chore: revert changes in handler

fix: di in user getter module instead of user handler
feat: control visibility of root user in list user api using flagger
2026-02-23 16:59:30 +00:00 · 2026-02-23 17:09:05 +05:30 · 2026-02-22 13:06:41 +05:30 · 2026-02-20 21:32:27 +05:30
48 changed files with 378 additions and 2636 deletions
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
@@ -92,19 +92,6 @@ components:
        tokenType:
          type: string
      type: object
-    AuthtypesGettableTransaction:
-      properties:
-        authorized:
-          type: boolean
-        object:
-          $ref: '#/components/schemas/AuthtypesObject'
-        relation:
-          type: string
-      required:
-      - relation
-      - object
-      - authorized
-      type: object
    AuthtypesGoogleConfig:
      properties:
        allowedGroups:
@@ -130,8 +117,6 @@ components:
        serviceAccountJson:
          type: string
      type: object
-    AuthtypesName:
-      type: object
    AuthtypesOIDCConfig:
      properties:
        claimMapping:
@@ -149,16 +134,6 @@ components:
        issuerAlias:
          type: string
      type: object
-    AuthtypesObject:
-      properties:
-        resource:
-          $ref: '#/components/schemas/AuthtypesResource'
-        selector:
-          $ref: '#/components/schemas/AuthtypesSelector'
-      required:
-      - resource
-      - selector
-      type: object
    AuthtypesOrgSessionContext:
      properties:
        authNSupport:
@@ -196,16 +171,6 @@ components:
        refreshToken:
          type: string
      type: object
-    AuthtypesResource:
-      properties:
-        name:
-          $ref: '#/components/schemas/AuthtypesName'
-        type:
-          type: string
-      required:
-      - name
-      - type
-      type: object
    AuthtypesRoleMapping:
      properties:
        defaultRole:
@@ -231,8 +196,6 @@ components:
        samlIdp:
          type: string
      type: object
-    AuthtypesSelector:
-      type: object
    AuthtypesSessionContext:
      properties:
        exists:
@@ -243,18 +206,6 @@ components:
          nullable: true
          type: array
      type: object
-    AuthtypesTransaction:
-      properties:
-        id:
-          type: string
-        object:
-          $ref: '#/components/schemas/AuthtypesObject'
-        relation:
-          type: string
-      required:
-      - relation
-      - object
-      type: object
    AuthtypesUpdateableAuthDomain:
      properties:
        config:
@@ -326,9 +277,6 @@ components:
          type: string
        url:
          type: string
-      required:
-      - code
-      - message
      type: object
    ErrorsResponseerroradditional:
      properties:
@@ -1664,59 +1612,6 @@ components:
          $ref: '#/components/schemas/ErrorsJSON'
        status:
          type: string
-      required:
-      - status
-      - error
-      type: object
-    RoletypesGettableResources:
-      properties:
-        relations:
-          additionalProperties:
-            items:
-              type: string
-            type: array
-          nullable: true
-          type: object
-        resources:
-          items:
-            $ref: '#/components/schemas/AuthtypesResource'
-          nullable: true
-          type: array
-      required:
-      - resources
-      - relations
-      type: object
-    RoletypesPatchableObjects:
-      properties:
-        additions:
-          items:
-            $ref: '#/components/schemas/AuthtypesObject'
-          nullable: true
-          type: array
-        deletions:
-          items:
-            $ref: '#/components/schemas/AuthtypesObject'
-          nullable: true
-          type: array
-      required:
-      - additions
-      - deletions
-      type: object
-    RoletypesPatchableRole:
-      properties:
-        description:
-          type: string
-      required:
-      - description
-      type: object
-    RoletypesPostableRole:
-      properties:
-        description:
-          type: string
-        name:
-          type: string
-      required:
-      - name
      type: object
    RoletypesRole:
      properties:
@@ -1736,11 +1631,6 @@ components:
        updatedAt:
          format: date-time
          type: string
-      required:
-      - name
-      - description
-      - type
-      - orgId
      type: object
    TelemetrytypesFieldContext:
      enum:
@@ -2132,44 +2022,6 @@ info:
  version: ""
 openapi: 3.0.3
 paths:
-  /api/v1/authz/check:
-    post:
-      deprecated: false
-      description: Checks if the authenticated user has permissions for given transactions
-      operationId: AuthzCheck
-      requestBody:
-        content:
-          application/json:
-            schema:
-              items:
-                $ref: '#/components/schemas/AuthtypesTransaction'
-              type: array
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    items:
-                      $ref: '#/components/schemas/AuthtypesGettableTransaction'
-                    type: array
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      summary: Check permissions
-      tags:
-      - authz
  /api/v1/changePassword/{id}:
    post:
      deprecated: false
@@ -2242,9 +2094,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: See Other
        "400":
@@ -2283,9 +2132,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: See Other
        "400":
@@ -2349,9 +2195,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: See Other
        "400":
@@ -2446,9 +2289,6 @@ paths:
                    $ref: '#/components/schemas/DashboardtypesGettablePublicDasbhboard'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -2503,9 +2343,6 @@ paths:
                    $ref: '#/components/schemas/TypesIdentifiable'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
        "401":
@@ -2599,9 +2436,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -2649,9 +2483,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableAuthDomain'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -2848,9 +2679,6 @@ paths:
                    $ref: '#/components/schemas/TelemetrytypesGettableFieldKeys'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -2941,9 +2769,6 @@ paths:
                    $ref: '#/components/schemas/TelemetrytypesGettableFieldValues'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -2993,9 +2818,6 @@ paths:
                    $ref: '#/components/schemas/TypesResetPasswordToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -3051,9 +2873,6 @@ paths:
                    $ref: '#/components/schemas/TypesGettableGlobalConfig'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -3099,9 +2918,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -3149,9 +2965,6 @@ paths:
                    $ref: '#/components/schemas/TypesInvite'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
        "400":
@@ -3265,9 +3078,6 @@ paths:
                    $ref: '#/components/schemas/TypesInvite'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -3311,9 +3121,6 @@ paths:
                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
        "400":
@@ -3408,9 +3215,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -3509,9 +3313,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -3561,9 +3362,6 @@ paths:
                    $ref: '#/components/schemas/PreferencetypesPreference'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -3677,9 +3475,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -3727,9 +3522,6 @@ paths:
                    $ref: '#/components/schemas/TypesGettableAPIKey'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
        "400":
@@ -3897,9 +3689,6 @@ paths:
                    $ref: '#/components/schemas/DashboardtypesGettablePublicDashboardData'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -3953,9 +3742,6 @@ paths:
                    $ref: '#/components/schemas/Querybuildertypesv5QueryRangeResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4033,9 +3819,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4068,11 +3851,6 @@ paths:
      deprecated: false
      description: This endpoint creates a role
      operationId: CreateRole
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/RoletypesPostableRole'
      responses:
        "201":
          content:
@@ -4083,17 +3861,8 @@ paths:
                    $ref: '#/components/schemas/TypesIdentifiable'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
-        "400":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Bad Request
        "401":
          content:
            application/json:
@@ -4106,30 +3875,12 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
-        "409":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Conflict
-        "451":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unavailable For Legal Reasons
        "500":
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Internal Server Error
-        "501":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Implemented
      security:
      - api_key:
        - ADMIN
@@ -4168,30 +3919,12 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "451":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unavailable For Legal Reasons
        "500":
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Internal Server Error
-        "501":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Implemented
      security:
      - api_key:
        - ADMIN
@@ -4220,9 +3953,6 @@ paths:
                    $ref: '#/components/schemas/RoletypesRole'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4261,11 +3991,6 @@ paths:
        required: true
        schema:
          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/RoletypesPatchableRole'
      responses:
        "204":
          content:
@@ -4285,30 +4010,12 @@ paths:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "451":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unavailable For Legal Reasons
        "500":
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RenderErrorResponse'
          description: Internal Server Error
-        "501":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Implemented
      security:
      - api_key:
        - ADMIN
@@ -4317,208 +4024,6 @@ paths:
      summary: Patch role
      tags:
      - role
-  /api/v1/roles/{id}/relation/{relation}/objects:
-    get:
-      deprecated: false
-      description: Gets all objects connected to the specified role via a given relation
-        type
-      operationId: GetObjects
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      - in: path
-        name: relation
-        required: true
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    items:
-                      $ref: '#/components/schemas/AuthtypesObject'
-                    type: array
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "451":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unavailable For Legal Reasons
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-        "501":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Implemented
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get objects for a role by relation
-      tags:
-      - role
-    patch:
-      deprecated: false
-      description: Patches the objects connected to the specified role via a given
-        relation type
-      operationId: PatchObjects
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      - in: path
-        name: relation
-        required: true
-        schema:
-          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/RoletypesPatchableObjects'
-      responses:
-        "204":
-          content:
-            application/json:
-              schema:
-                type: string
-          description: No Content
-        "400":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Bad Request
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "451":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unavailable For Legal Reasons
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-        "501":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Implemented
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Patch objects for a role by relation
-      tags:
-      - role
-  /api/v1/roles/resources:
-    get:
-      deprecated: false
-      description: Gets all the available resources for role assignment
-      operationId: GetResources
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/RoletypesGettableResources'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get resources
-      tags:
-      - role
  /api/v1/user:
    get:
      deprecated: false
@@ -4536,9 +4041,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4633,9 +4135,6 @@ paths:
                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4695,9 +4194,6 @@ paths:
                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -4753,9 +4249,6 @@ paths:
                    $ref: '#/components/schemas/TypesUser'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4798,9 +4291,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4850,9 +4340,6 @@ paths:
                    $ref: '#/components/schemas/PreferencetypesPreference'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -4995,9 +4482,6 @@ paths:
                    type: array
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -5050,9 +4534,6 @@ paths:
                    $ref: '#/components/schemas/GatewaytypesGettableIngestionKeys'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -5100,9 +4581,6 @@ paths:
                    $ref: '#/components/schemas/GatewaytypesGettableCreatedIngestionKey'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -5241,9 +4719,6 @@ paths:
                    $ref: '#/components/schemas/GatewaytypesGettableCreatedIngestionKeyLimit'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: Created
        "401":
@@ -5385,9 +4860,6 @@ paths:
                    $ref: '#/components/schemas/GatewaytypesGettableIngestionKeys'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -5451,9 +4923,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesListMetricsResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5509,9 +4978,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesMetricAlertsResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5578,9 +5044,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesMetricAttributesResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5636,9 +5099,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesMetricDashboardsResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5695,9 +5155,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesMetricHighlightsResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5754,9 +5211,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesMetricMetadata'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5873,9 +5327,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesStatsResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5931,9 +5382,6 @@ paths:
                    $ref: '#/components/schemas/MetricsexplorertypesTreemapResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -5983,9 +5431,6 @@ paths:
                    $ref: '#/components/schemas/TypesOrganization'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "401":
@@ -6116,9 +5561,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesSessionContext'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -6156,9 +5598,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -6202,9 +5641,6 @@ paths:
                    $ref: '#/components/schemas/AuthtypesGettableToken'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -6237,9 +5673,6 @@ paths:
                    $ref: '#/components/schemas/ZeustypesGettableHost'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -6754,9 +6187,6 @@ paths:
                    $ref: '#/components/schemas/Querybuildertypesv5QueryRangeResponse'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
@@ -6811,9 +6241,6 @@ paths:
                    $ref: '#/components/schemas/Querybuildertypesv5QueryRangeRequest'
                  status:
                    type: string
-                required:
-                - status
-                - data
                type: object
          description: OK
        "400":
--- a/ee/authz/openfgaauthz/provider.go
+++ b/ee/authz/openfgaauthz/provider.go
@@ -62,6 +62,10 @@ func (provider *provider) Stop(ctx context.Context) error {
 	return provider.openfgaServer.Stop(ctx)
 }

+func (provider *provider) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
+	return provider.openfgaServer.Check(ctx, tuple)
+}
+
 func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
 	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
 }
@@ -70,8 +74,8 @@ func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Contex
 	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
 }

-func (provider *provider) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
-	return provider.openfgaServer.BatchCheck(ctx, tupleReq)
+func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
+	return provider.openfgaServer.BatchCheck(ctx, tuples)
 }

 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
@@ -183,11 +187,6 @@ func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource
 }

 func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
 	storableRole, err := provider.store.Get(ctx, orgID, id)
 	if err != nil {
 		return nil, err
@@ -199,7 +198,7 @@ func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id
 			resourceObjects, err := provider.
 				ListObjects(
 					ctx,
-					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.Name, orgID, &authtypes.RelationAssignee),
+					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
 					relation,
 					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
 				)
--- a/ee/authz/openfgaserver/server.go
+++ b/ee/authz/openfgaserver/server.go
@@ -2,10 +2,8 @@ package openfgaserver

 import (
 	"context"
-	"strconv"

 	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
@@ -30,34 +28,27 @@ func (server *Server) Stop(ctx context.Context) error {
 	return server.pkgAuthzService.Stop(ctx)
 }

+func (server *Server) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
+	return server.pkgAuthzService.Check(ctx, tuple)
+}
+
 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
 	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
 	if err != nil {
 		return err
 	}

-	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
-	for idx, tuple := range tupleSlice {
-		tuples[strconv.Itoa(idx)] = tuple
-	}
-
-	response, err := server.BatchCheck(ctx, tuples)
+	err = server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	for _, resp := range response {
-		if resp.Authorized {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+	return nil
 }

 func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
@@ -66,32 +57,21 @@ func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, o
 		return err
 	}

-	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
-	for idx, tuple := range tupleSlice {
-		tuples[strconv.Itoa(idx)] = tuple
-	}
-
-	response, err := server.BatchCheck(ctx, tuples)
+	err = server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	for _, resp := range response {
-		if resp.Authorized {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+	return nil
 }

