last_value",
-    [
-        (1000, "<=", 11, 69),
-        (100, "<=", 1.1, 6.9),
-        (7500, "<=", 16.75, 74.75),
-        (8000, "<=", 17, 75),
-        (80000, "<=", 17, 75), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-        (1000, ">", 7, 7),
-        (100, ">", 16.9, 69.1),
-        (7500, ">", 1.25, 1.25),
-        (8000, ">", 1, 1),
-        (80000, ">", 1, 1), ## cuz we don't know the max value in infinity, all numbers beyond the biggest finite bucket will report the same answer
-    ],
-)
-def test_histogram_count_for_delta_service(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_metrics: Callable[[List[Metrics]], None],
-    threshold: float,
-    operator: str,
-    first_value: float,
-    last_value: float,
-) -> None:
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-    start_ms = int((now - timedelta(minutes=65)).timestamp() * 1000)
-    end_ms = int(now.timestamp() * 1000)
-    metric_name = f"test_bucket"
-
-    metrics = Metrics.load_from_file(
-        FILE,
-        base_time=now - timedelta(minutes=60),
-        metric_name_override=metric_name,
-    )
-    insert_metrics(metrics)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    query = build_builder_query(
-        "A",
-        metric_name,
-        "rate",
-        "histogram_count",
-        comparisonSpaceAggregationParam={
-            "threshold": threshold,
-            "operator": operator
-        },
-        filter_expression='service = "web"',
-    )
-
-    response = make_query_request(signoz, token, start_ms, end_ms, [query])
-    assert response.status_code == HTTPStatus.OK
-
-    data = response.json()
-    result_values = sorted(get_series_values(data, "A"), key=lambda x: x["timestamp"])
-    assert len(result_values) == 60 ## in delta, the value at 10:01 will also be reported
-    assert result_values[1]["value"] == first_value ## to keep parallel to the cumulative test cases, first_value refers to the value at 10:02
-    assert result_values[-1]["value"] == last_value
-
-@pytest.mark.parametrize(
-    "threshold, operator, first_value, last_value",
-    [
-        (1000, "<=", 33, 207),
-        (100, "<=", 3.3, 20.7),
-        (7500, "<=", 50.25, 224.25),
-        (8000, "<=", 51, 225),
-        (80000, "<=", 51, 225),
-        (1000, ">", 21, 21),
-        (100, ">", 50.7, 207.3),
-        (7500, ">", 3.75, 3.75),
-        (8000, ">", 3, 3),
-        (80000, ">", 3, 3),
-    ],
-)
-def test_histogram_count_for_all_services(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_metrics: Callable[[List[Metrics]], None],
-    threshold: float,
-    operator: str,
-    first_value: float,
-    last_value: float,
-) -> None:
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-    start_ms = int((now - timedelta(minutes=65)).timestamp() * 1000)
-    end_ms = int(now.timestamp() * 1000)
-    metric_name = f"test_bucket"
-
-    metrics = Metrics.load_from_file(
-        FILE,
-        base_time=now - timedelta(minutes=60),
-        metric_name_override=metric_name,
-    )
-    insert_metrics(metrics)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-    query = build_builder_query(
-        "A",
-        metric_name,
-        "rate",
-        "histogram_count",
-        comparisonSpaceAggregationParam={
-            "threshold": threshold,
-            "operator": operator
-        },
-        ## no services filter, this tests for multitemporality handling as well
-    )
-
-    response = make_query_request(signoz, token, start_ms, end_ms, [query])
-    assert response.status_code == HTTPStatus.OK
-
-    data = response.json()
-    result_values = sorted(get_series_values(data, "A"), key=lambda x: x["timestamp"])
-    assert len(result_values) == 60
-    assert result_values[1]["value"] == first_value ## to keep parallel to the cumulative test cases, first_value refers to the value at 10:02
-    assert result_values[-1]["value"] == last_value
--- a/tests/integration/testdata/histogram_data_1h.jsonl
+++ b/tests/integration/testdata/histogram_data_1h.jsonl
Author	SHA1	Message	Date
nikhilmantri0902	ff5fcc0e98	chore: remove explicit URL decoding that causes crashes on K8s parameters	2026-02-21 11:21:37 +05:30
nikhilmantri0902	122d88c4d2	chore: fixed all failing sites where double decoding is happening in infra monitoring	2026-02-21 11:07:50 +05:30
Vikrant Gupta	0dd42ec076	feat(authz): update openapi spec (#10382 ) Some checks are pending build-staging / prepare (push) Waiting to run Details build-staging / js-build (push) Blocked by required conditions Details build-staging / go-build (push) Blocked by required conditions Details build-staging / staging (push) Blocked by required conditions Details Release Drafter / update_release_draft (push) Waiting to run Details	2026-02-20 17:06:33 +00:00
Vikrant Gupta	34ba5bab28	feat(authz): add http routes for authz (#10376 ) * feat(authz): add http routes for authz * feat(authz): update openapi spec * feat(authz): update openapi spec	2026-02-20 22:12:24 +05:30
Nityananda Gohain	678f015e0b	fix: don't send failed if empty rows (#10378 ) Some checks failed build-staging / prepare (push) Has been cancelled Details build-staging / js-build (push) Has been cancelled Details build-staging / go-build (push) Has been cancelled Details build-staging / staging (push) Has been cancelled Details Release Drafter / update_release_draft (push) Has been cancelled Details	2026-02-20 19:30:09 +05:30
Pandey	5a69f16410	refactor: remove legacy /api/gateway reverse proxy (#10374 ) ## Summary - Remove the legacy `/api/gateway` reverse proxy from `ee/query-service/integrations/gateway/` — it has been superseded by the new provider-pattern-based `pkg/gateway/` package (serving `/api/v2/gateway/ingestion_keys`) - Delete dead frontend code: manual IngestionKeys API clients and hooks that targeted the old gateway routes - Clean up `GatewayApiV1`/`GatewayApiV2` axios instances and route constants from the frontend API layer ## What's retained - `--gateway-url` flag and `GatewayUrl` field in `APIHandlerOptions` (still used by `cloudIntegrations.go`) - `pkg/gateway/` package (the new gateway provider) - `frontend/src/api/generated/services/gateway/` (generated client for the new endpoints)	2026-02-20 16:12:44 +05:30
Yunus M	07afef5c5e	fix: use derived values for url and host attributes (#10218 ) * fix: use derived values for url and host attributes * fix: update test cases to use derived attributes * fix: remove unnecessary handling of http.url and update the test cases * fix: update SpanDetailsDrawer.test.tsx to use http_url * fix: repace http_url with constant * fix: remove redudant url handling in column * fix: remove endpoint in StatusCodeBarCharts as its fetched from filters * fix: test title to use correct attribute	2026-02-20 14:20:34 +05:30