-func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
-	return server.pkgAuthzService.BatchCheck(ctx, tupleReq)
+func (server *Server) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
+	return server.pkgAuthzService.BatchCheck(ctx, tuples)
 }

 func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
--- a/ee/modules/dashboard/impldashboard/module.go
+++ b/ee/modules/dashboard/impldashboard/module.go
@@ -220,7 +220,6 @@ func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.T
 	return map[string][]*authtypes.Transaction{
 		roletypes.SigNozAnonymousRoleName: {
 			{
-				ID:       valuer.GenerateUUID(),
 				Relation: authtypes.RelationRead,
 				Object: *authtypes.MustNewObject(
 					authtypes.Resource{
--- a/frontend/src/api/generated/services/authz/index.ts
+++ b/frontend/src/api/generated/services/authz/index.ts
@@ -1,107 +0,0 @@
-/**
- * ! Do not edit manually
- * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'yarn generate:api'
- * SigNoz
- */
-import type {
-	MutationFunction,
-	UseMutationOptions,
-	UseMutationResult,
-} from 'react-query';
-import { useMutation } from 'react-query';
-
-import { GeneratedAPIInstance } from '../../../index';
-import type {
-	AuthtypesTransactionDTO,
-	AuthzCheck200,
-	RenderErrorResponseDTO,
-} from '../sigNoz.schemas';
-
-type AwaitedInput<T> = PromiseLike<T> | T;
-
-type Awaited<O> = O extends AwaitedInput<infer T> ? T : never;
-
-/**
- * Checks if the authenticated user has permissions for given transactions
- * @summary Check permissions
- */
-export const authzCheck = (
-	authtypesTransactionDTO: AuthtypesTransactionDTO[],
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<AuthzCheck200>({
-		url: `/api/v1/authz/check`,
-		method: 'POST',
-		headers: { 'Content-Type': 'application/json' },
-		data: authtypesTransactionDTO,
-		signal,
-	});
-};
-
-export const getAuthzCheckMutationOptions = <
-	TError = RenderErrorResponseDTO,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof authzCheck>>,
-		TError,
-		{ data: AuthtypesTransactionDTO[] },
-		TContext
-	>;
-}): UseMutationOptions<
-	Awaited<ReturnType<typeof authzCheck>>,
-	TError,
-	{ data: AuthtypesTransactionDTO[] },
-	TContext
-> => {
-	const mutationKey = ['authzCheck'];
-	const { mutation: mutationOptions } = options
-		? options.mutation &&
-		  'mutationKey' in options.mutation &&
-		  options.mutation.mutationKey
-			? options
-			: { ...options, mutation: { ...options.mutation, mutationKey } }
-		: { mutation: { mutationKey } };
-
-	const mutationFn: MutationFunction<
-		Awaited<ReturnType<typeof authzCheck>>,
-		{ data: AuthtypesTransactionDTO[] }
-	> = (props) => {
-		const { data } = props ?? {};
-
-		return authzCheck(data);
-	};
-
-	return { mutationFn, ...mutationOptions };
-};
-
-export type AuthzCheckMutationResult = NonNullable<
-	Awaited<ReturnType<typeof authzCheck>>
->;
-export type AuthzCheckMutationBody = AuthtypesTransactionDTO[];
-export type AuthzCheckMutationError = RenderErrorResponseDTO;
-
-/**
- * @summary Check permissions
- */
-export const useAuthzCheck = <
-	TError = RenderErrorResponseDTO,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof authzCheck>>,
-		TError,
-		{ data: AuthtypesTransactionDTO[] },
-		TContext
-	>;
-}): UseMutationResult<
-	Awaited<ReturnType<typeof authzCheck>>,
-	TError,
-	{ data: AuthtypesTransactionDTO[] },
-	TContext
-> => {
-	const mutationOptions = getAuthzCheckMutationOptions(options);
-
-	return useMutation(mutationOptions);
-};
--- a/frontend/src/api/generated/services/role/index.ts
+++ b/frontend/src/api/generated/services/role/index.ts
@@ -21,18 +21,11 @@ import { GeneratedAPIInstance } from '../../../index';
 import type {
 	CreateRole201,
 	DeleteRolePathParameters,
-	GetObjects200,
-	GetObjectsPathParameters,
-	GetResources200,
 	GetRole200,
 	GetRolePathParameters,
 	ListRoles200,
-	PatchObjectsPathParameters,
 	PatchRolePathParameters,
 	RenderErrorResponseDTO,
-	RoletypesPatchableObjectsDTO,
-	RoletypesPatchableRoleDTO,
-	RoletypesPostableRoleDTO,
 } from '../sigNoz.schemas';

 type AwaitedInput<T> = PromiseLike<T> | T;
@@ -121,15 +114,10 @@ export const invalidateListRoles = async (
 * This endpoint creates a role
 * @summary Create role
 */
-export const createRole = (
-	roletypesPostableRoleDTO: RoletypesPostableRoleDTO,
-	signal?: AbortSignal,
-) => {
+export const createRole = (signal?: AbortSignal) => {
 	return GeneratedAPIInstance<CreateRole201>({
 		url: `/api/v1/roles`,
 		method: 'POST',
-		headers: { 'Content-Type': 'application/json' },
-		data: roletypesPostableRoleDTO,
 		signal,
 	});
 };
@@ -141,13 +129,13 @@ export const getCreateRoleMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		{ data: RoletypesPostableRoleDTO },
+		void,
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	{ data: RoletypesPostableRoleDTO },
+	void,
 	TContext
 > => {
 	const mutationKey = ['createRole'];
@@ -161,11 +149,9 @@ export const getCreateRoleMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createRole>>,
-		{ data: RoletypesPostableRoleDTO }
-	> = (props) => {
-		const { data } = props ?? {};
-
-		return createRole(data);
+		void
+	> = () => {
+		return createRole();
 	};

 	return { mutationFn, ...mutationOptions };
@@ -174,7 +160,7 @@ export const getCreateRoleMutationOptions = <
 export type CreateRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createRole>>
 >;
-export type CreateRoleMutationBody = RoletypesPostableRoleDTO;
+
 export type CreateRoleMutationError = RenderErrorResponseDTO;

 /**
@@ -187,13 +173,13 @@ export const useCreateRole = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		{ data: RoletypesPostableRoleDTO },
+		void,
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	{ data: RoletypesPostableRoleDTO },
+	void,
 	TContext
 > => {
 	const mutationOptions = getCreateRoleMutationOptions(options);
@@ -372,15 +358,10 @@ export const invalidateGetRole = async (
 * This endpoint patches a role
 * @summary Patch role
 */
-export const patchRole = (
-	{ id }: PatchRolePathParameters,
-	roletypesPatchableRoleDTO: RoletypesPatchableRoleDTO,
-) => {
+export const patchRole = ({ id }: PatchRolePathParameters) => {
 	return GeneratedAPIInstance<string>({
 		url: `/api/v1/roles/${id}`,
 		method: 'PATCH',
-		headers: { 'Content-Type': 'application/json' },
-		data: roletypesPatchableRoleDTO,
 	});
 };

@@ -391,13 +372,13 @@ export const getPatchRoleMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof patchRole>>,
 		TError,
-		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
+		{ pathParams: PatchRolePathParameters },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof patchRole>>,
 	TError,
-	{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
+	{ pathParams: PatchRolePathParameters },
 	TContext
 > => {
 	const mutationKey = ['patchRole'];
@@ -411,11 +392,11 @@ export const getPatchRoleMutationOptions = <

 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof patchRole>>,
-		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO }
+		{ pathParams: PatchRolePathParameters }
 	> = (props) => {
-		const { pathParams, data } = props ?? {};
+		const { pathParams } = props ?? {};

-		return patchRole(pathParams, data);
+		return patchRole(pathParams);
 	};

 	return { mutationFn, ...mutationOptions };
@@ -424,7 +405,7 @@ export const getPatchRoleMutationOptions = <
 export type PatchRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof patchRole>>
 >;
-export type PatchRoleMutationBody = RoletypesPatchableRoleDTO;
+
 export type PatchRoleMutationError = RenderErrorResponseDTO;

 /**
@@ -437,292 +418,16 @@ export const usePatchRole = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof patchRole>>,
 		TError,
-		{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
+		{ pathParams: PatchRolePathParameters },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof patchRole>>,
 	TError,
-	{ pathParams: PatchRolePathParameters; data: RoletypesPatchableRoleDTO },
+	{ pathParams: PatchRolePathParameters },
 	TContext
 > => {
 	const mutationOptions = getPatchRoleMutationOptions(options);

 	return useMutation(mutationOptions);
 };
-/**
- * Gets all objects connected to the specified role via a given relation type
- * @summary Get objects for a role by relation
- */
-export const getObjects = (
-	{ id, relation }: GetObjectsPathParameters,
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<GetObjects200>({
-		url: `/api/v1/roles/${id}/relation/${relation}/objects`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getGetObjectsQueryKey = ({
-	id,
-	relation,
-}: GetObjectsPathParameters) => {
-	return ['getObjects'] as const;
-};
-
-export const getGetObjectsQueryOptions = <
-	TData = Awaited<ReturnType<typeof getObjects>>,
-	TError = RenderErrorResponseDTO
->(
-	{ id, relation }: GetObjectsPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getObjects>>,
-			TError,
-			TData
-		>;
-	},
-) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey =
-		queryOptions?.queryKey ?? getGetObjectsQueryKey({ id, relation });
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof getObjects>>> = ({
-		signal,
-	}) => getObjects({ id, relation }, signal);
-
-	return {
-		queryKey,
-		queryFn,
-		enabled: !!(id && relation),
-		...queryOptions,
-	} as UseQueryOptions<Awaited<ReturnType<typeof getObjects>>, TError, TData> & {
-		queryKey: QueryKey;
-	};
-};
-
-export type GetObjectsQueryResult = NonNullable<
-	Awaited<ReturnType<typeof getObjects>>
->;
-export type GetObjectsQueryError = RenderErrorResponseDTO;
-
-/**
- * @summary Get objects for a role by relation
- */
-
-export function useGetObjects<
-	TData = Awaited<ReturnType<typeof getObjects>>,
-	TError = RenderErrorResponseDTO
->(
-	{ id, relation }: GetObjectsPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getObjects>>,
-			TError,
-			TData
-		>;
-	},
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getGetObjectsQueryOptions({ id, relation }, options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Get objects for a role by relation
- */
-export const invalidateGetObjects = async (
-	queryClient: QueryClient,
-	{ id, relation }: GetObjectsPathParameters,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getGetObjectsQueryKey({ id, relation }) },
-		options,
-	);
-
-	return queryClient;
-};
-
-/**
- * Patches the objects connected to the specified role via a given relation type
- * @summary Patch objects for a role by relation
- */
-export const patchObjects = (
-	{ id, relation }: PatchObjectsPathParameters,
-	roletypesPatchableObjectsDTO: RoletypesPatchableObjectsDTO,
-) => {
-	return GeneratedAPIInstance<string>({
-		url: `/api/v1/roles/${id}/relation/${relation}/objects`,
-		method: 'PATCH',
-		headers: { 'Content-Type': 'application/json' },
-		data: roletypesPatchableObjectsDTO,
-	});
-};
-
-export const getPatchObjectsMutationOptions = <
-	TError = RenderErrorResponseDTO,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof patchObjects>>,
-		TError,
-		{
-			pathParams: PatchObjectsPathParameters;
-			data: RoletypesPatchableObjectsDTO;
-		},
-		TContext
-	>;
-}): UseMutationOptions<
-	Awaited<ReturnType<typeof patchObjects>>,
-	TError,
-	{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO },
-	TContext
-> => {
-	const mutationKey = ['patchObjects'];
-	const { mutation: mutationOptions } = options
-		? options.mutation &&
-		  'mutationKey' in options.mutation &&
-		  options.mutation.mutationKey
-			? options
-			: { ...options, mutation: { ...options.mutation, mutationKey } }
-		: { mutation: { mutationKey } };
-
-	const mutationFn: MutationFunction<
-		Awaited<ReturnType<typeof patchObjects>>,
-		{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO }
-	> = (props) => {
-		const { pathParams, data } = props ?? {};
-
-		return patchObjects(pathParams, data);
-	};
-
-	return { mutationFn, ...mutationOptions };
-};
-
-export type PatchObjectsMutationResult = NonNullable<
-	Awaited<ReturnType<typeof patchObjects>>
->;
-export type PatchObjectsMutationBody = RoletypesPatchableObjectsDTO;
-export type PatchObjectsMutationError = RenderErrorResponseDTO;
-
-/**
- * @summary Patch objects for a role by relation
- */
-export const usePatchObjects = <
-	TError = RenderErrorResponseDTO,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof patchObjects>>,
-		TError,
-		{
-			pathParams: PatchObjectsPathParameters;
-			data: RoletypesPatchableObjectsDTO;
-		},
-		TContext
-	>;
-}): UseMutationResult<
-	Awaited<ReturnType<typeof patchObjects>>,
-	TError,
-	{ pathParams: PatchObjectsPathParameters; data: RoletypesPatchableObjectsDTO },
-	TContext
-> => {
-	const mutationOptions = getPatchObjectsMutationOptions(options);
-
-	return useMutation(mutationOptions);
-};
-/**
- * Gets all the available resources for role assignment
- * @summary Get resources
- */
-export const getResources = (signal?: AbortSignal) => {
-	return GeneratedAPIInstance<GetResources200>({
-		url: `/api/v1/roles/resources`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getGetResourcesQueryKey = () => {
-	return ['getResources'] as const;
-};
-
-export const getGetResourcesQueryOptions = <
-	TData = Awaited<ReturnType<typeof getResources>>,
-	TError = RenderErrorResponseDTO
->(options?: {
-	query?: UseQueryOptions<
-		Awaited<ReturnType<typeof getResources>>,
-		TError,
-		TData
-	>;
-}) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey = queryOptions?.queryKey ?? getGetResourcesQueryKey();
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof getResources>>> = ({
-		signal,
-	}) => getResources(signal);
-
-	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-		Awaited<ReturnType<typeof getResources>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type GetResourcesQueryResult = NonNullable<
-	Awaited<ReturnType<typeof getResources>>
->;
-export type GetResourcesQueryError = RenderErrorResponseDTO;
-
-/**
- * @summary Get resources
- */
-
-export function useGetResources<
-	TData = Awaited<ReturnType<typeof getResources>>,
-	TError = RenderErrorResponseDTO
->(options?: {
-	query?: UseQueryOptions<
-		Awaited<ReturnType<typeof getResources>>,
-		TError,
-		TData
-	>;
-}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getGetResourcesQueryOptions(options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Get resources
- */
-export const invalidateGetResources = async (
-	queryClient: QueryClient,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getGetResourcesQueryKey() },
-		options,
-	);
-
-	return queryClient;
-};
--- a/frontend/src/api/generated/services/sigNoz.schemas.ts
+++ b/frontend/src/api/generated/services/sigNoz.schemas.ts
@@ -127,18 +127,6 @@ export interface AuthtypesGettableTokenDTO {
 	tokenType?: string;
 }

-export interface AuthtypesGettableTransactionDTO {
-	/**
-	 * @type boolean
-	 */
-	authorized: boolean;
-	object: AuthtypesObjectDTO;
-	/**
-	 * @type string
-	 */
-	relation: string;
-}
-
 export type AuthtypesGoogleConfigDTODomainToAdminEmail = {
 	[key: string]: string;
 };
@@ -182,10 +170,6 @@ export interface AuthtypesGoogleConfigDTO {
 	serviceAccountJson?: string;
 }

-export interface AuthtypesNameDTO {
-	[key: string]: unknown;
-}
-
 export interface AuthtypesOIDCConfigDTO {
 	claimMapping?: AuthtypesAttributeMappingDTO;
 	/**
@@ -214,11 +198,6 @@ export interface AuthtypesOIDCConfigDTO {
 	issuerAlias?: string;
 }

-export interface AuthtypesObjectDTO {
-	resource: AuthtypesResourceDTO;
-	selector: AuthtypesSelectorDTO;
-}
-
 export interface AuthtypesOrgSessionContextDTO {
 	authNSupport?: AuthtypesAuthNSupportDTO;
 	/**
@@ -269,14 +248,6 @@ export interface AuthtypesPostableRotateTokenDTO {
 	refreshToken?: string;
 }

-export interface AuthtypesResourceDTO {
-	name: AuthtypesNameDTO;
-	/**
-	 * @type string
-	 */
-	type: string;
-}
-
 /**
 * @nullable
 */
@@ -320,10 +291,6 @@ export interface AuthtypesSamlConfigDTO {
 	samlIdp?: string;
 }

-export interface AuthtypesSelectorDTO {
-	[key: string]: unknown;
-}
-
 export interface AuthtypesSessionContextDTO {
 	/**
 	 * @type boolean
@@ -336,18 +303,6 @@ export interface AuthtypesSessionContextDTO {
 	orgs?: AuthtypesOrgSessionContextDTO[] | null;
 }

-export interface AuthtypesTransactionDTO {
-	/**
-	 * @type string
-	 */
-	id?: string;
-	object: AuthtypesObjectDTO;
-	/**
-	 * @type string
-	 */
-	relation: string;
-}
-
 export interface AuthtypesUpdateableAuthDomainDTO {
 	config?: AuthtypesAuthDomainConfigDTO;
 }
@@ -436,7 +391,7 @@ export interface ErrorsJSONDTO {
 	/**
 	 * @type string
 	 */
-	code: string;
+	code?: string;
 	/**
 	 * @type array
 	 */
@@ -444,7 +399,7 @@ export interface ErrorsJSONDTO {
 	/**
 	 * @type string
 	 */
-	message: string;
+	message?: string;
 	/**
 	 * @type string
 	 */
@@ -1985,62 +1940,11 @@ export enum Querybuildertypesv5VariableTypeDTO {
 	text = 'text',
 }
 export interface RenderErrorResponseDTO {
-	error: ErrorsJSONDTO;
+	error?: ErrorsJSONDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
-}
-
-/**
- * @nullable
- */
-export type RoletypesGettableResourcesDTORelations = {
-	[key: string]: string[];
-} | null;
-
-export interface RoletypesGettableResourcesDTO {
-	/**
-	 * @type object
-	 * @nullable true
-	 */
-	relations: RoletypesGettableResourcesDTORelations;
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	resources: AuthtypesResourceDTO[] | null;
-}
-
-export interface RoletypesPatchableObjectsDTO {
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	additions: AuthtypesObjectDTO[] | null;
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	deletions: AuthtypesObjectDTO[] | null;
-}
-
-export interface RoletypesPatchableRoleDTO {
-	/**
-	 * @type string
-	 */
-	description: string;
-}
-
-export interface RoletypesPostableRoleDTO {
-	/**
-	 * @type string
-	 */
-	description?: string;
-	/**
-	 * @type string
-	 */
-	name: string;
+	status?: string;
 }

 export interface RoletypesRoleDTO {
@@ -2052,7 +1956,7 @@ export interface RoletypesRoleDTO {
 	/**
 	 * @type string
 	 */
-	description: string;
+	description?: string;
 	/**
 	 * @type string
 	 */
@@ -2060,15 +1964,15 @@ export interface RoletypesRoleDTO {
 	/**
 	 * @type string
 	 */
-	name: string;
+	name?: string;
 	/**
 	 * @type string
 	 */
-	orgId: string;
+	orgId?: string;
 	/**
 	 * @type string
 	 */
-	type: string;
+	type?: string;
 	/**
 	 * @type string
 	 * @format date-time
@@ -2595,34 +2499,23 @@ export interface ZeustypesPostableProfileDTO {
 	where_did_you_discover_signoz: string;
 }

-export type AuthzCheck200 = {
-	/**
-	 * @type array
-	 */
-	data: AuthtypesGettableTransactionDTO[];
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type ChangePasswordPathParameters = {
 	id: string;
 };
 export type CreateSessionByGoogleCallback303 = {
-	data: AuthtypesGettableTokenDTO;
+	data?: AuthtypesGettableTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateSessionByOIDCCallback303 = {
-	data: AuthtypesGettableTokenDTO;
+	data?: AuthtypesGettableTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateSessionBySAMLCallbackParams = {
@@ -2650,11 +2543,11 @@ export type CreateSessionBySAMLCallbackBody = {
 };

 export type CreateSessionBySAMLCallback303 = {
-	data: AuthtypesGettableTokenDTO;
+	data?: AuthtypesGettableTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeletePublicDashboardPathParameters = {
@@ -2664,22 +2557,22 @@ export type GetPublicDashboardPathParameters = {
 	id: string;
 };
 export type GetPublicDashboard200 = {
-	data: DashboardtypesGettablePublicDasbhboardDTO;
+	data?: DashboardtypesGettablePublicDasbhboardDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreatePublicDashboardPathParameters = {
 	id: string;
 };
 export type CreatePublicDashboard201 = {
-	data: TypesIdentifiableDTO;
+	data?: TypesIdentifiableDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type UpdatePublicDashboardPathParameters = {
@@ -2689,19 +2582,19 @@ export type ListAuthDomains200 = {
 	/**
 	 * @type array
 	 */
-	data: AuthtypesGettableAuthDomainDTO[];
+	data?: AuthtypesGettableAuthDomainDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateAuthDomain200 = {
-	data: AuthtypesGettableAuthDomainDTO;
+	data?: AuthtypesGettableAuthDomainDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteAuthDomainPathParameters = {
@@ -2757,11 +2650,11 @@ export type GetFieldsKeysParams = {
 };

 export type GetFieldsKeys200 = {
-	data: TelemetrytypesGettableFieldKeysDTO;
+	data?: TelemetrytypesGettableFieldKeysDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetFieldsValuesParams = {
@@ -2821,49 +2714,49 @@ export type GetFieldsValuesParams = {
 };

 export type GetFieldsValues200 = {
-	data: TelemetrytypesGettableFieldValuesDTO;
+	data?: TelemetrytypesGettableFieldValuesDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetResetPasswordTokenPathParameters = {
 	id: string;
 };
 export type GetResetPasswordToken200 = {
-	data: TypesResetPasswordTokenDTO;
+	data?: TypesResetPasswordTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetGlobalConfig200 = {
-	data: TypesGettableGlobalConfigDTO;
+	data?: TypesGettableGlobalConfigDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListInvite200 = {
 	/**
 	 * @type array
 	 */
-	data: TypesInviteDTO[];
+	data?: TypesInviteDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateInvite201 = {
-	data: TypesInviteDTO;
+	data?: TypesInviteDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteInvitePathParameters = {
@@ -2873,19 +2766,19 @@ export type GetInvitePathParameters = {
 	token: string;
 };
 export type GetInvite200 = {
-	data: TypesInviteDTO;
+	data?: TypesInviteDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type AcceptInvite201 = {
-	data: TypesUserDTO;
+	data?: TypesUserDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListPromotedAndIndexedPaths200 = {
@@ -2893,33 +2786,33 @@ export type ListPromotedAndIndexedPaths200 = {
 	 * @type array
 	 * @nullable true
 	 */
-	data: PromotetypesPromotePathDTO[] | null;
+	data?: PromotetypesPromotePathDTO[] | null;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListOrgPreferences200 = {
 	/**
 	 * @type array
 	 */
-	data: PreferencetypesPreferenceDTO[];
+	data?: PreferencetypesPreferenceDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetOrgPreferencePathParameters = {
 	name: string;
 };
 export type GetOrgPreference200 = {
-	data: PreferencetypesPreferenceDTO;
+	data?: PreferencetypesPreferenceDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type UpdateOrgPreferencePathParameters = {
@@ -2929,19 +2822,19 @@ export type ListAPIKeys200 = {
 	/**
 	 * @type array
 	 */
-	data: TypesGettableAPIKeyDTO[];
+	data?: TypesGettableAPIKeyDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateAPIKey201 = {
-	data: TypesGettableAPIKeyDTO;
+	data?: TypesGettableAPIKeyDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type RevokeAPIKeyPathParameters = {
@@ -2954,11 +2847,11 @@ export type GetPublicDashboardDataPathParameters = {
 	id: string;
 };
 export type GetPublicDashboardData200 = {
-	data: DashboardtypesGettablePublicDashboardDataDTO;
+	data?: DashboardtypesGettablePublicDashboardDataDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetPublicDashboardWidgetQueryRangePathParameters = {
@@ -2966,30 +2859,30 @@ export type GetPublicDashboardWidgetQueryRangePathParameters = {
 	idx: string;
 };
 export type GetPublicDashboardWidgetQueryRange200 = {
-	data: Querybuildertypesv5QueryRangeResponseDTO;
+	data?: Querybuildertypesv5QueryRangeResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListRoles200 = {
 	/**
 	 * @type array
 	 */
-	data: RoletypesRoleDTO[];
+	data?: RoletypesRoleDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateRole201 = {
-	data: TypesIdentifiableDTO;
+	data?: TypesIdentifiableDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteRolePathParameters = {
@@ -2999,52 +2892,25 @@ export type GetRolePathParameters = {
 	id: string;
 };
 export type GetRole200 = {
-	data: RoletypesRoleDTO;
+	data?: RoletypesRoleDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type PatchRolePathParameters = {
 	id: string;
 };
-export type GetObjectsPathParameters = {
-	id: string;
-	relation: string;
-};
-export type GetObjects200 = {
-	/**
-	 * @type array
-	 */
-	data: AuthtypesObjectDTO[];
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type PatchObjectsPathParameters = {
-	id: string;
-	relation: string;
-};
-export type GetResources200 = {
-	data: RoletypesGettableResourcesDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type ListUsers200 = {
 	/**
 	 * @type array
 	 */
-	data: TypesUserDTO[];
+	data?: TypesUserDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteUserPathParameters = {
@@ -3054,52 +2920,52 @@ export type GetUserPathParameters = {
 	id: string;
 };
 export type GetUser200 = {
-	data: TypesUserDTO;
+	data?: TypesUserDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type UpdateUserPathParameters = {
 	id: string;
 };
 export type UpdateUser200 = {
-	data: TypesUserDTO;
+	data?: TypesUserDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMyUser200 = {
-	data: TypesUserDTO;
+	data?: TypesUserDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListUserPreferences200 = {
 	/**
 	 * @type array
 	 */
-	data: PreferencetypesPreferenceDTO[];
+	data?: PreferencetypesPreferenceDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetUserPreferencePathParameters = {
 	name: string;
 };
 export type GetUserPreference200 = {
-	data: PreferencetypesPreferenceDTO;
+	data?: PreferencetypesPreferenceDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type UpdateUserPreferencePathParameters = {
@@ -3109,11 +2975,11 @@ export type GetFeatures200 = {
 	/**
 	 * @type array
 	 */
-	data: FeaturetypesGettableFeatureDTO[];
+	data?: FeaturetypesGettableFeatureDTO[];
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetIngestionKeysParams = {
@@ -3130,19 +2996,19 @@ export type GetIngestionKeysParams = {
 };

 export type GetIngestionKeys200 = {
-	data: GatewaytypesGettableIngestionKeysDTO;
+	data?: GatewaytypesGettableIngestionKeysDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateIngestionKey200 = {
-	data: GatewaytypesGettableCreatedIngestionKeyDTO;
+	data?: GatewaytypesGettableCreatedIngestionKeyDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteIngestionKeyPathParameters = {
@@ -3155,11 +3021,11 @@ export type CreateIngestionKeyLimitPathParameters = {
 	keyId: string;
 };
 export type CreateIngestionKeyLimit201 = {
-	data: GatewaytypesGettableCreatedIngestionKeyLimitDTO;
+	data?: GatewaytypesGettableCreatedIngestionKeyLimitDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type DeleteIngestionKeyLimitPathParameters = {
@@ -3187,11 +3053,11 @@ export type SearchIngestionKeysParams = {
 };

 export type SearchIngestionKeys200 = {
-	data: GatewaytypesGettableIngestionKeysDTO;
+	data?: GatewaytypesGettableIngestionKeysDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ListMetricsParams = {
@@ -3220,22 +3086,22 @@ export type ListMetricsParams = {
 };

 export type ListMetrics200 = {
-	data: MetricsexplorertypesListMetricsResponseDTO;
+	data?: MetricsexplorertypesListMetricsResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricAlertsPathParameters = {
 	metricName: string;
 };
 export type GetMetricAlerts200 = {
-	data: MetricsexplorertypesMetricAlertsResponseDTO;
+	data?: MetricsexplorertypesMetricAlertsResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricAttributesPathParameters = {
@@ -3257,117 +3123,117 @@ export type GetMetricAttributesParams = {
 };

 export type GetMetricAttributes200 = {
-	data: MetricsexplorertypesMetricAttributesResponseDTO;
+	data?: MetricsexplorertypesMetricAttributesResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricDashboardsPathParameters = {
 	metricName: string;
 };
 export type GetMetricDashboards200 = {
-	data: MetricsexplorertypesMetricDashboardsResponseDTO;
+	data?: MetricsexplorertypesMetricDashboardsResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricHighlightsPathParameters = {
 	metricName: string;
 };
 export type GetMetricHighlights200 = {
-	data: MetricsexplorertypesMetricHighlightsResponseDTO;
+	data?: MetricsexplorertypesMetricHighlightsResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricMetadataPathParameters = {
 	metricName: string;
 };
 export type GetMetricMetadata200 = {
-	data: MetricsexplorertypesMetricMetadataDTO;
+	data?: MetricsexplorertypesMetricMetadataDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type UpdateMetricMetadataPathParameters = {
 	metricName: string;
 };
 export type GetMetricsStats200 = {
-	data: MetricsexplorertypesStatsResponseDTO;
+	data?: MetricsexplorertypesStatsResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMetricsTreemap200 = {
-	data: MetricsexplorertypesTreemapResponseDTO;
+	data?: MetricsexplorertypesTreemapResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetMyOrganization200 = {
-	data: TypesOrganizationDTO;
+	data?: TypesOrganizationDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetSessionContext200 = {
-	data: AuthtypesSessionContextDTO;
+	data?: AuthtypesSessionContextDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type CreateSessionByEmailPassword200 = {
-	data: AuthtypesGettableTokenDTO;
+	data?: AuthtypesGettableTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type RotateSession200 = {
-	data: AuthtypesGettableTokenDTO;
+	data?: AuthtypesGettableTokenDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type GetHosts200 = {
-	data: ZeustypesGettableHostDTO;
+	data?: ZeustypesGettableHostDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type QueryRangeV5200 = {
-	data: Querybuildertypesv5QueryRangeResponseDTO;
+	data?: Querybuildertypesv5QueryRangeResponseDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };

 export type ReplaceVariables200 = {
-	data: Querybuildertypesv5QueryRangeRequestDTO;
+	data?: Querybuildertypesv5QueryRangeRequestDTO;
 	/**
 	 * @type string
 	 */
-	status: string;
+	status?: string;
 };
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/ChartManager.styles.scss
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/ChartManager.styles.scss
@@ -1,22 +1,3 @@
-.chart-manager-series-label {
-	width: 100%;
-	min-width: 0;
-	max-width: 100%;
-	cursor: pointer;
-	border: none;
-	background-color: transparent;
-	color: inherit;
-	text-align: left;
-	padding: 0;
-	overflow: hidden;
-	text-overflow: ellipsis;
-	white-space: nowrap;
-
-	&:disabled {
-		cursor: not-allowed;
-	}
-}
-
 .chart-manager-container {
 	width: 100%;
 	max-height: calc(40% - 40px);
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/ChartManager.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/ChartManager.tsx
@@ -1,28 +1,24 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { Button, Input } from 'antd';
-import { PrecisionOption, PrecisionOptionsEnum } from 'components/Graph/types';
 import { ResizeTable } from 'components/ResizeTable';
+import { getGraphManagerTableColumns } from 'container/GridCardLayout/GridCard/FullView/TableRender/GraphManagerColumns';
+import { ExtendedChartDataset } from 'container/GridCardLayout/GridCard/FullView/types';
+import { getDefaultTableDataSet } from 'container/GridCardLayout/GridCard/FullView/utils';
 import { useNotifications } from 'hooks/useNotifications';
 import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
 import { usePlotContext } from 'lib/uPlotV2/context/PlotContext';
 import useLegendsSync from 'lib/uPlotV2/hooks/useLegendsSync';
 import { useDashboard } from 'providers/Dashboard/Dashboard';

-import { getChartManagerColumns } from './getChartMangerColumns';
-import { ExtendedChartDataset, getDefaultTableDataSet } from './utils';
-
 import './ChartManager.styles.scss';

 interface ChartManagerProps {
 	config: UPlotConfigBuilder;
 	alignedData: uPlot.AlignedData;
 	yAxisUnit?: string;
-	decimalPrecision?: PrecisionOption;
 	onCancel?: () => void;
 }

-const X_AXIS_INDEX = 0;
-
 /**
 * ChartManager provides a tabular view to manage the visibility of
 * individual series on a uPlot chart.
@@ -32,12 +28,16 @@ const X_AXIS_INDEX = 0;
 * - filter series by label
 * - toggle individual series on/off
 * - persist the visibility configuration to local storage.
+ *
+ * @param config - `UPlotConfigBuilder` instance used to derive chart options.
+ * @param alignedData - uPlot aligned data used to build the initial table dataset.
+ * @param yAxisUnit - Optional unit label for Y-axis values shown in the table.
+ * @param onCancel - Optional callback invoked when the user cancels the dialog.
 */
 export default function ChartManager({
 	config,
 	alignedData,
 	yAxisUnit,
-	decimalPrecision = PrecisionOptionsEnum.TWO,
 	onCancel,
 }: ChartManagerProps): JSX.Element {
 	const { notifications } = useNotifications();
@@ -53,13 +53,8 @@ export default function ChartManager({
 	const { isDashboardLocked } = useDashboard();

 	const [tableDataSet, setTableDataSet] = useState<ExtendedChartDataset[]>(() =>
-		getDefaultTableDataSet(
-			config.getConfig() as uPlot.Options,
-			alignedData,
-			decimalPrecision,
-		),
+		getDefaultTableDataSet(config.getConfig() as uPlot.Options, alignedData),
 	);
-	const [filterValue, setFilterValue] = useState('');

 	const graphVisibilityState = useMemo(
 		() =>
@@ -72,62 +67,46 @@ export default function ChartManager({

 	useEffect(() => {
 		setTableDataSet(
-			getDefaultTableDataSet(
-				config.getConfig() as uPlot.Options,
-				alignedData,
-				decimalPrecision,
-			),
+			getDefaultTableDataSet(config.getConfig() as uPlot.Options, alignedData),
 		);
-		setFilterValue('');
-	}, [alignedData, config, decimalPrecision]);
+	}, [alignedData, config]);

-	const handleFilterChange = useCallback(
-		(e: React.ChangeEvent<HTMLInputElement>): void => {
-			setFilterValue(e.target.value.toLowerCase());
+	const filterHandler = useCallback(
+		(event: React.ChangeEvent<HTMLInputElement>): void => {
+			const value = event.target.value.toString().toLowerCase();
+			const updatedDataSet = tableDataSet.map((item) => {
+				if (item.label?.toLocaleLowerCase().includes(value)) {
+					return { ...item, show: true };
+				}
+				return { ...item, show: false };
+			});
+			setTableDataSet(updatedDataSet);
 		},
-		[],
+		[tableDataSet],
 	);

-	const handleToggleSeriesOnOff = useCallback(
-		(index: number): void => {
-			onToggleSeriesOnOff(index);
-		},
-		[onToggleSeriesOnOff],
+	const dataSource = useMemo(
+		() =>
+			tableDataSet.filter(
+				(item, index) => index !== 0 && item.show, // skipping the first item as it is the x-axis
+			),
+		[tableDataSet],
 	);

-	const dataSource = useMemo(() => {
-		const filter = filterValue.trim();
-		return tableDataSet.filter((item, index) => {
-			if (index === X_AXIS_INDEX) {
-				return false;
-			}
-			if (!filter) {
-				return true;
-			}
-			return item.label?.toLowerCase().includes(filter) ?? false;
-		});
-	}, [tableDataSet, filterValue]);
-
 	const columns = useMemo(
 		() =>
-			getChartManagerColumns({
+			getGraphManagerTableColumns({
 				tableDataSet,
+				checkBoxOnChangeHandler: (_e, index) => {
+					onToggleSeriesOnOff(index);
+				},
 				graphVisibilityState,
-				onToggleSeriesOnOff: handleToggleSeriesOnOff,
-				onToggleSeriesVisibility,
+				labelClickedHandler: onToggleSeriesVisibility,
 				yAxisUnit,
 				isGraphDisabled: isDashboardLocked,
-				decimalPrecision,
 			}),
-		[
-			tableDataSet,
-			graphVisibilityState,
-			handleToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-			yAxisUnit,
-			isDashboardLocked,
-			decimalPrecision,
-		],
+		// eslint-disable-next-line react-hooks/exhaustive-deps
+		[tableDataSet, graphVisibilityState, yAxisUnit, isDashboardLocked],
 	);

 	const handleSave = useCallback((): void => {
@@ -135,18 +114,15 @@ export default function ChartManager({
 		notifications.success({
 			message: 'The updated graphs & legends are saved',
 		});
-		onCancel?.();
+		if (onCancel) {
+			onCancel();
+		}
 	}, [syncSeriesVisibilityToLocalStorage, notifications, onCancel]);

 	return (
 		<div className="chart-manager-container">
 			<div className="chart-manager-header">
-				<Input
-					placeholder="Filter Series"
-					value={filterValue}
-					onChange={handleFilterChange}
-					data-testid="filter-input"
-				/>
+				<Input onChange={filterHandler} placeholder="Filter Series" />
 				<div className="chart-manager-actions-container">
 					<Button type="default" onClick={onCancel}>
 						Cancel
@@ -160,10 +136,10 @@ export default function ChartManager({
 				<ResizeTable
 					columns={columns}
 					dataSource={dataSource}
+					virtual
 					rowKey="index"
 					scroll={{ y: 200 }}
 					pagination={false}
-					virtual
 				/>
 			</div>
 		</div>
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/SeriesLabel.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/SeriesLabel.tsx
@@ -1,31 +0,0 @@
-import { Tooltip } from 'antd';
-
-import './ChartManager.styles.scss';
-
-interface SeriesLabelProps {
-	label: string;
-	labelIndex: number;
-	onClick: (idx: number) => void;
-	disabled?: boolean;
-}
-
-export function SeriesLabel({
-	label,
-	labelIndex,
-	onClick,
-	disabled,
-}: SeriesLabelProps): JSX.Element {
-	return (
-		<Tooltip placement="topLeft" title={label}>
-			<button
-				className="chart-manager-series-label"
-				disabled={disabled}
-				type="button"
-				data-testid={`series-label-button-${labelIndex}`}
-				onClick={(): void => onClick(labelIndex)}
-			>
-				{label}
-			</button>
-		</Tooltip>
-	);
-}
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/ChartManager.test.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/ChartManager.test.tsx
@@ -1,172 +0,0 @@
-import userEvent from '@testing-library/user-event';
-import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
-import { render, screen } from 'tests/test-utils';
-
-import ChartManager from '../ChartManager';
-
-const mockSyncSeriesVisibilityToLocalStorage = jest.fn();
-const mockNotificationsSuccess = jest.fn();
-
-jest.mock('lib/uPlotV2/context/PlotContext', () => ({
-	usePlotContext: (): {
-		onToggleSeriesOnOff: jest.Mock;
-		onToggleSeriesVisibility: jest.Mock;
-		syncSeriesVisibilityToLocalStorage: jest.Mock;
-	} => ({
-		onToggleSeriesOnOff: jest.fn(),
-		onToggleSeriesVisibility: jest.fn(),
-		syncSeriesVisibilityToLocalStorage: mockSyncSeriesVisibilityToLocalStorage,
-	}),
-}));
-
-jest.mock('lib/uPlotV2/hooks/useLegendsSync', () => ({
-	__esModule: true,
-	default: (): {
-		legendItemsMap: { [key: number]: { show: boolean; label: string } };
-	} => ({
-		legendItemsMap: {
-			0: { show: true, label: 'Time' },
-			1: { show: true, label: 'Series 1' },
-			2: { show: true, label: 'Series 2' },
-		},
-	}),
-}));
-
-jest.mock('providers/Dashboard/Dashboard', () => ({
-	useDashboard: (): { isDashboardLocked: boolean } => ({
-		isDashboardLocked: false,
-	}),
-}));
-
-jest.mock('hooks/useNotifications', () => ({
-	useNotifications: (): { notifications: { success: jest.Mock } } => ({
-		notifications: {
-			success: mockNotificationsSuccess,
-		},
-	}),
-}));
-
-jest.mock('components/ResizeTable', () => {
-	const MockTable = ({
-		dataSource,
-		columns,
-	}: {
-		dataSource: { index: number; label?: string }[];
-		columns: { key: string; title: string }[];
-	}): JSX.Element => (
-		<div data-testid="resize-table">
-			{columns.map((col) => (
-				<span key={col.key}>{col.title}</span>
-			))}
-			{dataSource.map((row) => (
-				<div key={row.index} data-testid={`row-${row.index}`}>
-					{row.label}
-				</div>
-			))}
-		</div>
-	);
-	return { ResizeTable: MockTable };
-});
-
-const createMockConfig = (): { getConfig: () => uPlot.Options } => ({
-	getConfig: (): uPlot.Options => ({
-		width: 100,
-		height: 100,
-		series: [
-			{ label: 'Time', value: 'time' },
-			{ label: 'Series 1', scale: 'y' },
-			{ label: 'Series 2', scale: 'y' },
-		],
-	}),
-});
-
-const createAlignedData = (): uPlot.AlignedData => [
-	[1000, 2000, 3000],
-	[10, 20, 30],
-	[1, 2, 3],
-];
-
-describe('ChartManager', () => {
-	const mockOnCancel = jest.fn();
-
-	beforeEach(() => {
-		jest.clearAllMocks();
-	});
-
-	it('renders filter input and action buttons', () => {
-		render(
-			<ChartManager
-				config={createMockConfig() as any}
-				alignedData={createAlignedData()}
-				onCancel={mockOnCancel}
-			/>,
-		);
-
-		expect(screen.getByPlaceholderText('Filter Series')).toBeInTheDocument();
-		expect(screen.getByRole('button', { name: /Cancel/ })).toBeInTheDocument();
-		expect(screen.getByRole('button', { name: /Save/ })).toBeInTheDocument();
-	});
-
-	it('renders ResizeTable with data', () => {
-		render(
-			<ChartManager
-				config={createMockConfig() as UPlotConfigBuilder}
-				alignedData={createAlignedData()}
-			/>,
-		);
-
-		expect(screen.getByTestId('resize-table')).toBeInTheDocument();
-	});
-
-	it('calls onCancel when Cancel button is clicked', async () => {
-		render(
-			<ChartManager
-				config={createMockConfig() as UPlotConfigBuilder}
-				alignedData={createAlignedData()}
-				onCancel={mockOnCancel}
-			/>,
-		);
-
-		await userEvent.click(screen.getByRole('button', { name: /Cancel/ }));
-
-		expect(mockOnCancel).toHaveBeenCalledTimes(1);
-	});
-
-	it('filters table data when typing in filter input', async () => {
-		render(
-			<ChartManager
-				config={createMockConfig() as UPlotConfigBuilder}
-				alignedData={createAlignedData()}
-			/>,
-		);
-
-		// Before filter: both Series 1 and Series 2 rows are visible
-		expect(screen.getByTestId('row-1')).toBeInTheDocument();
-		expect(screen.getByTestId('row-2')).toBeInTheDocument();
-
-		const filterInput = screen.getByTestId('filter-input');
-		await userEvent.type(filterInput, 'Series 1');
-
-		// After filter: only Series 1 row is visible, Series 2 row is filtered out
-		expect(screen.getByTestId('row-1')).toBeInTheDocument();
-		expect(screen.queryByTestId('row-2')).not.toBeInTheDocument();
-	});
-
-	it('calls syncSeriesVisibilityToLocalStorage, notifications.success, and onCancel when Save is clicked', async () => {
-		render(
-			<ChartManager
-				config={createMockConfig() as UPlotConfigBuilder}
-				alignedData={createAlignedData()}
-				onCancel={mockOnCancel}
-			/>,
-		);
-
-		await userEvent.click(screen.getByRole('button', { name: /Save/ }));
-
-		expect(mockSyncSeriesVisibilityToLocalStorage).toHaveBeenCalledTimes(1);
-		expect(mockNotificationsSuccess).toHaveBeenCalledWith({
-			message: 'The updated graphs & legends are saved',
-		});
-		expect(mockOnCancel).toHaveBeenCalledTimes(1);
-	});
-});
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/SeriesLabel.test.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/SeriesLabel.test.tsx
@@ -1,39 +0,0 @@
-import userEvent from '@testing-library/user-event';
-import { render, screen } from 'tests/test-utils';
-
-import { SeriesLabel } from '../SeriesLabel';
-
-describe('SeriesLabel', () => {
-	it('renders the label text', () => {
-		render(
-			<SeriesLabel label="Test Series Label" labelIndex={1} onClick={jest.fn()} />,
-		);
-		expect(screen.getByTestId('series-label-button-1')).toHaveTextContent(
-			'Test Series Label',
-		);
-	});
-
-	it('calls onClick with labelIndex when clicked', async () => {
-		const onClick = jest.fn();
-		render(<SeriesLabel label="Series A" labelIndex={2} onClick={onClick} />);
-
-		await userEvent.click(screen.getByTestId('series-label-button-2'));
-
-		expect(onClick).toHaveBeenCalledWith(2);
-		expect(onClick).toHaveBeenCalledTimes(1);
-	});
-
-	it('renders disabled button when disabled prop is true', () => {
-		render(
-			<SeriesLabel label="Disabled" labelIndex={0} onClick={jest.fn()} disabled />,
-		);
-		const button = screen.getByTestId('series-label-button-0');
-		expect(button).toBeDisabled();
-	});
-
-	it('has chart-manager-series-label class', () => {
-		render(<SeriesLabel label="Label" labelIndex={0} onClick={jest.fn()} />);
-		const button = screen.getByTestId('series-label-button-0');
-		expect(button).toHaveClass('chart-manager-series-label');
-	});
-});
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/getChartManagerColumns.test.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/getChartManagerColumns.test.tsx
@@ -1,167 +0,0 @@
-import { render } from '@testing-library/react';
-import { Y_AXIS_UNIT_NAMES } from 'components/YAxisUnitSelector/constants';
-import { UniversalYAxisUnit } from 'components/YAxisUnitSelector/types';
-
-import { getChartManagerColumns } from '../getChartMangerColumns';
-import { ExtendedChartDataset } from '../utils';
-
-const createMockDataset = (
-	index: number,
-	overrides: Partial<ExtendedChartDataset> = {},
-): ExtendedChartDataset =>
-	({
-		index,
-		label: `Series ${index}`,
-		show: true,
-		sum: 100,
-		avg: 50,
-		min: 10,
-		max: 90,
-		stroke: '#ff0000',
-		...overrides,
-	} as ExtendedChartDataset);
-
-describe('getChartManagerColumns', () => {
-	const tableDataSet: ExtendedChartDataset[] = [
-		createMockDataset(0, { label: 'Time' }),
-		createMockDataset(1),
-		createMockDataset(2),
-	];
-	const graphVisibilityState = [true, true, false];
-	const onToggleSeriesOnOff = jest.fn();
-	const onToggleSeriesVisibility = jest.fn();
-
-	beforeEach(() => {
-		jest.clearAllMocks();
-	});
-
-	it('returns columns with expected structure', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-		});
-
-		expect(columns).toHaveLength(6);
-		expect(columns[0].key).toBe('index');
-		expect(columns[1].key).toBe('label');
-		expect(columns[2].key).toBe('avg');
-		expect(columns[3].key).toBe('sum');
-		expect(columns[4].key).toBe('max');
-		expect(columns[5].key).toBe('min');
-	});
-
-	it('includes Label column with title', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-		});
-
-		const labelCol = columns.find((c) => c.key === 'label');
-		expect(labelCol!.title).toBe('Label');
-	});
-
-	it('formats column titles with yAxisUnit', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-			yAxisUnit: 'ms',
-		});
-
-		const avgCol = columns.find((c) => c.key === 'avg');
-		expect(avgCol!.title).toBe(
-			`Avg (in ${Y_AXIS_UNIT_NAMES[UniversalYAxisUnit.MILLISECONDS]})`,
-		);
-	});
-
-	it('numeric column render returns formatted string with yAxisUnit', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-			yAxisUnit: 'ms',
-		});
-
-		const avgCol = columns.find((c) => c.key === 'avg');
-		const renderFn = avgCol?.render as
-			| ((val: number, record: ExtendedChartDataset, index: number) => string)
-			| undefined;
-		expect(renderFn).toBeDefined();
-		const output = renderFn!(123.45, tableDataSet[1], 1);
-		expect(output).toBe('123.45 ms');
-	});
-
-	it('numeric column render formats zero when value is undefined', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-			yAxisUnit: 'none',
-		});
-
-		const sumCol = columns.find((c) => c.key === 'sum');
-		const renderFn = sumCol?.render as
-			| ((
-					val: number | undefined,
-					record: ExtendedChartDataset,
-					index: number,
-			  ) => string)
-			| undefined;
-		const output = renderFn!(undefined, tableDataSet[1], 1);
-		expect(output).toBe('0');
-	});
-
-	it('label column render displays label text and is clickable', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-		});
-
-		const labelCol = columns.find((c) => c.key === 'label');
-		const renderFn = labelCol!.render as
-			| ((
-					label: string,
-					record: ExtendedChartDataset,
-					index: number,
-			  ) => JSX.Element)
-			| undefined;
-		expect(renderFn).toBeDefined();
-		const renderResult = renderFn!('Series 1', tableDataSet[1], 1);
-
-		const { getByRole } = render(renderResult);
-		expect(getByRole('button', { name: 'Series 1' })).toBeInTheDocument();
-	});
-
-	it('index column render renders checkbox with correct checked state', () => {
-		const columns = getChartManagerColumns({
-			tableDataSet,
-			graphVisibilityState,
-			onToggleSeriesOnOff,
-			onToggleSeriesVisibility,
-		});
-
-		const indexCol = columns.find((c) => c.key === 'index');
-		const renderFn = indexCol!.render as
-			| ((
-					_val: unknown,
-					record: ExtendedChartDataset,
-					index: number,
-			  ) => JSX.Element)
-			| undefined;
-		expect(renderFn).toBeDefined();
-		const { container } = render(renderFn!(null, tableDataSet[1], 1));
-
-		const checkbox = container.querySelector('input[type="checkbox"]');
-		expect(checkbox).toBeInTheDocument();
-		expect(checkbox).toBeChecked(); // graphVisibilityState[1] is true
-	});
-});
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/utils.test.ts
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/tests/utils.test.ts
@@ -1,113 +0,0 @@
-import { PrecisionOptionsEnum } from 'components/Graph/types';
-
-import {
-	formatTableValueWithUnit,
-	getDefaultTableDataSet,
-	getTableColumnTitle,
-} from '../utils';
-
-describe('ChartManager utils', () => {
-	describe('getDefaultTableDataSet', () => {
-		const createOptions = (seriesCount: number): uPlot.Options => ({
-			series: Array.from({ length: seriesCount }, (_, i) =>
-				i === 0
-					? { label: 'Time', value: 'time' }
-					: { label: `Series ${i}`, scale: 'y' },
-			),
-			width: 100,
-			height: 100,
-		});
-
-		it('returns one row per series with computed stats', () => {
-			const options = createOptions(3);
-			const data: uPlot.AlignedData = [
-				[1000, 2000, 3000],
-				[10, 20, 30],
-				[1, 2, 3],
-			];
-
-			const result = getDefaultTableDataSet(options, data);
-
-			expect(result).toHaveLength(3);
-			expect(result[0]).toMatchObject({
-				index: 0,
-				label: 'Time',
-				show: true,
-			});
-			expect(result[1]).toMatchObject({
-				index: 1,
-				label: 'Series 1',
-				show: true,
-				sum: 60,
-				avg: 20,
-				max: 30,
-				min: 10,
-			});
-			expect(result[2]).toMatchObject({
-				index: 2,
-				label: 'Series 2',
-				show: true,
-				sum: 6,
-				avg: 2,
-				max: 3,
-				min: 1,
-			});
-		});
-
-		it('handles empty data arrays', () => {
-			const options = createOptions(2);
-			const data: uPlot.AlignedData = [[], []];
-
-			const result = getDefaultTableDataSet(options, data);
-
-			expect(result[0]).toMatchObject({
-				sum: 0,
-				avg: 0,
-				max: 0,
-				min: 0,
-			});
-		});
-
-		it('respects decimalPrecision parameter', () => {
-			const options = createOptions(2);
-			const data: uPlot.AlignedData = [[1000], [123.454]];
-
-			const resultTwo = getDefaultTableDataSet(
-				options,
-				data,
-				PrecisionOptionsEnum.TWO,
-			);
-			expect(resultTwo[1].avg).toBe(123.45);
-
-			const resultZero = getDefaultTableDataSet(
-				options,
-				data,
-				PrecisionOptionsEnum.ZERO,
-			);
-			expect(resultZero[1].avg).toBe(123);
-		});
-	});
-
-	describe('formatTableValueWithUnit', () => {
-		it('formats value with unit', () => {
-			const result = formatTableValueWithUnit(1234.56, 'ms');
-			expect(result).toBe('1.23 s');
-		});
-
-		it('falls back to none format when yAxisUnit is undefined', () => {
-			const result = formatTableValueWithUnit(123.45);
-			expect(result).toBe('123.45');
-		});
-	});
-
-	describe('getTableColumnTitle', () => {
-		it('returns title only when yAxisUnit is undefined', () => {
-			expect(getTableColumnTitle('Avg')).toBe('Avg');
-		});
-
-		it('returns title with unit when yAxisUnit is provided', () => {
-			const result = getTableColumnTitle('Avg', 'ms');
-			expect(result).toBe('Avg (in Milliseconds (ms))');
-		});
-	});
-});
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/getChartMangerColumns.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/getChartMangerColumns.tsx
@@ -1,94 +0,0 @@
-import { ColumnType } from 'antd/es/table';
-import { PrecisionOption, PrecisionOptionsEnum } from 'components/Graph/types';
-import CustomCheckBox from 'container/GridCardLayout/GridCard/FullView/TableRender/CustomCheckBox';
-
-import { SeriesLabel } from './SeriesLabel';
-import {
-	ExtendedChartDataset,
-	formatTableValueWithUnit,
-	getTableColumnTitle,
-} from './utils';
-
-export interface GetChartManagerColumnsParams {
-	tableDataSet: ExtendedChartDataset[];
-	graphVisibilityState: boolean[];
-	onToggleSeriesOnOff: (index: number) => void;
-	onToggleSeriesVisibility: (index: number) => void;
-	yAxisUnit?: string;
-	decimalPrecision?: PrecisionOption;
-	isGraphDisabled?: boolean;
-}
-
-export function getChartManagerColumns({
-	tableDataSet,
-	graphVisibilityState,
-	onToggleSeriesOnOff,
-	onToggleSeriesVisibility,
-	yAxisUnit,
-	decimalPrecision = PrecisionOptionsEnum.TWO,
-	isGraphDisabled,
-}: GetChartManagerColumnsParams): ColumnType<ExtendedChartDataset>[] {
-	return [
-		{
-			title: '',
-			width: 50,
-			dataIndex: 'index',
-			key: 'index',
-			render: (_: unknown, record: ExtendedChartDataset): JSX.Element => (
-				<CustomCheckBox
-					data={tableDataSet}
-					graphVisibilityState={graphVisibilityState}
-					index={record.index}
-					disabled={isGraphDisabled}
-					checkBoxOnChangeHandler={(_e, idx): void => onToggleSeriesOnOff(idx)}
-				/>
-			),
-		},
-		{
-			title: 'Label',
-			width: 300,
-			dataIndex: 'label',
-			key: 'label',
-			render: (label: string, record: ExtendedChartDataset): JSX.Element => (
-				<SeriesLabel
-					label={label ?? ''}
-					labelIndex={record.index}
-					disabled={isGraphDisabled}
-					onClick={onToggleSeriesVisibility}
-				/>
-			),
-		},
-		{
-			title: getTableColumnTitle('Avg', yAxisUnit),
-			width: 90,
-			dataIndex: 'avg',
-			key: 'avg',
-			render: (val: number | undefined): string =>
-				formatTableValueWithUnit(val ?? 0, yAxisUnit, decimalPrecision),
-		},
-		{
-			title: getTableColumnTitle('Sum', yAxisUnit),
-			width: 90,
-			dataIndex: 'sum',
-			key: 'sum',
-			render: (val: number | undefined): string =>
-				formatTableValueWithUnit(val ?? 0, yAxisUnit, decimalPrecision),
-		},
-		{
-			title: getTableColumnTitle('Max', yAxisUnit),
-			width: 90,
-			dataIndex: 'max',
-			key: 'max',
-			render: (val: number | undefined): string =>
-				formatTableValueWithUnit(val ?? 0, yAxisUnit, decimalPrecision),
-		},
-		{
-			title: getTableColumnTitle('Min', yAxisUnit),
-			width: 90,
-			dataIndex: 'min',
-			key: 'min',
-			render: (val: number | undefined): string =>
-				formatTableValueWithUnit(val ?? 0, yAxisUnit, decimalPrecision),
-		},
-	];
-}
--- a/frontend/src/container/DashboardContainer/visualization/components/ChartManager/utils.ts
+++ b/frontend/src/container/DashboardContainer/visualization/components/ChartManager/utils.ts
@@ -1,93 +0,0 @@
-import { PrecisionOption, PrecisionOptionsEnum } from 'components/Graph/types';
-import { getYAxisFormattedValue } from 'components/Graph/yAxisConfig';
-import { Y_AXIS_UNIT_NAMES } from 'components/YAxisUnitSelector/constants';
-import uPlot from 'uplot';
-
-/** Extended series with computed stats for table display */
-export type ExtendedChartDataset = uPlot.Series & {
-	show: boolean;
-	sum: number;
-	avg: number;
-	min: number;
-	max: number;
-	index: number;
-};
-
-function roundToDecimalPrecision(
-	value: number,
-	decimalPrecision: PrecisionOption = PrecisionOptionsEnum.TWO,
-): number {
-	if (
-		typeof value !== 'number' ||
-		Number.isNaN(value) ||
-		value === Infinity ||
-		value === -Infinity
-	) {
-		return 0;
-	}
-
-	if (decimalPrecision === PrecisionOptionsEnum.FULL) {
-		return value;
-	}
-
-	// regex to match the decimal precision for the given decimal precision
-	const regex = new RegExp(`^-?\\d*\\.?0*\\d{0,${decimalPrecision}}`);
-	const matched = value ? value.toFixed(decimalPrecision).match(regex) : null;
-	return matched ? parseFloat(matched[0]) : 0;
-}
-
-/** Build table dataset from uPlot options and aligned data */
-export function getDefaultTableDataSet(
-	options: uPlot.Options,
-	data: uPlot.AlignedData,
-	decimalPrecision: PrecisionOption = PrecisionOptionsEnum.TWO,
-): ExtendedChartDataset[] {
-	return options.series.map(
-		(series: uPlot.Series, index: number): ExtendedChartDataset => {
-			const arr = (data[index] as number[]) ?? [];
-			const sum = arr.reduce((a, b) => a + b, 0) || 0;
-			const count = arr.length || 1;
-
-			const hasValues = arr.length > 0;
-			return {
-				...series,
-				index,
-				show: true,
-				sum: roundToDecimalPrecision(sum, decimalPrecision),
-				avg: roundToDecimalPrecision(sum / count, decimalPrecision),
-				max: hasValues
-					? roundToDecimalPrecision(Math.max(...arr), decimalPrecision)
-					: 0,
-				min: hasValues
-					? roundToDecimalPrecision(Math.min(...arr), decimalPrecision)
-					: 0,
-			};
-		},
-	);
-}
-
-/** Format numeric value for table display using yAxisUnit */
-export function formatTableValueWithUnit(
-	value: number,
-	yAxisUnit?: string,
-	decimalPrecision: PrecisionOption = PrecisionOptionsEnum.TWO,
-): string {
-	return `${getYAxisFormattedValue(
-		String(value),
-		yAxisUnit ?? 'none',
-		decimalPrecision,
-	)}`;
-}
-
-/** Format column header with optional unit */
-export function getTableColumnTitle(title: string, yAxisUnit?: string): string {
-	if (!yAxisUnit) {
-		return title;
-	}
-	const universalName =
-		Y_AXIS_UNIT_NAMES[yAxisUnit as keyof typeof Y_AXIS_UNIT_NAMES];
-	if (!universalName) {
-		return `${title} (in ${yAxisUnit})`;
-	}
-	return `${title} (in ${universalName})`;
-}
--- a/frontend/src/container/DashboardContainer/visualization/panels/BarPanel/BarPanel.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/panels/BarPanel/BarPanel.tsx
@@ -96,7 +96,6 @@ function BarPanel(props: PanelWrapperProps): JSX.Element {
 				config={config}
 				alignedData={chartData}
 				yAxisUnit={widget.yAxisUnit}
-				decimalPrecision={widget.decimalPrecision}
 				onCancel={onToggleModelHandler}
 			/>
 		);
@@ -106,7 +105,6 @@ function BarPanel(props: PanelWrapperProps): JSX.Element {
 		chartData,
 		widget.yAxisUnit,
 		onToggleModelHandler,
-		widget.decimalPrecision,
 	]);

 	const onPlotDestroy = useCallback(() => {
--- a/frontend/src/container/DashboardContainer/visualization/panels/TimeSeriesPanel/TimeSeriesPanel.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/panels/TimeSeriesPanel/TimeSeriesPanel.tsx
@@ -95,7 +95,6 @@ function TimeSeriesPanel(props: PanelWrapperProps): JSX.Element {
 				config={config}
 				alignedData={chartData}
 				yAxisUnit={widget.yAxisUnit}
-				decimalPrecision={widget.decimalPrecision}
 				onCancel={onToggleModelHandler}
 			/>
 		);
@@ -105,7 +104,6 @@ function TimeSeriesPanel(props: PanelWrapperProps): JSX.Element {
 		chartData,
 		widget.yAxisUnit,
 		onToggleModelHandler,
-		widget.decimalPrecision,
 	]);

 	return (
--- a/frontend/src/container/ForgotPassword/index.tsx
+++ b/frontend/src/container/ForgotPassword/index.tsx
@@ -48,9 +48,7 @@ function ForgotPassword({
 		}

 		try {
-			ErrorResponseHandlerV2(
-				(mutationError as unknown) as AxiosError<ErrorV2Resp>,
-			);
+			ErrorResponseHandlerV2(mutationError as AxiosError<ErrorV2Resp>);
 		} catch (apiError) {
 			return apiError as APIError;
 		}
--- a/frontend/src/container/InfraMonitoringHosts/HostsListTable.tsx
+++ b/frontend/src/container/InfraMonitoringHosts/HostsListTable.tsx
@@ -178,9 +178,7 @@ export default function HostsListTable({
 				indicator: <Spin indicator={<LoadingOutlined size={14} spin />} />,
 			}}
 			tableLayout="fixed"
-			rowKey={(record): string =>
-				(record as HostRowData & { key: string }).key ?? record.hostName
-			}
+			rowKey={(record): string => record.hostName}
 			onChange={handleTableChange}
 			onRow={(record): { onClick: () => void; className: string } => ({
 				onClick: (): void => handleRowClick(record),
--- a/frontend/src/container/InfraMonitoringHosts/InfraMonitoring.styles.scss
+++ b/frontend/src/container/InfraMonitoringHosts/InfraMonitoring.styles.scss
@@ -126,8 +126,7 @@
 				background: var(--bg-ink-500);
 			}

-			.ant-table-cell:has(.hostname-column-value),
-			.ant-table-cell:has(.hostname-cell-missing) {
+			.ant-table-cell:has(.hostname-column-value) {
 				background: var(--bg-ink-400);
 			}

@@ -140,23 +139,6 @@
 				letter-spacing: -0.07px;
 			}

-			.hostname-cell-missing {
-				display: flex;
-				align-items: center;
-				gap: 4px;
-			}
-
-			.hostname-cell-placeholder {
-				color: var(--Vanilla-400, #c0c1c3);
-			}
-
-			.hostname-cell-warning-icon {
-				display: inline-flex;
-				align-items: center;
-				margin-left: 4px;
-				cursor: help;
-			}
-
 			.status-cell {
 				.active-tag {
 					color: var(--bg-forest-500);
@@ -375,8 +357,7 @@
 				color: var(--bg-ink-500);
 			}

-			.ant-table-cell:has(.hostname-column-value),
-			.ant-table-cell:has(.hostname-cell-missing) {
+			.ant-table-cell:has(.hostname-column-value) {
 				background: var(--bg-vanilla-100);
 			}

@@ -384,10 +365,6 @@
 				color: var(--bg-ink-300);
 			}

-			.hostname-cell-placeholder {
-				color: var(--text-ink-300);
-			}
-
 			.ant-table-tbody > tr:hover > td {
 				background: rgba(0, 0, 0, 0.04);
 			}
--- a/frontend/src/container/InfraMonitoringHosts/tests/utilts.test.tsx
+++ b/frontend/src/container/InfraMonitoringHosts/tests/utilts.test.tsx
@@ -1,24 +1,13 @@
-import { render, screen } from '@testing-library/react';
-import { HostData, TimeSeries } from 'api/infraMonitoring/getHostLists';
+import { render } from '@testing-library/react';

-import {
-	formatDataForTable,
-	GetHostsQuickFiltersConfig,
-	HostnameCell,
-} from '../utils';
+import { formatDataForTable, GetHostsQuickFiltersConfig } from '../utils';

 const PROGRESS_BAR_CLASS = '.progress-bar';

-const emptyTimeSeries: TimeSeries = {
-	labels: {},
-	labelsArray: [],
-	values: [],
-};
-
 describe('InfraMonitoringHosts utils', () => {
 	describe('formatDataForTable', () => {
 		it('should format host data correctly', () => {
-			const mockData: HostData[] = [
+			const mockData = [
 				{
 					hostName: 'test-host',
 					active: true,
@@ -27,12 +16,8 @@ describe('InfraMonitoringHosts utils', () => {
 					wait: 0.05,
 					load15: 2.5,
 					os: 'linux',
-					cpuTimeSeries: emptyTimeSeries,
-					memoryTimeSeries: emptyTimeSeries,
-					waitTimeSeries: emptyTimeSeries,
-					load15TimeSeries: emptyTimeSeries,
 				},
-			];
+			] as any;

 			const result = formatDataForTable(mockData);

@@ -61,7 +46,7 @@ describe('InfraMonitoringHosts utils', () => {
 		});

 		it('should handle inactive hosts', () => {
-			const mockData: HostData[] = [
+			const mockData = [
 				{
 					hostName: 'test-host',
 					active: false,
@@ -70,12 +55,12 @@ describe('InfraMonitoringHosts utils', () => {
 					wait: 0.02,
 					load15: 1.2,
 					os: 'linux',
-					cpuTimeSeries: emptyTimeSeries,
-					memoryTimeSeries: emptyTimeSeries,
-					waitTimeSeries: emptyTimeSeries,
-					load15TimeSeries: emptyTimeSeries,
+					cpuTimeSeries: [],
+					memoryTimeSeries: [],
+					waitTimeSeries: [],
+					load15TimeSeries: [],
 				},
-			];
+			] as any;

 			const result = formatDataForTable(mockData);

@@ -83,65 +68,6 @@ describe('InfraMonitoringHosts utils', () => {
 			expect(inactiveTag.container.textContent).toBe('INACTIVE');
 			expect(inactiveTag.container.querySelector('.inactive')).toBeTruthy();
 		});
-
-		it('should set hostName to empty string when host has no hostname', () => {
-			const mockData: HostData[] = [
-				{
-					hostName: '',
-					active: true,
-					cpu: 0.5,
-					memory: 0.4,
-					wait: 0.01,
-					load15: 1.0,
-					os: 'linux',
-					cpuTimeSeries: emptyTimeSeries,
-					memoryTimeSeries: emptyTimeSeries,
-					waitTimeSeries: emptyTimeSeries,
-					load15TimeSeries: emptyTimeSeries,
-				},
-			];
-
-			const result = formatDataForTable(mockData);
-			expect(result[0].hostName).toBe('');
-			expect(result[0].key).toBe('-0');
-		});
-	});
-
-	describe('HostnameCell', () => {
-		it('should render hostname when present (case A: no icon)', () => {
-			const { container } = render(<HostnameCell hostName="gke-prod-1" />);
-			expect(container.querySelector('.hostname-column-value')).toBeTruthy();
-			expect(container.textContent).toBe('gke-prod-1');
-			expect(container.querySelector('.hostname-cell-missing')).toBeFalsy();
-			expect(container.querySelector('.hostname-cell-warning-icon')).toBeFalsy();
-		});
-
-		it('should render placeholder and icon when hostName is empty (case B)', () => {
-			const { container } = render(<HostnameCell hostName="" />);
-			expect(screen.getByText('-')).toBeTruthy();
-			expect(container.querySelector('.hostname-cell-missing')).toBeTruthy();
-			const iconWrapper = container.querySelector('.hostname-cell-warning-icon');
-			expect(iconWrapper).toBeTruthy();
-			expect(iconWrapper?.getAttribute('aria-label')).toBe(
-				'Missing host.name metadata',
-			);
-			expect(iconWrapper?.getAttribute('tabindex')).toBe('0');
-			// Tooltip with "Learn how to configure →" link is shown on hover/focus
-		});
-
-		it('should render placeholder and icon when hostName is whitespace only (case C)', () => {
-			const { container } = render(<HostnameCell hostName="   " />);
-			expect(screen.getByText('-')).toBeTruthy();
-			expect(container.querySelector('.hostname-cell-missing')).toBeTruthy();
-			expect(container.querySelector('.hostname-cell-warning-icon')).toBeTruthy();
-		});
-
-		it('should render placeholder and icon when hostName is undefined (case D)', () => {
-			const { container } = render(<HostnameCell hostName={undefined} />);
-			expect(screen.getByText('-')).toBeTruthy();
-			expect(container.querySelector('.hostname-cell-missing')).toBeTruthy();
-			expect(container.querySelector('.hostname-cell-warning-icon')).toBeTruthy();
-		});
 	});

 	describe('GetHostsQuickFiltersConfig', () => {
--- a/frontend/src/container/InfraMonitoringHosts/utils.tsx
+++ b/frontend/src/container/InfraMonitoringHosts/utils.tsx
@@ -1,7 +1,7 @@
 import { Dispatch, SetStateAction } from 'react';
 import { InfoCircleOutlined } from '@ant-design/icons';
 import { Color } from '@signozhq/design-tokens';
-import { Progress, TabsProps, Tag, Tooltip, Typography } from 'antd';
+import { Progress, TabsProps, Tag, Tooltip } from 'antd';
 import { ColumnType } from 'antd/es/table';
 import {
 	HostData,
@@ -14,7 +14,6 @@ import {
 } from 'components/QuickFilters/types';
 import TabLabel from 'components/TabLabel';
 import { PANEL_TYPES } from 'constants/queryBuilder';
-import { TriangleAlert } from 'lucide-react';
 import { ErrorResponse, SuccessResponse } from 'types/api';
 import { DataTypes } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { TagFilter } from 'types/api/queryBuilder/queryBuilderData';
@@ -25,7 +24,6 @@ import HostsList from './HostsList';
 import './InfraMonitoring.styles.scss';

 export interface HostRowData {
-	key?: string;
 	hostName: string;
 	cpu: React.ReactNode;
 	memory: React.ReactNode;
@@ -34,59 +32,6 @@ export interface HostRowData {
 	active: React.ReactNode;
 }

-const HOSTNAME_DOCS_URL =
-	'https://signoz.io/docs/infrastructure-monitoring/hostmetrics/#host-name-is-blankempty';
-
-export function HostnameCell({
-	hostName,
-}: {
-	hostName?: string | null;
-}): React.ReactElement {
-	const isEmpty = !hostName || !hostName.trim();
-	if (!isEmpty) {
-		return <div className="hostname-column-value">{hostName}</div>;
-	}
-	return (
-		<div className="hostname-cell-missing">
-			<Typography.Text type="secondary" className="hostname-cell-placeholder">
-				-
-			</Typography.Text>
-			<Tooltip
-				title={
-					<div>
-						Missing host.name metadata.
-						<br />
-						<a
-							href={HOSTNAME_DOCS_URL}
-							target="_blank"
-							rel="noopener noreferrer"
-							onClick={(e): void => e.stopPropagation()}
-						>
-							Learn how to configure →
-						</a>
-					</div>
-				}
-				trigger={['hover', 'focus']}
-			>
-				<span
-					className="hostname-cell-warning-icon"
-					tabIndex={0}
-					role="img"
-					aria-label="Missing host.name metadata"
-					onClick={(e): void => e.stopPropagation()}
-					onKeyDown={(e): void => {
-						if (e.key === 'Enter' || e.key === ' ') {
-							e.stopPropagation();
-						}
-					}}
-				>
-					<TriangleAlert size={14} color={Color.BG_CHERRY_500} />
-				</span>
-			</Tooltip>
-		</div>
-	);
-}
-
 export interface HostsListTableProps {
 	isLoading: boolean;
 	isError: boolean;
@@ -130,8 +75,8 @@ export const getHostsListColumns = (): ColumnType<HostRowData>[] => [
 		dataIndex: 'hostName',
 		key: 'hostName',
 		width: 250,
-		render: (value: string | undefined): React.ReactNode => (
-			<HostnameCell hostName={value ?? ''} />
+		render: (value: string): React.ReactNode => (
+			<div className="hostname-column-value">{value}</div>
 		),
 	},
 	{
--- a/frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx
+++ b/frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx
@@ -342,7 +342,7 @@ function MultiIngestionSettings(): JSX.Element {

 	useEffect(() => {
 		if (isError) {
-			showErrorNotification(notifications, (error as unknown) as AxiosError);
+			showErrorNotification(notifications, error as AxiosError);
 		}
 	}, [error, isError, notifications]);

--- a/frontend/src/container/OnboardingV2Container/IngestionDetails/IngestionDetails.tsx
+++ b/frontend/src/container/OnboardingV2Container/IngestionDetails/IngestionDetails.tsx
@@ -86,9 +86,9 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 				<div className="ingestion-endpoint-section-error-container">
 					<Typography.Text className="ingestion-endpoint-section-error-text error">
 						<TriangleAlert size={14} />{' '}
-						{((error as unknown) as AxiosError<RenderErrorResponseDTO>)?.response
-							?.data?.error.message ||
-							((error as unknown) as AxiosError)?.message ||
+						{(error as AxiosError<RenderErrorResponseDTO>)?.response?.data?.error
+							?.message ||
+							(error as AxiosError)?.message ||
 							'Something went wrong'}
 					</Typography.Text>

--- a/frontend/src/container/OrganizationSettings/AuthDomain/index.tsx
+++ b/frontend/src/container/OrganizationSettings/AuthDomain/index.tsx
@@ -110,7 +110,7 @@ function AuthDomain(): JSX.Element {
 		let errorResult: APIError | null = null;
 		try {
 			ErrorResponseHandlerV2(
-				(errorFetchingAuthDomainListResponse as unknown) as AxiosError<ErrorV2Resp>,
+				errorFetchingAuthDomainListResponse as AxiosError<ErrorV2Resp>,
 			);
 		} catch (error) {
 			errorResult = error as APIError;
--- a/pkg/apiserver/signozapiserver/authz.go
+++ b/pkg/apiserver/signozapiserver/authz.go
@@ -1,30 +0,0 @@
-package signozapiserver
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/gorilla/mux"
-)
-
-func (provider *provider) addAuthzRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/authz/check", handler.New(provider.authzHandler.Check, handler.OpenAPIDef{
-		ID:                  "AuthzCheck",
-		Tags:                []string{"authz"},
-		Summary:             "Check permissions",
-		Description:         "Checks if the authenticated user has permissions for given transactions",
-		Request:             make([]*authtypes.Transaction, 0),
-		RequestContentType:  "",
-		Response:            make([]*authtypes.GettableTransaction, 0),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     nil,
-	})).Methods(http.MethodPost).GetError(); err != nil {
-		return err
-	}
-
-	return nil
-}
--- a/pkg/apiserver/signozapiserver/provider.go
+++ b/pkg/apiserver/signozapiserver/provider.go
@@ -207,10 +207,6 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}

-	if err := provider.addAuthzRoutes(router); err != nil {
-		return err
-	}
-
 	if err := provider.addFieldsRoutes(router); err != nil {
 		return err
 	}
--- a/pkg/apiserver/signozapiserver/role.go
+++ b/pkg/apiserver/signozapiserver/role.go
@@ -5,7 +5,6 @@ import (

 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/gorilla/mux"
 )
@@ -16,12 +15,12 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Tags:                []string{"role"},
 		Summary:             "Create role",
 		Description:         "This endpoint creates a role",
-		Request:             new(roletypes.PostableRole),
+		Request:             nil,
 		RequestContentType:  "",
 		Response:            new(types.Identifiable),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
-		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
+		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPost).GetError(); err != nil {
@@ -45,23 +44,6 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles/resources", handler.New(provider.authZ.AdminAccess(provider.authzHandler.GetResources), handler.OpenAPIDef{
-		ID:                  "GetResources",
-		Tags:                []string{"role"},
-		Summary:             "Get resources",
-		Description:         "Gets all the available resources for role assignment",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            new(roletypes.GettableResources),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
 	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Get), handler.OpenAPIDef{
 		ID:                  "GetRole",
 		Tags:                []string{"role"},
@@ -79,51 +61,17 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles/{id}/relation/{relation}/objects", handler.New(provider.authZ.AdminAccess(provider.authzHandler.GetObjects), handler.OpenAPIDef{
-		ID:                  "GetObjects",
-		Tags:                []string{"role"},
-		Summary:             "Get objects for a role by relation",
-		Description:         "Gets all objects connected to the specified role via a given relation type",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            make([]*authtypes.Object, 0),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
 	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Patch), handler.OpenAPIDef{
 		ID:                  "PatchRole",
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
 		Description:         "This endpoint patches a role",
-		Request:             new(roletypes.PatchableRole),
+		Request:             nil,
 		RequestContentType:  "",
 		Response:            nil,
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodPatch).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v1/roles/{id}/relation/{relation}/objects", handler.New(provider.authZ.AdminAccess(provider.authzHandler.PatchObjects), handler.OpenAPIDef{
-		ID:                  "PatchObjects",
-		Tags:                []string{"role"},
-		Summary:             "Patch objects for a role by relation",
-		Description:         "Patches the objects connected to the specified role via a given relation type",
-		Request:             new(roletypes.PatchableObjects),
-		RequestContentType:  "",
-		Response:            nil,
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
+		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodPatch).GetError(); err != nil {
@@ -140,7 +88,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Response:            nil,
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusNotImplemented, http.StatusUnavailableForLegalReasons},
+		ErrorStatusCodes:    []int{},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
 	})).Methods(http.MethodDelete).GetError(); err != nil {
--- a/pkg/authz/authz.go
+++ b/pkg/authz/authz.go
@@ -14,14 +14,17 @@ import (
 type AuthZ interface {
 	factory.Service

+	// Check returns error when the upstream authorization server is unavailable or the subject (s) doesn't have relation (r) on object (o).
+	Check(context.Context, *openfgav1.TupleKey) error
+
 	// CheckWithTupleCreation takes upon the responsibility for generating the tuples alongside everything Check does.
 	CheckWithTupleCreation(context.Context, authtypes.Claims, valuer.UUID, authtypes.Relation, authtypes.Typeable, []authtypes.Selector, []authtypes.Selector) error

 	// CheckWithTupleCreationWithoutClaims checks permissions for anonymous users.
 	CheckWithTupleCreationWithoutClaims(context.Context, valuer.UUID, authtypes.Relation, authtypes.Typeable, []authtypes.Selector, []authtypes.Selector) error

-	// BatchCheck accepts a map of ID → tuple and returns a map of ID → authorization result.
-	BatchCheck(context.Context, map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error)
+	// Batch Check returns error when the upstream authorization server is unavailable or for all the tuples of subject (s) doesn't have relation (r) on object (o).
+	BatchCheck(context.Context, []*openfgav1.TupleKey) error

 	// Write accepts the insertion tuples and the deletion tuples.
 	Write(context.Context, []*openfgav1.TupleKey, []*openfgav1.TupleKey) error
@@ -99,7 +102,5 @@ type Handler interface {

 	PatchObjects(http.ResponseWriter, *http.Request)

-	Check(http.ResponseWriter, *http.Request)
-
 	Delete(http.ResponseWriter, *http.Request)
 }
--- a/pkg/authz/authzstore/sqlauthzstore/store.go
+++ b/pkg/authz/authzstore/sqlauthzstore/store.go
@@ -26,7 +26,7 @@ func (store *store) Create(ctx context.Context, role *roletypes.StorableRole) er
 		Model(role).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapAlreadyExistsErrf(err, errors.CodeAlreadyExists, "role with name: %s already exists", role.Name)
+		return store.sqlstore.WrapAlreadyExistsErrf(err, errors.CodeAlreadyExists, "role with id: %s already exists", role.ID)
 	}

 	return nil
--- a/pkg/authz/openfgaauthz/provider.go
+++ b/pkg/authz/openfgaauthz/provider.go
@@ -48,7 +48,11 @@ func (provider *provider) Stop(ctx context.Context) error {
 	return provider.server.Stop(ctx)
 }

-func (provider *provider) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
+func (provider *provider) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
+	return provider.server.Check(ctx, tupleReq)
+}
+
+func (provider *provider) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
 	return provider.server.BatchCheck(ctx, tupleReq)
 }

@@ -177,6 +181,10 @@ func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID,
 	return nil
 }

+func (provider *provider) SetManagedRoleTransactions(context.Context, valuer.UUID) error {
+	return nil
+}
+
 func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
 	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
 }
--- a/pkg/authz/openfgaserver/server.go
+++ b/pkg/authz/openfgaserver/server.go
@@ -90,18 +90,42 @@ func (server *Server) Stop(ctx context.Context) error {
 	return nil
 }

-func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openfgav1.TupleKey) (map[string]*authtypes.TupleKeyAuthorization, error) {
+func (server *Server) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
 	storeID, modelID := server.getStoreIDandModelID()
-	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0, len(tupleReq))
-	for id, tuple := range tupleReq {
+	checkResponse, err := server.openfgaServer.Check(
+		ctx,
+		&openfgav1.CheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tupleReq.User,
+				Relation: tupleReq.Relation,
+				Object:   tupleReq.Object,
+			},
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	if !checkResponse.Allowed {
+		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
+	}
+
+	return nil
+}
+
+func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
+	storeID, modelID := server.getStoreIDandModelID()
+	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
+	for idx, tuple := range tupleReq {
 		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
 			TupleKey: &openfgav1.CheckRequestTupleKey{
 				User:     tuple.User,
 				Relation: tuple.Relation,
 				Object:   tuple.Object,
 			},
-			// Use transaction ID as correlation ID for deterministic mapping
-			CorrelationId: id,
+			// the batch check response is map[string] keyed by correlationID.
+			CorrelationId: strconv.Itoa(idx),
 		})
 	}

@@ -113,18 +137,17 @@ func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openf
 			Checks:               batchCheckItems,
 		})
 	if err != nil {
-		return nil, errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
 	}

-	response := make(map[string]*authtypes.TupleKeyAuthorization, len(tupleReq))
-	for id, tuple := range tupleReq {
-		response[id] = &authtypes.TupleKeyAuthorization{
-			Tuple:      tuple,
-			Authorized: checkResponse.Result[id].GetAllowed(),
+	for _, checkResponse := range checkResponse.Result {
+		if checkResponse.GetAllowed() {
+			return nil
 		}
 	}

-	return response, nil
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+
 }

 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
@@ -133,29 +156,17 @@ func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtyp
 		return err
 	}

-	tupleSlice, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
 	if err != nil {
 		return err
 	}

-	// Convert slice to map with generated IDs for internal use
-	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
-	for idx, tuple := range tupleSlice {
-		tuples[strconv.Itoa(idx)] = tuple
-	}
-
-	response, err := server.BatchCheck(ctx, tuples)
+	err = server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	for _, resp := range response {
-		if resp.Authorized {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+	return nil
 }

 func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
@@ -164,29 +175,17 @@ func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, o
 		return err
 	}

-	tupleSlice, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
 	if err != nil {
 		return err
 	}

-	// Convert slice to map with generated IDs for internal use
-	tuples := make(map[string]*openfgav1.TupleKey, len(tupleSlice))
-	for idx, tuple := range tupleSlice {
-		tuples[strconv.Itoa(idx)] = tuple
-	}
-
-	response, err := server.BatchCheck(ctx, tuples)
+	err = server.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}

-	for _, resp := range response {
-		if resp.Authorized {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+	return nil
 }

 func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
--- a/pkg/authz/signozauthzapi/handler.go
+++ b/pkg/authz/signozauthzapi/handler.go
@@ -7,7 +7,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -36,14 +35,13 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	role := roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID))
-	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), role)
+	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
 	if err != nil {
 		render.Error(rw, err)
 		return
 	}

-	render.Success(rw, http.StatusCreated, types.Identifiable{ID: role.ID})
+	render.Success(rw, http.StatusCreated, nil)
 }

 func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
@@ -114,9 +112,17 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 }

 func (handler *handler) GetResources(rw http.ResponseWriter, r *http.Request) {
-	resources := handler.authz.GetResources(r.Context())
+	ctx := r.Context()
+	resources := handler.authz.GetResources(ctx)

-	render.Success(rw, http.StatusOK, roletypes.NewGettableResources(resources))
+	var resourceRelations = struct {
+		Resources []*authtypes.Resource                   `json:"resources"`
+		Relations map[authtypes.Type][]authtypes.Relation `json:"relations"`
+	}{
+		Resources: resources,
+		Relations: authtypes.TypeableRelations,
+	}
+	render.Success(rw, http.StatusOK, resourceRelations)
 }

 func (handler *handler) List(rw http.ResponseWriter, r *http.Request) {
@@ -221,7 +227,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	render.Success(rw, http.StatusNoContent, nil)
+	render.Success(rw, http.StatusAccepted, nil)
 }

 func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {
@@ -246,39 +252,3 @@ func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {

 	render.Success(rw, http.StatusNoContent, nil)
 }
-
-func (handler *handler) Check(rw http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	transactions := make([]*authtypes.Transaction, 0)
-	if err := binding.JSON.BindBody(r.Body, &transactions); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	orgID := valuer.MustNewUUID(claims.OrgID)
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	tuples, err := authtypes.NewTuplesFromTransactions(transactions, subject, orgID)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	results, err := handler.authz.BatchCheck(ctx, tuples)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, authtypes.NewGettableTransaction(transactions, results))
-}
--- a/pkg/errors/http.go
+++ b/pkg/errors/http.go
@@ -6,8 +6,8 @@ import (
 )

 type JSON struct {
-	Code    string                    `json:"code" required:"true"`
-	Message string                    `json:"message" required:"true"`
+	Code    string                    `json:"code"`
+	Message string                    `json:"message"`
 	Url     string                    `json:"url,omitempty"`
 	Errors  []responseerroradditional `json:"errors,omitempty"`
 }
--- a/pkg/flagger/registry.go
+++ b/pkg/flagger/registry.go
@@ -5,6 +5,7 @@ import "github.com/SigNoz/signoz/pkg/types/featuretypes"
 var (
 	FeatureUseSpanMetrics = featuretypes.MustNewName("use_span_metrics")
 	FeatureKafkaSpanEval  = featuretypes.MustNewName("kafka_span_eval")
+	FeatureHideRootUsers  = featuretypes.MustNewName("hide_root_users")
 )

 func MustNewRegistry() featuretypes.Registry {
@@ -25,6 +26,14 @@ func MustNewRegistry() featuretypes.Registry {
 			DefaultVariant: featuretypes.MustNewName("disabled"),
 			Variants:       featuretypes.NewBooleanVariants(),
 		},
+		&featuretypes.Feature{
+			Name:           FeatureHideRootUsers,
+			Kind:           featuretypes.KindBoolean,
+			Stage:          featuretypes.StageStable,
+			Description:    "Controls whether root admin users are hidden or not",
+			DefaultVariant: featuretypes.MustNewName("disabled"),
+			Variants:       featuretypes.NewBooleanVariants(),
+		},
 	)
 	if err != nil {
 		panic(err)
--- a/pkg/http/render/render.go
+++ b/pkg/http/render/render.go
@@ -16,13 +16,13 @@ const (
 var json = jsoniter.ConfigCompatibleWithStandardLibrary

 type SuccessResponse struct {
-	Status string      `json:"status" required:"true"`
-	Data   interface{} `json:"data,omitempty" required:"true"`
+	Status string      `json:"status"`
+	Data   interface{} `json:"data,omitempty"`
 }

 type ErrorResponse struct {
-	Status string       `json:"status" required:"true"`
-	Error  *errors.JSON `json:"error" required:"true"`
+	Status string       `json:"status"`
+	Error  *errors.JSON `json:"error"`
 }

 func Success(rw http.ResponseWriter, httpCode int, data interface{}) {
--- a/pkg/modules/user/impluser/getter.go
+++ b/pkg/modules/user/impluser/getter.go
@@ -3,17 +3,20 @@ package impluser
 import (
 	"context"

+	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/featuretypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type getter struct {
-	store types.UserStore
+	store   types.UserStore
+	flagger flagger.Flagger
 }

-func NewGetter(store types.UserStore) user.Getter {
-	return &getter{store: store}
+func NewGetter(store types.UserStore, flagger flagger.Flagger) user.Getter {
+	return &getter{store: store, flagger: flagger}
 }

 func (module *getter) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID) (*types.User, error) {
@@ -26,6 +29,21 @@ func (module *getter) ListByOrgID(ctx context.Context, orgID valuer.UUID) ([]*ty
 		return nil, err
 	}

+	// filter root users if feature flag `hide_root_users` is true
+	evalCtx := featuretypes.NewFlaggerEvaluationContext(orgID)
+	hideRootUsers := module.flagger.BooleanOrEmpty(ctx, flagger.FeatureHideRootUsers, evalCtx)
+
+	if hideRootUsers {
+		filteredUsers := users[:0]
+		for _, u := range users {
+			if !u.IsRoot {
+				filteredUsers = append(filteredUsers, u)
+			}
+		}
+
+		return filteredUsers, nil
+	}
+
 	return users, nil
 }

--- a/pkg/signoz/handler_test.go
+++ b/pkg/signoz/handler_test.go
@@ -11,6 +11,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/alertmanager/signozalertmanager"
 	"github.com/SigNoz/signoz/pkg/emailing/emailingtest"
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
+	"github.com/SigNoz/signoz/pkg/flagger"
+	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -41,7 +43,13 @@ func TestNewHandlers(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+
+	flagger, err := flagger.New(context.Background(), instrumentationtest.New().ToProviderSettings(), flagger.Config{}, flagger.MustNewRegistry())
+	if err != nil {
+		t.Fatalf("failed to create flagger: %v", err)
+	}
+
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, flagger)

 	querierHandler := querier.NewHandler(providerSettings, nil, nil)
 	handlers := NewHandlers(modules, providerSettings, nil, querierHandler, nil, nil, nil, nil, nil, nil, nil)
--- a/pkg/signoz/module.go
+++ b/pkg/signoz/module.go
@@ -8,6 +8,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/emailing"
 	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/modules/apdex"
 	"github.com/SigNoz/signoz/pkg/modules/apdex/implapdex"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
@@ -66,6 +67,7 @@ type Modules struct {
 	SpanPercentile  spanpercentile.Module
 	MetricsExplorer metricsexplorer.Module
 	Promote         promote.Module
+	Flagger         flagger.Flagger
 }

 func NewModules(
@@ -85,11 +87,12 @@ func NewModules(
 	queryParser queryparser.QueryParser,
 	config Config,
 	dashboard dashboard.Module,
+	flagger flagger.Flagger,
 ) Modules {
 	quickfilter := implquickfilter.NewModule(implquickfilter.NewStore(sqlstore))
 	orgSetter := implorganization.NewSetter(implorganization.NewStore(sqlstore), alertmanager, quickfilter)
 	user := impluser.NewModule(impluser.NewStore(sqlstore, providerSettings), tokenizer, emailing, providerSettings, orgSetter, authz, analytics, config.User)
-	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))
+	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings), flagger)
 	ruleStore := sqlrulestore.NewRuleStore(sqlstore, queryParser, providerSettings)

 	return Modules{
@@ -110,5 +113,6 @@ func NewModules(
 		Services:        implservices.NewModule(querier, telemetryStore),
 		MetricsExplorer: implmetricsexplorer.NewModule(telemetryStore, telemetryMetadataStore, cache, ruleStore, dashboard, providerSettings, config.MetricsExplorer),
 		Promote:         implpromote.NewModule(telemetryMetadataStore, telemetryStore),
+		Flagger:         flagger,
 	}
 }
--- a/pkg/signoz/module_test.go
+++ b/pkg/signoz/module_test.go
@@ -11,6 +11,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/alertmanager/signozalertmanager"
 	"github.com/SigNoz/signoz/pkg/emailing/emailingtest"
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
+	"github.com/SigNoz/signoz/pkg/flagger"
+	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -40,7 +42,13 @@ func TestNewModules(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+
+	flagger, err := flagger.New(context.Background(), instrumentationtest.New().ToProviderSettings(), flagger.Config{}, flagger.MustNewRegistry())
+	if err != nil {
+		t.Fatalf("failed to create flagger: %v", err)
+	}
+
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, flagger)

 	reflectVal := reflect.ValueOf(modules)
 	for i := 0; i < reflectVal.NumField(); i++ {
--- a/pkg/signoz/provider_test.go
+++ b/pkg/signoz/provider_test.go
@@ -1,11 +1,13 @@
 package signoz

 import (
+	"context"
 	"testing"

 	"github.com/DATA-DOG/go-sqlmock"
 	"github.com/SigNoz/signoz/pkg/alertmanager/nfmanager/nfmanagertest"
 	"github.com/SigNoz/signoz/pkg/analytics"
+	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
@@ -75,7 +77,12 @@ func TestNewProviderFactories(t *testing.T) {
 	})

 	assert.NotPanics(t, func() {
-		userGetter := impluser.NewGetter(impluser.NewStore(sqlstoretest.New(sqlstore.Config{Provider: "sqlite"}, sqlmock.QueryMatcherEqual), instrumentationtest.New().ToProviderSettings()))
+		flagger, err := flagger.New(context.Background(), instrumentationtest.New().ToProviderSettings(), flagger.Config{}, flagger.MustNewRegistry())
+		if err != nil {
+			panic(err)
+		}
+
+		userGetter := impluser.NewGetter(impluser.NewStore(sqlstoretest.New(sqlstore.Config{Provider: "sqlite"}, sqlmock.QueryMatcherEqual), instrumentationtest.New().ToProviderSettings()), flagger)
 		orgGetter := implorganization.NewGetter(implorganization.NewStore(sqlstoretest.New(sqlstore.Config{Provider: "sqlite"}, sqlmock.QueryMatcherEqual)), nil)
 		telemetryStore := telemetrystoretest.New(telemetrystore.Config{Provider: "clickhouse"}, sqlmock.QueryMatcherEqual)
 		NewStatsReporterProviderFactories(telemetryStore, []statsreporter.StatsCollector{}, orgGetter, userGetter, tokenizertest.NewMockTokenizer(t), version.Build{}, analytics.Config{Enabled: true})
--- a/pkg/signoz/signoz.go
+++ b/pkg/signoz/signoz.go
@@ -280,7 +280,7 @@ func New(
 	}

 	// Initialize user getter
-	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))
+	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings), flagger)

 	licensingProviderFactory := licenseProviderFactory(sqlstore, zeus, orgGetter, analytics)
 	licensing, err := licensingProviderFactory.New(
@@ -388,7 +388,7 @@ func New(
 	}

 	// Initialize all modules
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, flagger)

 	userService := impluser.NewService(providerSettings, impluser.NewStore(sqlstore, providerSettings), modules.User, orgGetter, authz, config.User.Root)

--- a/pkg/telemetrymetrics/statement_builder.go
+++ b/pkg/telemetrymetrics/statement_builder.go
@@ -26,9 +26,6 @@ const (
 	IncreaseMultiTemporality = `IF(LOWER(temporality) LIKE LOWER('delta'), %s, multiIf(row_number() OVER rate_window = 1, nan, (%s - lagInFrame(%s, 1) OVER rate_window) < 0, %s, (%s - lagInFrame(%s, 1) OVER rate_window))) AS per_series_value`

 	OthersMultiTemporality = `IF(LOWER(temporality) LIKE LOWER('delta'), %s, %s) AS per_series_value`
-
-	RateWithStartTs     = "multiIf(row_number() OVER rate_window = 1 AND earliest_start_ts < %d, NAN, row_number() OVER rate_window = 1, sum_all_values / (ts - earliest_start_ts), earliest_start_ts = lagInFrame(latest_start_ts, 1) OVER rate_window, (sum_all_values - lagInFrame(latest_value, 1) OVER rate_window) / (ts - lagInFrame(ts, 1)), sum_all_values / (ts - lagInFrame(ts, 1))) AS per_series_value"
-	IncreaseWithStartTs = "multiIf(row_number() OVER rate_window = 1 AND earliest_start_ts < %d, NAN, row_number() OVER rate_window = 1, sum_all_values, earliest_start_ts = lagInFrame(latest_start_ts, 1) OVER rate_window, sum_all_values - lagInFrame(latest_value, 1) OVER rate_window, sum_all_values) AS per_series_value"
 )

 type MetricQueryStatementBuilder struct {
@@ -333,9 +330,6 @@ func (b *MetricQueryStatementBuilder) buildTemporalAggregationCTE(
 	if query.Aggregations[0].Temporality == metrictypes.Delta {
 		return b.buildTemporalAggDelta(ctx, start, end, query, timeSeriesCTE, timeSeriesCTEArgs)
 	} else if query.Aggregations[0].Temporality != metrictypes.Multiple {
-		if query.Aggregations[0].TimeAggregation == metrictypes.TimeAggregationIncrease || query.Aggregations[0].TimeAggregation == metrictypes.TimeAggregationRate {
-			return b.buildTemporalAggCumulativeOrUnspecifiedWithStartTs(ctx, start, end, query, timeSeriesCTE, timeSeriesCTEArgs)
-		}
 		return b.buildTemporalAggCumulativeOrUnspecified(ctx, start, end, query, timeSeriesCTE, timeSeriesCTEArgs)
 	}
 	return b.buildTemporalAggForMultipleTemporalities(ctx, start, end, query, timeSeriesCTE, timeSeriesCTEArgs)
@@ -388,101 +382,6 @@ func (b *MetricQueryStatementBuilder) buildTemporalAggDelta(
 	return fmt.Sprintf("__temporal_aggregation_cte AS (%s)", q), args, nil
 }

-func (b *MetricQueryStatementBuilder) buildTemporalAggCumulativeOrUnspecifiedWithStartTs(
-	ctx context.Context,
-	start, end uint64,
-	query qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation],
-	timeSeriesCTE string,
-	timeSeriesCTEArgs []any,
-) (string, []any, error) {
-	stepSec := int64(query.StepInterval.Seconds())
-
-	moreInfoQueryBuilder := sqlbuilder.NewSelectBuilder()
-	moreInfoQueryBuilder.Select("fingerprint")
-	moreInfoQueryBuilder.SelectMore(fmt.Sprintf(
-		"toStartOfInterval(toDateTime(intDiv(unix_milli, 1000)), toIntervalSecond(%d)) AS ts",
-		stepSec,
-	))
-	moreInfoQueryBuilder.SelectMore("toDateTime(intDiv(start_timestamp_unix_milli, 1000)) AS start_ts")
-	for _, g := range query.GroupBy {
-		moreInfoQueryBuilder.SelectMore(fmt.Sprintf("`%s`", g.TelemetryFieldKey.Name))
-	}
-
-	aggCol, err := AggregationColumnForSamplesTable(start, end, query.Aggregations[0].Type, query.Aggregations[0].Temporality, query.Aggregations[0].TimeAggregation, query.Aggregations[0].TableHints)
-	if err != nil {
-		return "", nil, err
-	}
-	moreInfoQueryBuilder.SelectMore(fmt.Sprintf("%s AS max_value", aggCol))
-
-	colWithLatestValue, err := AggregationColumnForSamplesTable(start, end, query.Aggregations[0].Type, query.Aggregations[0].Temporality, metrictypes.TimeAggregationLatest, query.Aggregations[0].TableHints)
-	if err != nil {
-		return "", nil, err
-	}
-	moreInfoQueryBuilder.SelectMore(fmt.Sprintf("%s AS latest_value", colWithLatestValue))
-	moreInfoQueryBuilder.SelectMore("max(unix_milli) AS latest_timestamp")
-
-	tbl := WhichSamplesTableToUse(start, end, query.Aggregations[0].Type, query.Aggregations[0].TimeAggregation, query.Aggregations[0].TableHints)
-	moreInfoQueryBuilder.From(fmt.Sprintf("%s.%s AS points", DBName, tbl))
-	moreInfoQueryBuilder.JoinWithOption(sqlbuilder.InnerJoin, timeSeriesCTE, "points.fingerprint = filtered_time_series.fingerprint")
-	moreInfoQueryBuilder.Where(
-		moreInfoQueryBuilder.In("metric_name", query.Aggregations[0].MetricName),
-		moreInfoQueryBuilder.GTE("unix_milli", start),
-		moreInfoQueryBuilder.LT("unix_milli", end),
-	)
-	moreInfoQueryBuilder.GroupBy("fingerprint", "ts", "start_ts")
-	moreInfoQueryBuilder.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-
-	moreInfoPerRowQuery, moreInfoPerRowArgs := moreInfoQueryBuilder.BuildWithFlavor(sqlbuilder.ClickHouse, timeSeriesCTEArgs...)
-
-	innerQueryBuilder := sqlbuilder.NewSelectBuilder()
-	innerQueryBuilder.Select("fingerprint")
-	innerQueryBuilder.SelectMore("ts")
-	for _, g := range query.GroupBy {
-		innerQueryBuilder.SelectMore(fmt.Sprintf("`%s`", g.TelemetryFieldKey.Name))
-	}
-	innerQueryBuilder.SelectMore("max(start_ts) AS latest_start_ts")
-	innerQueryBuilder.SelectMore("min(start_ts) AS earliest_start_ts")
-	innerQueryBuilder.SelectMore("sum(max_value) AS sum_all_values")
-	innerQueryBuilder.SelectMore("argMax(latest_value, latest_timestamp) AS latest_value")
-
-	innerQueryBuilder.From(fmt.Sprintf("(%s)", moreInfoPerRowQuery))
-
-	innerQueryBuilder.GroupBy("fingerprint", "ts")
-	innerQueryBuilder.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-
-	innerQuery, innerQueryArgs := innerQueryBuilder.BuildWithFlavor(sqlbuilder.ClickHouse, moreInfoPerRowArgs...)
-
-	switch query.Aggregations[0].TimeAggregation {
-	case metrictypes.TimeAggregationRate:
-		rateExpr := fmt.Sprintf(RateWithStartTs, start)
-		wrapped := sqlbuilder.NewSelectBuilder()
-		wrapped.Select("ts")
-		wrapped.SelectMore("latest_value")
-		for _, g := range query.GroupBy {
-			wrapped.SelectMore(fmt.Sprintf("`%s`", g.TelemetryFieldKey.Name))
-		}
-		wrapped.SelectMore(rateExpr)
-		wrapped.From(fmt.Sprintf("(%s) WINDOW rate_window AS (PARTITION BY fingerprint ORDER BY fingerprint, ts)", innerQuery))
-		q, args := wrapped.BuildWithFlavor(sqlbuilder.ClickHouse, moreInfoPerRowArgs...)
-		return fmt.Sprintf("__temporal_aggregation_cte AS (%s)", q), args, nil
-
-	case metrictypes.TimeAggregationIncrease:
-		incExpr := fmt.Sprintf(IncreaseWithStartTs, start)
-		wrapped := sqlbuilder.NewSelectBuilder()
-		wrapped.Select("ts")
-		wrapped.SelectMore("latest_value")
-		for _, g := range query.GroupBy {
-			wrapped.SelectMore(fmt.Sprintf("`%s`", g.TelemetryFieldKey.Name))
-		}
-		wrapped.SelectMore(incExpr)
-		wrapped.From(fmt.Sprintf("(%s) WINDOW rate_window AS (PARTITION BY fingerprint ORDER BY fingerprint, ts)", innerQuery))
-		q, args := wrapped.BuildWithFlavor(sqlbuilder.ClickHouse, moreInfoPerRowArgs...)
-		return fmt.Sprintf("__temporal_aggregation_cte AS (%s)", q), args, nil
-	default:
-		return fmt.Sprintf("__temporal_aggregation_cte AS (%s)", innerQuery), innerQueryArgs, nil
-	}
-}
-
 func (b *MetricQueryStatementBuilder) buildTemporalAggCumulativeOrUnspecified(
 	_ context.Context,
 	start, end uint64,
--- a/pkg/types/authtypes/relation.go
+++ b/pkg/types/authtypes/relation.go
@@ -15,14 +15,15 @@ var (
 	RelationUpdate   = Relation{valuer.NewString("update")}
 	RelationDelete   = Relation{valuer.NewString("delete")}
 	RelationList     = Relation{valuer.NewString("list")}
+	RelationBlock    = Relation{valuer.NewString("block")}
 	RelationAssignee = Relation{valuer.NewString("assignee")}
 )

 var TypeableRelations = map[Type][]Relation{
 	TypeUser:          {RelationRead, RelationUpdate, RelationDelete},
 	TypeRole:          {RelationAssignee, RelationRead, RelationUpdate, RelationDelete},
-	TypeOrganization:  {RelationRead, RelationUpdate, RelationDelete},
-	TypeMetaResource:  {RelationRead, RelationUpdate, RelationDelete},
+	TypeOrganization:  {RelationCreate, RelationRead, RelationUpdate, RelationDelete, RelationList},
+	TypeMetaResource:  {RelationRead, RelationUpdate, RelationDelete, RelationBlock},
 	TypeMetaResources: {RelationCreate, RelationList},
 }

@@ -40,6 +41,8 @@ func NewRelation(relation string) (Relation, error) {
 		return RelationDelete, nil
 	case "list":
 		return RelationList, nil
+	case "block":
+		return RelationBlock, nil
 	case "assignee":
 		return RelationAssignee, nil
 	default:
--- a/pkg/types/authtypes/transaction.go
+++ b/pkg/types/authtypes/transaction.go
@@ -6,29 +6,21 @@ import (
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )

 type Resource struct {
-	Name Name `json:"name" required:"true"`
-	Type Type `json:"type" required:"true"`
+	Name Name `json:"name"`
+	Type Type `json:"type"`
 }

 type Object struct {
-	Resource Resource `json:"resource" required:"true"`
-	Selector Selector `json:"selector" required:"true"`
+	Resource Resource `json:"resource"`
+	Selector Selector `json:"selector"`
 }

 type Transaction struct {
-	ID       valuer.UUID `json:"id"`
-	Relation Relation    `json:"relation" required:"true"`
-	Object   Object      `json:"object" required:"true"`
-}
-
-type GettableTransaction struct {
-	Relation   Relation `json:"relation" required:"true"`
-	Object     Object   `json:"object" required:"true"`
-	Authorized bool     `json:"authorized" required:"true"`
+	Relation Relation `json:"relation"`
+	Object   Object   `json:"object"`
 }

 func NewObject(resource Resource, selector Selector) (*Object, error) {
@@ -83,21 +75,7 @@ func NewTransaction(relation Relation, object Object) (*Transaction, error) {
 		return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeAuthZInvalidRelation, "invalid relation %s for type %s", relation.StringValue(), object.Resource.Type.StringValue())
 	}

-	return &Transaction{ID: valuer.GenerateUUID(), Relation: relation, Object: object}, nil
-}
-
-func NewGettableTransaction(transactions []*Transaction, results map[string]*TupleKeyAuthorization) []*GettableTransaction {
-	gettableTransactions := make([]*GettableTransaction, len(transactions))
-	for i, txn := range transactions {
-		result := results[txn.ID.StringValue()]
-		gettableTransactions[i] = &GettableTransaction{
-			Relation:   txn.Relation,
-			Object:     txn.Object,
-			Authorized: result.Authorized,
-		}
-	}
-
-	return gettableTransactions
+	return &Transaction{Relation: relation, Object: object}, nil
 }

 func (object *Object) UnmarshalJSON(data []byte) error {
--- a/pkg/types/authtypes/tuple.go
+++ b/pkg/types/authtypes/tuple.go
@@ -1,31 +0,0 @@
-package authtypes
-
-import (
-	"github.com/SigNoz/signoz/pkg/valuer"
-	openfgav1 "github.com/openfga/api/proto/openfga/v1"
-)
-
-type TupleKeyAuthorization struct {
-	Tuple      *openfgav1.TupleKey
-	Authorized bool
-}
-
-func NewTuplesFromTransactions(transactions []*Transaction, subject string, orgID valuer.UUID) (map[string]*openfgav1.TupleKey, error) {
-	tuples := make(map[string]*openfgav1.TupleKey, len(transactions))
-	for _, txn := range transactions {
-		typeable, err := NewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
-		if err != nil {
-			return nil, err
-		}
-
-		txnTuples, err := typeable.Tuples(subject, txn.Relation, []Selector{txn.Object.Selector}, orgID)
-		if err != nil {
-			return nil, err
-		}
-
-		// Each transaction produces one tuple, keyed by transaction ID
-		tuples[txn.ID.StringValue()] = txnTuples[0]
-	}
-
-	return tuples, nil
-}
--- a/pkg/types/roletypes/role.go
+++ b/pkg/types/roletypes/role.go
@@ -69,29 +69,24 @@ type StorableRole struct {
 type Role struct {
 	types.Identifiable
 	types.TimeAuditable
-	Name        string        `json:"name" required:"true"`
-	Description string        `json:"description" required:"true"`
-	Type        valuer.String `json:"type" required:"true"`
-	OrgID       valuer.UUID   `json:"orgId" required:"true"`
+	Name        string        `json:"name"`
+	Description string        `json:"description"`
+	Type        valuer.String `json:"type"`
+	OrgID       valuer.UUID   `json:"orgId"`
 }

 type PostableRole struct {
-	Name        string `json:"name" required:"true"`
+	Name        string `json:"name"`
 	Description string `json:"description"`
 }

 type PatchableRole struct {
-	Description string `json:"description" required:"true"`
+	Description *string `json:"description"`
 }

 type PatchableObjects struct {
-	Additions []*authtypes.Object `json:"additions" required:"true"`
-	Deletions []*authtypes.Object `json:"deletions" required:"true"`
-}
-
-type GettableResources struct {
-	Resources []*authtypes.Resource                   `json:"resources" required:"true"`
-	Relations map[authtypes.Type][]authtypes.Relation `json:"relations" required:"true"`
+	Additions []*authtypes.Object `json:"additions"`
+	Deletions []*authtypes.Object `json:"deletions"`
 }

 func NewStorableRoleFromRole(role *Role) *StorableRole {
@@ -142,20 +137,15 @@ func NewManagedRoles(orgID valuer.UUID) []*Role {

 }

-func NewGettableResources(resources []*authtypes.Resource) *GettableResources {
-	return &GettableResources{
-		Resources: resources,
-		Relations: authtypes.TypeableRelations,
-	}
-}
-
-func (role *Role) PatchMetadata(description string) error {
+func (role *Role) PatchMetadata(description *string) error {
 	err := role.CanEditDelete()
 	if err != nil {
 		return err
 	}

-	role.Description = description
+	if description != nil {
+		role.Description = *description
+	}
 	role.UpdatedAt = time.Now()
 	return nil
 }
@@ -220,7 +210,7 @@ func (role *PostableRole) UnmarshalJSON(data []byte) error {

 func (role *PatchableRole) UnmarshalJSON(data []byte) error {
 	type shadowPatchableRole struct {
-		Description string `json:"description"`
+		Description *string `json:"description"`
 	}

 	var shadowRole shadowPatchableRole
@@ -228,7 +218,7 @@ func (role *PatchableRole) UnmarshalJSON(data []byte) error {
 		return err
 	}

-	if shadowRole.Description == "" {
+	if shadowRole.Description == nil {
 		return errors.New(errors.TypeInvalidInput, ErrCodeRoleEmptyPatch, "empty role patch request received, description must be present")
 	}
Author	SHA1	Message	Date
Karan Balani	f70b5cd44e	chore: revert changes in handler	2026-02-23 17:09:05 +05:30
Karan Balani	0b15bc1a67	fix: di in user getter module instead of user handler	2026-02-22 13:06:41 +05:30
Karan Balani	1a5e60dcdd	feat: control visibility of root user in list user api using flagger	2026-02-20 21:32:27 +05:30